SHAPING THE FUTURE OF SATELLITE COMMUNICATIONS
9.13.1 Content Protection
Content is protected by encrypting the baseband frames of a DVB-S2
transmission.
Encryption is applied on the data field of the baseband frame, using the AES
algorithm to encrypt it. Different baseband frames are encrypted independently.
Figure 113 - Baseband Frame Structure (Source: EN-302307)
The encryption-decryption process makes sure that at the output of the decryptor,
the baseband frame is identical to the one at the input of the encryptor.
The signalling used for the encryption is proprietary. Unencrypted streams can be
received by any DVB-S2-compliant receiver. Encrypted signals can only be
received by devices that have the Newtec AES decryption mechanism
implemented.
9.13.2 Key Management
9.13.2.1 Overview
The key management defines the ways encryption/decryption keys are sent to and
used by the encryptor and decryptor engines.
The key management system is designed to be straightforward, enabling effective
manual or automated operations.
Keys are sent to the devices through the monitoring and control channel.
The encryption keys must be entered on the modulator by a human operator or an
automated management system. The content key can be entered in non-encrypted
or in encrypted format.
The non-encrypted format is used in any deployment where the channel (human
operator or computer network) used to send the content key to the device is secure
enough.
The encrypted format is used when the communication channel used to distribute
the keys to the device is not secure. In that case, the system uses a secret group
key stored in the device to guarantee that the encrypted content key can only be
used on that device (or devices with the same group key).
To Next Page
Loading...
