Consumer Video
DVD Content Protection
In 1987, the appearance of Digital Audio Tape
(DAT) recorders, as the first consumer digital-recording technology, raised
the bar of content protection by enabling professional bootleggers to create multiple generations of
perfect copies. Alarmed by the potential for enormous losses, the recording
industry did its best to kill the medium, just as Hollywood had attempted to
outlaw VCRs a decade earlier.
After years of bickering, it took an act of
Congress to resolve the debate. The 1992 Audio Home Recording Act (AHRA) ordered
all consumer digital-audio recorders to be equipped with a Serial Copy
Management System (SCMS) that met Fair Use standards by permitting only one
generation of copies from commercial recordings.
It also exempted manufacturers
from prosecution for infringement in exchange for collecting a royalty on
recorders and blank media that would compensate copyright holders for presumed
piracy losses. Surprisingly, this provision did little to hobble large-scale
bootlegging operations by excusing high-end pro-quality DAT recorders from the
SCMS requirement.
Despite its attempt to effect a compromise, the AHRA ultimately gave the
recording industry everything it wanted. Although DAT had once been eagerly
anticipated by both consumers and audiophiles, years of delaying tactics and
public disdain for copy-protection eventually ended its chances as a consumer
format. Similar constraints helped put nails in the coffins of subsequent
digital audio-recording technologies, such as the Philips Digital Compact
Cassette and Sony's original MiniDisc.
Unlike the compact disc, which was created by only two companies, the DVD is
a committee compromise. Virtually all the current DVD specifications are the result
of hard-fought compromises pounded out by the computer, consumer-electronics and
content industries. Motivated by the potential for enormous royalties, powerful
multinationals competed fiercely at every stage of the effort to promote
technologies that incorporate their patents.
Even more contentious was the question of copy protection. Hardware
manufacturers would have been happy to simply ignore the issue, but the DAT
(digital audiotape) debacle had taught them the folly of butting heads with the
content industry. The major labels and studios, which had always been spooked by
the idea of perfect digital copying, were close to panic over the ease with
which CDs could be ripped by anyone with an off-the-shelf disc recorder. They
blackballed all DVD proposals that didn't include robust security measures, and
threatened to do anything in their power to kill formats that didn't adequately
protect content.
The argument became so ferocious that the DVD Forum, which had been
struggling to define a definitive set of DVD formats, finally handed off the
problem to an ad hoc organization called the Copy Protection Technical Working
Group. The CPTWG assumed the task of evaluating copy-protection technologies
and, although its goal was to merely stimulate informal debate, it managed to
resolve issues that would otherwise have plagued the industry for years.
This division of labor also helped the DVD Forum avoid encumbering its core
DVD specifications with politically charged content-protection schemes. All
CPTWG recommendations exist as independent technologies that are maintained and
licensed by third-parties. Accommodating them required the Forum to make only
minor revisions to its own specs.
When the smoke cleared, DVDs had been crammed with more layers of copy
protection than any other consumer format.
-
CSS: Pre-recorded DVD-Video content is encrypted by the Content Scrambling
System (CSS)
-
CPPM: the Content Protection for Prerecorded Media (CPPM) technology
performs the same function for DVD-Audio material.
-
Regional Playback Control: Prerecorded DVD-Video discs are also equipped
with Regional Playback Control, which allows consumers to play movies only
in their local geographic regions.
-
CPRM: Writable DVD drives are prevented from indiscriminately copying
protected content by the Content Protection for Recordable Media (CPRM)
system.
-
CGMS-A: The Macrovision DVD Copy Protection system, Copy Generation
Management System (CGMS-A)
-
Verance: The Verance DVD-Audio Watermarking technology guards analog
output from being captured by analog and digital recorders
-
DTCP: The Digital Transmission Content Protection (DTCP) system does the
same for digital data streams.
-
HDCP: DVI connections to digital monitors are protected by the
High-bandwidth Digital Content Protection (HDCP) technology
-
Video Watermarking: Although there's currently no way to guard against a
pirate hijacking the VGA signal traveling between a PC and a monitor, the
industry is working on a video-watermarking proposal that would prevent this
and other types of vulnerabilities in the analog domain.
-
CPSA: All these technologies are coordinated into a formal architecture,
called the Content Protection System Architecture.
Many of these technologies were circumvented shortly after their release, but
that hasn't ended calls to add even more anti-piracy features. The justification
for these continued efforts - a copy-protection scheme doesn't necessarily
become ineffective when it's defeated by a determined hacker. Most are intended
primarily to limit "casual copying," in which a consumer cavalierly
runs off a quick duplication for a friend.
One justification for packing so many levels of copy protection into DVDs was
to make circumvention tools too complicated, specialized, and intimidating for
mainstream consumers.
The downside of all this technology is a DVD content-protection system so
complex that it requires a formal architecture to coordinate its components.
This framework, called the Content Protection System Architecture (CPSA), is an
outgrowth of a 1999 proposal by IBM, Intel, Matsushita and Toshiba (the
so-called "4C Entity"), a group that also helped develop technologies
like CPPM and CPRM.
CPSA consists of a list of 11 rules (or "axioms") that define
standard ways to implement access and recording controls specified by content
providers. These rules describe cross-platform procedures and codes of conduct
that help integrate discrete content-protection modules into a cohesive system
free from conflicts, redundancies, inconsistencies, and omissions.
CPSA is applicable to both computer and consumer-electronics devices, as well
as to audio and video content in either analog or digital formats. Compliant
technologies include most DVD-specific copy-protection schemes, such as CSS,
CPPM, CPRM, and Verance's DVD-Audio Watermarking. CPSA guidelines also apply to
technologies that protect streaming content, such as DTCP, HDCP, and Conditional
Access, which safeguards pay-per-view programming distributed via satellite or
cable.
CPSA-compliant technologies can incorporate two types of content-protection
mechanisms: watermarking and encryption.
Watermarking embeds copy-protection
information (known as a "watermark") directly into an audio or video
stream. Watermarks usually contain usage rules known as Content Management
Information (CMI), which specify how the content's owner will allow his property
to be accessed, played, or copied.
This embedded data is intended to be transparent to the consumer, but is
detected by the compliant hardware or software modules that enforce the system.
If a content owner doesn't want to risk degrading content with a watermark, CPSA
also allows CMI to be packaged as a discrete piece of data that accompanies, but
is not embedded into, the content.
The lock that enforces such a system in the digital domain is encryption,
which scrambles content until it is decrypted by a compliant device, according
to the rules specified by the CMI.
In the case of DVD content protected by CPPM
or CPRM, encryption is performed by the C2 (Cryptomeria Cipher) function, a
mathematical operation designed specifically to protect multimedia content.
Other technologies, such as CSS, HDCP and DTCP, each use their own types of
encryption functions.
The Cryptomeria Cipher (C2) is a Feistel network-based block cipher
designed for use in the area of digital entertainment content protection. The cipher was designed for cryptographic
robustness, efficiency when implemented in software, and small size when implemented in hardware.
block size: 64bit, key size: 56bit.
Reference: http://www.4centity.com/data/tech/spec/C2_100.pdf
Recordable DVD discs can include CPRM copy
protection to prevent further copying. All
the latest versions of DVD recordable discs (except authoring type DVD-R)
offer copy protection using CPRM (Content Protection for Recordable
Media).
CPRM technology provides the following features:
- Cryptomeria Cipher (C2) for content encryption
- 4 layers of encryption using 56-bit keys
- Unique device key for each recording/playback device
- Media Key Block (MKB) to allow for revoking a hacked device
- Unique Media ID to prevent copying bit-for-bit.
- Mutual identification process for PC based systems, which must be
performed before CPRM protected data is transferred from DVD drive to
the PC.
CPRM is similar to CPPM in using a MKB. All media used with CPRM
must include a BCA (Burst Cutting Area) which can be used to record a
unique media ID as part of the manufacturing process. This will then
prevent the data from being copied to another disc because it will not
have the same unique media ID and therefore the data cannot be
decrypted.
CPRM was developed by 4C (comprising IBM, Intel, MEI and Toshiba) and
uses 56-bit keys and C2 encryption for content encryption. It
allows for a hacked playback device to be revoked using a Media Key Block
(MKB). The MKB is stored as a file on the disc and contains a very large
number of keys. Each licensed recorder has assigned to it a set of unique
device keys that allow it to obtain the Media Key from the MKB and decrypt
the audio content.
DVD
Recording |
DVD
Media |
DVD
Playback |
process
MKB |
MKB |
process
MKB |
Device
Keys |
|
Device
Keys |
Media
Key |
Media
ID |
Media
Key |
C2
encryption![](arrow_black.gif) |
Title
key |
C2 |
C2
encryption![](arrow_black.gif) |
Content
encrypted |
C2 |
|