Security Icon


CryptoMedia Content Protection Services

Designed to complement our CryptoMedia Content Protection Core (CPC) as a cost-effective digital content broadcast and streaming security platform, our CryptoMedia Content Protection Services (CPS) provide pay TV operators and over-the-top (OTT) media providers robust security infrastructure integration for cryptographic data delivery. The CPS allows for the conditional access systems (CAS) and DRM to be quickly and easily integrated with the CPC, reducing time to market and enabling dramatically reduced cost cardless set top box (STB) design.

How CryptoMedia Content Protection Services work

The CPS provides infrastructure that seamlessly integrates on the headend with industry standard CAS and DRM solutions to provide the cryptographic data for digital content security using the CPC. The cryptographic data is either generated by the CPS or stored and sent to the headend in order to encrypt the video stream. The CPS then interfaces with the CPC for the video decryption in the STB. We also provide engineering services and technical support during and after installation to ensure rapid system deployment.
Content Protection Services satellite DTH configuration example

CryptoMedia Content Protection Services DTH configuration example

CryptoMedia Content Protection Services augments system security against side channel attacks and support for a wide variety of system configurations and applications:

Headend CryptoManager (HCM) Server: the HCM Server is a specialized rack mount appliance that provides a secure mechanism for generating the cryptographic data needed to secure the digital content. It interfaces with the CAS and provider’s headend to give the cryptographic keys for encryption and decryption in a cardless STB.

Differentiation Vector (DV): these are device specific encrypted messages that are generated by Rambus Security and stored in the content provider’s headend which configure the CPC with the proper data for content decryption.

Encrypted Rights Key (ERK): Similar to the DV, the ERK is an encrypted message that authorizes specific content to be accessible for a specified period of time for use in pay per view (PPV) or subscription applications. ERKs are either generated directly by the HCM Server or by Rambus Security and stored in the provider’s headend.

Integration and Support Services: in order to reduce the costs and time associated with system integration, we offer engineering services to help get your STB design and security infrastructure up and running as quickly as possible. Additionally, we have a 24/7-support service to maximize your system uptime and minimize service disruptions.

Our CryptoMedia CPS solutions are designed to seamlessly integrate with a cardless STBs, Smart TVs and other devices using our CPC that is embedded in the multimedia chipset to provide robust device security. The combination of the CPS and CPC allows for content providers to securely protect their content and easily provide service tier and PPV content to their customers via a robust hardware root of trust. Additionally, our professional services decrease the time to integrate our solutions into your security ecosystem and provide support should you need it.

Our CPC is integrated into leading multimedia chipsets. To view a list of our SoC partners, click here.

For additional information on the CPC, please click here.

Solution Offerings

Security Features

  • Provides the most robust hardware protection via a hardware root-of-trust (all access decisions in hardware)
  • Integrates easily into existing security systems and leading industry standard CAS/DRM providers
  • Supports multiple CAS and DRM solutions
  • Enables infield key provisioning and feature / content upgrades
  • Support for a variety of security system configurations
  • Provides secure integration with device descramblers and key ladders
  • Engineering and integration services are available to smoothly deploy our CryptoMedia platform solutions
  • 24/7-support services are available during and after system integration
  • Meets studio security requirements including UHD/4K content like MovieLabs Enhanced Content Protection (ECP) specification, facilitating licensing of premium content

Other Key Features

  • Supports all major content distribution platforms – satellite, cable, terrestrial, IPTV, and OTT
  • Integrates easily — reference implementations and services available as needed
  • Compatible with MPEG2 and DVB transport, CENC, MPEG DASH, HTML5 EME, and more
  • Headend CryptoMedia (HCM) Servers
    • Standard rackmount Linux server
    • Specialized PCBs to handle cryptographic data
      • Servers can be configured with multiple boards
    • Software application with simple user interfaces
  • Differentiation Vector (DV) Provisioning
    • Provided by Rambus to headend or STB manufacturer
  • Encrypted Rights Key (ERK) Provisioning
    • Supplied by Rambus to the headend or STB manufacturer or can be generated by HCM server
  • Integration and Support
    • 24/7 Server support
    • Integration guides and engineering support
Smarter than a Smart Card cover

Smarter than a Smart Card

Set-top boxes (STBs) were initially secured by Conditional Access System (CAS) smart cards. However, this approach is no longer effective. Smart cards cannot prevent unauthorized access to premium 4K and UHD content, as they are not designed to protect the interface between the card and box, or the STB SoC itself. This is one of the reasons why cardless CAS set-top boxes, equipped with a hardware-based root-of-trust, are increasing in popularity amongst major operators. A hardware root-of-trust, provided by platforms such as Rambus’ CryptoMedia, offers operators robust security protection with an integrated security core that acts to effectively decrease potential attack vectors.
Download White Paper

Related Markets & Applications