Beating video pirates in the analog domain is a valiant but hopeless effort, according to many in the industry. Since the advent of premium services, piracy has been rampant, and piracy loss now accounts for over $6.5 billion in unrealized basic and premium cable revenue, according to the NCTA.

"There are only a limited number of things one can do in the analog world that don't end up messing up the picture or costing too much," says Dr. Bill Wall, technical director of Scientific-Atlanta's Subscriber Networks division.

The first attempt to secure cable signals centered on installing traps, but this option requires truck rolls and workers climbing up poles to install them. Further, traps sometimes had to be installed on taps that served non-subscribers–an expensive approach.

Other tactics such as sync suppression and dynamic sync suppression manipulated the synchronization of the video signal so that unauthorized TVs couldn't recover the sync, rendering the picture unwatchable. Yet, many pirates could recover the sync quite easily and still get a workable picture.

"Even with video inversion, which was a fairly compelling system, technology increased too quickly and pirates caught up with this approach as well," says Laurence Vince, director of systems engineering at Motorola Broadband's DigiCable business unit. "Other attempts in analog signal security have been too expensive and not widely deployed."

Niche solutions for analog

While companies like Scientific-Atlanta and Motorola look to the digital era as the panacea for signal security, others point out that analog channels won't disappear overnight. Vendors that serve the analog security market feel that their technology solutions continue to have merit even in a digital world.

"As long as there are any analog channels out there, the need to control and protect the analog signal remains," says Ken Craig, product line manager at Electroline. "If operators lose the basic subscriber, they lose the chance to upsell their services."

Admitting that its solution is niche-based, Blonder-Tongue continues to push interdiction as the perfect fit for pocket deployments and areas that suffer from operational problems such as high churn, truck rolls and theft.

For those who think interdiction has no place in a digital market, Emily Nikoo, director of marketing and applications for Blonder-Tongue, points out that the technology can co-exist with digital set-tops and even protect an operator's digital investment.

In a recent trial with Charter Communications Corp. in southern California, Blonder-Tongue overlaid interdiction in an MDU setting that also supports digital set-tops. "Interdiction allows for individual jamming control of the analog signal and provides a firewall against theft of digital signals by knocking out a whole range of digital channels when needed," says Nikoo.

Although co-existence with digital is possible, Nikoo admits that interdiction will become even more of a niche product as digital set-tops proliferate.

Bullish on addressable taps, Canadian-based Electroline is confident that its technology will remain a vital tool as long as connections and disconnections are required to control analog channels or other non-encoded signals. Commonly confused with interdiction, Craig points out that Electroline's form of addressable technology doesn't just jam the signal–it turns off the signal completely and prevents it from reaching the home.

Each of the addressable taps comes with embedded intelligence, in the form of a small computer inside the housing that receives instructions from a headend controller. As soon as the billing system tells the controller that a subscriber is past due or has dropped service, the headend sends a signal to the tap and it is turned completely off–all within a couple of seconds. (See Figure 1.)

Figure 1: According to Electroline, results from major MSOs show that an addressable tap system can convert more than 50 percent of unauthorized subscribers into paying customers.

"We have a way to close the floodgates completely and make sure that anyone taking basic service pays for that service," says Craig. "This ability is valuable even in a digital environment."

Still, Electroline addressable systems are also targeted for niche areas, ones with high density, difficult access and significant theft. Pointing to deployments in Brooklyn, Queens, Boston and Philadelphia, Electroline sees a bright future for its technology.

The company's latest technology development, a retroplate, allows cable operators to upgrade to addressable technology by simply putting its new "intelligent" faceplate on an existing housing. "Quick installation time makes this approach attractive to operators that already have taps installed in the field," adds Craig.

Digital to the rescue

The ability to digitize and compress video has allowed the cable industry to use real encryption techniques to secure digital video signals. For many conditional access (CA) vendors, advanced cryptography techniques applied to digital video means that pirates will find it almost impossible to break into the signal. But others disagree.

"I'm really skeptical when people claim that digital encryption is foolproof," says Michael Goodman, senior analyst at The Yankee Group. "When you look at the time and effort put into encrypting Internet content and then the hours that are spent trying to decrypt it, you wonder how digital video encryption could be 100 percent foolproof."

Goodman points out that dynamic security techniques are the best approach. "Because as soon as someone cracks the code, they have to re-crack it."

Scientific-Atlanta, one of two leading CA providers in the United States, believes that its PowerKEY conditional access system is just that: dynamic and very difficult to break. Using the DES standard algorithm to encrypt video, PowerKEY also changes the keys that are used to encrypt the data every four seconds.

"If someone would actually crack the signal, it would only amount to four seconds worth of video. It really wouldn't be worth the attack for that amount of video," says Wall.

Scientific-Atlanta contends that two other factors will also keep pirates at bay. PowerKEY uses both private and public key methods. This means that a public key encrypts data, and a private key decrypts data. "Since the public key cannot be used to decrypt transmitted content, there is a significantly lower security risk than a shared secret addressing key," adds Wall.

Because the biggest attack on a conditional access system could happen at the set-top box, both Motorola and Scientific-Atlanta keep the decryption and security features stored in a single tamper-resistant chip that is protected by physical security measures and would be difficult to probe. To date, both vendors are not aware of any successful tampers with their set-top boxes.

In a retail environment, set-top boxes would support a separable removable point-of-deployment (POD) security module as defined by OpenCable. PODs allow a set-top or integrated digital television receiver to decode encrypted, or scrambled, content.

"We have over 15 years (of) experience in the access control business and believe that DigiCipher, our current encryption system, will hold up for quite awhile. It would take a lot of effort and computing hours to break our system," says Vince.

Skeptical of this claim, Jim Blair, vice president risk management and chief risk executive for AT&T Broadband, says: "The only way you can determine if digital is a non-theft environment is for the system to be 100 percent digital. When you look at the digital world of the dish networks, they are experiencing digital security problems."

NDS, headquartered in the U.K. and a supplier of open conditional access software and interactive systems, looks at the security issue very differently. Instead of claiming that digital encryption is unbreakable, NDS' Dr. Dov Rubin, VP and general manager of NDS America says, "We're the first to come up with the concept that it's not a question of 'if' digital security will be broken, but 'when' it will be broken."

With NDS VideoGuard conditional access, secret keys reside in a smart card. If security is breached, according to Rubin, an operator only has to replace a card for $10, rather than replace the entire set-top box for $200 or more. (See Figure 2.)

Figure 2: The NDS Open VideoGuard conditional access solution resides in a smart card.

While some insist that smart card slots are the primary point of attack since pirates can access keys flowing from the card to the decryptor, Rubin refutes this claim: "One can't glean enough information by listening to this line of communication."

More security choice, cheaper set-tops

Rubin faults Scientific-Atlanta and Motorola's "closed" CA system for potential security problems. "Without exception, every system that relied on proprietary schemes for security was broken into." TiVo is cited as an example.

Another set-top manufacturer, Pace Micro Technology, stands ready to support and integrate a variety of CA systems. But, according to Neil Gaydon, president of the Americas division, there is more competition in overseas markets and a longer list of CA providers, such as NDS Group, Kudelski Group (Nagravision), Canal Plus (MediaGuard) and Irdeto Access.

The DVB standard is considered by some to be more "open" because all papers on software integration are published and readily available to any vendor wanting to become a contender.

Of course, the Harmony agreement between Scientific-Atlanta and General Instrument (now Motorola) assures interoperability between both CA systems. Some are waiting to see movement in this direction: "Engineering-wise, the Harmony agreement works. But in practice, it hasn't happened yet," says Gaydon.

NDS wants to show cable operators that its SimulCrypt approach allows multiple CA systems to co-exist on one system, resulting in more choice for MSOs and more secure systems with lower priced set-top boxes.

Because the DVB's common scrambling algorithm allows the internetworking of CA systems using the SimulCrypt method, the same broadcast (with various embedded CA bitstreams) can be viewed on several different CA-equipped receivers.

NDS' first inroad into the U.S. digital cable market was with Cablevision in fall 1999. "Using SimulCrypt, Cablevision now has Motorola and NDS CA systems working side-by-side. This means no one is locked out of the market and consumers pay less," insists Rubin.

Contrary to this opinion, Scientific-Atlanta points out that it has licensed PowerKEY to multiple set-top vendors like Pace and Pioneer, which ensures price competition. But, S-A officials also believe that North American MSOs do not want the number of CA systems to proliferate because it will be harder for them to support numerous CAs operationally.

On-demand video creates new threats

Encryption methods are already evolving to keep pace with video-on-demand and other consumer-driven interactive services. With on-demand video, headend-based sessions will become more personalized. In this scenario, video streams will be individually encrypted and have their own set of unique keys.

One key area of concern, especially for direct content providers and movie companies, is copy protection. The way content is produced and delivered to consumers is changing. Delivering content will take place over data backbones and the Internet, increasing the potential for hackers to get digitally perfect copies of the content.

"Piracy will become more difficult, but the potential result of successful breaches will have a much bigger economic impact," says Wall.

Figure 3: DIVA and Motorola’s pre-encryption delivery method adds a second layer of security for VOD files.

DIVA Systems Corp. and Motorola have introduced a pre-encryption-based VOD CA system to allay content providers' fears. Before content reaches the VOD server, an encoding company is responsible for turning film media into a digital format. It is at this point of the process that Buddy Snow, COO of DIVA, believes that pre-encryption should take place. (See Figure 3.)

"Before the content leaves the encoding company, we pre-encrypt the material and it stays encrypted all the way to the set-top box. In effect, there are now two layers of security protecting the content–pre-encryption and the satellite or MSO's own security system," says Snow.

DIVA and Motorola have found media companies receptive to their pre-encryption CA system and claim digital content providers are satisfied with this approach. Gaining content providers' trust is critical for the continued deployment and success of VOD.

Technology only one avenue of attack

Most agree that there is no silver bullet to keep pirates from attacking digital signals. Because security breaches seem like a fait accompli, Blair of AT&T Broadband believes that it will take more than technology alone to combat piracy.

"There are things going on that are more fundamental than technology issues. We want to work from the other end and focus on prevention. We want to change the customer's buying habits and prove that our product has real value for them," says Blair.

Rubin agrees and believes that operators need to go on a multi-pronged attack, using overt, covert, technology-based and legal measures to win the security battle. "We need to make sure that operators continue to get revenue even with constant attacks on the system."

Cable theft will certainly remain a difficult issue for operators. And now, as valuable digital content moves across cable systems, the face of cable piracy will change. It won't just be people selling pirate boxes or piggybacking on a neighbor's signal.

Computer geeks working out of their garage will try relentlessly to break into advanced digital cable systems, either for profit or simply for the thrill of the challenge. Going after the criminals selling thousands of pirate boxes may just pale in comparison to the next generation of digital video hackers.