數位視訊除了提供免費的電視廣播服務之外，還可以提供付費收視的
服務。在此，為了保護消費者與業者的權益，使提供之付費電視頻道不會被盜看，就必須要有條件接取 (conditional access, CA) 系統，負責解密(decryption)、授權(authorization)及驗證(verification)功能。CA 除了可以作為付費電視收費的工具外，還可以提供電子商務與其他個人化的加值服務。有鑑於此，本論文提出一個具條件接取的廣播加密機制。我們所提出的方法可使授權使用者自由地訂閱喜愛的頻道，並可各別對不同頻道選擇時限(time-bound)，使得付費電視的服務更有彈性。本論文提出的方法具有以下特點：(1)滿足授權使用者與服務提供者的不可否認性(non-repudiation)；(2)達到解密金鑰的前推安全與後推安全；(3)不需預設授權使用者人數上限，允許大量授權使用者訂閱付費頻道；(4)授權使用者的訂閱動作不會影響其餘授權使用者的解密金鑰；(5)付費頻道廣播所需的通訊成本與授權使用者人數無關；(6)滿足可延展性(scalability)與選擇性(selectivity)等特性。

Digital video besides applied free television broad service, it could also supply the premium pay service. In order to protect the right of the consumers and the industries, and make the service would not be embezzle, it must be a conditional access system that responsible for the decryption, authorization and verification. CA besides could be the tool for charging by pay TV, it could also supply the electronic commerce and other personal value added service. Based on the reason, this research applied a conditional access broadcast encryption scheme. We applied a approach which could make the subscriber could order the favorite channels and aimed at the different cannel select time-bound to make the service of pay TV to be more flexible. In conclusion, our proposed schemes satisfy the following properties: (1) achieve non-repudiation of both service provider and subscriber; (2) achieve the forward secrecy and backward secrecy of decryption key; (3) the service provider does not require to decide an a-priori bound on the number of subscribers and consequently allows unlimited number of subscribers to subscribe premium pay service; (4) the processes of subscription accomplish without updating any decryption key of the remaining subscribers; (5) the size of the enabling block for broadcasting premium pay service is independent of the number of subscribers; and (6) satisfy the requirements of selective subscription such as scalability and selectivity.

[ASW99] M. Abdalla, Y. Shavitt, and A. Wool, “Towards Making Broadcast Encryption Practical”, FC’99, 1999, pp. 140-157
[BC94] C. Blundo and A. Cresti, “Space Requirements for Broadcast Encryption”, Advances in Cryptology – EORUCRYPT ’94, 1994, pp. 287-298.
[Bek91] S. Bekovits, “How to Broadcast a Secret”, Advanced in Cryptology – Eurocrypt’91, Springer-Verlag, 1991, pp. 535-541.
[BFS96] C. Blundo, Luiz A. F. Mattos, and D. R. Stinson, “Trade-offs between Communication and Storage in Unconditionally Secure Schemes for Broadcast Encryption and Interactive Key Distribution”, Advances in Cryptology – CRYPTO ’96, 1996, pp. 387-400.
[BF99] D. Boneh and M. Franklin, “An Efficient Public Key Traitor Tracing Scheme”, Advances in Cryptology – CRYPTO ’99, 1999, pp. 338-357.
[CFN94] B. Chor, A. Fiat, and M. Naor, “Tracing Traitors”, Advances in Cryptology – CRYPTO ’94, 1994, pp. 257-270.
[CMM93] E. Cruselles, J. L. Melus and M. Soriano, “An Overview of Security in Eurocrypt Conditional Access System,” GLOBECOM’93, IEEE Global Telecommunications Conference, vol. 1, 1993, pp. 188-193.