Some technical details about Videocrypt
---------------------------------------
Markus Kuhn -- 1994-08-02
In this file, I'll collect some of the details known or assumed about
the Videocrypt pay-TV access control system. Consider it as some kind
of frequently asked questions list with answers about the system.
1 Basic principle
Videocrypt encodes the TV image by cutting each line of the image in
two pieces at some cut point and then exchanges these two line
fragments in the broadcasted pictures. E.g. if a line like
0123456789
passes the encoder, the output might look like
4567890123
where the digits represent the pixels of the image. There are 256
possible cut points and there are no cut points directly near the image
border (the miniumum distance from the margin is about 12-15% of the
image width) which is the reason why you sometimes still can see
vertical patterns even on an encrypted image. The sound is currently
not encrypted.
Several times per second, a computer at the broadcasting station
generates a 32 byte long message which is broadcasted encoded together
with forward error correction information in the first invisible lines
of the TV signal similar to teletext. About every 2.5 seconds, one of
these 32-byte messages is processed in the encoder by a secret hash
algorithm which transforms the 32-byte message into a 60-bit value.
These 60 bits are then used by a second algorithm in order to determine
the 8-bit cut point coordinates for each line for the next 2.5 seconds.
No details about this second algorithm are known, but think of it just
as some kind of 60-bit pseudo random number generator (PRNG) were the
60-bit output from the secret hash function is used as a start value
(seed).
The decoder receives the 32-byte messages and other data together with
the TV signal, applies some error correction algorithms and passes all
32-byte packets to the smart card in the decoder's card slot. The smart
card implements the same secret hash function and answers with the same
60-bit value as the one which is used in the encoder. By using this
60-bit answer from the card, the decoder hardware can generate with the
same PRNG the same cut point sequence as the encoder and can so
reconstruct the original image by again exchanging the two line
fragments. The secret hash function is a cryptographically strong
system which is designed so that it is extremely difficult to guess the
algorithm of this function by looking at many pairs of 32-byte/60-bit
values.
Apart from being the source for the generation of the 60-bit PRNG seed,
the 32-byte messages from the broadcasting station contain card numbers
so that individual cards can be addressed and they contain commands
like activation, deactivation and pay-per-view account modification. In
addition, the 32-byte packets contain a digital signature (currently 4
bytes) that allows the card to test whether the 32-byte messages really
originate from the encoder and have not been generated by someone
analysing the card. Again, this digital signature like the hash
function has been designed so that it is difficult to find out how to
generate a correct signature by looking at enough examples. This
prevents choosen-text attacks, where someone tries to probe the secret
hash function with very carefully selected 32-byte messages and this
prevents hackers to generate new activation commands for the card.
In early 1993, someone managed to get access to the secret hash
functions of several stations which use Videocrypt (e.g., British Sky
Broadcasting, Adult Channel, JSTV, BOB, Red Hot TV). Most of these
systems used the same hash and signature algorithm and the only
difference between the stations was a 32-byte secret key table. It is
not known, how it was possible to get this information. Either someone
from the company who manufactured the cards (News Datacom Ltd.)
released this information or it was possible for someone to read out
the EEPROM contents of the card processor (very difficult, but
theoretically possible). With this knowledge it was then quite easily
possible for the original hackers to produce 'clone cards'. These are
simple PCBs with a cheap microcontroller (e.g. one of Microchip's PIC
family), which implements only the secret hash function and serial I/O
procedures in its EPROM and answers with the correct 60-bit values to
32-byte messages just as the real cards do. For several channels, clone
cards are still available, but BSkyB distributed new 09 series cards in
spring 1994 and switched on 1994-05-18 to a new secret hash ans
signature function. Consequently, all clone cards stopped to work.
The clone cards didn't implement any interpretation procedures for card
activation, deactivation and pay-per-view functions, so their software
is considerably simpler than the one in the real cards. This resulted
in some tiny differences between the reaction of the clone card
software and the reaction of the original card software on pathological
32-byte messages. These differences were used in counter measures
(commonly referred to as ECMs) against clone cards several times in
1993 and 1994 by BSkyS and News Datacom in order to deactivate clone
cards, but it was quite easy each time to find out these tiny bugs in
the clone card software and correct it.
There are two microprocessors in a typical Videocrypt decoder. An Intel
8052 microcontroler manages the communication between the smart card
and the rest of the system. As the software of this processor is not
read protected, it was also possible to reprogram this chip (by using
the EPROM version 8752BH) so that the hash algorithm is performed
inside the decoder. Then no external card is needed at all for the
channels for which the hash algorithm was implemented in the 8752. The
second processor is a Motorola 6805 variant and its internal ROM
contents can't be read out easily. The Motorola decodes the data that
comes with the TV signal, applies error correction algorithms to this
data, exchanges the 32-byte messages and 8-byte answers with the Intel
processor and controls the PRNG and the on-screen display hardware.
There are also Videocrypt II decoders available. These work almost like
the Videocrypt decoders and the only important difference is a new
software in the Intel and Motorola processor. Videocrypt II decoders
get their data from other invisible TV lines than Videocrypt, and it is
possible to broadcast a signal encrypted in a way that allows both
Videocrypt and Videocrypt II to decode it with different smart cards.
More detailed basic information about Videocrypt has been published in
the European patent EP 0 428 252 A2 ("A system for controlling access
to broadcast transmissions"). You can order a copy for little money
(about 10 DM) from the European Patent Office (Schottenweldgasse 29,
A-1072 Wien, Austria) if you are interested.
2 Security of the Videocrypt system
The system is very secure, because all secret parts that are essential
to a successful decryption are located in the smart card and if the
card's secret hash algorithm/key becomes known, it can easily be
replaced by just sending new cards to the subscribers. This card
exchange can also be used if details about the format of the commands
hidden in the 32-byte sequences sent to the card become known which
allows together with the knowledge of the signature algorithm to
generate new activation messages and to filter out deactivation
messages.
There are however at least two obvious security flaws of the system
which can't be removed by new smart card generations:
- The dialog between the card and the decoder is the same synchronously
for all Videocrypt decoders switched to this channel. I.e., the decoder
doesn't add any card specific or decoder specific information to the
traffic. This makes it possible to use one card for several decoders.
E.g. it is possible to record the 32-byte messages broadcasted by
the station during an evening with a PC, then send these messages to
someone else with an original card who asks his card for the 60-bit
answers to all the recorded messages. If this person then sends
these 60-bit answers back, then you can use this data in order
to descramble the VCR recorded program of this evening (delayed data
transfer). However, decoding VHS recorded encrypted signals produces
minor color distortions and a few VCRs don't preserve the Videocrypt
data stream in the first invisible lines that accompanies the TV
signal. It is also possible to distribute the 60-bit answers from
one card in real-time with cables to many decoders in a house or
with radio signals to many decoders in a larger region.
- The simple cut-and-exchange encryption method and the fact that two
consecutive lines in an image are almost always nearly identical
makes it possible to try all 256 possible cut points and to select
the one which causes both lines to fit together best. This method
has alreday been implemented on fast PC's with framegrabbers which
load the image into the memory and display it corrected on the computer
screen (many seconds per frame), on parallel supercomputers which
allow almost real-time decryption and with special hardware that
achieves real-time decryption. Howevery, with this decoding method,
there are severe image quality losses and many additional problems
which together with the high hardware costs required (much higher
than a regular subscription) don't make this approach very practical
for every day usage.
Both these security gaps in the videocrypt systems don't allow
comfortable and easy high quality decryption like using a card, but the
described methods have already been successfully used by a few
technically skilled peoples for watching encrypted program.
3 ISO card protocol
The card and the protocol used to cummunicate with it conform exactly
to the international standard ISO 7816. The options used from this
standard are: T=0 asynchronous halfduplex character transmission
protocol, active low reset and inverse convention. Only a few basic
principles of the ISO protocol will be explained here. For much more
detailed information, please read the ISO standard which you can order
from your national standards body (e.g. DIN, ANSI, AFNOR, BSI, DS,
etc.). There are three parts of the standard: ISO 7816-1 describes
physical characteristics of the card and quality tests a card has to
survive, ISO 7816-2 describes the location and meaning of the contacts
and ISO 7816-3 (most important) describes the electrical
characteristics, the answer-to-reset message and the protocol.
The data format is an asynchronous 9600 bit/s serial format similar to
that used on RS-232 lines with 8 data bits, 1 parity bit and two stop
bits. The parity is even (but if inverse bit meaning convention is
used, a RS-232 interface has to be programmed for odd parity in order
to produce the correct bit). There is also an error detection and
character repetition mechanism in the protocol which is not supported
by RS-232 interfaces: If the receiving device (card or decoder) detects
a parity error, it sends an impulse during the stop bit time. This will
tell the sender to retransmit one byte.
After a reset impulse to the card, the card answers with an
answer-to-reset message with some information about the requirements of
the card. If the first byte is 3fh, then this means that in order to
read the bytes with a RS-232 interface, you'll have to invert and
reverse all bits. A typical answer-to-reset looks e.g. like the
following one:
3f fa 11 25 05 00 01 b0 02 00 00 4d 59 00 81 80
| | | | | | 'historic characters' with|
| | | | | | information about chip and|
| | | | | | software version, etc. |
| | | | |
| | | | +- low nibble: protocol type T=0,
| | | | high nibble: end of ISO part
| | | |
| | | +- requests 5 additional stop bits
| | |
| | +- encodes programming voltage and max. programming
| | current (here: 5V, 50mA)
| |
| +- clock freq.: 11h=3.5 MHz, 31h=7 MHz
|
+- the 0ah low nibble means: 10 'historic characters' which
are not defined in the ISO standard are appended to
the reset answer
The answer-to-reset message has a variable length format. Some bits
specify whether certain bytes are present or not. If the lowest bit in
the high nibble of the second byte is 1, then the above shown third
byte is present and determines the relation between the bit rate and
the clock frequency after the reset answer. E.g., 11h means that 372
clock cycles are one bit duration (default), i.e. with a clock
frequency of 3.5712 Mhz, the bit frequency is 9600 Hz. In the
Videocrypt system, the bit rate is always 9600 bits/s, but a value of
31h (= factor 744) in the third byte requests a doubled clock frequency
(~7MHz) from the decoder. Other values are not supported by the
Videocrypt decoder.
The Videocrypt decoder supports several programming voltages (5 V, 12.5
V, 15 V and 21 V, max. 50 mA current) and different numbers of stop
bits (>= 5) sent to the card. All these parameters can be selected in
the answer-to-reset. Of the 'historic characters' part, the decoder
only verifies that it is at least 7 characters long and that the values
4dh und 59h are at the positions as in the example, otherwise the card
is rejected. No more details about the information in the historic
characters part of a Videocrypt card is currently known. For the
detailed format of the answer-to-reset message, please consult ISO
7816-3.
The T=0 protocol is a half duplex master slave protocol. The decoder
can send commands to the card followed by a data transmission either to
or from the card. The card can do some limited flow control and can
request or deactivate the programming voltage VPP selected in the
answer-to-reset using "procedure bytes". If the decoder initiates a
command, it sends five header bytes to the card, e.g.
53 78 00 00 08
The first byte (CLA) is the command class code and is always 53h in the
Videocrypt system. The second byte (INS) is the instruction code. Its
lowest bit is always 0 and instruction codes have never a 6 or 9 high
nibble (you'll see below, why). The following 2 bytes (P1 and P2) are a
reference (e.g. an address) completing the instruction code and a
Videocrypt decoder sets them always to 00 00. The final byte (P3) codes
the number of data bytes which are to be transmitted during the
command. P3=0 has a special meaning: In data transfers from the card,
it indicates 256 data bytes, in data transfers from the decoder, it
indicates 0 bytes. The direction of the data transfer is determined by
CLA and INS and must be known in advance by both the card and the
decoder.
After transmission of such a 5-byte header, the decoder waits for a
'procedure byte' from the card.
The following procedure bytes are possible:
60h Please wait, I'll send another procedure byte soon,
don't timeout.
INS Now let's transfer all (remaining) data bytes, I don't
need programming voltage.
INS+1 Now let's transfer all (remaining) data bytes and please
activate VPP.
INS xor ffh Now let's transfer another single data byte,
I don't need programming voltage.
(INS+1) xor ffh Now let's transfer another single data byte, and please
activate VPP.
6Xh or 9Xh This byte SW1 indicates an end of the data transfer
and requests to deactivate VPP. A second status byte SW2
follows from the card. SW1 SW2 = 90 00 indicates a
normal termination, other values report e.g. an error.
After each data transfer, the decoder waits for another procedure byte.
E.g., a typical decoder<->card dialog looks like this (command 78h
requests the 60-bit answer as 8 bytes from the card):
decoder sends header
53 78 00 00 08
card sends procedure byte (all at once, no VPP)
78
card sends P3 data bytes
80 52 02 79 f5 39 7c 0e
card closes with SW1 and SW2
90 00
4 Videocrypt protocol
The newer Videocrypt smart cards don't require any programming voltage
(the VPP pin isn't even connected). Although, the ISO standard requires
only 2 stop bits after each transfered byte, Videocrypt decoders seem
to require more than 5 stop bits. As PC serial ports don't support more
than 2 stop bits directly, a card emulator software has to wait for
about 0.5-1.5 ms after each byte. Cards can announce in the
answer-to-reset message, how many stop bits they require and Videocrypt
cards also do require more than 2 stop bits.
A videocrypt decoder knows the following 10 commands (all with CLA=53h
and P1=P2=00h):
INS length (P3) direction purpose
---------------------------------------------------------------------
70h 6 from card serial number, etc.
72h 16 to card message from previous card
74h 32 to card message from station
76h 1 to card authorize button pressed
78h 8 from card 60-bit answer
7ah 25 from card onscreen message
7ch 16 from card message to next card
7eh 64 from card ??? \
80h 1 to card ??? > perhaps Fiat-Shamir
82h 64 from card ??? / authentication?
The following things are known about the data bytes of these commands:
70h:
In BSkyB cards, the 70h data contains the card issue number (e.g. 07 or
09) in the low nibble of the first byte. The high nibble of the first
byte seems to be always 2. The next 4 bytes form an 32-bit bigendian
integer value which corresponds to the decimal card number without the
final digit of the card number (which is perhaps a check digit,
algorithm unknown). The meaning of the final byte is unknown.
72h and 7ch:
Several times per second, the decoder requests with 7ch 16 bytes from
the card. If a card is removed and a new card is inserted in the
decoder without switching off the power of the decoder, then shortly
after the card reset, the decoder sends the latest 7ch data bytes from
the previous card in a 72h message to the new card. In this way, 16
bytes information (e.g. the status of a pay-per-view account or a list
of activated channels?) can be transfered from one card to the next.
74h and 78h:
The 74h command transfers the 32-byte messages from the broadcasting
station to the card. If the third bit (value 8) in the first byte is
set, then the decoder will ask with a 78h command for the 60-bit
answer. This happens about every 5th 74h packet every 2.5 seconds. The
high nibble of the final byte in the 78h data is ignored by the decoder
(only 60 bits are needed). The high nibble of the first 74h byte seems
to have the value eh or fh in normal encrypted operation and ch or dh
in the 'soft scrambled' mode where the decoder can descramble the image
even without any card.
The following information is valid for the 07 and 09 BSkyB card and need not
necessarily be true for future smart cards, because these data bytes
don't seem to be interpreted in the decoder and so their meaning can be
exchanged. A typical BSkyB 74h packet for the 09 series card looks like
this:
e843 0a888261 0c 29e403f6 20202020202020202020202020202020 fb54ac02 51
The second byte indicates the current date and counts the months since
January 1989. In the 07 card, this month code selects one of several
32-byte secret key tables that are used by the hash function. When the
switch from the 07 hash algorithm to the new 09 algorithm happened on
1994-05-18, this value jumped from 40h (1994-05) to 43h (1994-08) which
might indicate that the activation of the 09 algorithm was originally
planned for August. In the 07 card, this value was only interpreted to
find an offset into a table with various 32-byte secret keys.
The third byte seems to be a random number. This byte together with the
month code is used to generate with a quite simple algorithm four XOR
bytes which are necessary to decode the command byte and the card
number prefix (described below). If you XOR these four bytes with bytes
8 to 11 and if you the XOR only the first of the four bytes with byte
4, then you have decrypted the card number and the command code.
The fourth byte is an encrypted command code. Some decrypted known
values are:
0x00.Deactivate whole card (message: 'PLEASE CALL 0506 484777')
0x01.Deactivate Sky Movies (message: 'THIS CHANNEL IS BLOCKED')
0x02.Deactivate Movie Channel
0x03.Deactivate Sky Movies Gold
0x06.Deactivate Sky Sports
0x08.Deactivate TV Asia
0x0c.Deactivate Multichannels
0x20.Activate whole card (remove 'PLEASE CALL 0506 484 777')
0x21.Activate Sky Movies (remove 'THIS CHANNEL IS BLOCKED')
0x22.Activate Movie Channel
...
0x2c.Activate Multichannels
0x40.Pay-per-view account management command
0x80.\
0x81. \ perhaps 09 card ECM
0xf0. / commands
0xf1./
Packets with incorrect command bytes and correct signatures can
irreversibly kill a card (it doesn't even answer the reset).
The fifth and sixth byte seem to be parameters for pay-per-view account
management (program number and number of tokens) and don't seem to have
a meaning for enabling and disabling commands.
The lower 7 bits of the seventh byte contain a channel ID.
A card number is represented by a 5 byte card address consisting of a 4
byte prefix and a 1 byte suffix. The five bytes for a card are
identical to the first 5 bytes of the 70h answer, only the high nibble
of the first address byte seems to have a different purpose (unknown).
Up to 16 cards with the same card address prefix can be addressed with
one single 32-byte 74h message. The bytes 8-11 might contain the common
prefix to the addressed cards and the bytes 12-27 the various suffixes.
If there are less than 16 different cards to be addressed, then the
same suffix byte is repeated several times in order to fill the space.
The 4-byte prefix is encrypted like the command byte by XORing it with
the four bytes generated using the bytes 2 and 3.
The 4 bytes 28-31 contain the digital signature which is simply an
intermediate result of the iterations of the hash algorithm. If the
checksum, the digital signature, or some of the values in the first 7
bytes of a 74h command aren't correct, then the 78h answer will only
contain 8 00 bytes or in some cases 01 00 00 00 00 00 00 00. The final
byte 32 is a simple checksum that makes the sum of all 32 bytes a
multiple of 256.
The 07 card (and also cards used by Sky New Zealand) have an
interesting security hole: The card sends to the decoder as many data
bytes as specified in P3. By sending a higher length value in the
command header to the card, one can get up to 256 data bytes back which
seem to be values from the card's RAM that allow some insight into the
internal data structures of the card software.
76h:
If the authorize button on the decoder is pressed for a few seconds,
then the decoder will send a single 76h message with a 00 data byte to
the card.
7ah:
This command requests from the card an ASCII text which is then
displayed on the TV screen. The display field is 12 characters wide,
one or two lines high and no lowercase letters are supported. The lower
5 bits in the first byte indicate, how long the text is which is to be
displayed: 0 for no display, 12 for a single line and 24 for 2 lines.
The highest 3 bits of the first byte seem to be some kind of display
priority. The number there (0-3) must be high enough if standard
decoder messages have to be suppressed. The remaining 24 bytes contain
the ASCII test.
The meaning of the other commands is unknown, some of them are never
used currently. Perhaps these commands are used for the Fiat-Shamir
identification exchange described in the patent. Some cards understand
also additional instruction codes which can't be issued by a normal
decoder. E.g. a BSkyB 09 card understands also 12h, 86h, 88h, 8ah and
8ch. These commands are perhaps used in order to test or configurate
the card at the factory, etc.
Please contact me if you find out anything new. My e-mail address is
[email protected].
5 VCL File Format
The Videocrypt Card Logfile format (VCL) is used by some peoples for
performing the delayed data transfer procedure described in section 2.
Person A with a valid card can record the dialog between the decoder
and the card for a certain program P and transmit this information as a
VCL file to person B who has no card and has recorded with a VCR only
the encrypted signal of program P. Person B now connects the Videocrypt
decoder between the VCR and the TV set and connects the card slot of
the decoder to a PC. Using the information in the VCL file, B's
computer can now also decrypt program P. This is of course only
possible for the few hours which are covered by the information in the
VCL file.
Not all of the information exchanged between the card and the decoder
is necessary for descrambling the TV signal. The VCL format uses this
fact in order to save a lot of storage space. Only 12 bytes of high
entropy (that means: almost uncompressable) are stored every 2.5
seconds. So a VCL file of a 1 hour program is only about 17 kbytes
large. In addition, VCL files don't contain any information about the
card owner (especially not the card serial number), which appears in
normal full log files. (The only potential security hole is the
remaining nibble in the 78h data, consequently it should be cleared in
order to avoid card specific information to leak into the VCL file.)
VCL files have a very simple binary format consisting of a 128 byte
header and arbitrarily many 12 byte records. At the end, VCL files may
be padded with zero bytes to a multiple of the operating system's disk
sector size, so that no RAM contents can leak in there out of an
unsecure system like MS-DOS. Don't forget to use a binary mode if you
transfer VCL files or their contents will be rendered unusable.
The 128 byte header has the following format:
byte number purpose
0 - 3..ASCII String 'VCL1' which identifies the file
type and version of the format.
4 - 7 The number of 12-byte records stored in this
file encoded as a bigendian (most significant
byte first) 32-bit unsigned integer value.
8 - 23 Date and time when the recording started.
Format: yyyymmddThhmmssZ, where yyyymmdd are
year, month and day (e.g. '19940618'), hhmmss
are hour, minute and second (e.g. '235959'),
T ist just the ASCII letter T, and Z is
the ASCII letter Z if the time is UTC or
a zero byte, if the time is local time. The
digits are ASCII characters.
24 - 55 Name of the satellite or cable system from
which the recording was done. This is a zero
terminated ASCII string with only characters
between 20h and 7eh. As many zero bytes are
appended as necessary for filling up the 32
bytes. The same format is also used for the next
two text fields. Example: 'Astra'.
56 - 63 Name/number of the transponder from which
the recording was done. Example: '08' for
Sky One on Astra.
64 -127 Description of what has been recorded.
Example: 'Star Trek: TNG, episode 123'
After the first 128 bytes follow as many 12 byte records as announced
in bytes 4-7. Each record represents a 74h/78h Videocrypt protocol pair
and constists of two fields: The first 4 bytes are the final 4 bytes of
the 74h data part, the remaining 8 bytes are the data part of the
corresponding 78h command. Four bytes of each 74h packet are enough to
allow a card emulator to quickly and reliably synchronize with the
queries of the decoder. The final four bytes of the 74h commands have
been selected because of their high entropy (signature and checksum).
