Cable-Modems.org
The Cable Modem Reference Guide
Home - to - Articles - to - Security
Search:
by Rolf V. Ostergaard
Tutorial

articles

shop

forum

Q&A

gallery

toolbox

links

about

 
  internet sharing     market     security     uncapping     speed tweaks     linksys

What is Baseline Privacy?

The DOCSIS standard provides a Baseline Privacy Interface (BPI or BPI+ for DOCSIS 1.1) to provide some basic privacy for the data. This involves both RSA and DES crypto algorithms, but before you feel too secure, take a look at what exactly the goals of this security is:

Picture of
The best personal firewall on the market period. Easy to configure and best of all - this thing works!

at Amazon.com |  Details and customer reviews


  • Provide data privacy for the Cable Modem users across the RF cable network from the Cable Modem to the CMTS and back. Notice that this does not provide any data privacy beyond the RF cable network. That is on either the user side of the Cable Modem or the Internet side of the CMTS.
  • Provide protection against theft of service for the cable service providers. Notice that this protection is intended to prevent large-scale theft of service by commercial pirates. It does not prevent small-scale theft of service.

There is no protection against tampering with the signals on the RF cable network.

The main advantages of BPI+ in DOCSIS 1.1 is the capability to upgrade crypto mechanisms in already deployed Cable Modems and the use of digital certificates to authenticate Cable Modems. There is also some support for longer keys and better algorithms.

Notice also that all setup and configuration of the BPI functions are made at the CMTS, so as a user you have very little control over when your data are encrypted and when they are not. In reality the purpose of BPI and BPI+ is this

  • To protect against theft of service (like with the pirate de-scrambler boxes for cable TV).
  • To protect against potential bad press and lawsuits from customers being spied on by their neighbors.

Do not think that BPI is really there to protect you as a Cable Modem user. If you want data privacy, you have to install and use that at the application program level. Things like encryption features in your email program, secure connections (https) in your web browser, Virtual Private Network (VPN) connection to your corporate network etc.

You may want to learn more about the standards in the cable modem tutorial or check some of the other feature articles.

 
©1998-2006 Rolf V. Ostergaard - rolfcable-modems.org
Cable-Modems.org is not a commercial domain. I write whatever I want. I am not biased. There is no guarantee for correctness. Please do not approach me to buy cable modems - I do not sell or install cable modems. If you want a cable modem, talk to your cable operator. If you want to place an ad here, let me know. Web hosting by pair Networks.