ANSI SCTE 201-2018 pdf download.Open Media Security (OMS) Root Key Derivation Profiles and Test Vectors
1.1 Background
This standard is an extension of the ETSI TS 103 162 [1] standard for a key ladder, by further defining certain aspects and providing test vectors to enable implementers to verify certain aspects of an implementation. The use of a standard key ladder is part of enabling any television receiving device to receive scrambled television content from any television distribution network, independent of the network conditional access security system in use. However, use of ETSI TS 103 162 [1], described below as Profile 0, is discouraged as it allows use of undisclosed algorithms and therefore undisclosed and unknown intellectual property. This standard specifies certain processes which are both necessary for interoperability and not specified in the ETSI standard.
The basis of the key ladder standard is a three-step key ladder and challenge- response authentication scheme in which the base key derivation inputs are protected within the one-time programmable memory (OTP) of the sink device’s hardware (e.g. chipset). The key ladder is used primarily for the delivery of content descrambling keys while the challenge-response mechanism is used for checking the integrity and authenticity of sink devices as well as messages arriving from a source. The key ladder standard is designed to support dynamic substitution and replacement of either sink or source device in a manner that maintains the security and integrity of the underlying content distribution network. The standard enables the portability of sink devices between content distribution networks by permitting the field upgradeability of sink devices to work with previously unknown source devices.
The source device is expected to be a key management system such as a traditional CAS or DRM solution deployed by a content distribution network, and the sink device is expected to be a secure content consumption device such as a STB or television, this standard is not limited to only supporting these particular types of devices. The root key derivation function yields a different set of keys for different Vendor_ID values, yielding a system where several different conditional access systems can simultaneously operate separately, securely. Similarly, where Module_ID is used, different values of Module_ID yield different keys, which are used for, e.g., DRM functions. This standard does not specify how content arrives to the OMS sink device descrambler, only that the OMS sink device’s descrambler must recognize the scrambling algorithm utilized by the content’s network distribution system. This standard does not specify compliance and robustness rules for chipset hardware nor interoperability or certification requirements. Such rules are beyond the scope of this standard and are expected to be the responsibility of an industry-wide licensing authority (ILA). It is recognized that effective and safe implementation and deployment of content security systems based on the mechanisms described in the present document will require a complete security infrastructure that can deal with business, security, intellectual property, documentation and trusted information distribution issues. The description of such an infrastructure and the organizations which will administer it (i.e. an ILA) is outside of the scope of the present document. As OMS is expected to be implemented in the chipset hardware of OMS sink devices, a universal separable security standard would also expect that the OMS sink device’s hardware would implement all standardized descrambling algorithms that it might ever encounter.
The following documents contain provisions, which, through reference in this text, constitute provisions of the standard. At the time of Subcommittee approval, the editions indicated were valid. All standards are subject to revision; and while parties to any agreement based on this standard are encouraged to investigate the possibility of applying the most recent editions of the documents listed below, they are reminded that newer editions of those documents may not be compatible with the referenced version.ANSI SCTE 201-2018 pdf download