[xur17]

> Only "certified" devices are allowed access to the encryption keys. Only closed, fully locked down black box recording systems will ever be "certified".

I really really hope this doesn't go through, but if it does, I can't wait for the day when these keys are inevitably leaked.

[londons_explore]

These modern systems tend to have a seperate key for every consumer. Ie. every single device ever produced has a seperate key.

If any device is cracked/leaked, they find out which one is cracked and send out new keys for every other device except the one that was cracked.

Through clever use of key hierarchies, you only need to send out a small number of new keys over the air to make sure every legit user gets a new one, but your leaked key doesn't get replaced so anyone using that gets locked out.

There is no master key to leak - if you leak one key, you only lock out one device. All other keys are ephemeral.

[axus]

Is that what they do with satellite TV? Not knowing anything, I'd think they'd need a unique connection for every user, like Internet streaming, to have unique keys.

[kaetemi]

Encrypt video broadcast with a master key pair. Then just continually broadcast the decryption key, encrypted for every customer individually, alongside. If there's a mysterious "activation" period after turning on the device initially, it's probably something like that. Rotate the master every so often to kick off users.

[hiatus]

> Then just continually broadcast the decryption key, encrypted for every customer individually, alongside.

Wouldn't broadcasting a unique stream for each client increase bandwidth?

[londons_explore]

You can do neat things with key hierarchies to avoid this.

Group all your customers into leaves of a binary tree. 100 million customers is a tree ~27 levels deep.

Issue every customer a private key on a smartcard. Also generate keys for each node in the tree, and have the smartcard also preloaded with the keys from that customer to the root. (ie. 26 extra keys on the card - easy to store).

Now, whenever a customer leaks their key, you cut that customer out of the tree and regenerate all nodes up to the root. You transmit over the air, every few minutes, all the modified keys. Each new key is transmitted multiple times encrypted with the children of that node.

Now every legit keyholder either has the master key, or some set of keys that can decrypt the master key (as a combination of the keys on the card and the keys transmitted over the air). Any banned cardholders do not.

Using this method, even banning hundreds of keys, there won't be more than tens of thousands of keys that need to be transmitted over the air, even though you might have 100 million cardholders. That's very transmittable every few minutes, meaning that honest cardholders won't have to wait more than a few minutes for service, even if their tree-neighbour is a hax0r.

[BenjiWiebe]

It would, but if you are only transmitting keys, and only every couple hours, it needn't be much bandwidth.

[mgulick]

This has already happened unfortunately. In my area (Boston) nearly all of the ATSC 3.0 channels were encrypted the day they went on the air (CBS, ABC, NBC). As a result, they are unwatchable. We need to petition the FCC to force broadcasters to remove the encryption.