由於近年數位廣播與無線通訊之整合匯流發展，行動付費電視服務越來越被重視。然而，行動付費電視卻很容易受蓄意攻擊而不安全。若要提供一個安全的行動付費電視服務，存取安全(Access Protection)機制扮演極為重要角色。因此，確保被授權使用者之存取安全是非常重要的工作。在具備完善存取安全管理的行動付費電視系統中，有授權的使用者才能存取 (Access) 及解密其內容。隨著異質網路整合，若要在公用網路中提供安全的視訊服務，視訊加密 (Video Encryption)是非常重要一環。因此，若要提供一個完善的存取安全機制, 存取控制 (Access Control) 及視訊加密是非常重要之議題。然而，由於行動付費電視的廣播頻寬是非常珍貴資源及行動裝置之資源是低階有限的，兼具廣播效益及低計算成本的存取安全是非常重要的。 在此論文中，我們主要探討行動付費電視之存取安全；尤其是探討其存取控制之身份認證 (Authentication) 方法，及選擇式視訊加密 (Selective Video Encryption) 方法。
在存取控制方面，我們提出一個非常有效率的行動付費電視之身份認證方法。基本上，行動付費電視中為了提供交互身份認證，大量的認證訊息會在此系統中流通。因此，一個既安全又有效率的存取控制之身份認證機制是不可或缺的。傳統身份認證是一對一 (One-to-One) 的方法。此一對一方法的作法是一個存取需求 (Access Request) 需一個廣播認證訊息，使得造成大量訊息在廣播網路上傳送而沒有效率且成本高。由於行動付費電視屬無線廣播，它在遞換 (Hand-off) 時容易受攻擊而不安全。若要提供安全的行動付費電視服務，遞換認證 (Hand-off Authentication)也是非常重要議題。傳統方法沒有提供遞換認證功能，也因此它在遞換時造成不安全。此論文中提出一個創新的行動付費電視之身份認證方法。此創新方法是一對多 (One-to-Many) 的方法。此創新之一對多方法的主要作法是應用橢圓曲線密碼學來達成多個存取需求僅需一個廣播認證訊息之功能。此方法在廣播效益及低成本效益上比傳統方法更優異許多。此外，我們的方法提供遞換認證機制，使得我們的方法在遞換時可以確保服務之存取安全且避免遭受攻擊。因此，我們的方法對於存取控制可以更安全。另外，我們的方法應用身分式方法 (Identity-based Scheme) 來提供匿名認證以確保隱私。我們的方法也就具備身分式方法的優點。由於我們的方法具有上述諸多優點，我們的方法非常適合行動付費電視系統。
為了提供一個完善的存取安全，視訊加密是另一個重要的議題。正如我們所知悉，視訊服務主要藉由公用網路來作通訊與資訊交換。然而，公用網路容易受蓄意攻擊者之攻擊而不安全，於是視訊加密成為非常重要議題。傳統視訊加密方法的缺點或是沒有效益或不夠安全。此論文提出一個以內文金鑰控制 (Context-Key Control) 之選擇式及時視訊加密方法。此內文金鑰控制之加密方法主要以修改 ElGamal 加密法而得。藉由內文金鑰控制，我們的方法達成低指數 (Low Exponent) 運算且更安全。我們將此新加密方法應用到視訊餘弦係數 (DCT Coefficients) 作選擇式加密。經由我們的效能與安全分析得知，我們的方法既安全又有效益，非常適合應用於視訊安全。

In recent years, with the digital convergence of broadcast and wireless communication, mobile pay-TV services are getting more and more attention. However, a mobile pay-TV system is very vulnerable to malicious attacks. To provide a secure mobile pay-TV service, a secure access protection for pay-TV systems plays an important role. Therefore, to guarantee a secure access of services by authorized users, the access protection is required. In a mobile pay-TV system, under a proper access protection, only the authorized users can access and decrypt their authorized contents. With the gradual integration of heterogeneous networks, to provide secure video services in a public network, video encryption is required. To provide such an access protection, access control and video encryption are important issues. However, since the bandwidth of a broadcast channel and the resources in a mobile set are limited, both a better broadcast efficiency and low computation cost of an access protection are required. In this dissertation, an access protection for mobile pay-TV systems is explored; in that an efficient authentication for access control and an efficient selective video encryption scheme are addressed and discussed.
In the access control, we propose an efficient authentication schemes for mobile pay-TV systems. In a mobile pay-TV system, a large number of messages are exchanged for mutual authentication. An efficient and secure authentication mechanism for access control is required. In traditional authentication schemes, with one-to-one delivery, one authentication message per request is delivered from a head end system to subscribers. This results in the delivery of a large quantity of messages and therefore is inefficient and costly. Due to its wireless nature, mobile pay-TV is vulnerable to attacks during hand-off. To provide a secure mobile pay-TV service, a hand-off authentication also becomes an important issue. Traditional schemes do not support hand-off authentication and therefore are insecure during hand-off. In this dissertation, we propose an innovative authentication scheme employing Elliptic Curve Cryptography, in which, by providing one-to-many facility, only one authentication message for multiple requests is broadcasted from the head end system to subscribers. This new scheme achieves better broadcast efficiency and performance on communication costs than traditional schemes. Additionally, our scheme provides a hand-off authentication mechanism to protect the access of services while preventing attacks during hand-off; therefore, the scheme is more secure to support access control. Moreover, the scheme adopts an identity-based scheme to provide anonymous authentication for protecting privacy; hence the scheme inherits advantages of the identity-based scheme. With these advantages of our scheme, it is well suitable for mobile pay-TV system.
To provide a better access protection, video encryption is also an important issue. In order to provide video services, service providers and users usually interact through public communication channels. However, these public communication channels are vulnerable to attacks, and as a result, video encryption becomes an important issue. Traditional video encryptions are either inefficient or insecure. This dissertation proposes a real-time selective video encryption using context-key control. The new context-key control encryption in this scheme is modified from ElGamal encryption. Using context-key control, our scheme can perform a low exponent operation and secure encryption. We apply our encryption scheme to perform selective encryption on video DCT coefficients. In our performance and security analysis, our scheme is secure and efficient, and can be well applied to the video encryption.

[1]F. Allamandri, S. Campion, A. Centonza, A. Chernilov and et. al., “Service Platform for Converged Interactive Broadband Broadcast and Cellular Wireless,” IEEE Transactions on Broadcasting, Vol. 53, Issue 1, Part 2, PP. 200 - 211, Mar. 2007.
[2]K.C. Almeroth and M.H Ammar, “An alternative paradigm for scalable on-demand applications: evaluating and deploying the Interactive Multimedia Jukebox,” IEEE Transactions on Knowledge and Data Engineering, Vol. 11, Issue 4, PP. 658 – 672, July-Aug. 1999.
[3]D. Boneh and M. Franklin, “Identity-based Encryption from the Weil Pairing,” Advances in Cryptology-CRYPTO, PP. 213-239, 2001.
[4]W. J Caelli, E. P Dawson and S. A Rea, “PKI, Elliptic Curve Cryptography, and Digital Signatures,” Computers & Security, Vol. 18, No. 1, PP. 47-66, 1999.
[5]H. Cheng and X. Li, “Partial Encryption of Compressed Images and Video,” IEEE Transactions on Signal Processing, Vol. 48, No. 8, PP. 2439-2451, 2000.
[6]M. G. Chung and Y. Kim, “An Integrated Scheme for Authentication and Access Control in a Digital TV Environment,” ICCE 2008. Digest of Technical Papers. International Conference on Consumer Electronics, 2008, PP. 1-2, Jan. 2008.
[7]Conditional-Access Broadcasting System, ITU-R Rec. 810, 1992.
[8]F. Coutrot and V. Michon, “A single conditional access system for satellite-cable and terrestrial TV,” IEEE Transactions on Consumer electronics, Vol. 35, Issue 3, PP. 464 – 468, Aug. 1989.
[9]DVB Technical Report:DVB-H185r3, DVB Documents, Dec. 2003.
[10]EBU technical review, A functional model of a conditional access system[EB/OL]. http:/ /www.ebu.ch/trev-266-ca.pdf, 1995.
[11]G. Faria, J.A Henriksson, E. Stare and P. Talmola, “DVB-H: digital broadcast services to handheld devices,” Proceedings of IEEE, Vol. 94, Issue 1, PP. 194 – 209, Jan. 2006.
[12]G. Frey, M. Müller and H.-G. Rück, “The Tate Pairing and the Discrete Logarithm Applied to Elliptic Curve Cryprosystems,” IEEE Transactions on Information Theory, Vol. 45, No. 5, PP. 1717-1719, July 1999.
[13]E. Gallery and A. Tomlinson, “Conditional Access in Mobile Systems:Securing the Application,” Proceedings of the First International Conference on Distribured Frameworks for Multimedia Applications (DFMA’05), PP. 190 - 197, Feb. 2005.
[14]M. Grangetto, E. Magli and G. Olmo, “Multimedia Selective Encryption by Means of Randomized Arithmetic Coding,” IEEE Transactions on Multimedia, Vol. 8, No. 5, PP. 905-917, Oct. 2006.
[15]L. Harn and S. Yang, “ID-Based Cryptographic Schemes for User Identification, Digital Signature, and Key Distribution,” IEEE Journal on Selected Areas in Communications, Vol. 11, No. 5, PP.757-760, June 1993.
[16]Head-end implementation of DVB Simulcrypt, ETSI TS 103 197 V1.4.1, ETSI standard, Spt. 2004.
[17]Y.L. Huang, S. Shieh, F.S. Ho and J.C. Wang, “Efficient Key Distribution Schemes for Secure Media Delivery in Pay-TV Systems,” IEEE Transactions on Multimedia, Vol. 6, No. 5, Oct. 2004.
[18]IP Datacast over DVB-H: Service Purchase and Protection (SPP), DVB standard, Dec. 2005.
[19]Z. Jia, Y. Zhang, H. Shao, Y. Lin and J. Wang, “A Remote User Authentication Scheme Using Bilinear Pairings and ECC,” ISDA '06. Sixth International Conference on Intelligent Systems Design and Applications, 2006, Vol. 2, PP. 1091 – 1094, Oct. 2006.
[20]A. Joux, “A one round protocol for tripartite Diffie-Hellman,” Proceedings of Algorithmic Number Theory Symposium, ANTS IV, Vol. 1838, Lecture Notes in Computer Science, PP. 385-394, Springer-Verlag, 2000.
[21]H. Kim, J. Wen and J. D. Villasensor, ”Secure Arithmetic Coding,” IEEE Transactions on Signal Processing, Vol. 55, No. 5, PP. 2263-2272, May 2007.
[22]N. Koblitz, Algebraic Aspects of Cryptography, Springer, 1999.
[23]K. Lauter, “The Advantages of Elliptic Curve Cryptography for Wireless Security,” IEEE Wireless Communications, No. 1, PP. 62-67, Feb. 2004.
[24]B.-D. Lee, J. Song and Y.-K. Nam, “Converged Mobile TV Services Supporting Rich Media in Cellular and DVB-H Systems,” IEEE Transactions on Consumer Electronics, Vol. 54, No. 3, PP. 1091-1097, August 2008.
[25]N. Lee, C. Chang, C. Lin and T. Hwang, “Privacy and Non-Repudiation on Pay-TV Systems,” IEEE Transactions on Consumer Electronics, Vol. 46, PP. 20 – 27, Feb. 2000.
[26]S. Lian, Z. Liu, Z. Ren and H. Wang, “Commutative Encryption and Watermarking in Video Compression,” IEEE Transactions on Circuits and Systems for Video Technology, Vol. 17, No. 6, PP. 774-778, June 2007.
[27]J. Liu, C. Yang and J. Tian, ”A Novel Conditional Access Architecture for TV Service Protection,” CISW 2007. International Conference on Computational Intelligence and Security Workshops, 2007., PP. 608 – 611, Dec. 2007.
[28]B. M. Macq and J. Quisquater, “Cryptology for Digital TV Broadcasting,” Proceedings of The IEEE, Vol. 83, No. 6, PP. 944-957, June 1995.
[29]Y. Mao and M. Wu, “A Joint Signal Processing and Cryptographic Approach to Multimedia Encryption,” IEEE Transactions on Image Processing, Vol. 15, No. 7, PP. 2061-2075, July 2006.
[30]A. Menezes, Elliptic Curve Public Key Cryptosystems, Kluwer Academic Publishers, 1993.
[31]A.J. Menezes, T. Okamoto, and S.A. Vanstone, “Reducing elliptic curve logarithms to a finite filed,” IEEE Transactions on Information Theory, Vol. 39, PP. 1636-1646, 1993.
[32]E. Mohammed, A.E. Emarah and K. El-Shennawy, “Elliptic Curve Cryptosystems on Smart Cards,” 2001 IEEE 35th International Carnahan Conference on Security Technology, PP.213-222, Oct. 2001.
[33]J. Moon, J. Park and E. Paik, “JavaCard-based Two-Level User Key Management for IP Conditional Access Systems,” ICON 2007, 15th IEEE international conference on networks, PP. 72 – 76, Nov. 2007.
[34]Y. Nishimoto, H. Imaizum and N. Mita, “Integrated Digital Rights Management for Mobile TV using Broadcasting and Communications,” APCC 2008. 14th Asia-Pacific Conference on Communications, 2008, PP. 1-5, Oct. 2008.
[35]A. Noore, “A Secure Conditional Access System using Digital Signature and Encryption,” 2003 IEEE International Conference on Consumer Electronics, 2003 ICCE, PP.220-221, June 2003.
[36]V. Ollikainen and C. Peng, “A Handover Approach to DVB-H Services,” 2006 IEEE International Conference on Multimedia and Expo, PP.629-632, July 2006.
[37]K. G. Paterson, “ID-based signatures from pairings on elliptic curves,” Electronics Letters, Vol. 38, No.18, PP. 1025-1026, Aug. 2002.
[38]L. Piron, C. L. Buhan, G. Moreillon and R. Wilson, ”On the Integrity and authentication protection of real time data in broadcast networks,” 2008 IEEE International Symposium on Broadband Multimedia Systems and Broadcasting, PP. 1-4, March 31-April 2 2008.
[39]I. E.G. Richardson, H.264 and MPEG-4 Video Compression, Willey, 2003.
[40]G. Seroussi, “Elliptic curve cryptography,” Information Theory and Networking Workshop, PP. 41, 1999.
[41]N.P Smart, “Identity-based authenticated key agreement protocol based on Weil pairing,” Electronics Letters, Vol. 38, Issue 13, PP. 630 – 632, June 2002.
[42]M. Scott, N. Costigan, and W. Abdulwahab, “Implementing cryptographic pairings on smartcards,” Cryptology ePrint Archive, Report 2006/144, 2006.
[43]A. Shamir, “Identity-based cryptosystem and signature scheme,” Proc. Crypto-84, Santa Barbara, C.A., PP. 47-53, 1984.
[44]C.G. Shi and B. Bhargava, “A fast MPEG video encryption algorithm,” Proceedings of the 6th ACM international Multimedia Conference[C].Bristol: Elservier Engineering Information Inc, PP. 81-88, 1998.
[45]C.G. Shi and B. Bhargava, “An Efficient MPEG Video Encryption Algorithm,” Proceedings of the 17th IEEE Symposium on Reliable Distributed Systems, West Lafayette, Indiana, USA, PP.381-386, 1998.
[46]H. Shirazi, J. Cosmas, D. Cutts, N. Birch and N. Daly, “Mobile Integrated Conditional Access System (MICAS),” ISCE 2008. IEEE International Symposium on Consumer Electronics, 2008, PP. 1-4, April 2008.
[47]R. Song and L. Korba, “Pay-TV system with strong privacy and non-repudiation protection,” IEEE Transactions on Consumer Electronics, Vol. 49, PP. 408 – 413, May 2003.
[48]W. Stallings, Cryptography and Network Security, Prentice Hall, 2003.
[49]D. R. Stinson, Cryptography Theory and Practice, Chapman & Hall/CRC, 2006.
[50]H.M. Sun, C.M. Chen and C.Z. Shieh, “Flexible-Pay-Per-Channel: A New Model for Content Access Control in Pay-TV Broadcasting Systems,” IEEE Transactions on Multimedia, Vol. 10, PP. 1109 – 1120, Oct. 2008.
[51]Y. Tseng, M. Yang and C. Chang, “A recursive frequency-splitting scheme for broadcasting hot videos in VOD service,” IEEE Transactions on communications, Vol. 50, Issue 8, PP. 1348 – 1355, Aug. 2002.
[52]S.Y. Wang and C.S. Laih, “Efficient Key Distribution for Access Control in Pay-TV Systems,” IEEE Transactions on Multimedia, Vol. 10, No. 3, PP: 480 – 492, April 2008.
[53]Y. Wang, J. Qstermann and Y.Q. Zhang, Video Processing and Communications, Prentice Hall, 2002.
[54]Y. Wang, M. Cai and F. Tang, “Design of a New Selective Video Encryption Scheme Based on H.264,” 2007 International Conference on Computational Intelligence and Security, PP. 883-887.
[55]C. Wang, H. B. Yu and M. Zheng, “A DCT-based MPEG-2 Transparent Scrambling Algorithm,“ IEEE Transactions on Consumer Electronics, Vol. 49, No. 4, Nov. 2003.
[56]C. P. Wu and C. C. J. Kuo, “Efficient Multimedia Encryption via Entropy Codec Design,” Proceedings of SPIE Security and Watermarking of Multimedia Content III, Vol. 4314, San Jose, CA, January 2001.
[57]W. J. Zeng and S. M. Lei, “Efficient frequency domain selective scrambling of digital video,“ IEEE Transactions on Multimedia, Vol. 5, PP. 118-129, 2003.
[58]X. Yi, “An Identity-Based Signature Scheme from the Weil Pairing,” IEEE Communications Letter, Vol. 7, No. 2, PP. 76-78, Feb. 2003.
[59]www.dvb.org/groups_modules/technical_module/tmh/.
[60]www.atsc.org/standards/cs_documents/a153-2009-04-09/.
[61]http://en.wikipedia.org/wiki/ISDB.
[62]http://www.hoozi.com/.