Cloakware, which is an Irdeto company, announced that Irdeto will be the first CA provider to offer the company’s technology as part of its solution. Cloakware solutions are currently deployed in more than one billion software instances worldwide – on PC applications and in mobile phones, portable media players and STBs. The company’s technology also provides extra protection in security systems associated with device drivers, games, digital rights management (DRM) and other content protection applications.
In contrast to CA smart cards and embedded CA microchips, Cloakware utilizes white-box cryptography to protect encryption key algorithms, and a layering of several separate technologies protects against a full range of attack methods. This high level of protection, according to Cloakware, creates new options for the deployment of next-generation set-top boxes and services, most notably home networking.
For home networking, Cloakware’s technology can be used for home gateway applications where content is delivered to consumer devices around the home – it hardens the Digital Transmission Content Protection over IP (DTCP-IP) standard used to secure premium content as it is shared over a home network. Zoltan Costin, North American business development manager for Irdeto, told CED that cable operators are currently struggling to securely connect all of the devices in the home, especially PCs, and that Cloakware’s technology can help operators achieve this goal.
The company also suggested that cable operators can use the technology with low-cost digital terminal adapters (DTAs) to protect both basic and higher-tier content without incurring high STB costs. Comcast is relying on DTAs to reclaim spectrum that is currently being used by analog video subscribers.
“For the DTA application, we have taken a balanced approach that delivers an appropriate level of security while maintaining the lowest possible cost,” said Trevor Izsak, director for business and market development for Cloakware. “Yet we have designed the solution to be able to be upgraded in the field over time. Significant cost advantages can be achieved through this approach – providing extremely high levels of security for a CA protection system without requiring the use of security-specific processing hardware in the set-top. We also participate in the home networking area with hardening of the DTCP-IP standard, which has been approved by CableLabs. Our solutions are helping CA vendors and operators alike to achieve a more sustainable security model while lowering costs and reducing time to market.”
Costin added: “The industry is constantly looking for ways to protect itself against hackers who keep finding new, ingenious ways of gaining access to encryption keys. We believe this solution will find great interest among both operators and content providers, particularly with their next-gen initiatives.”
Cloakware’s protection strategy is built upon four security foundations that help lower risks for cable operators: 1) Strong initial attack resistance – Cloakware builds in multiple layers of protection with techniques such as white-box cryptography, code transformation and integrity verification; 2) System diversity – Operators can limit the scope of an attack to a small portion of their installed base by deploying functionality equivalent but structurally diverse instances of software; 3) Software renewability – A flexible software-based approach ensures that security can be easily updated or modified after deployment; and 4) Breach management – The company’s service can identify potential threats and vulnerabilities, analyze attacks, and develop and deploy countermeasures.
Cloakware is currently in talks with Tier 1 and Tier 2 U.S. cable operators, mostly concerning home networking, as well as with satellite providers. According to the company, it has no competition in the U.S.
More Broadband Direct: