Glossary Satellite TV / Term
ECM is short for Entitlement Control Message. These are commands which are used to control the working of your card. ECM’s are always sent as packets. Such a packet is called a Control Word(CW) and it contains coded keys, ID’s etc. needed to decode the signal. In other words, the ECM identifies the service and the conditions that have to be met in order to use that service. Providers will also use fake ECM’s to disable pirate cards. That is why a lot of people translate ECM as Electronic Counter Measure.
Under the Digital Video Broadcasting (DVB) standard, conditional access system (CAS) standards are defined in the specification documents for DVB-CA (conditional access), DVB-CSA (the common scrambling algorithm) and DVB-CI (the Common Interface). These standards define a method by which one can obfuscate a digital-television stream, with access provided only to those with valid decryption smart-cards. The DVB specifications for conditional access are available from the standards page on the DVB website.
This is achieved by a combination of scrambling and encryption. The data stream is scrambled with a 48-bit secret key, called the control word. Knowing the value of the control word at a given moment is of relatively little value, as under normal conditions, content providers will change the control word several times per minute. The control word is generated automatically in such a way that successive values are not usually predictable; the DVB specification recommends using a physical process for that.
In order for the receiver to unscramble the data stream, it must be permanently informed about the current value of the control word. In practice, it must be informed slightly in advance, so that no viewing interruption occurs. Encryption is used to protect the control word during transmission to the receiver: the control word is encrypted as an entitlement control message (ECM). The CA subsystem in the receiver will decrypt the control word only when authorised to do so; that authority is sent to the receiver in the form of an entitlement management message (EMM). The EMMs are specific to each subscriber, as identified by the smart card in his receiver, or to groups of subscribers, and are issued much less frequently than ECMs, usually at monthly intervals. This being apparently not sufficient to prevent unauthorized viewing, TPS has lowered this interval down to about 12 minutes. This can be different for every provider, BSkyB uses a term of 6 weeks. When Nagravision 2 was hacked, Digital+ started sending a new EMM every three days to make unauthorized viewing more cumbersome.
The contents of ECMs and EMMs are not standardized and as such they depend on the conditional access system being used.
The control word can be transmitted through different ECMs at once. This allows the use of several conditional access systems at the same time, a DVB feature called simulcrypt, which saves bandwidth and encourages multiplex operators to cooperate. DVB Simulcrypt is widespread in Europe; some channels, like the CNN International Europe from the Hot Bird satellites, can use 7 different CA systems in parallel.
The decryption cards are read, and sometimes updated with specific access rights, either through a conditional-access module (CAM), a PC card-format card reader meeting DVB-CI standards, or through a built-in ISO/IEC 7816 card reader, such as that in the Sky Digibox.
Several companies provide competing CA systems; ABV, VideoGuard, Irdeto, Nagravision, Conax, Viaccess, Synamedia, Mediaguard (a.k.a. SECA) are among the most commonly used CA systems.
Due to the common usage of CA in DVB systems, many tools to aid in or even directly circumvent encryption exist. CAM emulators and multiple-format CAMs exist which can either read several card formats or even directly decrypt a compromised encryption scheme. Most multiple format CAMs and all CAMs that directly decrypt a signal are based on reverse engineering of the CA systems. A large proportion of the systems currently in use for DVB encryption have been opened to full decryption at some point, including Nagravision, Conax, Viaccess, Mediaguard (v1) as well as the first version of VideoGuard.
Permanent link ECM - Modification date 2020-07-28 - Creation date 2020-04-13