ES 202 488-3 : 1.1.1

Intellectual Property Rights
Foreword
1 Scope
   1.1 Requirements
2 References
3 Abbreviations
4 Purpose
   4.1 Void
   4.2 Background
5 Baseline privacy plus overview
   5.1 Architectural overview
   5.2 Operational overview
6 Data Over Cable System MAC frame formats
   6.1 Variable-length packet data PDU MAC frame format
   6.2 Fragmentation MAC Frame Format
   6.3 Requirements on usage of BP extended header element in
        MAC header
7 Baseline Privacy Key Management (BPKM) protocol
   7.1 State models
   7.2 Key management message formats
8 Dynamic SA mapping
   8.1 Introduction
   8.2 Theory of operation
   8.3 SA Mapping state model
   8.4 IP multicast traffic and dynamic SAs
9 Key usage
   9.1 CMTS
   9.2 Cable Modem
   9.3 Authentication of Data-Over-Cable System v1.1 dynamic
        service requests
10 Cryptographic methods
   10.1 Packet data encryption
   10.2 Encryption of TEK
   10.3 HMAC-Digest Algorithm
   10.4 Derivation of TEKs, KEKs and message authentication keys
   10.5 Public-key encryption of authorization key
   10.6 Digital signatures
   10.7 Supporting alternative algorithms
11 Physical protection of keys in the CM and CMTS
12 BPI+ X.509 certificate profile and management
   12.1 BPI+ certificate management architecture overview
   12.2 Certificate format
   12.3 Cable Modem certificate storage and management in the CM
   12.4 Certificate processing and management in the CMTS
Annex A (normative): TFTP configuration file extensions
      A.1 Encodings
      A.2 Parameter guidelines
Annex B (informative): Example messages, certificates and PDUs
      B.1 Notation
      B.2 Authentication info
      B.3 Authorization request
      B.4 Authorization reply
      B.5 Key request
      B.6 Key reply
      B.7 Packet PDU encryption
      B.8 Encryption of packet PDU with payload header suppression
      B.9 Fragmented packet encryption
Annex C (informative): BPI/BPI+ interoperability
      C.1 Data-Over-Cable System v1.0/v1.1 interoperability
      C.2 Data-Over-Cable System BPI/BPI+ interoperability
          requirements
      C.3 BPI 40-bit DES export mode considerations
      C.4 System operation
Annex D (normative): Verifying downloaded operational software
      D.1 Introduction
      D.2 Overview
      D.3 Code upgrade requirements
      D.4 Security considerations (informative)
Annex E (informative): Upgrading from BPI to BPI+
      E.1 Hybrid cable modem with BPI+
      E.2 Upgrading procedure
History

Describes a level of data privacy across the shared medium cable network equal to or better than that provided by dedicated line network access services (analog modems or digital subscriber lines).