Protecting content

Effectiveness against illegal copying, compatibility with legitimate devices, compliance with laws, expectations of honest consumers are requirements content protection must meet. GRAHAM SHARPLESS, from Optical Disc Technology consultancy, says it can be a tall order.

Content protection and Digital Rights Management (DRM) both represent a growing industry which aims to protect audio, video and other content on disc. DRM is similar to content protection but includes more flexible features that can allow controlled copying, which has proved to be a two-edged sword that can give consumers a little more freedom, but also takes some away.

Content owners have learnt that preventing illegal copying of discs is not sufficient on its own. Some content has found its way onto the market on counterfeit discs even before the legitimate product has been launched. This can happen if the content during post-production falls into the hands of pirates.

Video screeners made available for review purposes represent one source for counterfeit copies. Now screeners are encrypted so that they will play only on a particular player that is distributed to reviewers but prevents copying. Another source is the use of video cameras in movie theatres. The quality may be poor, but unsuspecting consumers will learn this only when it is too late.

End-to-end protection also includes preventing copying from the output of playback devices. Analogue outputs have long been used to make copies. Macrovision’s Analog Protection System (APS) was introduced in the 1980s to prevent successful copying of VHS cassettes. A similar system was added to DVD-Video to prevent analogue copies being made.

This ‘analogue hole’ also applies to analogue TV broadcasts. The Broadcast Flag was introduced to prevent analogue copying, but requires all TV receivers to be compliant. Another method, the Copy Generation Management System (CGMS), is carried by the analogue video output and is used to define whether the content of a DVD-Video disc can be copied.

But it is not possible to provide total protection of content via an analogue signal. Only digital content can be protected adequately, and for complete protection there should be no analogue or unprotected digital signal available at any part of the chain from production to consumer display devices.

Computer software and video games do not suffer from the analogue hole, but need strong digital protection from the development team to the consumer.

Digital Content Protection

Digital content protection makes use of encryption, which requires a unique key to encrypt/scramble the data and the same key to decrypt/descramble it at the receiving end (see Figure 1). Note that encryption is only appropriate for digital data that can be decrypted by the decoder. Encryption cannot be used for CD audio discs because existing CD players would not be able to play them.

There are two main types of encryption currently in use to provide security.

Public Key encryption is used to protect transactions between a sender and a single receiver. The sender encrypts the data, such as a credit card number, using the receiver’s public key, which does not have to be private. But the encrypted data can be decoded only using the receiver’s private key, thus preventing anyone else seeing the data. Such methods are used widely for financial and other sensitive information.

Private Key encryption is needed for protecting content designed to be viewed by a large number of consumers. It must ensure that the encrypted content is decrypted only by a valid compliant device. One approach is to include the key, in encrypted form, on the disc in a way that only licensed players can read and decode.

DVD-Video and DVD-Audio

DVD-Video’s Content Scramble System (CSS) uses not one key but several. The video content is scrambled (another term for encrypted) using a Title Key for each title (or Video Title Set as it is called) on the disc. The Title Keys are in turn encrypted using the Disc Key which is encrypted using the Master Keys, of which there are over 400 different values.

These encrypted values, known as the Encrypted Disc Key Data (see Figure 2) are stored on disc with the scrambled video data and encrypted Title Keys. Each player model is allocated a unique Master Key which is used to decrypt the Disc Key, Title Keys and therefore allow the content to be descrambled. But the weaknesses of CSS were the short key length used (40 bits) and the limited number of different Master Keys. It was only a matter of time before it was hacked, which happened in 1999 only about two years after the launch of the format. Unfortunately because CSS was built into players with no provision for updating the encryption algorithms, the hack could not be repaired.

DVD-Audio was about to be launched in 1999 with CSS2, an improved version of CSS, but after DeCSS became available the format was launched a year later with a new protection technology. This was called Content Protection for Pre-recorded Media (CPPM) which offered the following key features:

Key length of 128 bits (cf 40 bits for CSS)
Use of Media Key Block (MKB) containing thousands of encrypted keys, one for each player device key
Revocation of compromised devices by removing its device keys from the MKB on future titles.

CPPM has not yet been cracked, but this may be because there is less incentive to do so with the limited number of DVD-Audio titles available than with the thousands of DVD-Video titles.

Protecting Games and Computer Software

At about the same time as DVD-Video launched, content protection for CD-ROM was introduced. This also used encryption but the key was stored on the disc in such a way that it could not readily be read except by software on the disc. This software was used to decrypt the content and load the software that it was protecting. When the technology was hacked, it could be repaired by updating the encryption algorithms for future titles. This was useful for video games which tend to have a short life before the next version becomes available.

Currently used content protection technologies, such as Macrovision’s SafeDisc and Sony’s SecuROM, are being continually revised so that the next version of the software or game can have even better protection. But the reality is that hackers will break the protection very soon after the software product is launched.

Digital Rights Management

Digital Rights Management (DRM) is regarded as just another name for content protection, but it can offer additional flexibility that can be used to allow limited copying. It also can restrict playing to certain devices and/or for certain periods of time. It is therefore a more general term than content protection, either providing more features for consumers or restricting the use of content even further. Content owners regard such DRM technologies as the Holy Grail as it provides the degree of protection that they want. Many consumers, however, are unhappy with the restrictions imposed by DRM.

In the late 1990s, the Secure Digital Music Initiative (SDMI) was set up to determine how to prevent the wide-scale copying of music via the internet. The advent of digital music players that would play compressed MP3 files worried the music companies. The first phase involved a watermarking and tracking system, with a full DRM system being added later. All MP3 players would include this DRM, allowing secure distribution of music.

The SDMI collapsed and, according to the official website, www.sdmi.org, is ‘on Hiatus’. But various DRM technologies have been developed and are being used. Unfortunately for consumers, the different proprietary solutions mean that music players are tied to the particular service that supports them and the music cannot be played in any other device. The same applies to the emerging internet video services.

DRM and Audio CDs

The content on audio CDs are being protected using DRM technology, which allows consumers to make copies to CD-R and to music players, using a compressed format such as Microsoft’s Windows Media Audio (WMA) format which supports Microsoft’s DRM technology. The intention was to provide consumers with some degree of freedom to compensate for limitations such as the lack of playability on PCs.

Watermarking

Another technique used to protect content is watermarking, which adds information to the video or audio data in such a way that it is not discernable on playback, but can be detected and read even if the content undergoes re-encoding or compression. When used with a compliant decoder, watermarking can prevent a copy being played if the decoder can determine that it is a copy. But watermarks do not prevent content being played on non-compliant devices.

An important application of watermarking is for screeners or review copies. Because volumes are small these can be individually duplicated on recordable media and each can carry a watermark containing a unique code. If the content subsequently is made available on the internet or copies are made, the watermark can allow the source to be identified.

Content Protection for Next-Generation Formats

The next-generation formats, Blu-ray and HD DVD, will offer high definition video at up to 1280 lines and high quality surround sound audio that represent almost the same quality and definition as the original film masters. It is not surprising therefore that the Hollywood studios are unwilling to release their valuable content without very strong content protection. They do not want a repeat of the CSS hacking but technology that will survive hacking and remain effective in preventing illegal copying for the lifetime of the format.

Strong content protection should comprise the following:

Use of long key lengths and a robust encryption algorithm.
Means to identify compromised devices, which then need to be revoked to maintain protection for future titles.
Revocation of individual devices that have been compromised.
Renewable algorithms to repair the system following any serious hack that can occur with any protection technology.

The solution that both formats have adopted, at least for part of their protection, is Advanced Access Content System (AACS), which goes further than CPPM, but is still a fixed algorithm technology. The Blu-ray group have decided to use an extra method based on what is called Self-Protecting Digital Content (SPDC). Blu-ray discs will also include a physical watermark to prevent wide-scale copying by re-mastering and pressing counterfeit discs.

Advanced Access Content System (AACS)

AACS has been developed by a consortium of companies comprising IBM, Intel, Matsushita and Toshiba (who together developed CSS and CPPM) plus Disney, Warner, Sony and Microsoft. AACS is designed to offer much stronger copy protection than CPPM. It makes use of the Advanced Encryption Standard (AES) with 128-bit keys plus an advanced version of the Media Key Blocks (MKBs) used by CPPM to allow revocation of compromised devices. It also includes additional protection layers and its developers claim that it will not be broken during the lifetime of both next generation disc formats. This has not prevented Jon Lech Johansen, who created DeCSS, from boasting that he is committed to breaking AACS.

The AACS Licensing Administrator was set up to license the technology hardware and component manufacturers and disc replicators.

Licensed disc replicators will require an MKB and Media Key (similar to CPPM) for each title. They may be used only once and if not used must be discarded after a certain period. For CPPM this is three months.

Each title will be mastered and the content plus usage rules and content certificate encrypted using the Media Key.

Licensed decoders/players will each be allocated a set of unique device keys which are needed to decrypt the AACS protected audio-video data on each disc. If any decoder/player is compromised, as happened with CSS, that particular device can be ‘revoked’ by excluding its device keys from the MKBs used on future discs.

The encryption/decryption processes are complex and are described in technical papers and specifications which are obtainable from the AACS LA website (see www.aacsla.com). Figure 3 is a schematic diagram of the encryption and decryption processes, but in a much simplified way.

Like CPPM, the content is encrypted using the Media Key, which is stored in the Media Key Block, but encrypted with each device key. Compliant decoders can use their device keys to obtain the media key and decrypt the content.

AACS, while potentially offering considerably more protection than CPPM, has been criticised for a number of shortcomings. A review carried out by the Independent Software Evaluators criticised its inadequate robustness and renewability saying that it is unable to survive a device-class attack. The review also pointed out the difficulty of identifying compromised devices, even using a simple marking system added for HD DVD.

However as the review was carried out before the version 1.0 specification had been completed, some of the problems mentioned may have been addressed by the developers.

Self-Protecting Digital Content (SPDC)

A US company, Cryptography Research Inc, has developed a new protection technology called Self-Protecting Digital Content (SPDC) architecture. SPDC allows players to be programmed using software code stored on the disc, in much the same way that CD-ROM and DVD-ROM copy protection can be renewed in software.

SPDC defines an interpreter, called a ‘Virtual Machine’, which must be included in all players. The interpreter provides a common Application Programming Interface (API) allowing all players to be updated with a single piece of program code.

End-to-End Content Protection

Protecting the content on a disc from being copied is useless if copies can be made either from video and/or audio masters or from the unprotected output from a player or PC.

Protecting the content from creation to the final disc is being addressed, eg using encrypted screeners and special players as described in the introduction. Other means of preventing copies in movie theatres and of loss in the distribution chain or retail are being developed, but often require additional cost that may not be fully justified.

The digital video outputs from DVD players offer no protection against copying. Analogue outputs can be protected using Macrovision’s APS. Next-generation disc formats will require the use of encryption from disc to the output device. Players will probably not output full HD video via unprotected analogue or digital outputs but may output SD resolution, ie PAL or NTSC. To obtain a full HD resolution image, consumers will need to invest in a display that supports DVI or HDMI inputs plus HDCP copy protection.

Current HDTV broadcasts, which can offer the same quality video as Blu-ray and HD DVD, do not currently require encrypted video outputs; so many existing HD displays will not be compatible with the new formats.

The new HDTV service to be launched by Sky TV in the UK later this year will not require HDCP at first, so that existing HD displays that are not HDCP compatible can still be used. The question must be asked whether HDCP will ever be used for HDTV. But since the broadcasters can switch this on and off it may be used, for example, for Hollywood movies, but not for other TV programmes.

Content Protection and Fair Use

As mentioned in the introduction content protection should be effective, compatible with all legitimate players and meet legal requirements, which may include what is generally regarded as ‘Fair Use’.

The law regarding copying differs from country to country. In the UK all copying of copyrighted content, except time-shift recording, is illegal. In the USA one back-up copy is permitted, but any copy protection method must not be circumvented. In Germany consumers can make a number of copies legally as long as they are not for sale.

A significant number of consumers around the world would prefer the US if not the German model. Many consumers make occasional copies for themselves or friends; some make significant numbers of copies.
Large-scale piracy is a major problem around the world, particularly in certain countries. Technology is usually inadequate to stop this, but law enforcement is probably a more effective method.

Content protection technology is intended to prevent or inhibit casual copying and to keep honest people honest. Those intent on copying despite attempts to prevent it or at least make it more difficult, will overcome the protection. AACS is perhaps the strongest copy protection available but may one day be broken.

Content protection and digital rights management are technologies to reduce if not prevent the wide-scale copying that is threatening the music, video and software industries. But as the technologies become more sophisticated and impose more restrictions on what consumers can do with the content, it may be that more and more consumers will decide not to buy the content, yet pirates still continue to produce and sell counterfeit copies or distribute content via the internet.

Consumer rights groups are fighting the introduction of content protection and digital rights management and the various companies supporting the next-generation formats will need to ask whether their efforts to protect their content will result in less revenue, because consumers will not buy into these formats, rather then increasing revenue by preventing illegal copying....

Article Comments

comments powered by Disqus