Content security delaying death of traditional set-top box

As the number of content streaming services increases in the U.S., and “smart” televisions — with their integrated user interfaces and widgets that bring the Internet directly onto the TV screens — begin to find favor, the outlook for the traditional set-top box supplied by cable, Telco and satellite TV providers might appear to be gloomy.

However, don't write them off so quickly. Security and anti-piracy issues are holding back the immediate elimination of those boxes, as content owners are becoming increasingly worried about the new generation of TVs as well as the proliferation of portable devices that are being used to consume their shows. Subscription TV providers with a two-way, dedicated line into the home make a lot more sense, as they offer more control over individual usage to media businesses.

"In a file-based world, content security gets more difficult for operators as the number of devices that consume content (and the way they handle piracy) increases,” said Paul Kocher, president and chief scientist for Cryptography Research, Inc. (CRI, a division of Rambus).

In 2005, Kocher led a team at CRI that developed the BD+ technology used in all Blu-ray discs today. He’s currently working on content security features for the Secure Content Storage Association (SCSA) initiative, an effort by 20th Century Fox, Warner Bros., SanDisk and Western Digital to develop home delivery mechanism to securely store content as a digital file on a storage drive while maintaining the high quality of a physical Blu-ray disc.

“Across our initiatives, what we’re trying to do is find security solutions that enable a good harmonization between the convenience of live streaming and the purchase (DVD) model,” he said. “The key question for broadcasters is how do you securely deliver content in real time or have the consumer purchase and own it. This requires an infrastructure that goes beyond what one broadcaster or conditional-access system can build today, particularly when the solution requires hardware-based security. Existing services typically use either lightweight software-based security that is simple to integrate, or a set-top-box centric view involving hardware that is more difficult to deploy. No one has really delivered something to the consumer that enables simple deployment and effective security, as well as the full range of customer engagement models. 

“Approaches that only work in the context of one operator or proprietary set-top box, or maybe on an iPad as well, do not capture the same experience I get with a Blu-ray disc player, where I can take my disc and play it on any player, or a web browser where the same device can support content from a broad range of sources.”

One of the initiatives Kocher’s team has been involved with involves designing silicon to enable security in the hardware (set-top box). His company does not manufacture reception or display chips; it supplies the logic block design for manufacturers (like ALi, Broadcom, Entropic, MStar Semiconductor, STMicroelectronics, ViXS Systems and others) to use in their products.

“There are many possibilities for content to leak out,” Kocher said. “On the other hand, the cost of the transistors required to implement security on a chip has decreased dramatically. So, what used to be cost-prohibitive is now possible. In the long run, security on all of these myriad devices improves. In the short run, you've got these dozens of different mobile devices that really don't address content security. That will change with time.”

What Kocher sees is a future in which multiple video services are accessed through the TV set in your living room (or via your portable device), reducing the number of boxes in the home while opening up consumers to much more functionality and content.

He could be right. By the end of this year alone, research firm eMarketer predicts 35.1 million U.S. households will have at least one television connected to the Internet, and at least one person in the household using the Internet through that TV set on a monthly basis.

It’s clear for everyone involved that having several reception devices in the home is not practical, Kocher said.

“What ultimately has to happen is that the capability to receive content has to be built into devices when you buy them," he said. "Smart TVs are the beginning of that trend. Going forward, you don't need to have a physical box in the home, and subscribing to a new service is as easy as pressing a button on your remote. There’s no waiting for the cable guy to come out to your house."

He continued, “Long-term, perhaps 10 years, the reception technology will be integrated into the TV. If the security problem can be solved, then it has to be done inside the TV. There’s no reason consumers won't be able to download the user interface components, and the required codecs will be standardized. The main issue is whether you can get a TV that comes with the adequate security mechanisms already built-in and still be affordable to that consumer. Right now, it’s a business model conflict in that the TV manufacturer wants to keep the cost down and is not as concerned with content security technology. They feel this is the job of the content distributor. We’re trying to change that mindset.”

CRI has relationships with DRM providers like CONAX and Verimatrix, as well as program operators like EchoStar. Kocher said they endeavor to work with any and all conditional-access providers, as CRI’s hardware blocks are designed to be configurable to work with various technology schemes.

Many are predicting the death of the set-top box in the home due to the various over-the-top (OTT) services now emerging, but Kocher does not fully agree. He said in five years, consumers will still have a device that terminates their Internet connection and brings the signal into the home — a smaller box, if you will.

“It’s certainly not the death of hardware in the home, but it is perhaps going to force a re-imagining of the set-top box and the transition of content security from the box and into the TV and all types of portable display devices,” he said.

However, these next-generation devices must address anti-piracy, or content providers won't support them and they ultimately won't be successful.

“We need two levels of coordination: You’ve got to have better security in the chips themselves, and you have to have support by the operating systems,” Kocher said. “There’s a little bit of a chicken-and-the-egg problem here. For consumer electronics manufacturers, it’s hard to justify implementing anti-piracy solutions in a chip if the operating system of a cell phone or a specific TV model is not taking advantage of it. The operating system can't support hardware that doesn't exist, and content owners tend to focus their support on deployed solutions.”

At the end of the day, how the bits get to the set-top box — whether they come via cable, satellite or Telco — is really independent of how they are protected. It’s easy to see how that protection can be ported over to the TV as well as other portable devices. How soon that occurs is a matter of time and industry (business model) will.