Hacker News new | past | comments | ask | show | jobs | submit login
Discret 11, the French TV encryption of the 80s (fabiensanglard.net)
373 points by atomlib on June 8, 2020 | hide | past | favorite | 83 comments

The system sounds similar to VideoCrypt. The French system delays lines. VideoCrypt worked by rotating each display line by a number derived from a PRNG. To decode the line the hardware had to buffer the line into a small piece of fast (for 1980s) RAM, and then using a number derived from the key would send the line to the TV starting at that offset and at the end wrapping around to the beginning.

I know all this because in my first job we did a bit of experimentation to see if it would be possible to reconstruct the encrypted images without the key, and in fact it was quite easy because images are very highly correlated from one line to the next, so you just had to rotate each line through each of the 256 combinations and compare it to the previous line, and pick the one with the least difference. Although our system was far too slow to decode a live feed (this would be early 90s), and had some other problems.

I didn't explain this very well - the Wikipedia page has a better explanation:


The BBC ran a service called BBC Select in the early 90s with a VideoCrypt derivative, rather than line cut they shuffled blocks of lines around the screen - which worked better over more lossy and interference prone terrestrial transmissions.

The technical paper from BBC R&D is quite interesting: http://downloads.bbc.co.uk/rd/pubs/reports/1995-11.pdf

There are a couple of captures of the scrambled transmission on Youtube - it's definitely far more advanced than the earlier Canal method https://youtu.be/HcCdw97_ESA

I see that has a reference to European Scrambling Systems 5 – The Black Book by John McCormac. I actually have a copy of that, it gives a rather entertaining overview of the arms race between the broadcasters and the hackers.

I had it too ;-)

In general you don't even need to use the whole line to do the correlation.

I remember writing a small program to decrypt image stills in the late 90s and it was surprisingly easy and straightforward, though obviously doing it in real time may have been another story...

In Spain we had Canal+ with Nagravision and you had either a combo of two software under Windows, or xawtv-nagra under Linux to decode it (ilegally OFC).

Was also used in N. America. It had many vulnerabilities in every card generation. You could program OEM cards, have man-in-the-middle devices, and full emulators.

You Never needed to actually use the cards for Nagra. But The competitor DTV system built by NDS had an ASIC on the chip, so all solutions required a card at some level. But some setups could use one slave card for multiple receivers. Even over IP.

Fun times!

I did not realise that NDS is actually the News Datacom referred to by McCormac in European Scrambling Systems. The wikipedia entry for them makes interesting reading.

News Digital, but ya, owned (for a while) by Rupert Murdoch’s News Corp.

Those cardsharing schemes still exist today, although they're being cracked down more and more.

Yeah, DirecTV's aggressive legal actions in the early 2000s drove that whole scene very deep underground.

It’s a funny full circle.

Instead of using OEM receivers and compromised cards, they’ve gone to running emulated receivers and regular full-sub cards.

Do you have more info on this?

I used to be really into FTA satellite, but have not played with it in awhile.

Never really played with them hands on. Ubiquitous broadband and streaming services really nailed InternetKeySharing’s coffin.

Yes, with PICF84 microcontrollers.

Nagra hacks exclusively ran Atmels. But dunno what chips F cards used. The H cards were the ones that had ASICS.

I remember seeing pirate decoders (probably Discret 11, not Nagra, though) at the time, obviously for scientific curiosity only, which used a Motorola microcontroller. I think it may have been a 68HC705.

Ah I'm not sure there was fast (and cheap) enough RAM for that kinds of tricks in the 80's

Most likely they would use a delay line https://en.wikipedia.org/wiki/Analog_delay_line

Regular PAL (and I guess SECAM) TVs used one of those

You also had Bucket-Brigade devices.


So essentially sleep sort in actual practice?

If you created a graph where the lines where the nodes and the difference between the lines where the edges then a traveling salesman algo might recreate it efficiently (or its vertical mirror I guess)

Reducing a problem to the traveling salesmen usually doesn't go in the same sentence as efficiency.. It's almost the paradigmatic NP-hard problem.

(And I don't understand how the reduction to traveling salesman problem would help here?)

>(And I don't understand how the reduction to traveling salesman problem would help here?)

Let the similarity between line i when rotated to position k and line i+1 when rotated to position j be d_k,j. Then you want to find a sequence of rotations r_1..r_n so that

d_1,r_1,r_2 + d_2,r_2,r_3 + ... + d_(n-1),r_(n-1),r_n

is minimized. In plain terms, you want to align each line so that it's most alike the previous line you rotated, but that in turn depends on the next-to-previous line you rotated, and so on up.

This is a restricted type of traveling salesman problem: you want to visit all the nodes corresponding to each adjacent pair of rotation offsets so that the total edge cost (distance between the lines) is minimized.

Since it's 1D, it should be pretty easy to solve with some dynamic programming (straightforward memoization). Calculate the minimal cost for each line down to k. Then for every possible choice of rotating the (k+1)th line, check which order of rotations of the preceding k lines that would minimize the objective down to the (k+1)th line, given that you rotated the k+1th line in that particular manner. Then determine the minima for every k+1 position and go on to line k+2.

EDIT: It's even easier, since you can hold one line constant and rotate the next. Whenever you rotate the first line k, if you know the second line's optimal rotation for a zero rotation of the first line is j, you just rotate the second line k+j. So none of the above complexity is actually needed. I'll keep the comment to show how it could be considered a restricted TSP.


Yes, you can always reduce problems in P or in NP to a TSP. (In this case, I didn't see the reduction immediately, hence my question.)

But a reduction to the general TSP is basically never useful, since general TSP is so hard to solve. (Perhaps the reduction is useful, when you don't know whether your problem is even in NP or perhaps more complicated, yet.)

Sometimes you only need an approximation. I read a paper once about using TSP approximations for data recovery.

For any pair of picture data fragments, you'd calculate a goodness of fit score to placing these next to each other. E.g. a JPG of an apple would fit badly with a JPG of a car because they don't share any edges, but two consecutive car JPG fragments would fit well.

Then the problem of ordering the data fragments so that each fragment has a high goodness-of-fit (low distance) to the previous one, is a traveling salesman problem.

The paper then went on to say that nobody can exactly solve TSP instances of the size required, but gave examples where the spanning tree heuristic worked pretty well.

Interesting. Though when talking about how to solve combinatorial problems like that, a much more common approach seems to be to formulate them as an integer linear programming problem.

Integer linear programming is also in NP in general. (It has to be, since you can solve the TSP with integer linear programming.) But it's usually much easier to 'write' a linear programme than to reduce a combinatorial problem to a TSP.

Linear programming solvers are very advanced these days.

The other general workhorse I know of for these kinds of problems are SMT solvers. (https://en.wikipedia.org/wiki/Satisfiability_modulo_theories)

Growing up in Belgium in the 80s and 90s I also remember Canal Plus and their encryption scheme - and trying (rather fruitlessly) to watch through a movie regardless - but of course, without the sound, that was a fool's errand.

I always wondered how the decoding worked, and for its time, using the serial number of the equipment as part of this calculation was a good one.

Also brings to mind the stories in the US of DirecTV pirating and how they put a stop to scores of pirates on Black Sunday - https://blog.codinghorror.com/revisiting-the-black-sunday-ha...

> to watch through a movie regardless

Ahem, yes, "movies".

I guess that's the closest you can get of an 'insider joke' on HN.

Nah, Canal + in Europe was infamous because one kind of movies on Friday nights. You can guess which ones, male teens loved them.

When BT848/878 PCI TV cards arrived, a few years later everyone tried to decode C+, for two (maybe three) reasons:

- Movies.

- Sports.

- Often, music videoclips.

The TV schedule quality of that channel was light years ahead compared to the ones you could watch in almost any European countries for free.

I going to take the bait, out myself as a former teenager (spoiler: I'm old) and restore thruth: the kind of movies you're thinking about were notoriously aired on Saturday nights. (At least in France.)

But I swear I was just video-taping late evening TV to get the summaries of soccer games. (Yes, video-taping. Did I mention I was old ?)

In Spain it was on Fridays, it's almost the same thing. On soccer, ditto. There is an HN-like news somewhere, when some people broadcasted the world soccer series in ASCII over telnet around 2007 I think.

> some people broadcasted the world soccer series in ASCII over telnet around 2007

Out of curiosity I watched the 2006 world cup final https://ascii-wm.net/doc.php It's... refreshing

End of the 90, you got Evangelion and South Park there.

TIL. I really thought it was only a French thing. Thanks.

At first, maybe. But they expanded really early in the 90's to the rest of Europe.

Also it was something "for the middle-upper class". Not for a loaded guy, but for someone with some degree of freedom in order to spend your salary, such as a College guy/group living alone with no family. If you had a TV deco, for sure you have some elder brother/sister with a job or your parents were from a relatively good position.

Everything changed in the middle-late 90's, OFC, as everyone began to buy multimedia PC's so kids at home could do their homework with word processors and the Encarta. Then the Avermedia TV arrived, cracking tools were widespread and with Linux and xawtv-nagra you had a really easy and secure way to watch a record C+ with no issues, except a huge 13GB file per hour, which you encoded into MPEG/XVID for convenience.

I can confirm it was a thing in Spain too.

Spice Channel “movies” for the US people.

Was Spice Channel a full porn dedicated one, or just a paid channel? C+ was just a monthly paid channel with a diverse TV schedule, not just porn. You got blockbuster movies years earlier than in the free TV channels. You could basically watch The Matrix just months after the release on the theaters.

It was 100% porn. HBO had blockbuster movies during the day and softcore porn at night.

Spice TV: https://youtu.be/B89oftmlOuI

So, not sure if you used to watch The Movie Channel, but Joe Bob Briggs has a show on Shudder.

Real American pirates pointed to the Canadian systems that had... less restrictive policies for PPV.

This brings back so many memories, in the late nineties my dad brought a PCI TV Tuner card for the family computer and ditched our real TV in order to avoid paying the French TV Tax ("redevance").

It also allowed us to pirate Canal+, decrypting the video stream with a program called Moo TV (if I remember correctly). The audio stream required another program.

It was all a bit janky, frames were frequently dropped, and sometimes you had to tweak a few parameters to get a proper audio stream but the fact that it was (mostly) working was simply amazing to my brother and I.

Good times :)

> Moo TV (if I remember correctly).

Meuh Meuh TV. In the earlier version you had to use TV cards with special chips to use it. Good times.

I think it pretty much died with the advent of digital TV.

"Meuhmeuh TV" ... brings back some greats memories. Finding a TV card, downloading a key on a strange website called "bellevache.com". I miss beige computer and PCI cards...

> Meuh Meuh TV

That's it ! Thank you so much for the rabbit hole of memories i'm about to go in

Well, your username brought back a flood of memories of its own, so we're even.

Here we used MoreTV+Wilma under Windows/Xawtv-Nagra under Linux.

If it was decoding a broadcast signal, how could the unique serial number of an individual decoder play any useful part in the decryption key? I didn't see any discussion of this in the article. Sorry if I missed it.

That months encryption key was "encrypted" with your serial number, and then mailed to you. You typed it into your box, and the box would decrypt it - knowing its own serial number - and then use the result.

This prevented you from copying your neighbors codes, they wouldn't work.

That linked story is fascinating enough to be its own post, I’d love to hear of others like it.

It’s never gotten traction on HN before either, or that specific article hasn’t anyways.


I've heard that a former employee at the company where I'm working was assembling pirate decoders on the side, but I don't really how they did for the keys, maybe shared between friends and family?

This scheme turns the serial number + the numerical code entered into it into a global decryption key. So you can calculate and distribute that.

For the last few years they've put a low-bitrate channel on digital television that simulates the encryption: https://www.cpchardware.com/wp-content/uploads/2016/12/Canal...

It's not the real channel obviously (with digital TV the encrypted channels are simply blacked out), but it's a nice throwback.

France also having been SECAM might explain why russian retro-80's concerts[1][2] often feature "Emmanuelle" (1974, NSFW) K7s in their "do you remember" interludes?

[1] https://ru.wikipedia.org/wiki/Дискотека_80-х seems to be the main one, but it has competitors.

[2] from the 90s, but if the instigators of the US PMRC had ever seen eurodance like https://en.wikipedia.org/wiki/E-Rotic they'd have been clutching their pearls.

(the retro-encrypt screen's "pour en savoir+" mdr)

In the Netherlands, I remember electronics stores carried DIY kits with names such as "TV signal quality enhancer". I only later realized what these were actually for.

I remember some weird little black box with a red button my parents had between the cable box and the wall coax. I wonder if that was it.

IIRC, aside maybe from some technical limitations, the reason it was not "proper" encryption where you can't make any sense of the signal is that it gave some idea of what was playing. The sound was completely scrambled but from the picture you could tell the program and tell if it was a football game, movie, talk show, etc.

I had that channel for a while and watching WWE with French commentary was a favorite when I was a kid :)

The "make sense of what could be" might have been a good way to make people tempted to subscribe actually: it was so frustrating to identify a program you could be interested in and not be able to fully see it.

Yeah, a weird kind of freemium model. I am assuming it wouldn't be hard to turn off the encryption for say an hour every once in a while and advertise a 'free viewing' every once in a while to get people to subscribe.

That's exactly what they did and where they got most of their customers from.

Those 'free viewing' (canal+ en clair) probably had one of the biggest impact on french comedy TV culture ever. Some shows of that era are still on AFAIK.

For the football games, they turned on the encryption shortly after the game started. This created the expression "but en clair" ("unencrypted goal") where a team would score so early that the encryption was still off.

> biggest impact on french comedy TV culture ever.

And french politics. French politics in the '90s and '00s wouldn't be the same without Les Guignols de l'Info.

We had Les Guinols in Spain too, in the same channel.

There were broadcasters doing that too, such as Cine 5 in Turkey, disabling scrambling for commercial breaks.

That's why at the end of the 2010's, C+ decided to reintroduce this "encryption" scheme because people changing channels would end up on a black or blank screen saying "subscribe". That wasn't really appealing to a potential customer.

Now if you tune to channel 4, you get the blurred image again...

> I had that channel for a while and watching WWE with French commentary was a favorite when I was a kid :)

Tu veux dire le p•rn• du premier samedi du mois ;)

Fabien Sanglard's blog is a true gem of the Internet. An excellent tech historian, in my humble opinion.

If you're enjoying this, you might also enjoy Creatures Of Thought at https://technicshistory.com/. Their history of the transistor series was superb reading.

I think it was used in 90s in Poland by Canal+? At least when you tuned to the encrypted channel it looked exactly like it says in the article - every line was shifted randomly.

I know people bought cheap pirated decoders that decrypted the channel without the need to pay the subscruption fee.

It couldn't be the exact same system because we have PAL, but it was something very similar.

Polish Canal+ used "Syster" encryption scheme. https://en.wikipedia.org/wiki/Nagravision#Analog_system

French transmitters were converted from Discret 11 to Nagravision/Syster between 1990 - 1995. First Syster decoders had retrocompatibility with Discret 11.

Analog encryption schemes are infinitely interesting to revisit today. The ingenuity of these folks trying to create an unbreakable encryption scheme with limited resources of 80's and 90's never ceases to amaze me. BTW A piece of software exists that can generate images encoded in various ways, that are supposed to be compatible with original hardware: http://cryptimage.vot.pl/cryptimage.php I have yet to lay my hands on some decoder and try this out myself.

There's a lot of fun to be had today with broken OTA encryption on video content, if you have the land area to put up a C-Band satellite dish.

[1]: https://www.lyngsat.com/hd/america.html

[2]: http://colibri.bplaced.net/powervu.htm

So, what hardware is needed here, besides a C-band LNB?

A knock-off dreambox or a PCI dvb-s2 card is your best bet. Any cheapo DVB-S2 receiver will work, provided that you can get the raw MPEG-TS stream out of it and into a computer that can run oscam.

Enough space for a C-Band dish. They can get rather bulky.

I wonder how this would have worked in practice with lot of noise being added to signals. Is the noise too negligible to "delay" that is added?

The idea of the Radio Plans decoder is that the video black level was a little bit higher than the start of the signal after the horizontal pulse signal. Because of that, it was possible to detect if the delay was 0 1 or 2...

Canal Plus reacted quickly by adding a little bit of noise to the signal after the horizontal pulse.

Pretty fascinating. CAS and broadcast tech is a pretty big interest of mine and I've been lucky enough to work for 2 of the biggest players in this space in the past (although not directly on the CAS side of things and sadly I'm not in the video space these days).

Some very cool engineering was done without much in the way of technology being available!

> The audio stream is interleaved at the end of the blocks.

If I remember correctly, audio was transmitted on a subcarrier some 6 or so MHz higher?

Edit: Later in the article it is actually stated: "A normal SECAM signal uses FM on a 6Mhz carrier"

French SECAM was broadcasted in « L » (heritage from black & white 819 lines « E »), with positive image modulation and audio transmitted in AM. (https://fr.wikipedia.org/wiki/Norme_et_standard_de_t%C3%A9l%...)

The sound just had the spectrum inverted.

That's why when inverted it was sounding like crickets speaking.

You could unscramble the sound just by multiplying it with the right sine wave at the right frequency.

I remember prototyping that with a modular synthesizer :-)

It seems like three or four channels must have prompted at least some people to experiment with TV DXing. I wonder if that was very much a thing at the time.

Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact