Common Scrambling Algorithm
The Common Scrambling Algorithm (or CSA) is the encryption algorithm used in the DVB digital television broadcasting for encrypting video streams.
CSA was kept secret for a couple of years. The patent papers gave some hints, but important details remained secret, like the layout of the so-called S-boxes. Without these, free implementations of the algorithm were out of question. Initially, CSA was to remain implemented in hardware only. This would have made it difficult to reverse engineer existing implementations.
In 2002 FreeDec was released, implementing CSA in software. Though released as binary only, disassembly revealed the missing details and allowed reimplementation of the algorithm in higher programming languages.
With CSA now publically known in its entirety, cryptanalysts started looking for weaknesses. Like in other encryption algorithms a weak spot arises inasmuch that parts of the message are known or at least easily predictable, like MPEG headers. The length of the key of 64 bits allows 264 different possibilities of encryption. A brute force attack taking 1 μs for each try through all possible key words would take around 300,000 years, on average. This can be reduced by using the predictable parts of the encrypted message to rule out potential keys.
Were CSA to be broken, encrypted DVB transmissions would be decipherable, regardless of any proprietary conditional access system used. This could seriously compromise paid digital television services, as DVB has been standardised on for digital terrestial television in Europe and elsewhere, and is used by many satellite television providers. No attack has yet been published, however.
