Cryptography people: using modern primitives, how would you build pay-per-view cable-tv style encryption? Assume a unidirectional and broadcast channel (everyone gets the same data, and can't send) because that's the hard part. Digital video though, not analog.
-
-
Replying to @colmmacc
What is the allowable path for upstream data? Is there some reasonable realtime communication path from the cable box to the provider or does it all have to be unidirectional?
1 reply 0 retweets 2 likes -
Replying to @pzb
Like maybe I can log into a website or phone someone to subscribe, but there's no two way communication with the decoder itself. So just like real-world cable, satellite, or broadcast.
1 reply 0 retweets 1 like -
Replying to @colmmacc
Wikipedia says largest PPV says are about 6M per event. At this volume, wrapping a key to each decoder is reasonable, with the assumption each decoder has a known unique public key. Send keys over the unidirectional channel alongside the video data.
1 reply 0 retweets 5 likes -
Replying to @pzb
Which primitives would you use? How often would you rotate the DEK?
1 reply 0 retweets 0 likes -
Replying to @colmmacc
NaCl box seems sane here. DEK is the private key on the decoder?
2 replies 0 retweets 2 likes -
Replying to @pzb
Well, the DEK has to be shared across all subscribers .. but you want to rotate it so that you can cut-off non-payers/fraud-cases. So I think you envelope the DEK with a per-device KEK.
1 reply 0 retweets 4 likes -
Replying to @colmmacc
It depends on whether this is PPV or Satellite style? PPV is effectively single shot, so rotating DEK in the middle of the fight is likely overkill. Satellite is a different story -- go read up on DirecTV card hacking from the late 90s/early 2000s.
1 reply 0 retweets 6 likes -
Considering 1+ paying customers are likely to live-stream the video over Twitch and similar, I doubt the key management has to be too perfect. Also if the communication is unidirecitonal then you don't get ACKs for data you transmit so key transmission would be unreliable.
2 replies 0 retweets 6 likes -
I think first we'd need to learn more about the ordering process's UX; how much data is transmitted out-of-band to the receiving device (e.g. user entering in a long PIN) during ordering, are QR codes and cameras a possibility, beep codes over the phone, etc.
1 reply 0 retweets 1 like
People get very angry when they can't watch the show (whether they were charged or not) so ideally from a UX perspective you'd like any key that needs to be transmitted to be confirmed to be working on the device well in advance of the start of the stream to reassure da customer.
-
-
Replying to @BRIAN_____ @pzb
that insight - it’d be super valuable to build in a UX that displays what you’re subscribed to from the decoder’s POV and for that to involve an e2e check.0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.