Security Requirements

This section defines the security requirements of your design. These properties will not be tested or evaluated during Handoff. Instead, other teams will earn points for identifying and exploiting failures to properly meet these requirements by capturing Attack Phase Flags during the Attack Phase. Use these requirements to inform your design process, identifying and protecting critical data and code paths.

Warning

Your design is NOT tested for its adherence to Security Requirements during Handoff.

Security Requirement 1

An attacker should not be able to decode TV frames without a Decoder that has a valid, active subscription to that channel.

Knowledge of the plaintext contents of one encoded frame should not allow an attacker to violate this requirement for other frames

A valid subscription refers to a subscription that was installed through a subscription update which was generated at the same Secure Facility matching this device’s ID and selected channel.

An active subscription refers to a subscription for a channel where current time falls within the active subscription window.

Security Requirement 2

The Decoder should only decode valid TV frames generated by the Satellite System the Decoder was provisioned for.

During the Attack Phase, there will only be one Satellite System created by the organizers per team (i.e., all systems built using the same generated secrets).

Security Requirement 3

The Decoder should only decode frames with strictly monotonically increasing timestamps.

The timestamps do not to be sequential and your system should reject misordered frames if this would violate the security requirement.