Consumption devices such as set-top boxes, computers, tablets or any processing device connected to a screen are in charge of the reception of protected media content, the removal of the protection and the transmission of the unprotected media content to a consumer device such as a television.
The media content could be in the form of a video content and is generally encrypted by a unique key, the media content key. The so-called encrypted media content is stored in a management server while waiting for a request initiated by the consumption device.
When the consumption device, or the user of same, requests a media content, the message requesting said media content contains an identification of the consumption device. The management center can then prepare a secure message, containing the media content key, said secure message being encrypted with a key pertaining to the consumption device. This key is recovered by the management center thanks to the identification data provided in the request message. This means that the management center stores a personal key for each consumption device, the proper one being retrieved thanks to the identification data.
The secure message, encrypted by the personal key, is then sent to the consumption device. The latter decrypts the secure message, retrieves the media content key and decrypts the media content.
The consumption device comprises security means, e.g. in the form of a security module, a smartcard, a dedicated chip, or obfuscated software to carry out the decryption of the encrypted media content. It is then very difficult to break the security of the encrypted media content by tampering with the personal key. In some instances, the media content is stored locally and the decrypted media content is re-encrypted with a local key. So an attacker will focus on the consumption device to try to recover the local key to be able to obtain the valuable media content in clear.
In the case of a home gateway, the encrypted media content is received by the home gateway from the provider and decrypted using the security means of said home gateway. Before transmitting the media content to a consumption device, the media content is re-encrypted by a local key shared between the home gateway and the consumption device. The level of protection of the local key stored in the consumption device is less than in the security means of the home gateway and an attacker will focus his efforts on the recovery of the local key in the consumption device.
One attack on the content key while it is used to decrypt the content suffices to recover all the content in clear. So the pirate only needs to perform one attack per content, which is a big incentive: even if it take several days to hack the key, it is worthwhile to get access to a high value content. Moreover, since the content is often freely available from the CDN (content distribution network), he does not have to redistribute the content: he can simply redistribute the content key and let the recipients retrieve the content from the CDN.