Your browser does not support JavaScript!

Improved one-to-many authentication scheme for access control in pay-TV systems

Improved one-to-many authentication scheme for access control in pay-TV systems

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for $120.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Mutual authentication is important in a mobile pay-TV system. Traditional authentication schemes make use of one-to-one delivery, that is, one authentication message per request is delivered from a head-end system to subscriber. This delivery occupies too much bandwidth and therefore is inefficient and costly. One-to-many authentication scheme for access control in mobile pay-TV systems was proposed by Sun et al. in 2009. In one-to-many authentication scheme, only one authentication message for multiple requests is broadcasted from the head-end system (HES) to subscribers. Sun et al. claimed that their scheme is secure and provides anonymous authentication for protecting user privacy. However, the authors demonstrate that their scheme has a critical weakness. An attacker without any secret information can not only successfully impersonate mobile set (MS) to cheat the HES but also impersonate HES to cheat MS. The authors result is important for security engineers who design and develop user authentication systems. Afterwards, the authors design a novel one-to-many authentication scheme from bilinear pairings. They give the formal security proof in the random oracle model. In addition, they present the performance analysis of our scheme. The analysis results showed that their novel authentication scheme has shorter transmission message and can be applied in the environment which has limited bandwidth. At the same time, their scheme is also the first secure one-to-many authentication scheme for access control in pay-TV systems.


    1. 1)
      • Bellare, M., Rogaway, P.: `Random oracles are practical: A paradigm for designing efficient protocols', ACM Conf. Computer and Communications Security, 1993, p. 62–73.
    2. 2)
      • Moon, J., Park, J., Paik, E.: `JavaCard-based two-level user key management for IP conditional access systems', Proc. 15th IEEE Int. Conf. Networks (ICON 2007), November 2007, p. 72–76.
    3. 3)
      • D. Boneh , M. Franklin . (2001) Identity-based encryption from the Weil pairing, Crypto 2001.
    4. 4)
      • Liu, J., Yang, C., Tian, J.: `A novel conditional access architecture for TV service protection', Proc. Int. Conf. on Computational Intelligence and Security Workshops (CISW 2007), December 2007, p. 608–611.
    5. 5)
      • Head-End Implementation of DVB Simulcrypt, ETSI Standard, ETSI TS 103 197 V1. 4. 1, 2004.
    6. 6)
    7. 7)
    8. 8)
      • IP Datacast over DVB-H: Service Purchase and Protection (SPP), DVB Standard, 2005.
    9. 9)
    10. 10)
    11. 11)
    12. 12)
      • EBU Technical Review, A Functional Model of a Conditional Access System [EB/OL], 1995, [Online]. Available at
    13. 13)
    14. 14)
    15. 15)
    16. 16)
    17. 17)
    18. 18)
      • A.J. Menezes . (1993) Elliptic curve public key cryptosystems.
    19. 19)
    20. 20)
      • Conditional-Access Broadcasting System, 1992, ITU-R Rec. 810.
    21. 21)
    22. 22)
      • Gallery, E., Tomlinson, A.: `Conditional access in mobile systems: Securing the application', Proc. First Int. Conf. Distributed Frameworks for Multimedia Applications (DFMA’05), February 2005, p. 190–197.
    23. 23)
    24. 24)
    25. 25)

Related content

This is a required field
Please enter a valid email address