Common Interface#Revocation

{{Unreferenced section|date=December 2024}}

A DVB receiver may have one or two slots implementing the Common Interface (CI). The CI uses the conditional-access module (PCMCIA) connector and conforms to the Common Scrambling Algorithm (CSA), the normative that specifies that such a receiver must be able to accept DES (Data Encryption Standard) keys in intervals of some milliseconds, and use them to decode private channels according to a specific algorithm.

Those algorithms are proprietary to individual suppliers. Each one uses their own algorithms and there is no defined standard for them.

As the full MPEG-2 transport data stream comes out of the demodulator, and error correction units, the DTV Receiver sends it through the card plugged into the Common Interface, before it is processed by the MPEG demultiplexer in the receiver. If several CI cards are present, the MPEG transport data stream will be passed sequentially through all these cards.

An embedded CAM may not physically exist, as it may be in CPU software. In such a case, only the smart card reader normally in the CAM is fitted and not the PCMCIA type CI slots.

Even if the Common Interface has been created to resolve cryptography issues, it can have other functions using other types of modules such as Web Browser, iDTV (Interactive Television), and so forth.

In Europe, DVB-CI is obligatory in all iDTV terminals.

The host sends an encrypted MPEG transport stream to the CAM and the CAM sends the decrypted transport stream back to the host. The CAM often contains a smart-card reader.

{{Unreferenced section|date=December 2024}}

The normative DVB-CI standard EN 50221 was defined in 1997 by CENELEC, the European Committee for Electrotechnical Standardization.

According to the Common Interface scheme:

• host : A device where module(s) can be connected; for example, an integrated receiver/decoder (IRD), a VCR, a PC, etc.
• module: A small device, not working by itself, designed to run specialized tasks in association with a host; for example, a conditional access sub system, an electronic program guide application module, or to provide resources required by an application but not provided directly by the host.

The specification defines only two aspects, two logical interfaces to be included on the same physical interface. The first interface is the MPEG-2 transport stream. The link and physical layers are defined in this specification and the higher layers are defined in the MPEG-2 specifications. The second interface, the command interface, carries commands between the host (receiver) and the module.

The specification does not define the operation or functionality of a conditional access system application on the module. The applications that may be performed by a module communicating across the interface are not limited to conditional access or to those described in this specification. More than one module may be supported concurrently.

The common interface shares many features of the PC Card standard (PCMCIA). By reducing the widths of the address

and data buses it has been possible to include a bi-directional parallel transport stream interface.

The transport stream format is specified by IEC 13818-1 and is the MPEG 2 TS format.

In addition there is a command interface for communication between the host and module.

This communication is in the form of a layered protocol stack which allows the host and module to share resources. For example, the module can request the current date and time from the host. To use this service, module shall open a session to the "Date-Time" resource provided by host. Or, module can ask the host to display a message on the TV screen and can then read keypresses from the host remote control. This is done by opening a session to host's Man-Machine Interface (MMI) Resource. This resource also allows the CAM to request and receive PIN numbers.

Some of defined by DVB-CI resources are de facto optional. For example, the host could contain a modem for communication over a telephone line allowing the CAM to implement pay-per-view. This can be done by opening a session to host's Low-Speed Communication (LSC) resource (assuming that the host announced the availability of this resource). The Host Control resource (allowing CAM to request force-tuned) also may be absent in some of hosts.

The definitely mandatory resources are Resource Manager, Application Information and Conditional Access Support ones. First two of these three are necessary for initial handshaking between CAM and its host, while the CA Support resource is necessary for descrambling the selected channels.

The Command Interface is extensible and there are several specification documents available which describe these extensions (e.g. ETSI TS 101 699). However, these extensions have often not proved popular with manufacturers.

CI+ (also known as CI Plus or Common Interface Plus) is a specification that extends the original DVB Common Interface standard (DVB-CI, sometimes referred to as DVB-CIv1). The main addition introduced by CI+ is a form of copy protection between a CI+ conditional-access module (referenced by the spec as CICAM, while CI+ CAM seems to be a more precise abbreviation) and the television receiver (host). CI+ is backward-compatible with DVB-CIv1. Old television receivers which have a CIv1 CI-slot can be used with CI+ CAM and vice versa, but for viewing only those of TV programs which are not marked as CI+ protected.

CI+ specification has been developed by consumer electronic firms Panasonic, Philips, Samsung and Sony, as well as pay-TV technology company SmarDTV and fabless chip maker Neotion.{{cite web |url=http://www.cabot.co.uk/resources/technical-papers-library/ci-technical-paper/at_download/file |title=Cabot Communications Ltd. CI+ Technical Paper |website=Cabot |access-date=2013-07-10 |url-status=dead |archive-url=https://web.archive.org/web/20120308182731/http://www.cabot.co.uk/resources/technical-papers-library/ci-technical-paper/at_download/file |archive-date=2012-03-08}}

A first draft of the specification was put up for review in January 2008 as V1.00 CI Plus Specification.

The establishment of the Trusted Authority has been completed{{cite press release |url=http://www.trustcenter.de/media/PM-CIPlus-090213-de.pdf |archive-url=https://web.archive.org/web/20090424045424/http://www.trustcenter.de/media/PM-CIPlus-090213-de.pdf |url-status=dead |archive-date=2009-04-24 |date=2009-04-13|title=Führende TV-Hersteller vertrauen bei der Umsetzung des CI Plus-Standards in Europa auf TC TrustCenter |location=Hamburg |publisher=TC TrustCenter |language=de |access-date=2013-07-10}} and an official security certification lab appointed.{{cite web|url=http://www.broadbandtvnews.com/?p=15049 |title=Digital TV Labs to test for CI Plus |website=Broadband TV News |last=Clover |first=Julian |date=2009-03-05 |access-date=2013-07-10}}

In 2009, versions 1.1 and 1.2 were released. The 1.2 version became the first one which was massively deployed.

The main features added to the original DVB-CI standard by CI+ v1.2 are:

• Content Control (allows re-encryption of video and audio on their way from CI+ CAM to its host)
• coordination of CAM firmware upgrade between CAM and its host
• "CI Plus browser"; support of MHEG-5 applications running on a CI+ host, launched by a CI+ CAM and being able to communicate with it
• support of IP communication was added to the DVB-CI's Low-Speed Communication (LSC) resource (but without renaming it to "High-Speed").

The spec does not state explicitly about each feature if it is mandatory or optional. The mandatory feature (as it is actually the main raison d'être of CI+) is Content Control. The optional feature of v1.2 version is "PVR Resource"; this can be concluded from the fact that it does not appear in newer CI+ spec versions.

In 2011, version 1.3 of the CI+ spec was released (later replaced with CI+ v1.3.1 and then with [http://www.ci-plus.com/documentation/ci-plus-specification-v1-3-2/ CI+ v1.3.2], still commonly referenced as CI+ v1.3). The main features added by CI+ v1.3 to CI+ v1.2 are:

• various enhancements of Content Control mechanism
• coordination of parental control PIN code handling between CAM and its host
• better IP communication support (increased data throughput)
• VOD support
• a new Operator Profile resource allowing CAM to adapt non-standard broadcast-specific service information to standard DVB format understandable by host.

With the development of CI+, the standard has now come under the umbrella of the DVB standards organization.{{cite web|url=http://www.broadbandtvnews.com/2011/02/18/ci-plus-back-with-the-dvb/ |title=CI Plus back with the DVB |website=Broadband TV News |last=Clover |first=Julian |date=2011-02-18 |access-date=2013-07-10}}

In 2014, DVB released [https://www.etsi.org/deliver/etsi_ts/103200_103299/103205/01.01.01_60/ts_103205v010101p.pdf ETSI TS 103 205 V1.1.1] specification, defining what is often referred as "CI+ v1.4".

The main features added by ETSI TS 103 205 to CI+ v1.3 are:

• multi-tuner support
• URI (usage rules information) extensions (the most prominent is addition of trick mode enable/disable flag)
• IP-delivered video support
• watermarking and transcoding capability
• the communication functionality was extended to support IP multicast and hybrid type of communication (hybrid communication means here that IP multicast data arrive to module over the transport stream interface)
• CI Plus™ browser extensions (interaction channel, streaming, video scaling etc.)
• letting a CI+ CAM to determine if its host supports an advanced application environment (e.g. HbbTV or MHP) and, if yes, to launch a corresponding application
• allowing CI+ CAM applications to be represented in the host's channel line-up in form of virtual channels.

In 2018, ETSI published the second generation DVB-CI standard (often referred to as CI+ v2.0): [http://www.etsi.org/deliver/etsi_ts/103600_103699/103605/01.01.01_60/ts_103605v010101p.pdf TS 103 605 V1.1.1].{{cite web |url=https://dvb.org/news/second-generation-dvb-ci-standard-published/ |title=Second generation DVB-CI standard published |date=2018-11-02 |website=DVB}} The main evolution of this version is to add USB as physical layer to replace the aging PC Card interface.

CI+ Host and CAM test tool development, testing and certification is carried out by [https://www.resillion.com/services/device-testing/devices-testing-tools/ci-plus-test-tool/ Resillion] (formerly Eurofins Digital Testing, formerly Digital TV Labs) in the UK (Bristol) and China (Shenzen).

By making use of certificates issued by a trusted certification authority, a secure authenticated channel (SAC) is formed between a CI+ CAM and television receiver (host). This SAC is used to generate a shared key, unique per a CAM-host pair, which protects from unauthorized copying the content marked in the associated URI (Usage Rules Info) as a content which needs to be re-encrypted on its way from CAM to host after removal the original CA or DRM scrambling (in the original CI standard, decrypted content could be sent over the PCMCIA interface only in unscrambled form).

CI+ standard allows revocation of compromised CI+ hosts. This is done by broadcasting a Service Operator Certificate Revocation List (SOCRL) in a DSM-CC data carousel. If CAM detects that its host's ID, model or brand is listed in SOCRL (and is not listed in optional SOCWL – Service Operator Certificate White List), the CAM must refuse descrambling the content marked in CI+ URI as protected. A SOCRL is created and signed by the CI+ Root-of-Trust on request of a Service Operator. To prevent replay of out-of-dated SOCRL and SOCWL, they must be broadcast in combination with RSD (Revocation Signaling Data) table which specifies the last versions of SOCRL and SOCWL and their location in the DSM-CC data carousel. The RSD also must be signed.

A CI+ 1.3 compliant host device must implement MHEG-5 interactive TV engine to manage navigation of the user within an interactive TV application, using its device remote control.{{cite web |url=http://www.ci-plus.com/data/ci-plus_specification_v1.3.1.pdf |title=CI PlusSpecification 1.3.1 |date= |access-date=2014-08-28 |archive-url=https://web.archive.org/web/20140211022031/http://www.ci-plus.com/data/ci-plus_specification_v1.3.1.pdf |archive-date=2014-02-11 |url-status=dead}} Support of MHP or HbbTV interactive TV engines are also optional. CI+ 1.4 hosts may optionally support the MHEG-5 interactive TV engine.{{cite web |url=http://www.ci-plus.com/documentation/ |title=Change Notice 040 |website=CI Plus|date=14 November 2018 }}{{Failed verification|date=December 2024}}

File:Common Interface Module CI+ von SMiT (Hongkong) für Smartcards von Kabel Deutschland (DVB-C) 2014.jpg

File:Smartcard DVB-C Kabel Deutschland 2012.jpg (the applied electronic authorization device)]]

The following operators have currently rolled out CI+ support or plan to do so:

• Albania
• Digitalb
• Tring TV
• Bulgaria
• Blizoo – launched CI+ in 2014
• Bulsatcom – launched CI+ v1.3
• Belgium
• Telenet – launched CI+ in June 2013{{cite web | url=http://telenet.be/nl/tv-met-een-kaartje | title=TV met een kaartje |trans-title=TV with a card |website=Telenet |language=nl}}{{Failed verification|date=December 2024}}
• Télésat and TV Vlaanderen
• VOO – launched CI+ in September 2015
• Croatia
• evotv – launched CI+ v1.3
• France
• Canal+ – launched the "Canal Ready" label for devices able to receive Canal+ channel
• Germany
• HD+
• Kabel Deutschland – NDS CAM
• KBW
• Sky Deutschland – NDS CAM
• Tele Columbus
• Italy
• Mediaset Premium (Digital terrestrial television)– needs CI+ slot on HD television to descramble high-definition channel Premium Calcio HD.
• Tivùsat
• Luxembourg
• Eltrona
• Netherlands
• Caiway – launched CI+ in October 2009[http://www.caiw.nl/site/nl/particulier/televisie/digitaletelevisie/producten/cipluscam Caiway CI+ CAM (Dutch)] {{webarchive |url=https://web.archive.org/web/20110724060334/http://www.caiw.nl/site/nl/particulier/televisie/digitaletelevisie/producten/cipluscam |date=2011-07-24}}{{cite web|url=http://www.broadbandtvnews.com/2009/10/16/caiway-introduces-ci-plus-modules/ |title=Caiway introduces CI Plus modules |website=Broadband TV News |last=Briel |first=Robert |date=2009-10-16 |access-date=2013-07-10}}
• Delta NV – launched CI+ in 2010
• Kabel Noord – launched CI+ in 2010
• Ziggo – launched CI+ in September 2009 (2011 in former UPC areas), SMiT and Neotion CAM modules are used{{cite web |url=http://www.ziggo.nl/producten/televisie/ci-plus?ns_campaign=t4u&ns_mchannel=ppc&ns_source=google&ns_linkname=sea&ns_fee=0&gclid=CKTE5-Ol2p0CFVBd4wodpGwtrA |title=Digitale Televisie Module |language=nl |website=Ziggo |date=1970-01-01 |access-date=2013-07-10}}{{Dead link|date=September 2018 |bot=InternetArchiveBot |fix-attempted=yes }}
• Poland
• Cyfrowy Polsat – Nagravision CAM
• UPC Poland
• Platforma Canal+
• Romania
• UPC Romania (now Vodafone) – launched CI+ in April 2012
• RCS & RDS (Digi TV) – Starting November 2013
• Focus Sat – Starting March 2020, previously compatible with 3rd party CIv1 or registered CI+ Conax modules
• Orange TV
• Telekom (formerly Romtelecom/Dolce)
• Russia
• Akado TV
• Serbia
• SBB
• Supernova
• Sweden
• Boxer
• Com Hem
• Viasat
• Switzerland
• UPC Cablecom – starting June 2010[https://www.upc-cablecom.ch/content/dam/www-upc-cablecom-ch/About/en/doc/medienmitteilungen/2010/cablecom_press_release_2010_03_09.pdf "Cablecom makes access to digital TV in HD quality and Internet easier and cheaper"]
• Turkey
• D-Smart
• Teledünya
• United Kingdom
• Top Up TV{{cite web|url=http://www.topuptv.com/ciplus/ |title=CI+ Landing |website=Top Up TV |date=2012-07-31 |access-date=2013-07-10}}

In July 2009 the largest cable operator in the Netherlands, Ziggo, announced that it would support CI+ based Integrated Digital Television sets (IDTVs) actively.{{cite web|url=http://www.broadbandtvnews.com/2009/07/07/ziggo-claims-world-first-with-ci-plus/ |title=Ziggo claims 'world first' with CI Plus |website=Broadband TV News |last=Briel |first=Robert |date=2009-07-07 |access-date=2009-07-07}}[http://www.smit.com.cn/English/newDetail.asp?InfoId=6325&js=2/2009/08/13/ Ziggo Approved SMiT CI+ CAM]{{dead link|date=July 2013}}[http://www.neotion.com/news/pr/PR_Ziggo-Neotion_231009.pdf "After initial pioneering, ZIGGO and NEOTION are now further unleashing CI Plus momentum in the Digital Pay TV ecosystem"]{{dead link|date=November 2016 |bot=InternetArchiveBot |fix-attempted=yes}} In September 2009 the first batch of 15,000 [https://web.archive.org/web/20101104041859/http://www.smit.com.cn/english/index.asp SMiT] (Shenzhen State Micro Technology Co., Ltd.) CI+ CAMs was offered by various Dutch retailers, followed in October 2009 by the first batch of Neotion CAMs.{{cite web|url=http://www.broadbandtvnews.com/2009/08/30/ziggo-starts-supply-of-ci-plus-cams/ |title=Ziggo starts supply of CI Plus CAMs |website=Broadband TV News |last=Briel |first=Robert |date=2009-08-30 |access-date=2013-07-10}} Other supporters included Canal+,{{cite web|url=http://www.broadbandtvnews.com/2009/04/27/canal-backs-ci-plus-with-canal-ready-label/ |title=Canal+ backs CI Plus with 'Canal Ready' label |website=Broadband TV News |last=Briel |first=Robert |date=2009-04-27 |access-date=2013-07-10}} and conditional access companies Irdeto{{cite press release|url=http://www.irdeto.com/en/press/63.html |title=Irdeto Announces Support for Common Interface Plus (CI+) |publisher=Irdeto |access-date=2013-07-10 |url-status=dead |archive-url=https://archive.today/20120630061534/http://www.irdeto.com/en/press/63.html |archive-date=2012-06-30}} and Conax.{{cite web|url=http://www.broadbandtvnews.com/2008/09/12/conax-announces-ci-support/ |title=Conax announces CI+ support |website=Broadband TV News |last=Clover |first=Julian |date=2008-09-12 |access-date=2013-07-10}} In 2009, NDS (now Cisco) announced that it would support Kabel Deutschland to deploy CI+ to its customers.{{cite web|url=http://www.broadbandtvnews.com/2009/09/13/nds-to-deliver-ci-to-kdg-ibc09/ |title=NDS to deliver CI+ to KDG |website=Broadband TV News |last=Clover |first=Julian |date=2009-09-13 |access-date=2013-07-10}} In 2014, CI+ CAMs with Cisco VideoGuard CA, manufactured by [https://web.archive.org/web/20101104041859/http://www.smit.com.cn/english/index.asp SMiT] were deployed at D-Smart, KDG (Kabel Deutschland), KBW, Sky Deutschland, and Tele Columbus.

{{Unreferenced section|date=December 2024}}

• LG 2010 models all LD and LE series also MFT models MXX80D
• Many of Samsung's new LCD, LCD LED and plasma model variants with CI+ compatible motherboards, although there were some incompatibilities between TV and UPC and RCS-RDS CI+ modules, even with models certified by UPC and RCS-RDS. Some problems were solved by upgrading the firmware of the TV, other were solved by simply replacing (in many cases under warranty) the motherboard. Some Samsung models require an adaptor for non-standard CI module sockets.
• Many of Sony's models including the Bravia W5500 series. Some older models needed a firmware update.
• Philips 5000 and 9000 series LCD TVs (required firmware pending according to Ziggo)
• Panasonic early models (until early 2011) with CI+ slots needed a new firmware to be fully CI+ compatible. ([http://panasonic.jp/support/global/cs/dvd/download/xs350/index.html update 2010]). All incompatibility problems were solved by software and firmware updates, or sometimes by using a CI+ card or module with other firmware. All models produced after early 2011 are fully compatible with CI+.
• Some Tesco Technika models.
• Many Vestel-based TV sets mark the fact they are CI+ certified in their shop mode (or demo mode) or simply by a sticker attached on the front of the set. In many cases, CI+ compatibility of the Vestel sets is mentioned on the package.

A new ETSI working group will be working on Embedded Common Interface (ECI).

• Conditional-access module (CAM)
• DVB-CPCM
• Free-to-view
• HDCP
• Television encryption

{{reflist}}

• [http://www.ci-plus.com/ CI Plus official web site]
• [https://www.eurofins-digitaltesting.com/test-solutions/consumer-device-testing/ci-plus-llp-testing-services/ Official CI Plus test lab]
• [https://knowledge.digicert.com/generalinformation/device-certificate-services-documents-for-ci-plus.html Official CI Plus DigiCert]
• [https://dvb.org/wp-content/uploads/2020/02/En50221.V1.pdf EN 50221 Specification]
• [http://www.linuxtv.org/vdrwiki/index.php/Common_interface LinuxTV entry for common interface]
• [http://broadcasting.ru/pdf-standard-specifications/interfacing/dvb-ci/ts101699-v1-1-1.pdf ETSI TS 101 699 - DVB Extensions to the Common Interface Specification] {{Webarchive|url=https://web.archive.org/web/20110812140421/http://broadcasting.ru/pdf-standard-specifications/interfacing/dvb-ci/ts101699-v1-1-1.pdf |date=2011-08-12 }}
• [http://broadcasting.ru/pdf-standard-specifications/interfacing/dvb-ci/r206-001.pdf R206-001:1998 - Guidelines for Implementation and Use of the Common Interface for DVB Decoder Applications] {{Webarchive|url=https://web.archive.org/web/20110812133058/http://broadcasting.ru/pdf-standard-specifications/interfacing/dvb-ci/r206-001.pdf |date=2011-08-12 }}
• [http://www.dvb.org Consortium DVB]
• [https://web.archive.org/web/20080908010732/http://www.cenelec.org/ CENELEC]
• [https://web.archive.org/web/20110708154043/http://www.ci-plus.com/data/ci_plus_specification_v1.2.pdf CI Plus Specification V1.2 (2009-04)]
• [https://web.archive.org/web/20120426050902/http://www.ci-plus.com/data/ci-plus_specification_v1.3.1.pdf CI Plus Specification V1.3.1 (2011-09)]
• [http://www.etsi.org/deliver/etsi_ts/103200_103299/103205/01.01.01_60/ts_103205v010101p.pdf ETSI TS 103 205 V1.1.1 (aka CI+ V1.4)]
• [https://jokersys.com/2018/03/01/common-interface-ci-descrambling-tv/ Open source and open hardware CI implementation (Joker TV)] {{Webarchive|url=https://web.archive.org/web/20230213001717/https://jokersys.com/2018/03/01/common-interface-ci-descrambling-tv/ |date=2023-02-13 }}
• Gerard O'Driscoll, The essential Guide to Digital Set-Boxes and Interactive TV, reprinted April 2000
• Jerry whitaker, Television Receivers, 2001

{{broadcast encryption}}

Category:Digital Video Broadcasting

Category:Digital rights management standards

Category:Conditional-access television broadcasting

Category:Set-top box