Inhibiting Card Sharing Attacks

  • Michael Tunstall
  • Konstantinos Markantonakis
  • Keith Mayes
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4266)


The satellite TV industry relies heavily on the use of smart card technology at the very heart of broadcasted services that are protected by legacy conditional access systems. The process of Satellite TV signal protection is distributed amongst a number of system components, e.g. smart cards, receivers, Conditional Access Modules (CAM) and the content provider. However, the introduction of “Open” Satellite Receivers, providing a highly configurable environment with software emulation of conditional access systems, enabled the implementation of whole range of new attacks. A widely deployed attack is often referred to as the “card sharing” attack, by which one legitimate user colludes to provide protected content to a larger group of unauthorised users. This paper proposes a countermeasure that increases the bandwidth requirements of this attack to the point where it is no longer practical with a standard internet connection, with a minimal impact on existing protocols and architectures.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    ETR 154: Digital video broadcasting (DVB): Implementation guidelines for the use of MPEG-2 systems; video and audio in satellite, cable and terrestrial broadcasting applicationsGoogle Scholar
  2. 2.
    Anonymous. CSA – known facts and speculations,
  3. 3.
    MultiMediaCard Association,
  4. 4.
    MultiMediaCard Association. Application note, an0501-1.00 (April 2005),
  5. 5.
    EBU Project Group B/CA. Functional model of a conditional access system. EBU technical Review, Winter (1995)Google Scholar
  6. 6.
    CENELEC. Common interface specification for conditional access and other digital video broadcasting decoder applications. Technical Report CENELEC Standard 50221, European Committee for Electrotechnical Standardization (CENELEC), Brussels, Belgium (February 1997)Google Scholar
  7. 7.
    Chachiere, V.: Man ordered to pay $180m restitution for TV signal piracy. Naples Daily News,
  8. 8.
  9. 9.
    Cutts, D.J.: DVB conditional access. IEE Electronics and Communications Engineering Journal 9(1), 21–27 (1997)CrossRefGoogle Scholar
  10. 10.
    Giesecke, Devrient: Secure and mobile storage media – the memory card with smart card technology (2005),
  11. 11.
    ETSI. Digital video broadcasting (DVB); support for use of scrambling and conditional access (CA) within digital broadcasting systems. Technical Report ETSI Technical Report ETR 289, European Telecommunications Standards Institute (ETSI), Sophia Antipolis, France (October 1996)Google Scholar
  12. 12.
    Gemplus. Cryptomotion. In: Cartes 2003 (2003), review available at:
  13. 13.
    Guillou, L.C.: Smart cards and conditional access. In: Beth, T., Cot, N., Ingemarsson, I. (eds.) EUROCRYPT 1984. LNCS, vol. 209, pp. 480–489. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  14. 14. Internet connections explained, a guide to dial-up, adsl and cable connections,
  15. 15.
    Hewitt, R.: North american MPEG-2 information (July 2003),
  16. 16.
    Holankar, D., Stamp, M.: Secure streaming media and digital rights management. In: Proceedings of the 2004 Hawaii International Conference on Computer Science, pp. 85–96. ACM Press, New York (2004)Google Scholar
  17. 17.
  18. 18.
    Kalina, P.: No-pay TV costs industry $50m. The Age Journal,
  19. 19.
    Kravitz, D.W., Goldschlag, D.M.: Conditional access concepts and principles. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 158–172. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  20. 20.
    Kuhn, M.: Attack on pay-tv access control systems. Security Seminar talk, University of Cambridge, London (1997)Google Scholar
  21. 21.
    Langelaar, G.C.: Overview of protection methods in existing TV and storage devices. Technical University of Delft (July 1996)Google Scholar
  22. 22.
    McCormac, J.: European scrambling system. Waterford University Press (1996)Google Scholar
  23. 23.
    International Standards Organisation. ISO7816–3 smart card standard: Part 3: Electronic signals and transmission protocolsGoogle Scholar
  24. 24.
    Praca, D.: Next generation smart card: New features, new architecture and system integration. In: 6th e-Smart Conference, Sophia Antipolis, France (September 2005)Google Scholar
  25. 25.
    Praca, D., Barral, C.: From smart cards to smart objects: The road to new smart card technologies. Computer networks 36(4), 381–389 (2001)CrossRefGoogle Scholar
  26. 26.
  27. 27.
    STmicroelectronics. Smartcard solutions ST19 multi-application smartcard ICs,
  28. 28.
    STmicroelectronics. STmicroelectronics delivers world’s first USB-certified smart card chips (2002),
  29. 29.
  30. 30.
    Dream Multimedia Worldwide. Dreambox DM7000s user manual,

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Michael Tunstall
    • 1
  • Konstantinos Markantonakis
    • 1
  • Keith Mayes
    • 1
  1. 1.Smart Card Centre, Information Security GroupRoyal Holloway, University of LondonEghamUK

Personalised recommendations