AMC private keys are usually only transmitted to the embedders. The procedure is to be decided on a case-by-case basis (e.g. via OpenPGP secure mechanism). In the case of the common AMC, ADCET is in charge of transmitting the keys to the encoder on request of the community in charge of the services. In the case of a specific AMC, the community transmits its keys to the encoder.
In technical terms there are 2 groups of keys:
Group1 (in a SAM) :
- The 3 keys to be loaded in the Calypso application
- The MAC signature key
- The 3DES encryption key
Group 2 (outside SAM, transmitted securely) :
- The secret/private key pair, for signing predefined identifiers
- The 3DES key for calculating predefined identifiers