What is the allowable path for upstream data? Is there some reasonable realtime communication path from the cable box to the provider or does it all have to be unidirectional?
-
-
Replying to @pzb
Like maybe I can log into a website or phone someone to subscribe, but there's no two way communication with the decoder itself. So just like real-world cable, satellite, or broadcast.
1 reply 0 retweets 1 like -
Replying to @colmmacc
Wikipedia says largest PPV says are about 6M per event. At this volume, wrapping a key to each decoder is reasonable, with the assumption each decoder has a known unique public key. Send keys over the unidirectional channel alongside the video data.
1 reply 0 retweets 5 likes -
Replying to @pzb
Which primitives would you use? How often would you rotate the DEK?
1 reply 0 retweets 0 likes -
Replying to @colmmacc
NaCl box seems sane here. DEK is the private key on the decoder?
2 replies 0 retweets 2 likes -
Replying to @pzb
Well, the DEK has to be shared across all subscribers .. but you want to rotate it so that you can cut-off non-payers/fraud-cases. So I think you envelope the DEK with a per-device KEK.
1 reply 0 retweets 4 likes -
Replying to @colmmacc
It depends on whether this is PPV or Satellite style? PPV is effectively single shot, so rotating DEK in the middle of the fight is likely overkill. Satellite is a different story -- go read up on DirecTV card hacking from the late 90s/early 2000s.
0 replies 0 retweets 6 likes
that insight - it’d be super valuable to build in a UX that displays what you’re subscribed to from the decoder’s POV and for that to involve an e2e check.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.