IRD-CAM Session/Video Encryption Explained

-------------------------------------------------------------------------------IRD-CAM Session/Video Encryption Explained

2 forms of encryption are used to get video for n2.
RSA.
P and Q are large random prime numbers (kept secret).
0N = (P - 1) * (Q - 1) (kept secret)
N = P * Q (N = RSA public Key)
D = E ^ -1 mod 0N (D = RSA private exponent, kept secret).
E = D ^ -1 mod 0N (E = RSA public exponent)
C = M ^ E mod N (C = encrypted message)
M = C ^ D mod N (M = decrypted message)
IDEA (International Data Encryption Algorithm).
More complicated.
For our purposes there is a function that we will call IdeaEncrypt that returns a encrypted text
message given an idea key to encrypt with.
There is also a function that will call IdeaDecrypt that returns the decrypted message give the
same idea key.
There is a function IdeaSign that will return an 8 byte idea signature given a data string and
If Using DT08 (0a) on the card :
The Dt08 (0a datatype on card) is created by the provider and sent to the card at sub time.
The dt08 contains the Cam N public rsa key along with ird/boxkey.
The dt08 is IDEA encrypted with the Idea Key made from ird/boxkey/inverted ird.
The dt08 is RSA encrypted using Ird N (public rsa key) and Ird D (private key and uknown by
anyone but provider).
Ird N = N1 xored N2
Ird N1=
A4E9B585932F90282FD70C908176E8605E6B2CE629335A0FC1
5B31DAB0BFC6FEEB88CFC69649994CD3FE039C9965C620C4D5
828E9153998EE4AE0E8C25644DF3
xor
Ird N1=

237280AAB36BE4B21FC71FBF08218E532A545E744D7B007FF8
69BA426831C4AC653F3825ADE9358FCD1F0239EC447CBC2765
CC0AEBE437AF2270FC461C2FA042
Ird N =
879B352F2044749A3010132F89576633743F729264485A7039
328B98D88E02528EB7F7E33BA0ACC31EE101A57521BA9CE3B0
4E847AB7AE21C6DEF2CA394BEDB1
The Ird, N1, N2, Ideakey exist in the tsop.
Ird E = 3
Ird D = UKNOWN, this is the reason you can't create your own dt08 without changing the N1/N2
on the tsop, you must know Ird D.
DT08 (0A) = IdeaEncrypt(CamN/Ird#/Boxkey/Idea Signature,Ird_Ideakey) ^ D mod Ird N.
Ird requests DT08.
Card sends back the dt08 (0a)
Ird decrypts the dt08.
Decrypted dt08 = IdeaDecrypt(DT08,Ird_IdeaKey) ^ 3 mod Ird N.
It checks the ird # and boxkeys in the Decrypted 08 if they match what is on ird,
it stores the Cam N in the decrypted 08 in ird memmory.
If Using Secondary Key (SK) on the Ird.
Ird checks for SK exists on the ird, if it does, the dt08 will never be requested/ignored from the
card.
Ird validates the SK with idea signature in the SK (using IIIIIIII101924314051647990A9C4E1
where I = irdnumber).
Ird takes the Cam N in the SK and puts it in ird memmory
Note : Cam N is not even encrypted in the sk, very weak method compared to dt08.
Later, establish session key (0C datatype on the card):
Ird requests 2a data from card.
Random 2a is sent from card to ird.
Ird performs some Idea signing (leave it to you to look up 2a/2b routines)
Ird comes up with session key from the 2a message sent from Cam.
Ird encrypts the session key with rsa.
Encrypted 2B = (2B data with 16 byte session idea key) ^ 3 mod Cam N.
Sends encrypted data back to card in 2b message.
Cam decrypts 2B with Cam N, Cam D. Decrypted 2B = (Encrypted 2B) ^ Cam D mod Cam N.
If valid, store session key in ram and on card for later use.
This all happens as ird boots.
When you select a channel.
Ird sends Cmd 07 ECM message with control words encrypted.

Cam decrypts the control words rencrypts them with Idea encryption using the session key
established above.
The ird then requests the control words.
The Cam sends them back in the 1C response.
The ird decrypts the control words with with Idea encryption using the session key established
above.
Sends the control words to the mpeg decoder.
8 seconds of video.
Repeat 07/1C process over and over.
This is all done from memmory, excuse any oversites/exclusions/errors.
Not exhaustive on each step by any means, just a quick overview.