Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Submission of New Digital Output and Content
Protection Technology: The TiVoGuard Content
Protection System
To:
858 Coal Creek Circle
Louisville, CO 80027-9750
Attn: Program Director, Business Relations, APS Department
Submitted by:
TiVo Inc.
2160 Gold Street
P.O. Box 2160
Alviso, CA 95002-2160
September 15, 2010
TiVo Confidential
http://www.cablelabs.com/�
Table of Contents 1. Overview ................................................................................................................................. 2 2. Introduction to TiVo ................................................................................................................ 4
2.1. The Company and its Philosophy ............................................................................................... 4 2.2. The TiVo Service ........................................................................................................................ 4 2.3. TiVo MRS .................................................................................................................................. 5 2.4. The Importance of Security to the Continued Viability of TiVo ................................................ 5 2.5. TiVo’s End-To-End Security System ......................................................................................... 6
3. Elements of CableLabs Content Protection Technology Review ............................................ 7 3.1. LICENSING TERMS OF TIVOGUARD TECHNOLOGY ...................................................... 7
3.1.1. TiVoGuard Digital Content Protection Technology is Not Publicly Offered ......................... 7 3.1.2. TiVo Does Not License TiVoGuard Digital Content Protection Technology as Part of the
TiVo Service ........................................................................................................................... 7 3.2. SECURITY OVERVIEW .......................................................................................................... 7
3.2.1. TiVoGuard Design Principles ................................................................................................. 7 3.2.2. The TiVoGuard Security System Overview .......................................................................... 11 3.2.3. Use of a Secure Cryptographic Processor ............................................................................. 17 3.2.4. Secure Boot Kernel and File system ..................................................................................... 18 3.2.5. Secure Viewing Groups ........................................................................................................ 19 3.2.6. TiVoGuard Content Storage .................................................................................................. 21 3.2.7. Media Segment Encryption ................................................................................................... 22 3.2.8. Media Segment Decryption ................................................................................................... 25 3.2.9. Establishing a Secure Channel for Communications Among TiVo Devices ........................ 25 3.2.10. Streaming Digital Media Content Among TiVo Devices ...................................................... 26
3.3. VIDEO TRANSPORT ............................................................................................................. 28 3.4. CONTENT PROTECTION PROFILES .................................................................................. 29 3.5. KEY EXCHANGE ALGORITHMS ........................................................................................ 29
3.5.1. Securing TiVo Service - TiVo Client Device Communications ........................................... 29 3.5.2. Authentication ....................................................................................................................... 31 3.5.3. Scope of Redistribution ......................................................................................................... 31
3.6. SECURITY INTERFACES ...................................................................................................... 32 3.6.1. Provisioning Devices with Server Public Keys ..................................................................... 32 3.6.2. Provisioning Servers with Device Public Keys ..................................................................... 32
3.7. SECURITY PROCESSING ..................................................................................................... 33 3.7.1. Encrypting Keys .................................................................................................................... 33 3.7.2. Decrypting Keys .................................................................................................................... 34
3.8. CERTIFICATE MANAGEMENT ........................................................................................... 35 3.8.1. The TiVoGuard Certificate ................................................................................................... 35
3.9. REVOCATION/RENEWABILITY OF KEY .......................................................................... 35 3.10. POINTS OF ATTACK/POTENTIAL WEAKNESSES ........................................................... 38 3.11. COMMERCIAL USE ............................................................................................................... 39 3.12. CONTACT INFORMATION .................................................................................................. 39
4. Conclusion............................................................................................................................. 40
Exhibit 1 and 2 follow after page 40
TiVo Confidential
1. Overview Pursuant to Implementation of Section 304 of the Telecommunications Act of
1996: Commercial Availability of Navigation Devices and Compatibility Between Cable
Systems and Consumer Electronics Equipment, 18 FCC Rcd 20885, 20919-20 (2003) (the
“Plug and Play Order”) and Exhibit B, Section 2.4.5 of the DFAST Technology License
Agreement for Unidirectional Digital Cable Products, 20 November 2008 (“DFAST”),
TiVo Inc. (“TiVo”) submits this application to Cable Television Laboratories, Inc.
(“CableLabs”) for approval of digital outputs protected by TiVo’s TiVoGuard content
protection technology within secure TiVo environments. The Federal Communications
Commission (“FCC” or “Commission”), in Digital Output Protection Technology and
Recording Method Certifications; TiVoGuard Digital Output Protection Technology,
Order, 19 FCC Rcd 15876 (2004), previously approved this content protection
technology in connection with its Broadcast Flag proceedings.
TiVo hereby seeks approval for TiVoGuard content protection technology when
used with TiVo’s multi-room streaming (“MRS”) feature, which permits real-time
streaming of programs between TiVo-enabled digital video recorders (“DVRs”), or from
a TiVo-enabled DVR to a TiVo-enabled client set-top device that is not a DVR, such as a
digital cable tuner set-top device or IP-based thin client. TiVo specifically seeks
approval of digital output protected by TiVoGuard content protection technology for
MRS using Ethernet, MoCA, WiFi, or USB digital outputs. Notably, this Submission
does not seek approval for digital output using TiVoGuard content protection technology
for any other applications (e.g., TiVo’s multi-room viewing (“MRV”) feature, TiVoToGo
(“TTG”) feature, or for video transfer from a personal computer (PC) to a TiVo-enabled
DVR).
TiVo originally submitted an application to CableLabs for approval of TiVoGuard
used with TiVo’s MRV technology in 2006 (the “Submission”). TiVo understands that
CableLabs’ technical staff was fully satisfied with TiVoGuard’s effectiveness in
protecting the delivery of Controlled Content as set forth in the Submission. TiVo did
not complete the application process in 2006, however. At the time, CableLabs had
- 2 – TiVo Confidential
several questions regarding the security of copies of Controlled Content made in the
MRV functionality. This revised Submission resolves all those concerns because MRS is
a streaming technology that does not store copies of Controlled Content. Certain other
CableLabs questions from 2006 remain applicable (e.g., questions regarding encryption
technologies), and TiVo has incorporated responses to those questions into this revised
Submission.
TiVo demonstrates below that its TiVoGuard content protection technology, both
specifically and within the greater context of its overall end-to-end security system,
provides effective protection against unauthorized interception, retransmission, and
copying of content through the use of various security and encryption features.
Understanding the security offered by the overall TiVo system is important to
understanding the level of security that the TiVoGuard content protection technology
offers. To establish this foundation of understanding, portions of this Submission provide
necessary background information about the features of the TiVo® service and the TiVo
security system as a whole.
This Submission addresses in detail each of the applicable elements presented in
CableLabs’ guidelines for the submission of content protection technologies.1
TiVoGuard uses many of the same security elements identified in the Next Generation
Network Architecture (“NGNA”) document2 as part of a secure system for cable
conditional access and copy protection, including:
• A secure microprocessor hardware element for key storage and generation;
• A renewable encryption engine;
• An approved output domain of authorized devices;
• White lists of secure devices for service authentication;
• Unique public key - device ID pairings at manufacture;
• Secure software upgrades; and
• A secure boot kernel.
1 See http://www.cablelabs.com/udcp/downloads/DigitalOutputs.pdf., Rev 1.4, CableLabs (Sept. 17, 2004). 2 “NGNA Plan: Integrated Multimedia Architecture,” (July 26, 2004).
- 3 – TiVo Confidential
http://www.cablelabs.com/udcp/downloads/DigitalOutputs.pdf
TiVo respectfully requests that CableLabs grant approval of TiVo’s TiVoGuard
content protection technology for MRS using Ethernet, MoCA or USB ports, or built-in
WiFi capability, for the reasons set forth in this Submission.
2. Introduction to TiVo
2.1. The Company and its Philosophy
TiVo is a leading provider of digital entertainment products and services,
including DVRs, set-top-boxes, and other devices for consumption of digital media. The
subscription-based TiVo® service provides consumers with a unique entertainment
service that offers an easy way to record, watch, and control digital media, including
broadcast television. The development of this service springs from TiVo’s founding
vision to continually innovate and enhance the ways people experience entertainment,
from television, to music, to movies and photos. With its first DVR, TiVo provided
consumers with an easy to use service that allows them to enjoy television content in
their home at their convenience. The TiVo DVR also set a tone for future TiVo efforts
that continue its focus on facilitating innovative consumer uses and practices while
protecting intellectual property rights of content owners. In addition to the value TiVo
service offers consumers, it also offers advertisers, content creators, system operators,
and television networks a new platform for promotions, content delivery, and audience
research.
2.2. The TiVo Service
TiVo sells subscriptions to the TiVo digital entertainment service. TiVo designs,
manufactures, and licenses manufacturing rights to devices with digital video recording
and/or video streaming functionality that are dependent on the TiVo service for full
functionality (“TiVo Devices”). As a condition of maintaining access to the TiVo
service, a TiVo Device must periodically contact remote servers operated by TiVo and
- 4 – TiVo Confidential
housed at secure facilities. These servers provision TiVo Devices with the up-to-date
data required by various features of the service. TiVo Devices contact the service using
either a standard phone line or a broadband connection.
2.3. TiVo MRS
TiVo’s is developing and plans to commercially release an MRS (Multi-Room
Streaming) feature in current generation and later TiVo Devices (i.e., MRS will work
with TiVo Premiere and later models, but not with TiVo’s Series 3, Series 2 or Series 1
models). TiVo’s MRS technology enables a user to stream content from one TiVo
Device to another, with the restriction that only TiVo Devices on the same home network
are eligible to receive streams (see section 3.2.5 for details). It is impossible for an
earlier-model TiVo device, or for any device other than a TiVo Device, to stream
Controlled Content using MRS.
2.4. The Importance of Security to the Continued Viability of TiVo
Maintaining the security of the TiVo system is critical to TiVo’s business
interests. The primary source of revenue for TiVo is subscription revenue from the full
TiVo service. To protect this revenue stream, TiVo must maintain control over its ability
to activate and deactivate the TiVo service on TiVo Devices. Piracy of the TiVo service
— the use of the service without authorization or payment — would threaten the
continued viability of TiVo in the same way that piracy of multichannel video
programming distributor (“MVPD”) services would threaten cable or satellite service
providers. TiVo must therefore rely on the comprehensive security of TiVo Devices and
the TiVo service to protect itself against piracy.
A breach of the security of the TiVo system could threaten TiVo’s vital business
interests and continued viability in other ways as well. TiVo Devices send and receive
information that could be used to identify TiVo customers, as well as anonymous data
relating to how customers use those devices. Consumer confidence in the security and
privacy of this information directly affects TiVo’s ability to sell TiVo Devices and
- 5 – TiVo Confidential
subscriptions to the TiVo service. A successful attack on the security of the TiVo system
that resulted in compromising this information could cripple consumer confidence and
cause serious harm to TiVo’s business. As detailed in the white paper on privacy that
TiVo supplied to the Federal Trade Commission,3 TiVo uses the strong security of the
TiVo system to protect the privacy of its subscribers.
2.5. TiVo’s End-To-End Security System
Because security is essential to TiVo’s business, TiVo designed and implemented
an end-to-end security system, including content protection technology known as
“TiVoGuard.” TiVo’s end-to-end security system protects TiVo’s ability to require
payment for provisioning the TiVo service and to terminate the service in the case of,
e.g., non-payment. The end-to-end security system also safeguards consumer trust by
rigorously protecting private data. The end-to-end security system is an essential
component of TiVo Devices and the TiVo service, and the continued success of
TiVoGuard is essential to the continued viability of TiVo.
TiVo’s end-to-end security system starts from a secure foundation and builds a
chain of security measures that affect every aspect of the operation of a TiVo Device.
Among those measures is the TiVoGuard content protection technology for which TiVo
is seeking CableLabs approval. The TiVoGuard content protection system protects
content as it is transferred to TiVo Devices via a home network. As this Submission
demonstrates, TiVo designed its TiVoGuard content protection technology for multi-
room streaming as a component of TiVo’s end-to-end security system to provide a high
standard for the protection of digital media. The security features of TiVoGuard and the
content protection technology for MRS are detailed throughout this Submission.
3 See http://www.tivo.com/assets/pdfs/policies/ftc_letter.pdf. A copy of TiVo’s White Paper is attached hereto as Exhibit 1.
- 6 – TiVo Confidential
http:///http://www.tivo.com/assets/pdfs/policies/ftc_letter.pdf
3. Elements of CableLabs Content Protection Technology Review This section follows the structure of the CableLabs guidelines for the submission
of new digital outputs and content protection technologies.
3.1. LICENSING TERMS OF TIVOGUARD TECHNOLOGY
The detailed licensing analysis that CableLabs generally undertakes in reviewing
a content protection technology submission is largely inapplicable here because
TiVoGuard technology is neither publicly offered nor licensed.
3.1.1. TiVoGuard Digital Content Protection Technology is Not Publicly Offered
TiVo does not offer TiVoGuard or its content protection component as a free-
standing content protection or recording technology, and has no plans to do so in the
future. Because TiVo does not freely license its content protection technology as a
individual commodity, it submits that the examination of additional license terms such as
enforcement, change, warranty, indemnity, term, and other provisions specified in the
CableLabs Submission guidelines are not relevant to consideration of the TiVoGuard
content protection technology.
3.1.2. TiVo Does Not License TiVoGuard Digital Content Protection Technology as Part of the TiVo Service
TiVo does not currently license the TiVoGuard technology as part of the general
TiVo service. TiVo manufactures all TiVo Devices – those sold directly by TiVo, as well
as those manufactured for cable operators. Historically, TiVo has allowed licensees to
manufacture TiVo Devices capable of running the TiVo service in accordance with
TiVo’s thorough hardware and software specifications, however, none of the TiVo
Devices manufactured by licensees are capable of utilizing the MRS functionality.
3.2. SECURITY OVERVIEW
3.2.1. TiVoGuard Design Principles
As its basic security mechanisms, TiVoGuard employs encryption and decryption
to protect secrets and protect data from unauthorized use. It also employs digital signing
- 7 – TiVo Confidential
to verify the integrity and authenticity of software and data, including communications
between multiple TiVo Devices and communications between individual TiVo Devices
and the remotely operated TiVo Service.
In designing TiVoGuard, TiVo engineers started from the following short list of
basic principles:
• Use well understood, well documented, publicly available cryptographic
algorithms whose security has withstood public scrutiny, including that of the
cryptographic community.
• Eschew “security through obscurity.” Do not use algorithms that would be
compromised by becoming known.
• Eschew global secrets. Design so that defeat of any one component of the
system compromises as little as possible.
• Build for the future. Provide for renewability, upgradeability, and
revocability.
• Be informed and responsive. Continuously monitor and respond to security
developments in general, and security developments that affect the TiVo
system in particular.
The TiVoGuard content protection technology provides an overall level of
security that establishes a high standard for the protection of copyrighted material. As
described in this Submission, the TiVoGuard security system has numerous features that
ensure the security of TiVo’s content protection technology, including the following:
• TiVoGuard cryptographic measures allow TiVo Devices to establish an
authenticated, secure channel for communications with other TiVo Devices
and with remotely operated TiVo Service.
• Digital media content and the keys to decrypt it are only sent to other devices
in encrypted form. No content or keys are sent unencrypted.
• Unencrypted digital media content and unencrypted cryptographic keys only
exist within TiVo Devices as transitory images and are not available on user
accessible buses.
- 8 – TiVo Confidential
• TiVoGuard outputs digital media content in individually encrypted segments
2 to 20 minutes in length, so a successful cryptographic attack against
protected media is likely to compromise very little content.
• While digital media is being transferred between two TiVo Devices via MRS,
TiVoGuard effectively and uniquely associates it with the TiVo Device
sending it and the TiVo Device receiving it.
• If the keys for a single TiVo Device become known, the breach affects only
that single device. There are no global or shared secrets to extend the breach
beyond the first device.
Because different cryptographic ciphers have different strengths, TiVoGuard uses
different ciphers for different kinds of information. The information TiVoGuard encrypts
and decrypts falls into four broad categories:
• Cryptographic keys;
• Software files and other data proprietary to the TiVo service;
• Digital media; and
• Copy Control information associated with digital media.
The designers of TiVoGuard built mechanisms to renew the system by replacing
specific cryptographic ciphers as TiVo deems that advances in cryptanalysis have made it
prudent to do so. TiVoGuard currently uses the following ciphers:
• The ElGamal asymmetric cipher. As with all asymmetric ciphers, ElGamal
requires a public and a private key. It is essential that its private key remain
secure. Therefore, the private key is generated internally and remains
embedded in a special cryptographic chip. Although data can be passed
through the chip for encryption or decryption, neither TiVo nor anyone else
can extract the private key from the chip. In addition, to help protect the chip
from brute force attacks, it encrypts and decrypts data very slowly. This
cipher provides TiVoGuard with strong security for small pieces of data.
TiVoGuard generally uses the cryptographic chip to encrypt and decrypt other
cryptographic keys. TiVo Devices use two different key lengths for ElGamal,
- 9 – TiVo Confidential
depending on the function. An 894-bit key is used for encrypting keys for
other algorithms and a 1505-bit key is used for verifying the signature of
software downloaded to the device.
• The Blowfish algorithm with 128-bit keys is used to encrypt and decrypt
software files, some cryptographic keys, and other data proprietary to the
TiVo service.
• AES in ECB mode with 128-bit keys is used as the cipher for media content.
Media content is protected before writing to the TiVo Device’s hard disk
drive, if present. It is also protected when transferred across the digital output
used for multi-room streaming between two TiVo Devices.
• The algorithm used for “n of m” key splits in the iButton is the Lagrange
interpolating polynomial scheme. Details of the Shamir “n of m” secret-
sharing algorithm used to provide security for our software signing keys are as
follows (for more information on this algorithm, please see Schneier “Applied
Cryptography”, 2nd edition, section 23.2, page 528):
• The software implementation we use is extremely flexible, and can
support arbitrary values of m and n. Our current sharing protocol uses
m = 5 and n = 2.
• The prime number used in the sharing implementation is of the same
size as the prime incorporated into the ElGamal key being secured.
For TiVo Premier, the prime is 1504 bits long.
• The random numbers used for the secret-sharing polynomial are of the
same length as the prime (they are taken from the range [1, p-1]).
They are generated using the Linux “/dev/random” generator, as
described in Section 3.2.2 below.
• The private-key and secret-generation process is performed on an
isolated Linux workstation, disconnected from the network and with
memory-to-disk swapping functions disabled. All intermediate files
are generated onto a piece of removable media (a floppy disk) rather
than being written to the workstation’s hard drive. Once the secrets
are downloaded into the iButtons, the removable media is removed
- 10 – TiVo Confidential
from the system, sealed in an envelope, and hand-carried to TiVo’s
General Counsel for storage in a secure vault. The workstation is then
forcibly powered off (unclean shutdown) to ensure that any copies of
the key or shares held in RAM are erased.
TiVo Devices use either the ATMEL AT90SC6464 or AT80SC1818CT
cryptographic chips or the Renesas AE46C or AE43C chips.
• According to ATMEL: The AT90SC6464 chip’s CC Protection profile is
PP9806 and the level EAL1+; this chip is certified at levels 1&2 of the FIPS
140-2 standard. The ATMEL AT80SC1818CT chip has been certified to the
EAL+4 level. Any further details of the AT90SC6464 or AT80SC1818CT
chips are subject to confidentiality obligations between TiVo and ATMEL. If
CableLabs wishes to study the security implementation of this chip, ATMEL
likely would require CableLabs to sign a confidentiality agreement.
• According to Renesas: AE46C and AE43C have been categorized as Common
Criteria EAL4+ and most of the software libraries incorporated in the AE46C
and AE43C cryptographic chips are compliant with FIPS140 levels 1 & 2 (the
chips have not been certified).
The X.509 certificate format is not used in TiVoGuard.
3.2.2. The TiVoGuard Security System Overview
The figure below provides an overview of the main components of the
TiVoGuard security system. It describes three key elements of the system: (1) the
public/private key pair system created at manufacture and used to ensure security at
manufacture; (2) the secure software download and communication path between a TiVo
Device and the TiVo service central servers; and (3) the secure communication system
between multiple TiVo Devices in the home.
- 11 – TiVo Confidential
Figure 1 - Overview of the TiVoGuard security system.
At the manufacturing site, indicated by (1) in Figure 1 above, TiVo Devices
create a unique public key on initial power-up using their on-board, secure
microprocessor. The secure microprocessor (either the ATMEL AT90SC6464 or
Renesas HD65143CA10TP crypto chips) produces the unique public and private key pair
for the device. Immediately after the private key is generated internally in the secure
processor, fusable links are burned and the private key cannot be read from the chip by
any external means. The public key and unique identification numbers are stored in
externally readable memory on the crypto chip. The public key and ID numbers are
- 12 – TiVo Confidential
recorded on secured computers at the factory as they are created; this data can only be
accessed via a secured path from TiVo headquarters.
The client computers at the factory are connected to a single secure server. The
TiVo service initiates a secure virtual private network (“VPN”), marked (2) in Figure 1,
to the factory’s secure server once a day. The connection is maintained only long enough
to upload the device public key and device ID pairs which were created the preceding
day.
After TiVo Devices are deployed at consumer’s homes, communication between
the TiVo service and the devices is secured using the public key of the individual device.
In addition, messages from the TiVo service are signed by one or more TiVo service
private keys. The TiVo Device authenticates the signature using the TiVo service public
key installed at manufacture before accepting the service information, indicated by (3) in
Figure 1. (Each client has one TiVo service public key, which is compiled into the TiVo
application code, and all clients running a specific version of TiVo client software use the
same public key to validate TiVo service data signatures. Each new major TiVo client
software release includes a new public key.)
When the TiVoGuard copy protection technology is used for MRS, TiVo Devices
within a consumer’s home are permitted to share some media content, indicated by (4) in
Figure 1. This digital content is protected using the public keys of the two devices. The
public keys for the devices are delivered in a digitally signed certificate by the TiVo
Service; the devices never exchange public keys with other devices or trust public keys
delivered by any mechanism other than the TiVo Service. TiVo Devices do not exchange
public keys with one another over the network. The authorized sharing of data is
determined by the central TiVo service and is not determined by devices on their own.
Certificates for sharing across the approved output are valid for only a limited time. The
application control certificate, which controls the ability of the networking software
module to execute, is valid for only 30 days. The sharing certificate, which indicates the
finite number of devices that content can be shared with, is valid for only six months.
Devices must periodically register (at least once every 30 days) with the TiVo service to
keep the application control certificate valid. Although the sharing certificate remains
valid for a longer time period, it will not be used if the application control certificate is
- 13 – TiVo Confidential
invalid. Certificates can also be revoked during the regular daily update calls to the TiVo
Service.
On TiVo Devices and on the TiVo servers which provision them (e.g., TiVo
Central and manufacturing systems), random numbers are generated using the Linux
kernel’s “/dev/random” generator. A brief description of this entropy-and-hashing
random number generator may found at: http://en.wikipedia.org/wiki//dev/random.
The /dev/random implementation on TiVo Devices was modified to ensure that a
large amount of unpredictable entropy is fed into the randomness pool before any random
numbers are extracted from the pool. The value of a fine-granularity clock/counter
register, which “ticks” once per clock cycle of the central processor, is sampled at the
completion of each hard-drive read or write operation. The times required to complete
hard-drive reads and writes are quite unpredictable on this scale, as the exact time
depends on the formatting details of the individual hard drive, temperature variations, the
exact layout of files on the hard drive, the contents of audio-visual streams recorded
previously, etc. By the time that any TiVo Device needs to generate a random number,
the timing variations from at least a thousand disk reads will have ensured an extremely
high degree of entropy in the /dev/random pool.
During the manufacture of TiVo Devices, the TiVoGuard security chip creates an
individual ElGamal private key using a high-quality hardware random number generator
and vendor-provided random number extraction library, and the output of this generator
is used to set the DVR’s ElGamal private key. The numbers generated during this
process never leave the security chip — even TiVo does not know what private key has
been generated and stored within the security chip. Details on the ATMEL and Renasas
chips hardware random number generator may be obtained directly from their
manufacturer, after the signing of a suitable NDA.
The following high-level block diagram describes the TiVo Central server and
how it is isolated from the internet.
- 14 – TiVo Confidential
http://en.wikipedia.org/wiki//dev/random
The signing station has multiple layers of physical protection. It is stored in a
TiVo-maintained facility that requires card access for entry. Inside that facility, the
signing station is stored in a limited-access server room that can be entered only by
specific members of IT and the person(s) responsible for maintaining the signing station.
The signing station and its firewall are stored in a locked cabinet in the server room;
console access is not available to anyone else (including other TiVo employees).
The signing station itself is behind a dedicated NetScreen NS-5 firewall on a
dedicated private network; this network and firewall do not protect any other systems.
Only outbound connections on selected ports to specific servers are allowed from the
signing station.
Remote access for software signing operations is only available via a serial
terminal in a public space observed by multiple managers. The serial terminal cables are
run through dedicated hardened housing between the terminal and the signing station.
Individuals allowed to sign software are confined to a custom shell that only allows them
to execute the signing station software. No “shell access” is allowed for the users
- 15 – TiVo Confidential
authorized to sign software. User accounts on this system can only be added or removed
via a source-code management server. New software is then built and distributed via
CD-ROM to the signing station. Root access on the signing station is currently limited to
four key members of the operations staff and the two engineers responsible for
maintaining the signing station software. These individuals can only obtain root access at
the signing station physical console in the server room.
Private keys for the TiVo service are used to sign data that is downloaded to TiVo
client devices such as the TiVo Premier. In addition, sharing certificates are generated
and stored on the secure key server. The private keys are generated using the Linux
/dev/random mechanism described above. The corresponding public keys are compiled
into secure portions of the TiVo client software. Revocation of these keys requires a
download of new software to the TiVo client devices. New keys are normally issued, and
old ones revoked, at the beginning of each TiVo software release cycle, which generally
occurs bi-annually (or more frequently).
When a TiVo Device is first powered on and the main software has been
initialized, the software generates a random 128-bit master key using the linux
/dev/random generator. The TiVo Device software then communicates with the system’s
TiVoGuard security chip, and “asks” that the chip compute and disclose its ElGamal
public key. The software then uses the ElGamal encryption algorithm to encrypt the 128-
bit master key using the security chip’s public key. The resulting encrypted master key is
stored on the device’s internal HDD in the system database. The 128-bit master key is
kept in plaintext only in the system’s RAM. It is stored in a section of RAM which is
locked against swapping — the RAM will not be written to disk by the kernel’s normal
swapping algorithm. The master key will never appear on disk “in the clear.”
Processing Environment
The processing environment at TiVo headquarters includes, among other things:
(1) a criminal background check for all TiVo candidates prior to making an offer of
employment; (2) an additional background credit check for all employees with access to
consumer credit information (external hire or internal transfer); (3) all Security Policies
are posted on TiVo’s intranet; and (4) periodic messages are sent to employees to notify
- 16 – TiVo Confidential
them of any updates to policies with a reminder that they are expected to adhere to
guidelines of our policies at all times.
Physical Security
TiVo’s Physical Security Procedures are detailed in Exhibit 2, below.
3.2.3. Use of a Secure Cryptographic Processor
In individual TiVo Devices, TiVoGuard begins with a cryptographic chip that
provides tamper-resistant security in hardware. The data and routines in the
cryptographic chip cannot be altered. The cryptographic chip provides the following
three basic functions:
1. It generates an asymmetric public and private key pair and keeps the private
key secret. After generating the private key, the chip disables all circuits
through which the private key might be accessed. The public key remains
accessible and can be extracted from the chip, but its secret, private key
cannot be accessed in any way; it can only be used by the cryptographic chip.
2. It uses the private key to decrypt data, typically keys used in other ciphers.
3. It uses the private key to create digital signatures.
The cryptographic chip creates a foundation upon which TiVoGuard builds the
secure content storage and the TiVoGuard content protection technologies. When the
device first powers on during manufacturing, the cryptographic chip generates an
ElGamal public/private key pair with an 894-bit key length. TiVoGuard’s manufacturing
module captures the public key, pairs it with a unique identifier for that device, and sends
both items over a secure channel to the TiVo Service. The TiVo servers maintain a log of
all TiVo Devices and their corresponding public keys. TiVo does not recognize any
devices not made under the authorization of TiVo.
TiVo currently uses a crypto chip, which is installed and programmed at the
factory. The crypto chip incorporates many advanced security features designed to
protect the device and its contents from illegal access. Such features include voltage and
frequency control, secure layout, and bus encryption. The crypto chip uses a standard
public/private key scheme, namely 894-bit ElGamal. The private key is programmed on
- 17 – TiVo Confidential
the chip at the factory and the private key can never leave the chip.4 The public keys are
returned to the TiVo Service by VPN from the factory.
Brute force attacks using the crypto chip to determine the private key or generate
a rainbow table are effectively impossible due to both the sizes of the keys involved and
the interface and CPU speed of the chip itself. The ATMEL and Renesas crypto chips
both have only a 9600-baud serial interface, and can only perform one operation every 10
seconds on average. A brute force attack to discover the key, using known methods,
would take longer than the age of the known universe to complete.
3.2.4. Secure Boot Kernel and File system TiVo Devices contain security measures that allow only TiVo-approved software
to run on the device and to prevent any software not explicitly approved by TiVo from
being executed. At boot time, the hardware PROM (Programmable Read-Only Memory)
verifies the signature of the boot kernel. The boot kernel signature is a SHA-256 hash
value signed with the TiVo service private kernel signing key. Once the kernel is loaded
it verifies the signature of the file system, a SHA-256 value signed with the TiVo Service
private key. The PROM is soldered to the motherboard using surface mount technology
such that it cannot be removed or replaced with common tools.
All software downloaded from the TiVo service to TiVo clients is encrypted using
the Blowfish algorithm, which uses a 128-bit key. This Blowfish key is generated
randomly by the TiVo Service servers for each new software release. The key is then
encrypted using the ElGamal public/private key encryption algorithm which uses the
public key of the destination device and the signing key of the TiVo service. Each device
verifies the signature on the encryption key before loading new software. Therefore,
although several TiVo client devices may receive the same encrypted software download,
the key needed to decrypt the software download is secured uniquely for each device.
The encrypted key is delivered only to the device for which it is encrypted.
Any use of the TiVo master private key, in this case for signing new software,
requires two authorized TiVo employees. The private key needed to “sign” software at
TiVo is broken into a set of five mathematical “shadows,” which are stored in individual 4 The ATMEL chip includes a number of security features, both hardware and software based, to prevent discovery of the internal private key.
- 18 – TiVo Confidential
hardware key-fobs (Dallas Semiconductor “iButtons”) and held by five authorized
individuals in TiVo’s software development organization. Signing software requires the
simultaneous use of two of the five key-fobs, to temporarily reconstruct the key on a
physically-secure “signing station.” Signing stations servers are located in locked server
rooms within TiVo and require heightened security clearance levels for entry. Entrances
to the signing station rooms are in central, visible parts of the TiVo building. Only a few
employees are allowed to enter the rooms, and therefore others attempting to enter the
room are easily observed. These measures have been implemented in addition to the
general security system for the TiVo buildings, which includes two layers of badge entry
doors and video surveillance.
3.2.5. Secure Viewing Groups
TiVoGuard includes content protection technology that a TiVo Device can use to
send programming to another TiVo Device, which TiVo refers to as MRS. To use this
technology the two devices must be in the same “secure viewing group.” A secure
viewing group is a collection of TiVo Devices that meet criteria specified by TiVo and
that have been associated with a particular TiVo customer. Content cannot be streamed
from one TiVo Device to another device that is not in the same secure viewing group.
Only a TiVo Device that meets all of the following criteria may be placed with
other devices in a secure viewing group:
• Every TiVo Device must be registered with the TiVo service, and only
devices registered on the same customer account may be in the same secure
viewing group. The consumer must register devices, either by calling the
TiVo service center or using the TiVo website, before the TiVo service is
activated.
• The device can be in only one secure viewing group.
• In each TiVo Device in a viewing group, the public keys for all other devices
in the viewing group are stored as part of a certificate which is digitally signed
by the TiVo Service.
- 19 – TiVo Confidential
• TiVo policy currently prevents customers from creating secure viewing
groups with more than 10 TiVo Devices. In the future, TiVo may consider
increasing this number to allow a secure viewing group that includes up to 20
TiVo Devices.
• Devices must be on the same subnet and share the same address space on a
local area network.
• Although TiVo Premier and later models will be able to be in the same secure
viewing group as earlier models, TiVoGuard prevents earlier models from
receiving MRS. TiVoGuard uniquely and effectively associates all streamed
content with individual TiVo Devices and excludes earlier devices from MRS.
Further, earlier models hardware and software do not support streaming of
Controlled Content.
Customers may place TiVo Devices that meet these criteria into a secure viewing
group via a password protected web interface or by calling TiVo customer support.5 The
TiVo system therefore restricts the scope of redistribution for the TiVoGuard content
protection technology by restricting the number and nature of the TiVo Devices that can
be placed in a secure viewing group and that can receive MRS.
In addition the effective restriction that the systems in a secure viewing group
must be on the same IP subnet, TiVo investigated but ultimately declined to incorporate
other geographical or physical proximity limitations for the MRS function because they
were ineffective. MRS, therefore, does not use Round Trip Time (“RTT”) or IP Time-
To-Live (“TTL”) to attempt enforcement of geographical or physical proximity of the
systems in a secure viewing group. TiVo’s February 27, 2004 application for Broadcast
Flag protection approval of TiVoGuard, which is available at
http://gullfoss2.fcc.gov/prod/ecfs/retrieve.cgi?native_or_pdf=pdf&id_document=651608
2665 and which the FCC approved in an Order (FCC 04-193) released August 12, 2004,
19 FCC Rcd 15876, explained that neither RTT nor TTL provide an effective technical
solution to the problem of limiting distribution for the following reasons: 5 Carefully safeguarding passwords, as well as personal information required to change services through customer support, is in the customers’ best interests given that such information may used to order services and generate credit card charges.
- 20 – TiVo Confidential
http://gullfoss2.fcc.gov/prod/ecfs/retrieve.cgi?native_or_pdf=pdf&id_document=6516082665http://gullfoss2.fcc.gov/prod/ecfs/retrieve.cgi?native_or_pdf=pdf&id_document=6516082665
• The actual, measured RTT of connections going all the way across the
country, on a fast backbone link, were often *less* than the measured in-home
RTTs of connections on many common consumer-grade networks - 802.11
wireless in particular (they are subject to dropout and RF interference).
• For this reason, any RTT limit is set low enough to block video sharing across
sections of a typical consumer-broadband network (e.g,. DSL or cable-
modem) would be so low that it would inevitably block some legitimate
transfers in a household. If the RTT limit is set high enough to avoid such
false blockages, it would frequently fail to block improper (out of household)
sharing.
• IP time-to-live limits are easily defeated by any sort of network bridging
which uses MAC-level (e.g., Ethernet) encapsulation. If it is possible to
bridge two remotely situated networks together over an encapsulating tunnel
(to defeat the TiVo same-IP-subnet check), the same tunnel can prevent any
time-to-live decrementing of the higher-level (IP) packet headers, and will
render TTL checks useless.
3.2.6. TiVoGuard Content Storage
TiVoGuard effectively and uniquely associates all digital media content with a
single TiVo Device. TiVoGuard generates a “master encryption key” the first time a
TiVo Device is booted during manufacture6 or if a ‘factory reset’ is performed via the
user interface. The master encryption key is used to decrypt and encrypt other encryption
keys. TiVoGuard currently uses a 128-bit key for the Blowfish cryptographic cipher as
the master key. This section outlines how digital media content is encrypted within each
TiVo Device that is capable of recording content or of acting as a source of streamed
6 All TiVo Devices use the Linux kernel’s random-number generator (/dev/random). This generator maintains a pool of entropy randomness data. Entropy is added periodically, based on the timings of certain unpredictable events including the number of CPU clock ticks between interrupts from the hard disk drive. When a new random number is requested, the kernel’s code “stirs” the entropy pool by executing the MD5 hashing algorithm on it, and returns the result of the hash as the random number.
- 21 – TiVo Confidential
content. The master encryption key effectively mates (i.e., uniquely associates) the hard
disk drive, if present, to the TiVo Device during manufacture.7
3.2.7. Media Segment Encryption For each recorded or streamed program TiVoGuard generates a unique, random
128-bit lead encryption key and a lead signing key. Each program is then divided into
media segments of up to 512MB, which corresponds to variable playback times of
approximately two to twenty minutes depending upon the recording quality selected for
that program. For each media clip TiVoGuard generates two unique, random keys: a
128-bit clip key and a 128-bit signature key. The TiVo Device uses the clip key to
encrypt the media data (using the AES block cipher in ECB mode on a 16-byte, 128-bit
block size). The entire media clip is encrypted. Media segments are always aligned on
block boundaries so that there are no unaligned blocks. Each media clip is further
divided into 128KB media records. The closed caption data and copy control information
(“CCI”) associated with each record is extracted and added to a header. The signature
key is used to create an HMAC SHA-1 signature of the copy control information in the
header in order to prevent changes to the CCI. The signature is created over the
combination of the CCI and the record number. Clip encryption keys and clip signing
keys are never decrypted without first verifying the signatures of the recording’s copy
protection information, and the clip’s copy protection information. The record number is
used as “salt” to prevent duplicating the signature from one record and using it in another.
The lead encryption key is used to encrypt each clip key and signature key in a
media clip using the Blowfish algorithm. The device’s public master key is then used to
encrypt the lead key using the ElGamal algorithm. Through these cryptographic
processes (summarized below), TiVoGuard uniquely and effectively associates each clip
with a single TiVo Device, and protects the CCI for each clip.
To encrypt segments, the system:
1. generates unique, random 128-bit clip key and signature key
7 The lead encryption key can be re-generated during a factory refurbish of a TiVo Device. This requires deleting all content from the disk drive and re-mating the drive to the TiVo Device using the new lead encryption key.
AES
- 22 – TiVo Confidential
2. creates a digital signature of the copy control information for each record in
the clip using the signature key
3. uses the clip key to encrypt the digital media data
using the AES cipher Blowfish
4. uses the lead key to encrypt the clip and
signature keys, and
ElGamal
5. uses the device’s master public key to encrypt the lead key.
The system saves only encrypted segments and encrypted cryptographic keys to a
device’s internal hard disk, or an external storage device. Unencrypted clip, signature,
and lead keys are discarded. Unencrypted keys are never stored on either the internal or
external storage device.
Each 128KB media record contains a header with signature information, copy
control data, closed caption data, and frame index information plus an integer number of
MPEG-2 transport stream packets. The format of the 128KB media record is shown in
the following diagram:
- 23 – TiVo Confidential
Figure 2 The format of the media clip and media record.
The elements of the media clip and media record shown in the figure are as
follows:
• Record# - A series of 128KB records comprising the media clip.
• Signature - The 160bit HMAC-SHA1 signature of (clip key | record
number | CCI1 | CCI2 .. CCIn) using the signature key is calculated
and placed in this location.
• Metadata - Contains closed caption, copy control, and I-frame index
information for the media record.
• CCi - Closed caption information (if any) contained in the record’s
media data. There may be more than one set in the record.
• CCIi - Copy Control bits associated with the media data in the record.
There may be more than one set in the record. The number of CCI bit
sets depends on whether the CCI information changes during the
- 24 – TiVo Confidential
record. If the CCI bits are the same for the entire record, there is only
one set of CCI bits.
• I-indexi - Indices that point to locations of I-frames within the record.
• TSi - MPEG-2 transport packets.
• Padding - Padding at the end of the media record to make it exactly
128KB in length.
3.2.8. Media Segment Decryption
To decrypt a media segment, the system
must complete four steps:
1. use the device’s master key to
decrypt the lead key;
2. use the lead key to decrypt the clip
and signature keys;
3. use the clip key to decrypt the media
content; and
4. use the signature key to verify the signature of the copy control
information.
If the copy control information signature does not match the data for any record,
the entire record is discarded and not decrypted or displayed.
A program cannot be decrypted without the device’s master private key, which
only exists in the device’s cryptographic chip. Each clip is therefore uniquely and
effectively associated with a single device.
3.2.9. Establishing a Secure Channel for Communications Among TiVo Devices
Two networked TiVo Devices in the same secure viewing group may discover
each other using a standard TCP/IP protocol. The devices identify themselves with their
- 25 – TiVo Confidential
unique device ID. If the two devices are in the same viewing group, each will have a
TiVoGuard certificate that includes the public cryptographic key of all of the TiVo
Devices in that viewing group. Unique device ID-public key pairs are used to match the
device ID to the key in the certificate. This allows the two devices to use each other’s
public keys to establish a secure channel on the network by encrypting and digitally
signing communications.
TiVo Devices do not exchange certificates between themselves over the home
network. All certificates are securely downloaded from the TiVo service, and signed by a
TiVo service private key. Devices in the same viewing group will have certificates and
public keys of the limited number of devices within their group. This approach is
designed to provide greater security than a system in which clients exchange certificates
with each other. Moreover, it eliminates the need for distributing revocation lists.
3.2.10. Streaming Digital Media Content Among TiVo Devices
TiVoGuard protects digital media content as it streams the content from one TiVo
Device (the “sender”) to another (the “receiver”) as follows.
1. The sender generates a unique, temporary encryption key (like the lead key,
the temporary key is a 128-bit Blowfish key).
2. The sender uses its own lead key to decrypt the clip and signature keys for
content it will send, and then the sender re-encrypts the clip and signature
keys with the temporary key using the Blowfish algorithm.
- 26 – TiVo Confidential
3. The sender uses the receiver’s public key to encrypt the temporary key using
the ElGamal algorithm and then sends it to the receiver.
4. The receiver uses its cryptographic chip to decrypt the temporary key.
5. The sender sends the encrypted clip keys, signature keys, and encrypted media
to the receiver. No content or keys are ever sent “in the clear” unencrypted.
6. The receiver uses the temporary key to decrypt the clip and signature keys
transmitted by the sender.
- 27 – TiVo Confidential
7. The receiver can now decrypt the media for immediate playback. Since MRS
is a streaming paradigm, the media is not stored on the receiver. Moreover,
unencrypted digital media content and unencrypted cryptographic keys only
exist within the authorized receiver as transitory images as necessary for
playback only and are not available on user accessible buses. TiVo did not
design TiVoGuard with the ability to authenticate devices having different
authorized content protection technologies.
3.3. VIDEO TRANSPORT
Sections 3.2.6.1 and 3.2.6.2 above discuss the transport of copy control
information (“CCI”). As described in those sections, CCI data associated with each
media clip is inserted into the header in front of each media record. The CCI data in
each record header is digitally signed with the signature key, which ensures that CCI
data has not been altered.
TiVoGuard applies methods to ensure that copy protection information is
followed on TiVo Devices with recording capability. Only media available as a
recording or in a live cache, as dictated by the copy protection information, will be
available for streaming to another TiVo Device.
Upon playback the receiving device checks the signature of each record in the
clip. If the signature in the header of a record does not match the computed signature
of the CCI data and record number, the record will not be played.
The MRS/TiVoGuard implementations include messages to notify users of
problems in the home network. The TiVo UI will communicate the following when a
transfer across a home network is interrupted:
• “The DEVICE_NAME_SHORT may been
unplugged or restarted, or there may be a problem with your network.
Make sure the DEVICE_NAME_SHORT is
plugged in and working, and that your network is properly connected.
When ready, press PLAY to resume playback.”
- 28 – TiVo Confidential
3.4. CONTENT PROTECTION PROFILES
The system uses the CCI bits as they are delivered by the CableCARD for its
protection profiles. As described above, CCI data is signed using a signature
algorithm and protected key to prevent any changes to the data. Content associated
with CCI data is closely coupled with the data.
While the CCI bits have a direct effect on what content is stored on a TiVo
Device with recording capability, they have no effect on whether that content can be
streamed in the TiVo MRS system. This is because the content is not copied to or
stored on the receiving device, only streamed to and played back on authorized TiVo
Devices such as TiVo Premiere and later models.
3.5. KEY EXCHANGE ALGORITHMS
3.5.1. Securing TiVo Service - TiVo Client Device Communications
Digital Signing
To ensure the security of communications, the receiver of a communication must
be able to verify its authenticity (that it originated with the expected sender) – and its
integrity (that a third party did not alter it in transit). TiVoGuard addresses these
concerns through digital signing.
TiVoGuard currently uses both SHA-1 and the SHA-256 hash functions, which
are algorithms published by the National Security Administration (“NSA”) as a Federal
Information Processing Standard (“FIPS”). SHA-256 is used for signing software to be
run on TiVo Devices, and SHA-1 is used for other hashing purposes as detailed within
this document. Both are currently in wide use and have suffered no known successful
cryptanalytic attacks.
TiVoGuard uses an ElGamal public and private key pair to verify the authenticity
of hashes. First, TiVoGuard uses a private key to “sign” the hash. The TiVo Device then
uses the corresponding public key to verify that the private key created the signature.
Because private keys are secret, verifying that a hash was signed by a specific private key
verifies the authenticity of the hash.
- 29 – TiVo Confidential
The TiVoGuard Digital Signature
A TiVoGuard digital signature is a hash signed by a private key. The following
example shows how TiVoGuard uses a digital signature to verify the authenticity and
integrity of a communication from the TiVo service to a TiVo Device.
1. The TiVo service creates a digital signature for the communication.
2. The TiVo service then sends the signature and the communication to a TiVo Device.
3. To verify the authenticity of the communication, the TiVo Device uses the corresponding
public key to determine whether or not the correct private key signed the hash.
- 30 – TiVo Confidential
4. The TiVo Device calculates a new hash from the file, then extracts the hash from the
digital signature. If the calculated hash matches the hash from the signature, then the file has not
changed since it was sent.
3.5.2. Authentication
As described above, the TiVoGuard certificate provides all devices in a secure
viewing group with the public keys of other devices in the same group. As a result,
communications between TiVo Devices can be authenticated and their integrity verified.
3.5.3. Scope of Redistribution
The scope of redistribution is limited by the facts that both the sending and the
receiving device must be in the same secure viewing group and also must be on the same
IP subnet.
All devices in a secure viewing group must meet specific criteria established and
maintained by TiVo. Inclusion in a viewing group requires valid digital certificates from
the TiVo service. Although these certificates are valid for six months, the software will
disable content sharing if the TiVo service has not been contacted within 30 days.
TiVo Devices also must be on the same IP subnet to be in the same viewing group
(as explained in Section 3.2.5). The TCP/IP discovery protocol uses IP/Ethernet
broadcast messages, which do not cross IP subnet boundaries. Devices that are not on the
same local subnet will not be able to find each other to even initiate viewing group
confirmation.
- 31 – TiVo Confidential
As explained in detail under Section 3.2.5 above, in addition the effective
restriction that the systems in a secure viewing group must be on the same IP subnet,
TiVo investigated but ultimately declined to incorporate other geographical or physical
proximity limitations for the MRS function because they were ineffective. MRS,
therefore, does not use Round Trip Time (“RTT”) or IP Time-To-Live (“TTL”) to
attempt enforcement of geographical or physical proximity of the systems in a secure
viewing group. Redistribution is limited more effectively by TiVo’s restrictions
regarding secure viewing groups and IP subnet requirements.
3.6. SECURITY INTERFACES
3.6.1. Provisioning Devices with Server Public Keys
To provision TiVo Devices with the public keys from TiVo servers, TiVo embeds
the keys in application software. When a device runs the software, it has access to the
servers’ public keys. Embedding is an important component of the security framework in
application software or in media and is a standard technique employed by the most
widely used digital rights management (“DRM”) systems. For example, many DRM
systems embed a critical URL in each file that contains encrypted digital media. Before
decrypting the media, a compliant player uses the URL to locate an online certificate that
confirms the individual consumer’s right to view the media. A third party (other than the
DRM licensor or the owner of the media copyright) often administers the online
certificates. In contrast, by embedding the service public key in the software, TiVoGuard
eliminates the need to rely on a third party and allows TiVo to manage all TiVoGuard’s
cryptographic keys directly. These aspects of TiVoGuard are important strengths of the
system that TiVo relies on to protect its vital business interests.
3.6.2. Provisioning Servers with Device Public Keys
To provision the TiVo servers with a unique public key for each TiVo Device,
TiVoGuard uses a unique manufacturing process. The process is used on any TiVo
Device that contains a cryptographic chip. When the device first powers on during
- 32 – TiVo Confidential
manufacturing, the cryptographic chip generates an ElGamal public/private key pair with
an 894-bit key length. TiVoGuard’s manufacturing module captures the public key, pairs
it with a unique identifier for that device, and sends both items over a secure channel to
the TiVo Service. The TiVo servers maintain a log of all TiVo Devices and their
corresponding public keys. TiVo does not recognize any devices not made under the
authorization of TiVo.
TiVo uses the concept of a white list to keep track of all authorized devices. This
tracking system works as the inverse of a black list or certificate revocation list (“CRL”),
which identifies only compromised or un-authorized devices.
3.7. SECURITY PROCESSING
The core of TiVo’s content security lies within the embedded cryptographic chip
that contains the device’s unique private key. This private key is never exposed by the
chip and can only be accessed by the chip during cryptographic operations on internal
memory. Each TiVo Device’s crypto chip uses the ISO 7816 Smart Card Interface
standard for communication with the device over a bus that is not accessible to the user.
Only data to be encrypted or decrypted is sent over this bus to the chip; the chip never
uses externally transmitted or accessible keys to perform cryptographic operations. The
subsections below provide details on how the ElGamal algorithm is used within the
crypto chip to encrypt and decrypt other keys, and how those keys are not transmitted in
the clear between the device CPU and the secure microprocessor.
3.7.1. Encrypting Keys
TiVoGuard uses the ElGamal algorithm and the ATMEL chip for securing keys
used with other ciphers. This section describes how 128-bit keys are encrypted.
1. Label the 128-bit key ‘K’. 2. Calculate the CRC328 of ‘K’, and append it to the key, creating a160-bit key ‘EK’. 8 The CRC-32 checksum calculates a checksum based on a cyclic redundancy check as described in ISO 3309.
- 33 – TiVo Confidential
3. Generate a 512-bit random value ‘MK’. 4. Encrypt the value of MK using the standard ElGamal algorithm and the TiVo
Device’s public ElGamal key. This results in two values A and B being generated, each 894 bits long.
5. Generate a random 512-bit seed value ‘SEED’. 6. Compute the SHA1 hash of ‘MK + SEED’. The resulting value, called ‘HASH’, will
be 160 bits long. 7. Compute ‘EK XOR HASH’, and call the result ‘RESIDUE’.
The original key ‘K’ can now be discarded. The values of ‘A’, ‘B’, ‘SEED’, and
‘RESIDUE’ are saved and can be used to recover ‘K’ only with the corresponding
ElGamal private key.
3.7.2. Decrypting Keys This section describes how encryption keys are recovered using the ElGamal
algorithm and the secure microprocessor. The 128-bit key ‘K’ is recovered from the
values of ‘A’, ‘B’, ‘SEED’, and ‘RESIDUE’ and the device’s private ElGamal key.
1. The values of ‘A’ and ‘B’ are sent to the secure microprocessor. 2. The microprocessor performs the standard ElGamal decryption process, using the
device’s private key stored in its onboard EEPROM. The result of this decryption will be ‘MK’, if the chip has the correct private key. The chip will not disclose the value ‘MK’.
3. The microprocessor is sent the value of ‘SEED’. 4. The microprocessor computes the SHA1 has of ‘MK + SEED’. This is equivalent to
the value ‘HASH’ in the encrypting process. 5. The microprocessor discloses the value of ‘HASH’ just computed to the TiVo
Device’s CPU via the internal serial link. 6. The CPU computes ‘RESIDUE XOR HASH’. If the decryption worked correctly,
this will be the value ‘EK’ as defined in the encryption process. 7. Split the 160-bit ‘EK’ into the 128-bit ‘K’ and 32-bit ‘CRC32(K)’, and confirm that
the ‘CRC32(K)’ value is the same as the CEC32 of ‘K’.
- 34 – TiVo Confidential
3.8. CERTIFICATE MANAGEMENT
3.8.1. The TiVoGuard Certificate
When a TiVo Device contacts the remote TiVo servers, the servers may send it a
“TiVoGuard certificate.” These certificates are valid for six months only and must be
updated periodically. If the device is part of a secure viewing group, the TiVoGuard
certificate lists every device in that group. For each device in the group, the certificate
includes a unique identifier and the device’s public cryptographic key. Because every
TiVo Device has access to the public keys for the TiVo service, the TiVo service can sign
the TiVoGuard certificate and the receiving device can verify the certificate’s
authenticity and integrity. The format of this certificate is proprietary to TiVo, consisting
of a series of variable length TLV (Type, Length, Value) tuples.
TiVoGuard certificates also include an expiration date. In standard operation,
each device routinely contacts the TiVo service, which in turn regularly renews
TiVoGuard certificates, extending their expiration dates. However, if a customer
operates a TiVo Device in a manner that does not allow contact with a TiVo server, the
TiVoGuard Activation and Sharing Certificates expire and the device loses its ability to
send content to another device because that application is disabled. TiVoGuard
certificates can be revoked or modified during a TiVo Device’s regular communication
with the TiVo service.
The hash of TiVo certificates are signed by the TiVo service. The contents of the
certificate are hashed (using the SHA-1 hash function), and the hash is signed by the
TiVo service private key (using the ElGamal algorithm). The hash signature is verified
using the TiVo service public key, and the expiration date is checked, before the TiVo
Device will agree to use the certificate.
3.9. REVOCATION/RENEWABILITY OF KEY
TiVoGuard includes mechanisms that allow TiVo Devices to establish secure
communications with TiVo servers. TiVo Devices regularly communicate with TiVo
- 35 – TiVo Confidential
servers at remote facilities controlled by TiVo to acquire program information, data
updates, and/or software updates, and to upload data. Through software updates, TiVo
can add new features that enhance the value of the TiVo service. Software and data
updates also allow TiVo to revoke the features of the TiVo application that allow output
and reception of digital media content.
TiVo has enabled a process through our servers that allows TiVo to disable MRS
and TTG on individual TiVo Devices in response to complaints from content owners.
TiVo also implemented a general security policy and process to allow disabling of
advanced features on all TiVo Devices that are members of a specific platform if any
security vulnerability is discovered in our product. That policy and process is detailed
below:
TiVo Notice and Take Down Procedures The following procedures govern the receipt of complaints from third parties about intellectual property violations by TiVo subscribers.
1. Notice. An intellectual property owner must provide TiVo with a notice of violation in accordance with TiVo’s DMCA and Intellectual Property Policy.
2. Recordkeeping. Complaints shall be cataloged and filed. 3. Verification. Once a Complaint is received, it will be checked to determine whether it
contains all required information. a. Missing Information. If a Complaint does not have all required information, the
Complainant will be sent a checklist indicating which items are missing so the Complaint can be processed.
4. Complaints about content files. If the complaint concerns a particular content file: a. One copy of the content file shall be placed in a permanent file. The other copy
of the content file shall be provided to TiVo Security Personnel for content analysis.
b. TiVo Security Personnel shall analyze the meta data in the file to determining the originating DVR.
c. If the content file is determined to have originated from a TiVo DVR, the TiVo subscriber shall be notified and provided with an opportunity to respond to the infringement allegation.
d. The Complainant shall be notified whether or not the content file has been determined to have originated from a TiVo DVR, but TiVo shall not provide any customer information to the Complainant without receiving a subpoena or similar legal process.
e. A copy of all responses shall be filed with the initial complaint. 5. Action against DVR and account holders.
a. Initial complaint. Upon the determination that a proper complaint has been filed, the TiVo account holder shall be contacted in writing by certified mail, warned of the consequences of intellectual property violations, warned that continued violations may result in disabling or terminating the subscription or certain services, and, if applicable, directed to various FAQs and resources for controlling access to their DVR and PC.
b. Second complaint. Upon the determination that a second proper complaint has
- 36 – TiVo Confidential
been filed, the ability to use the TiVoToGo feature on the account holder’s DVRs being used to infringe the third parties’ intellectual property shall be discontinued, and the account holder shall be informed.
c. Third complaint. Upon the determination that a third proper complaint has been filed, the account holder’s TiVo service will be deactivated, its credit card, name and address shall be banned from being used for reactivation of any TiVo products or services, and the account holder shall be informed.
6. Name Clearing Procedure.
a. Should an account holder provide a valid explanation that (i) a complaint was filed against the account holder due to error, fraud or other misconduct; (ii) the use of a copyrighted work was specifically permitted under copyright law; or (iii) TiVo otherwise incorrectly acted on a particular complaint, the relevant action against the DVR and account holder in response to the complaint shall be reversed, and the account holder shall be informed.
7. Legal action. a. TiVo shall not disclose any customer information to the Complainant without
receiving a valid subpoena or similar legal process. b. Any subpoenas or other legal action shall be provided to the Legal Department
for a response.
All TiVo software updates are signed by the TiVo service with the TiVo Kernel
Signing Key using the secured signing station. Every time the device loads the TiVo
Software, the signature of the kernel is checked by the boot PROMs, and then the kernel
checks the signatures of the file systems and related data it is about to load.
In addition, the software updates give TiVo the ability to modify or renew
security mechanisms, such as specific cryptographic ciphers, as TiVo deems necessary or
prudent (e.g., in the event of a system compromise or advances in cryptanalysis).
Because TiVo’s success as a business depends on the security of its system, any different
security mechanism that TiVo employs in the future will be sufficiently strong so as not
to materially compromise the security of the system.
In the event that TiVo modifies or renews its security mechanisms, it will notify
CableLabs of the different security mechanism(s) employed and will ensure that any such
changes are made within the framework of the design and protections outlined by the
Submission.
By altering a device’s TiVoGuard certificate during a secure communication with
the TiVo servers, the TiVo service may revoke the features of the TiVo application that
allow output and reception of digital media content. The TiVo service is capable of
revoking such features for specific, individual TiVo Devices or for groups of TiVo
Devices. Regular features included with a paid subscription (Season Pass, Wishlists, etc.)
- 37 – TiVo Confidential
can be enabled and disabled on a per-device basis. In addition, application-level features
can be activated and de-activated on individual devices that have paid subscriptions.
These include CDS (Content Delivery Service), MRS, TiVo-To-Go, Music & Photos, etc.
TiVo’s methodology allows for the revocation of TiVoGuard outputs such as MRS
without disabling the other functionalities of the relevant device; e.g., its ability to
continue receiving cable services via an authorized CableCARD.
Thus, if certain features, such as MRS, are revoked on a device, the UDCP is still
capable of receiving cable services via CableCARD. If the TiVo service for a TiVo
Device is revoked or disabled, the UDCP will remain capable of changing channels or
pausing live television programming, but will be unable to receive new program
information or use advanced network functionality such as MRS. If a TiVo Device does
not regularly contact TiVo servers, the features that allow output and reception of digital
media content are automatically revoked through the expiration of the device’s
TiVoGuard certificate.
3.10. POINTS OF ATTACK/POTENTIAL WEAKNESSES
The following security concerns have been identified and analyzed:
• Some academic work indicates that some partial attacks on the SHA-1
algorithm may exist. This is not specific to the TiVoGuard system and affects
all systems using SHA-1. No evidence exists, however, that any such attacks
could result in a breach of security. TiVo plans to field upgrade the system in
the future to improve security in connection with the SHA-1 algorithm.
• Undiscovered or undisclosed vulnerabilities may exist in third party software
used in a TiVo Device. Current third-party software includes the Linux
kernel, firmware drivers for the Broadcom silicon, codecs for playing back
audio and video, components of the TiVo software including communications
protocols and file system utilities, and cryptographic implementations for SSL
and other communication protocols. If such vulnerabilities are discovered,
TiVo has the ability to upgrade the TiVo Device’s software suite in the field,
- 38 – TiVo Confidential
and prevent the system from reverting to older, potentially insecure versions
of the software.
3.11. COMMERCIAL USE
Please see Licensing details in Section 3.1. With respect to third party manufacturers,
TiVo’s robustness statement is as follows:
• “For TiVo Devices such as TiVo DVRs for which TiVo specifies the
hardware and software, licensees are only authorized to manufacture devices
capable of running the TiVo service in accordance with the thorough
hardware and software specifications provided by TiVo. TiVo designed these
specifications to allow the full functioning of the TiVo service, including
TiVoGuard technology with the security features described in this
Certification.”
3.12. CONTACT INFORMATION
Applicant’s counsel:
Matthew Zinn
Sr. Vice President, General Counsel and Secretary
TiVo Inc.
2160 Gold Street
Alviso, CA 95002-2160
408-519-9311
Applicant’s security specialist:
Dave Platt
Principal Engineer
TiVo Inc.
- 39 – TiVo Confidential
2160 Gold Street
Alviso, CA 95002-2160
408-519-9182
4. Conclusion
As the foregoing demonstrates, TiVo respectfully submits that its TiVoGuard
content protection technology provides a high level of security and encryption within a
robust, revocable, and renewable system. TiVo further submits that an examination of its
content protection technology, based upon CableLabs’ stated review criteria,
demonstrates that it meets or exceeds the standards applicable to such a technology.
TiVo therefore requests CableLabs approval of its TiVoGuard content protection
technology for MRS between TiVo Devices (using Ethernet, MoCA, WiFi, or USB
digital outputs).
- 40 – TiVo Confidential
Exhibit 1
TiVo White Paper
(see following pages)
- 41 – TiVo Confidential
TiVo, Inc.
WHITE PAPERSUBMITTED TO THE
FEDERAL TRADE COMMISSION
MAY 3, 2001
Matthew ZinnVice President,
General Counsel &Chief Privacy Officer
TiVo, Inc.2160 Gold Street
P.O. Box 2160Alviso, CA 95002
(408) 519-9100
Of Counsel: Ronald L. PlesserPiper Marbury Rudnick & Wolfe LLP1200 19th Street N.W.Washington, D.C. 20036(202) 861-3900
WASH1:3518777:14:5/2/01 4:25 PM
TABLE OF CONTENTS
I. INTRODUCTION ........................................................................................................................................................... 1
II. TIVO’S PRIVACY POLICIES AND PRACTICES ADDRESS THE MAJOR CONCERNS OF THEPRIVACY FOUNDATION’S REPORT........................................................................................................................... 3
A. CONSISTENCY OF DISCLOSURES OF POLICIES ON WEB SITE AND IN MANUALS.................................................... 4B. ADEQUACY AND FORM OF DISCLOSURES AND CONSENT....................................................................................... 4C. ENCRYPTION............................................................................................................................................................. 5D. POTENTIAL USE OF INFORMATION .......................................................................................................................... 5
III. BACKGROUND........................................................................................................................................................... 6
IV. WHAT INFORMATION DOES TIVO COLLECT AND HOW IS IT COLLECTED? ................................. 8
A. KINDS OF INFORMATION AND SUBSCRIBER CHOICES............................................................................................. 8B. WHAT INFORMATION IS RECEIVED BY THE TIVO BROADCAST CENTER DISTRIBUTION SERVERS AND HOW IS ITSTORED?...........................................................................................................................................................................10
1. Activation: Setup and Account Information ...................................................................................................112. Daily Call from the Receiver to the TiVo Broadcast Center’s Distribution Servers...................................113. TiVo Broadcast Center: Processing and Storing of Anonymous Viewing Information and PersonallyIdentifiable Viewing Information ..............................................................................................................................13
C. WHAT DOES TIVO DO WITH INFORMATION IT COLLECTS?................................................................................16
V. WHAT DOES TIVO DO TO INFORM ITS SUBSCRIBERS .............................................................................17
A. PRIVACY POLICY....................................................................................................................................................171. Collection ..............................................................................................................................................................182. Uses........................................................................................................................................................................183. Disclosures ............................................................................................................................................................194. Choices ...................................................................................................................................