A Question For The Techys ?

[leachy070667]

This post is for the Tech guys.

With us all now going to Nagra 3, we all know it is a foolproof system between card, box and Virgin at this moment in time ,I know the cards can’t be read with current reading methods, so unloopers etc have been rendered useless.

I got to thinking, we can’t read the cards at the moment yet we know the cards communicate with Virgin Media regularly via their official boxes producing the keys that give viewing, is there not anyway that we can manipulate this system by using an official Virgin box on a basic package along side a third party box, would it not be at all possible to sort of throw together some sort of hybrid and divert the keys produced by Official Box + Card in real time to the third party box ?

Surely if you are in possession of a Virgin Box on a basic package, then the way forward would be trying to access the information both the box and card produce in real time ?

I realise it might sound daft, but I am techy enough to know that Virgin +Box + Card generate keys that give viewing, we cant access the card encryption system, but can we access the keys generated and divert them, could this be the way forward ?

[Lacutas]

I think this is called card sharing. lol

[leachy070667]

Quote:

Originally Posted by Lacutas

I think this is called card sharing. lol

c/s is via a third party server.

One server producing one constant stream.

[G77]

are the keys which are produced not encrypted using the rsa anyway?

what your talking about would use one of them there atmel logger things which i knocked up once to make logs for the 3.7 funcard whatzit, thingy

TC will help here but im pretty sure the keys themselves are encrypted

[G77]

nag one worked like this ... ish....

stream encrypted with public keys gets decrypted by public keys on card. it is then encrypted using the bk on the card, box then decrypts using bk in flash of box.

(might be visa versa)

[TheCoder]

Quote:

Originally Posted by G77

nag one worked like this ... ish....

stream encrypted with public keys gets decrypted by public keys on card. it is then encrypted using the bk on the card, box then decrypts using bk in flash of box.

N3 works in a very similar way except instead of using the boxkey for encryption to the box it uses a random IDEA session key. This key changes once every hour or so for a new random key.

For the random key to be known by both ends its passed from the card to the box via an RSA encrypted datapacket. In order to be able to derive the present session key you have to know the rsa modulus key for that particular box as well as the boxkey and various other details.

[G77]

team kv did it, lol.

would that random key be in any flash?

[remote matt]

What gets me with nag3 and c/s is that if the card can be shared via a network why it can't be cloned somehow?
is it to do with the box that it's paired to?

[G77]

i know what your saying. we cant dump the cards. the teams doing the cable cs have got the info needed out of the box, not the card.

also, this randomly generated key must not be so random. it must be based on some algorithm or it would be like artificial intelegence

[TheCoder]

Quote:

Originally Posted by G77

also, this randomly generated key must not be so random. it must be based on some algorithm or it would be like artificial intelegence

It is actually truly random !

Sequence of events is -

1/ Card informs box that it has no session key or session expired
2/ Box asks card to generate a random session key
3/ Card signals that it has a new random session key
4/ Box asks for the new random session key
5/ Card returns the session key in an RSA encrypted form using a "shared" rsa modulus and private/public keyset. Only the card has the private key.
6/ Box receives the new session key and decrypts it using the shared public key. It then modifies the key in a certain way and re-encrypts using the public key.
7/ Box returns the newly encrypted key back to the card
8/ Card verifies that the key has been modified in the correct way
9/ Card and box now use the new session key for all ECM CW transfers.
10 After 1 hour - start again !

So, the session key really is truly randon and changes every 1 hour. This is not something VM/Kudelski initiate - they dont know the resultant key. Its just a process between between stb and card.