Secure broadcasting. Digital content copyright protection

From CryptoWiki
Jump to: navigation, search


Security Challenge

Secure broadcasting is the way to deliver the information to subjects in accordance with the access control policies of the content (video, audio, document, etc.) source. Secure broadcasting on the web is becoming a crucial need for many web-based applications along with digital content copyright protection (DCCP). Since different subjects may have the right to access different parts and portions of the same content, enforcing secure broadcasting requires to efficiently manage a large number of different physical views of the requested content sending it the proper subjects. Additionally, the traditional access control mechanisms used to filter returned content in the context of a user-demand information dissemination mode, secure broadcasting of web content is becoming more and more important, as web-based environments require revisiting the traditional way of performing access control.

Under the broadcast dissemination strategy, a web data source periodically (or when same relevant events arise) broadcasts (portions of) its content to a possibly large community of subjects, without the need of an explicit subject request. Secure broadcasting can be used for both content distribution within the same organization or also for data distribution outside the organization.

Common tools to perform secure broadcasting are the concepts of Digital Rights Management (DRM) and HDCP (High-bandwidth Digital Content Protection).
Figure 1 — HDMI and DVI
RDM is a set of access control technologies that are used by hardware manufacturers, publishers, copyright holders, and individuals to control the use of digital content and devices after sale. First-generation DRM software was used to control copying, the second-generation DRM - for control executing, viewing, copying, printing, and altering of works or devices.

Generally, DRM aimed to prevent illegal copy and copyright protection, copy control. DRM standards include Microsoft PlayReady, Apple FairPlay, OMA DRM. The correctness of DRM apply is in dispute. HDCP is a cryptographic extension to the DVI and a form of digital copy protection by Intel to prevent copying of digital audio and video content as it travels across connections (Display Port (DP), Digital Visual Interface (DVI), High-Definition Multimedia Interface (HDMI), and less popular or now defunct protocols like Gigabit Video Interface (GVIF) and Unified Display Interface (UDI).

DVI is commonly used between personal computers and display devices like LCD monitors. If the HDCP enhanced DVI standard is adopted by monitor and television manufacturers, then it could serve as the last leg of a secure channel for the online distribution of television, movies, and other video data. Online content distributors would like to build this channel to prevent perfect digital copies by never exposing the digital video signal as plaintext in the receiver’s computer. In 1998, the DMCA (Digital Millennium Copyright Act) was signed in the United States to protect intellectual property and content owned by content providers. DMCA could be used against anyone cracking HDCP to impose criminal penalties.

Theoretical Issues

The most common solutions to ensure secure broadcasting and digital content copyright protection are DRM (Digital Rights Management) and HDCP (High-bandwidth Digital Content Protection) by Intel.

The main purpose of HDCP is to prevent transmission of non-encrypted data, audio and high definition video. HDCP provides three systems for this purpose:

  1. Special authentication protocol, which does not allow non-certified devices to receive high definition content.
  2. Encryption is transmitted over DVI or HDMI data, preventing direct copying, data eavesdropping and eliminating the possibility of attacks by a third party.
  3. The HDCP's algorithm of key revocation makes it relatively easy to block the transmission of HDTV content on the devices which violated the copyright agreement of manufacturers.
Figure 2 — The HDCP Authentication Protocol

Each HDCP-supported device has a unique set of keys: 40 keys of 56 bits. These keys are secret, and any disclosure is considered a violation of the EULA. Each set of keys mapped to a special KSV key (key selection vector). Each KSV has exactly 20 bits set to 0 and 20 bits set to 1. During the authentication, both parties (for instance, TV and receiver) exchange KSV keys. Then each device sums up its own secret keys in accordance with other device's KSV bits. If the KSV bit is equal to 1, then the corresponding secret key is used, and if 0, not used.

To establish a session (secret channel), two users exchange their open keys via open channel. Then, each of them multiplies his closed key by incoming key of the second user. For instance,if

File.png  — open and closed key of user1, File2.png  — keys of user2, then: Filesessionkey.png

The users will get the same number as a result (because of the matrix D symmetry), which will be used as a shared session key. HDCP 1.4 is designed for protecting Audiovisual content over certain high-bandwidth interfaces, referred to as HDCP-protected Interfaces, from being copied. HDCP is designed to protect the transmission of Audiovisual Content between an HDCP Transmitter and an HDCP Receiver.

A → B : vA , nA

B : Kt = vA · uB , Rt = h(Kt , nA )

B → A : vB , Rt

A : K = vB · uA , R = h(K, nA )

A : Verifies R = Rt



Go to Bibliography

Back to Main Page

Back to Table of Contents

Mirzagalamov R.N.

Prigorenko L.P.