[mythtvnz] Extracting EPG from sky

David Zanetti mythtvnz@lists.linuxnut.co.nz
Fri, 03 Feb 2006 14:03:07 +1300 

--=-6SB9AlZEwBQxTN5Oj0Fd
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Fri, 2006-02-03 at 12:49 +1300, Steve Hodge wrote:
> On 2/3/06, Wade Maxfield <mythtvnz@hotblack.co.nz> wrote:
> >  As far as Sky encrypting the EPG, I guess that's a
> > possibility, but it wouldn't be the easiest thing to implement,
> > considering the size of the installed user base of old decoders.  It
> > may be something they could do with a firmware update but still a
> > little bit of a mission.
>=20
> I doubt they could do it well without replacing the decoders. The
> problem is that the CPU in those decoders is slow - just try using
> their EPG to get an idea how bad it is. Decoding 500K of data is going
> to be a major burden if the encryption scheme is at all CPU intensive.

You're assuming it's handled by the CPU. The way the boxes are designed,
all encryption is offloaded to NDS-supplied chipsets, and they already
cope with at least 5Mbit/s of video+audio, so I doubt the EPG data is
going to pose a problem. (EPG data on Sky transponders runs between 0.5
and 1Mbit/s.) The slowness of the rest of the box doesn't reflect any
inablity to encrypt the data, it's only UI rubbish hitting the CPU :)

FWIW, the DVB spec _does_ allow EPG data to be encrypted. Yes, it'll be
a last step, but one they can probably do with little fanfare.

> > But even if they do encrypt it, it should
> > be possible to decrypt it (in theory) since the data is small enough
> > and doesn't have to be done in real time, unlike having to decrypt a
> > sky digital video stream.

It's based on public key crypto. You could try a known plain-text attack
against the data, but that means searching the session key space for
(potentially every packet) each time the key rotates. And I doubt the
public key parts are going to be attackable at all in the near future.

--=20
David Zanetti <david.zanetti@catalyst.net.nz>
Team Leader, Systems Administration
Catalyst IT Limited
+64-4-8032233 +64-21-402260

--=-6SB9AlZEwBQxTN5Oj0Fd
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQBD4qvLei0cZZ0ajFMRAgkiAJwJpz5yzA63AV3Kdind+GalJg6LfwCgp6Q6
O6t9tq3Drjql4A8mbbdevAE=
=ktqK
-----END PGP SIGNATURE-----

--=-6SB9AlZEwBQxTN5Oj0Fd--