Multicast Authentication with RIST
By Dr. Ciro Noronha, President, the RIST Forum
IP Multicast is a mature technology used for one-to-many communication. The source simply sends the content, and the network is then responsible for replicating it wherever it needs to be. It is ideal for one-to-many distribution, which has led many IPTV systems using multicast technologies. The Reliable Internet Stream Transport (RIST) set of specifications support IP Multicast natively, combining the ability to provide one-to-many transmission with reliable, low-latency delivery over any combination of network links.
Despite the many benefits of IP Multicast for distribution, there are some concerns of its use for security and receiver authentication. Premium content is valuable and should only be delivered to authorized subscribers through a protected flight. Moreover, there is no access control on standard IP Multicast; as soon as a receiver joins the group, the network will deliver the content. The standard solution to this issue is encryption. In theory, this is simple: only the receiving devices with the decryption key can access the content. However, getting that key to the correct receiving devices is the challenge.
There are many custom proprietary Digital Rights Management (DRM) solutions to multicast content protection. RIST Main Profile, first released in 2020 as VSF TR-06-2, provided an open specification for a Pre-Shared Key (PSK) method suitable for use with multicast content. The 2020 version of TR-06-2 required that all receivers be configured with a secret passphrase and included a glitch-free mechanism to change the passphrase on the fly in case it became necessary to de-authorize a subset of receivers. However, TR-06-2 was missing a mechanism to authenticate a multitude of receivers.
The upcoming RIST Profile (TR-06-2:2022) includes such a mechanism, the EAP SHA256-SRP6a Authentication Protocol. Using this mechanism, a receiver first logs into an authentication server, using the very secure SRP6a protocol. For ease of use, the authentication is based on username/password, and does not require complex SSL certificates to be exchanged. Once authenticated, the server will provide the passphrase to the receiver using a secure channel negotiated as part of the authentication. If the passphrase needs to be changed, the same secure channel can be used by the server to provide the new passphrase to the subset of receivers that should remain authorized. As an added benefit, this mechanism is not limited to multicast; it is a generic method that can be used anywhere.
With this new feature, RIST can be used to securely create a multicast content distribution system with the following features:
Open specification and open source: no royalties are required.
Free alternative to costly proprietary DRM systems.
No security compromises – uses vetted and known protection methods.
Customers are not locked into a proprietary vendor system.
No need for external keys or devices such as smartcards.
Bidirectional authentication without the need to generate and maintain complex SSL certificates.
Only authorized receivers will be able to decrypt the multicast content, while unauthorized devices will be left in the dark.
Additionally, there is an available free open-source implementation that includes both RIST Main Profile PSK encryption and the EAP SHA256-SRP6a Authentication Protocol: libRIST. This open-source implementation includes both a library that can be integrated in other products, and sample command-line applications that demonstrate its use. A good introduction to libRIST can be found here.
The EAP SHA256-SRP6a Authentication Protocol will be published as part of the 2022 update for both RIST Main Profile (VSF TR-06-2) and RIST Advanced Profile (VSF TR-06-3).
If you would like to find out more, schedule a meeting with RIST at IBC.