Conax CAS5

In conax cas5 an ECW(Encrypted control word) is send in the ECM (Encrypated Control message) every 5 or 10 seconds to every card. Card uses Operational key (20 or 21) to decode the ECW in to DCW. During this decryption RSA algorithm is used. Then smard card returns DCW to CAM which is used to view the video signal. Operational keys are again sent over the air to each card using RSA algorithm, in a message called EMM (Encrypted Management Message).The operational key is encrypted in RSA using a Master Key. This Master Key in conax is key10, and every single card has it's own unique Master Key 10, so a card can only decrypt the EMM addressed specifically to that card. In other words every EMM contains different encrypted data that can only be decoded by the card it is meant for. This means that Conax can choose which cards it want's to update with the new key 20 or 21, and which cards it no longer wants to update - like when the subscription expires for example, or a card is reported stolen or lost. The idea behind all this is that if hackers extract the MK10 from a card, and then publish that key and UA, all Conax needs to do is find the compromised key and address, then stop updating that card and all peoples copies that use the same key.