How Do I Crack Satellite and Cable Pay TV?

Chris Gerlinsky
@akacastor
chris@pdrnorth.com

Attacking the Digicipher 2 conditional access system

used in millions of TV set-top-boxes in North America.
 Digital Television

Satellite Cable

Modulation: Modulation:
DC2 QPSK ~27 Mbit QAM 256 ~38 Mbit
8PSK Turbo FEC ~38 Mbit
Out-of-band:
QPSK 2 Mbit

Video format:
MPEG-2 or H.264 Transport Stream (MPEG TS)
Encryption:
Digicipher 2 (not DVB standard)
 MPEG Transport Stream
27 – 38 Mbit

188-byte packets
Categorized by 13-bit PID
(0 - 0x1FFF)

MPEG PES Service Information Tables

Packetized Elementary Streams
8-bit table ID (0 – 0xFF)
64 Kbit – 19 Mbit
Up to 1024 bytes, with CRC32
Video, audio

Table 0x00 – (PID 0) Program Association Table Table 0x40 – ECM40

Table 0x01 – (PID 1) Conditional Access Table Table 0x41 – ECM41
Table 0x02 – Program Map Table Table 0x95 – EMM95

PAT contains list of programs: PID carrying PMT ECM are sent in pairs
PMT contains list of PIDs for video, audio, ECM Cable: EMM are OOB
 Genpix SkyWalker-1 USB satellite interface

http://updatelee.blogspot.ca/2010/09/genpix-skywalker-1-linux-driver-mods.html
https://bitbucket.org/updatelee/v4l-updatelee
Hauppauge HVR 950Q ATSC / QAM USB interface
 Using dvbsnoop to view PMT PID 0x129 TS sub-decoding (1 packet(s) stored for PID 0x0129):
=====================================================
TS contains Section...
SI packet (length=41):
PID: 297 (0x0129)

Guess table from table id...

PMT-decoding....
Table_ID: 2 (0x02) [= Program Map Table (PMT)]
$ dvbsnoop -if log-11959.ts -s ts -tssubdecode 0x129 section_syntax_indicator: 1 (0x01)
(fixed '0'): 0 (0x00)
reserved_1: 0 (0x00)
Section_length: 38 (0x0026)
dvbsnoop V1.4.50 -- http://dvbsnoop.sourceforge.net/ Program_number: 15 (0x000f)
reserved_2: 0 (0x00)
------------------------------------------------------------ Version_number: 10 (0x0a)
TS-Packet: 00000001 PID: 297 (0x0129), Length: 188 (0x00bc) current_next_indicator: 1 (0x01) [= valid now]
from file: 2016-05-21-full-log-11959.ts Section_number: 0 (0x00)
------------------------------------------------------------ Last_Section_number: 0 (0x00)
0000: 47 61 29 1b 00 02 80 26 00 0f 15 00 00 01 10 00 Ga)....&........ reserved_3: 0 (0x00)
0010: 06 09 04 47 49 01 29 80 01 10 00 03 83 01 00 81 ...GI.)......... PCR PID: 272 (0x0110)
0020: 01 11 00 06 0a 04 65 6e 67 00 6c c4 86 25 40 00 ......eng.l..%@. reserved_4: 0 (0x00)
0030: 11 00 3b 40 0f 2a 63 4a 22 04 00 00 02 0a cf 4f ..;@.*cJ"......O Program_info_length: 6 (0x0006)
0040: fe 3b 41 40 31 10 20 00 3b 40 0f 75 e5 22 27 3b .;A@1. .;@.u."';
0050: 09 e3 40 85 71 da 6c fe 7f e6 ca 00 00 00 08 01 ..@.q.l......... MPEG-DescriptorTag: 9 (0x09) [= CA_descriptor]
0060: 00 01 59 03 00 00 72 03 01 00 d7 2b 46 ee d4 bf ..Y...r....+F... descriptor_length: 4 (0x04)
0070: 6c c5 06 d2 2d 09 ff ff ff ff ff ff ff ff ff ff l...-........... CA_system_ID: 18249 (0x4749) [= General Instrument]
0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ reserved: 0 (0x00)
0090: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ CA_PID: 297 (0x0129)
00a0: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
00b0: ff ff ff ff ff ff ff ff ff ff ff ff ............ Stream_type loop:

Sync-Byte 0x47: 71 (0x47) Stream_type: 128 (0x80) [= User private]

Transport_error_indicator: 0 (0x00) [= packet ok] reserved_1: 0 (0x00)
Payload_unit_start_indicator: 1 (0x01) [= Packet data starts] Elementary_PID: 272 (0x0110)
transport_priority: 1 (0x01) reserved_2: 0 (0x00)
PID: 297 (0x0129) [= ] ES_info_length: 3 (0x0003)
transport_scrambling_control: 0 (0x00) [= No scrambling of TS packet payload]
adaptation_field_control: 1 (0x01) [= no adaptation_field, payload only] DVB-DescriptorTag: 131 (0x83) [= User defined/ATSC reserved]
continuity_counter: 11 (0x0b) [= (sequence ok)] descriptor_length: 1 (0x01)
Payload: (len: 184) Descriptor-data:
==> pointer_field: 0 (0x00) 0000: 00 .
==> Section table: 2 (0x02) [= Program Map Table (PMT)]
Data-Bytes:
0000: 00 02 80 26 00 0f 15 00 00 01 10 00 06 09 04 47 ...&...........G Stream_type: 129 (0x81) [= User private]
0010: 49 01 29 80 01 10 00 03 83 01 00 81 01 11 00 06 I.)............. reserved_1: 0 (0x00)
0020: 0a 04 65 6e 67 00 6c c4 86 25 40 00 11 00 3b 40 ..eng.l..%@...;@ Elementary_PID: 273 (0x0111)
0030: 0f 2a 63 4a 22 04 00 00 02 0a cf 4f fe 3b 41 40 .*cJ"......O.;A@ reserved_2: 0 (0x00)
0040: 31 10 20 00 3b 40 0f 75 e5 22 27 3b 09 e3 40 85 1. .;@.u."';..@. ES_info_length: 6 (0x0006)
0050: 71 da 6c fe 7f e6 ca 00 00 00 08 01 00 01 59 03 q.l...........Y.
0060: 00 00 72 03 01 00 d7 2b 46 ee d4 bf 6c c5 06 d2 ..r....+F...l... MPEG-DescriptorTag: 10 (0x0a) [= ISO_639_language_descriptor]
0070: 2d 09 ff ff ff ff ff ff ff ff ff ff ff ff ff ff -............... descriptor_length: 4 (0x04)
0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ ISO639_language_code: eng
0090: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ Audio_type: 0 (0x00) [= undefined]
00a0: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
00b0: ff ff ff ff ff ff ff ff ........
========================================================== CRC: 1824818725 (0x6cc48625)
 DC2 Service Information Tables
SCTE 65: Service Information Delivered Out-Of-Band For Digital Cable Television

DC2 tables
VCT – Virtual Channel Table
NIT – Network Information Table
NTT – Network Text Table
MGT – Master Guide Table

Many DVB standard tables are not used:

DVB equivalent
BAT – Bouquet Association Table
SDT – Service Description Table
EIT – Event Information Table

http://www.scte.org http://www.scte.org/SCTEDocs/Standards/ANSI_SCTE 65 2016.pdf

Internal connections
to CableCard slot
for QPSK output
 SCTE 55-1 Decoding Software
https://www.scte.org/documents/pdf/Standards/ANSI_SCTE-55-1-2009.pdf
https://github.com/akacastor/noob
https://github.com/akacastor/oobin
 MPEG Transport Stream Descrambler MPEG Decoder & TV

Working Key
56-bit DES
Lifetime: 133 ms to 1 second

Each channel ECM40

has unique keys Incrementing Frame Count value
Program Key Pair of ECMs for
each channel, all
56-bit DES STB process the
Lifetime: 1 day or 1 PPV event same ECM
ECM41
Access controls
Encrypted Program Key
All authorized Category Key
STB share
56-bit DES
same key
Lifetime: 1 month, or whatever
EMM95
Individual message
Access rights is sent to each STB
Seed Keys Encrypted Category Key
Each STB
has unique 3x 56-bit DES
seed keys Lifetime: STB lifespan
Stored in battery-backed RAM
 Satellite tuner
Access Control Processor (ACP) Demodulator

TVpass slot

MPEG decoder

Power supply
STB controller

Battery
 TVpass slot Cable tuner
(underneath) OOB tuner

Power supply

MPEG decoder &

QAM/OOB demodulators

STB controller

ACP
Battery
Transport Stream input
(from tuner)

SPI slave

Battery

Transport Stream ouptut

(to MPEG decoder)
 READY READY
STB controller ACP
/SS /SS
SPI master SPI slave
SCK SCK
command from STB
MOSI MOSI
response from ACP
MISO MISO
/RST /RST

Acting as master: MISO

MOSI

MISO
MOSI
Jumpers to hold STB /RST

SCK

SCK
/SS

/SS
and to connect MISO,
to act as SPI master

SPI #1 READY slave has data to send

Passive monitoring: SPI #2
slave /SS slave select (active low)
Using two SPI slave peripherals, slave SCK clock
MOSI is used for receiving,
/ master MOSI master out/slave in
MISO master in/slave out
MISO is left unconnected.
Xmega128 /RST STB controller reset
 SPI data log
< 80 04 00 04
> 55 04 14 10 20 FC FD 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 61
^^^^^ ^^ ^^ ^^
|| || Next category epoch Checksum
|| Current category epoch
Provider ID

< 80 05 00 05
> 55 05 09 FE 16 00 10 D3 99 FA 20 00 64
^^^^^^^^^^^^^^
UA# - Unit Address of STB

< 80 12 00 12
> 55 12 13 00 00 02 04 03 04 02 04 03 04 0C 6D 05 14 0D FC 00 00 00 80
^^^^^^^^^^^ ^^^^^^^^^^^
|| Keyselect for next category epoch
Keyselect for current category epoch

< 80 13 02 00 00 11
> 55 13 22 00 C0 4C 61 87 11 00 51 A1 00 DF 23 80 E0 01 98 D1 3F 00 80 41 00 08 20 48 00 00 00 D0 41 15 81 00 44 B1
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Subscription tiers

> 55 87 13 00 11 22 33 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^^ ^^ ^^^^^^^^ ^^ ^^ ^^
|| || || || || Next program key epoch
|| || || || Current program key epoch
|| || || Encryption mode – ZK / FP / FW S
|| || Service ID of this channel
|| 00 = Tuner0, 80 = Tuner1
07 = Response to Cmd07
87 = Unprompted response due to change in access rights (channel change etc)
Software disassembly (IDA)
 Simulator
Sim65:
a 65c02 simulation system

http://www.wsxyz.net/sim65/

Customizations for ACP

 Software organization
ROM layout
Personalization software is used during manufacturing to
Personalization initialize the device – setup UA#, keys, etc.
3 KByte Software After initialization is complete, access to
personalization software is disabled.

Application software always running after STB leaves factory.

Application
29 KByte This contains all the conditional access functionality.
Software

Vectors Vectors area contains reset and interrupt addresses.

 Task switcher
Task 0
Decrypt two programs
Priority: 1
(dual tuner support)
Idle Task

Task 1 Task 2 Task 3 Task 4

Priority: 5 Priority: 5 Priority: 4 Priority: 4
ECM40 [#1] ECM40 [#2] ECM41 [#1] ECM41 [#2]

Task 5 Task 6 Task 7

Priority: 3 Priority: 2 Priority: 2

EMM TVpass SPI interface

 Hardware Peripherals

SPI slave Transport Stream PID filter

● SPI selects ECM PID
● RX RAM buffer
● Tables placed in RAM and RX flag set
● TX RAM buffer ● SPI selects PIDs to decrypt
● Flag set when transfer complete ● Software selects Provider ID filter for ECM

DES hardware TS descrambler

● Hardware encrypt/decrypt ● Software sets working key

● 56 bit key, 64 bit data ● Selected PIDs are decrypted
● Standard and custom modes ● DES standard and custom modes
 System analysis

✔ MPEG Transport stream – ECM & EMM logging

✔ SPI bus – logging and understanding of ACP messages
✔ ROM dump (entire ACP firmware)
✔ Software disassembly and simulation
✔ Keys: Fixed keys found in ROM Possible bit errors from optical extraction
ruled out by valid checksum on key area
he are
re

➔ Understanding of ECM and EMM algorithms

we

✗ Keys: Seed keys, category keys, program keys only exist in RAM
 ECM40 – Working Key

Three sequential ECM40 messages (133 ms apart)

40 00 11 00 2D 80 07 2B 16 FA 22 04 00 00 00 BB
40 00 11 00 2D 80 07 2B 16 FB 22 04 00 00 01 42
40 00 11 00 2D 80 07 2B 16 FC 22 04 00 00 00 D2
^^^^^^^^ ^^^^^^^^ ^^ ^^
Service ID Frame Count HW Crypt Mode

Frame Count is used to generate Working Key

 ECM41 – Program Key
41 40 41 10 20 00 2D 80 07 75 6E 2A CE 13 09 E3
40 9E F1 9F E7 76 9A 7E BC 00 00 00 08 05 00 01
35 03 00 00 06 03 00 00 83 03 00 00 A9 03 00 00
C0 03 00 02 54 03 01 00 AB 69 1C D1 12 A8 CE D5

1020 Provider ID 8-byte Initialization Vector

2D8007 Service ID 00 Hardware crypto select
75 Category Epoch 08 Bitmapped (bit 6 indicates PPV)
6E Program Epoch 05 Number of acceptable tiers
2ACE13 Validity start (6, each 4 bytes)
09E340 Valid period (24 hr.) 8-byte Encrypted Program Key
40 00 11 00 2D 80 07 2B 16 FA 22 04 00 00 00 BB ECM40 Frame Count 2B16FA
41 40 41 10 20 00 2D 80 07 75 6F 34 B1 53 09 E3
40 44 37 29 A0 2E 25 4B A2 00 00 00 08 05 00 01 ECM41 Validity Start 34B153 (next key)
35 03 00 00 06 03 00 00 83 03 00 00 A9 03 00 00
C0 03 00 02 54 03 01 00 E8 F1 E4 74 45 B9 85 73

40 00 11 00 2D 80 07 2B 16 FB 22 04 00 00 01 42
ECM40 Frame Count 2B16FB
41 40 41 10 20 00 2D 80 07 75 6E 2A CE 13 09 E3
40 9E F1 9F E7 76 9A 7E BC 00 00 00 08 05 00 01 ECM41 Validity Start 2ACE13 (current key)
35 03 00 00 06 03 00 00 83 03 00 00 A9 03 00 00
C0 03 00 02 54 03 01 00 AB 69 1C D1 12 A8 CE D5

41 40 41 10 20 00 2D 80 07 75 6F 34 B1 53 09 E3 ECM41 Validity Start 34B153 (next key)

40 44 37 29 A0 2E 25 4B A2 00 00 00 08 05 00 01
35 03 00 00 06 03 00 00 83 03 00 00 A9 03 00 00
C0 03 00 02 54 03 01 00 E8 F1 E4 74 45 B9 85 73

40 00 11 00 2D 80 07 2B 16 FC 22 04 00 00 00 D2 ECM40 Frame Count 2B16FC

41 40 41 10 20 00 2D 80 07 75 6E 2A CE 13 09 E3 ECM41 Validity Start 2ACE13 (current key)
40 9E F1 9F E7 76 9A 7E BC 00 00 00 08 05 00 01
35 03 00 00 06 03 00 00 83 03 00 00 A9 03 00 00
C0 03 00 02 54 03 01 00 AB 69 1C D1 12 A8 CE D5

40 00 11 00 2D 80 07 2B 16 FD 22 04 00 00 01 58 ECM40 Frame Count 2B16FD

 EMM95 – delivered in 4 parts
0x0013274945 = UA: 0000 3213 41765
95 10 A6 00 13 27 49 45 00 00 00 00 00 00 BE C0 95 10 94 00 13 27 49 45 00 00 00 00 00 02 84 C0
00 75 00 00 40 29 20 8E 2D 88 B1 6B 44 1C 10 C3 00 75 00 00 40 BC 98 1E 16 6E 0E A0 1A 67 99 71
C3 FB 21 B3 EB 02 04 03 04 02 04 03 04 0D 6C 09 F2 8B 53 5E 25 02 04 03 04 02 04 03 04 02 00 03
90 0D AA 00 00 00 00 00 00 00 00 00 00 02 10 20 DF 00 00 04 00 00 00 00 00 10 00 02 40 42 00 00
00 80 01 DF 00 60 87 03 00 50 F1 00 DF 23 00 80 80 40 00 02 1A C0 1F 00 A0 07 B8 7B D4 0C 80 FF
00 80 91 33 80 00 40 00 00 22 48 00 00 01 00 41 87 DF E0 3F 00 E0 07 00 00 00 00 00 00 00 00 00
05 80 00 44 0F 00 FF FF FF 01 FF FF FF 02 FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF 03 FF FF FF 04 FF FF FF 05 FF FF FF 06 FF FF 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 00 00
FF 07 FF FF FF 08 FF FF FF 09 FF FF FF 0A FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF 0B FF FF FF 0C FF FF FF 0D FF FF FF 0E FF FF 00 00 00
FF 0F FF FF FF

95 10 93 00 13 27 49 45 00 00 00 00 00 01 86 C0 95 10 94 00 13 27 49 45 00 00 00 00 00 03 84 C0
00 75 00 00 40 75 77 07 CD E5 79 84 A7 12 BD 46 00 75 00 00 40 DB 9B 83 88 DA 80 81 FE CD 14 50
30 60 41 D2 B2 02 04 03 04 02 04 03 04 01 00 01 FC A7 ED 27 69 02 04 03 04 02 04 03 04 05 40 03
DF 30 14 00 00 00 00 C0 02 00 00 00 81 13 5E 20 DF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C 42 00 00 46 20 00 00 00 10 40 00 00 00 08 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2F 0F 10 FF FF FF 11 FF FF FF 12 FF FF FF 13 FF 00 DF 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF 14 FF FF FF 15 FF FF FF 16 FF FF FF 17 FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF 18 FF FF FF 19 FF FF FF 1A FF FF FF 1B FF 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF 1C FF FF FF 1D FF FF FF 1E FF FF FF 1F FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
FF FF 00 00 00
 95 10 A6 00 13 27 49 45 00 00 00 00 00 00 BE C0
00 75 00 00 40 29 20 8E 2D 88 B1 6B 44 1C 10 C3
C3 FB 21 B3 EB 02 04 03 04 02 04 03 04 0D 6C 09
90 0D AA 00 00 00 00 00 00 00 00 00 00 02 10 20
00 80 01 DF 00 60 87 03 00 50 F1 00 DF 23 00 80
00 80 91 33 80 00 40 00 00 22 48 00 00 01 00 41
05 80 00 44 0F 00 FF FF FF 01 FF FF FF 02 FF FF
FF 03 FF FF FF 04 FF FF FF 05 FF FF FF 06 FF FF
FF 07 FF FF FF 08 FF FF FF 09 FF FF FF 0A FF FF
FF 0B FF FF FF 0C FF FF FF 0D FF FF FF 0E FF FF
FF 0F FF FF FF
0013274945 Unit Address (UA) 8-byte Encrypted Category key (next)
00 EMM part # 02040304 Keyselect
BEC0 Bitmap indicating data items to follow 02040304 Keyselect (next)
00 Hardware crypto select 7-byte Geographic location
75 Category Epoch 1020 Provider ID
8-byte Encrypted Category key 00 Start of tier bank 0
 Decryption using Fixed Working Key

Encrypted Decrypted
transport stream DES descrambler MPEG transport stream
decrypt TS using
fixed working key

Decryption using Fixed Program Key

ECM40 processing
Encrypted Decrypted
ECM use fixed program key to
transport stream MPEG transport stream
decrypt working key
from ECM40
encryp
ted vid

DES descrambler
eo & a

decrypt TS using working key

udio
Normal SPI RX: [7289]: 55 05 09 FC 16 C2 88 48 74 58 85 84 C9
Normal (no glitch) response
Glitch 4/11412 [7293]: 55 13 09 FC 16 C2 88 48 74 58 85 84 DF
Glitch 4/11418 [7292]: 55 FF 09 FC 16 C2 88 48 74 58 85 84 33
Glitch 4/11419 [7290]: 55 BF 09 FC 16 C2 88 48 74 58 85 84 73
Glitch 4/11436 [7435]: 55 13 22 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Glitch 4/11439 [7292]: 55 13 09 FC 16 C2 88 48 74 58 85 84 DF
Glitch 4/11452 [7442]: 55 05 22 FC 16 C2 88 48 74 58 85 84 00 00 00 00 00 00 00 00 00 00 00 00
Glitch 4/11456 [7437]: 55 05 22 FC 16 C2 88 48 74 58 85 84 00 00 00 00 00 00 00 00 00 00 00 00
Glitch 4/11483 [11636]: 55 05 09 00 00 00 00 00 00 00 00 00 0C
Glitch 4/11491 [7286]: 55 05 09 00 16 C2 88 48 74 58 85 84 35
Glitch 4/11506 [7285]: 55 05 09 FC 00 C2 88 48 74 58 85 84 DF
Glitch 4/11514 [7293]: 55 05 09 FC 3E C2 88 48 74 58 85 84 E1
Glitch 4/11522 [7295]: 55 05 09 FC 00 C2 88 48 74 58 85 84 DF
Glitch 4/11527 [7294]: 55 05 09 FC BE C2 88 48 74 58 85 84 61
Glitch 4/11537 [7293]: 55 05 09 FC 00 C2 88 48 74 58 85 84 DF
Glitch 4/11560 [7293]: 55 05 09 FC 16 C2 88 48 74 16 85 84 87
Glitch
Glitch
4/11578
4/11599
[7292]:
[7260]:
55
55
05
05
09
09
FC
FC
16
16
C2
00
88
00
48
00
74
00
00
58
85
00
84
78
91
C6
Responses changed by glitch
Glitch 4/11622 [7291]: 55 05 09 FC 16 C2 88 48 58 58 85 84 E5
Glitch 4/11626 [7286]: 55 05 09 FC 16 C2 88 48 21 58 85 84 9C
Glitch 4/11654 [7292]: 55 05 09 FC 16 C2 88 48 00 58 85 84 BD
Glitch 4/11677 [7271]: 55 05 09 FC 16 00 00 00 74 58 00 7C B6
Glitch 4/11685 [7292]: 55 05 09 FC 16 C2 88 74 74 58 85 84 F5
Glitch 4/11694 [7286]: 55 05 09 FC 16 C2 88 00 74 58 85 84 81
Glitch 4/11700 [7295]: 55 05 09 FC 16 C2 88 80 74 58 85 84 01
Glitch 4/11741 [7277]: 55 05 09 FC 16 00 00 48 74 58 85 84 83
Glitch 4/11746 [10738]: 55 85 09 FC 16 00 00 48 74 58 00 00 02
Glitch 4/11751 [10740]: 55 05 09 FC 16 00 00 48 74 58 00 00 82
Glitch 4/11767 [7292]: 55 05 09 FC 16 C2 FE 48 74 58 85 84 BF Checksum
Glitch 4/11779 [7278]: 55 05 09 FC 16 00 88 48 74 58 85 84 0B
Glitch 4/11790 [7293]: 55 05 09 FC 16 C2 00 48 74 58 85 84 41
Glitch 4/11812 [10747]: 55 85 09 FC 16 00 88 48 74 58 00 00 8A
Glitch 4/11843 [7289]: 55 05 09 FC 16 00 88 48 74 58 85 84 0B
Glitch 4/11901 [7288]: 55 05 09 FC 16 C2 88 48 74 58 00 84 4C
Glitch 4/11937 [7290]: 55 05 09 FC 16 C2 88 48 74 58 85 00 4D Time until READY Delay before glitch
Bit errors found in optical ROM dump
Result of ROM extraction from single sample
Errors marked in red

By the bit
262,144 bits total
105 bit errors
= 0.04 % error rate (99.96% accuracy)

By the byte
32,768 bytes total
104 byte errors
= 0.32 % error rate (99.68% accuracy)

Only one byte had more than a single flipped bit.

 Key extraction from RAM

➔ All keys are stored only in RAM.

➔ RAM is battery-backed.
➔ Until now, glitching has been done on chips desoldered and put on test board.
➔ This isolates the 16 VCC pins from each other and other components.
➔ RAM contents lost when chip is desoldered.
➔ If we can successfully glitch ACP with RAM intact then all keys can be read.
➔ Category and Seed Keys are desirable.

Adapt glitcher to work on ACP in-circuit

or
Remove ACP from STB without losing RAM contents
dental pick razor blade
cut to shape using
Dremel tool

screwdriver handle
 Transport Stream scrambling
188-byte TS packet
47 12 34 00 4-byte header
01 01 01 01 01 01 01 01 02 02 02 02 02 02 02 02 03 03 03 03 03 03 03 03 04 04 04 04 04 04 04 04
05 05 05 05 05 05 05 05 06 06 06 06 06 06 06 06 07 07 07 07 07 07 07 07 08 08 08 08 08 08 08 08
09 09 09 09 09 09 09 09 10 10 10 10 10 10 10 10 11 11 11 11 11 11 11 11 12 12 12 12 12 12 12 12
13 13 13 13 13 13 13 13 14 14 14 14 14 14 14 14 15 15 15 15 15 15 15 15 16 16 16 16 16 16 16 16
17 17 17 17 17 17 17 17 18 18 18 18 18 18 18 18 19 19 19 19 19 19 19 19 20 20 20 20 20 20 20 20
21 21 21 21 21 21 21 21 22 22 22 22 22 22 22 22 23 23 23 23 23 23 23 23

23 blocks of 8 bytes crypted data

Analyzing scrambling
➔ Flip bits in ciphertext to observe results in decrypted result (CBC/ECB/OFB modes)
● one bit flipped corrupts one 8-byte block plus corresponding bit in next block: CBC mode
➔ Observe timing of decryption, look for changes in timing due to algorithm differences
● changes to algorithm such as number of rounds should have effect on timing
➔ Use DES HW as oracle
● send test data through ACP, controlling data, key, and all H/W registers
➔ Use DES weak keys (all 0 or all 1) and observe if behaviour matches standard DES
● encryption and decryption operations are equivalent when using key made of all 0 or all 1 bits
 DES “weak keys”
Weak key Non-weak key

DES key: 00 00 00 00 00 00 00 DES key: 80 00 00 00 00 00 00

Plaintext: 01 23 45 67 89 AB CD EF Plaintext: 01 23 45 67 89 AB CD EF
Encrypted: 61 7B 3A 0C E8 F0 71 00 Encrypted: F2 C4 69 25 D1 0D 86 BD

DES key: 00 00 00 00 00 00 00 DES key: 80 00 00 00 00 00 00

Ciphertext: 01 23 45 67 89 AB CD EF Ciphertext: 01 23 45 67 89 AB CD EF
Decrypted: 61 7B 3A 0C E8 F0 71 00 Decrypted: 00 7B 46 D4 9E AA 83 60

With DES key of all zero bits, If even one bit is nonzero, encryption and
encryption and decryption have same effect. decryption produce different effects.
Cracking Hardware Customization: DES key XOR taps
● Using H/W DES engine: Decrypt 23 blocks of 00 data, with 00 key, and customization enabled
● In software: Try decrypting 00 data with all combinations of key having 1 or more bits flipped
● Check for decryption matching any of the 23 blocks
● Positive results seen within seconds – some XOR masks have as few as 3 bits set
 Cracking Hardware Customization: DES data XOR taps
DES hardware 8-bit register:
00 = standard DES
01 – FF = customization
XOR gates

DES data supplied DES data used

to hardware for decryption
 Softcam implementation

EMM processing softcam

use seed keys to software
decrypt category key conditional access

M
EM
from EMM95 module

Encrypted Decrypted
transport stream ECM41 processing ECM40 processing MPEG transport stream
ECM
use category key to use program key to video playable using
included in transport
stream are tables for
decrypt program key decrypt working key common MPEG decoders
conditional access from ECM41 from ECM40 and software players
(example: VLC)

encr
ypte
d vide
DES descrambler
o&
a udi with h/w customization
o
(key XOR)
 Weaknesses

➔ Relatively old technology – easier for invasive analysis today

➔ TQFP100 package easy to deal with compared to modern
alternatives
➔ Voltage glitching
➔ Von Neumann architecture, no strong MMU protection
➔ No possibility for code updates for countermeasure purposes
➔ Hardware crypto customizations are simple
 Strengths
➔ Key handling and decryption contained within single chip makes it difficult to do key sharing.
➔ Fast working key change interval (133 ms) makes key sharing difficult.
➔ No possibility for code update means nowhere to write code for permanent backdoor.
➔ Internal CLK prevents clock glitching.
➔ Dead addresses to prevent linear readout of keys.
➔ Personalization ROM appears to be inaccessible.
➔ Keys kept only in RAM – must maintain battery backup at all times!
➔ Keys appear non-rewritable, preventing cloning units.
➔ No group keys for EMMs – all unit addressing is to individual units.
➔ Must pull keys from a subscribed box in order to get active keys.
➔ Software appears generally well-designed and written.
➔ Although DES is used, EMMs are signed using 3 DES keys.
➔ Multiple rounds of DES are used, increasing brute force complexity.