• Télécharger
HTM5/CENC par Romain Bouqueau de Gpac Licensing
Prochain SlideShare
Loading in...5
×

Vous aimez ? Partagez donc ce contenu avec votre réseau

Partager
  • Full Name Full Name Comment goes here.
    Êtes-vous sûr de vouloir
    Votre message apparaîtra ici
    Be the first to comment
No Downloads

Vues

Total des vues
6,153
Sur Slideshare
1,815
From Embeds
4,338
Nombre d'ajouts
13

Actions

Partages
Téléchargements
1
Commentaires
0
J'aime
5

Ajouts 4,338

http://www.scoop.it 2,897
http://ovfsquad.fr 696
http://www.gpac-licensing.com 665
http://www.alkannoide.com 43
https://twitter.com 14
http://dwamcast.tumblr.com 6
http://www.slideee.com 5
http://webcache.googleusercontent.com 4
http://localhost 3
http://www.google.co.uk 2
http://translate.googleusercontent.com 1
http://www.google.co.kr 1
http://ovfs.localhost 1

Signaler un contenu

Signalé comme inapproprié Signaler comme inapproprié
Signaler comme inapproprié

Indiquez la raison pour laquelle vous avez signalé cette présentation comme n'étant pas appropriée.

Annuler
    No notes for slide

Transcript

  • 1. Leveraging content protection for Web distribution Romain Bouqueau – GPAC Licensing romain.bouqueau@gpac-licensing.com 2/27/2014 Hangout Squad #2 1
  • 2. Me, myself, and I • Open-Source contributor on – – – – – GPAC Rich-media: mix of VLC and Web browser MP4Box packager, Osmo player, streaming tools Building standards (MPEG/W3C/…) ISOBMF(MP4), M2TS, DASH, CENC, HEVC, … www.gpac.io • CEO of professional entity: GPAC Licensing • Acknowledgements 2/27/2014 Hangout Squad #2 2
  • 3. Overview • Abstracting encryption from DRMs: – MPEG CENC (Common Encryption) • Abstracting Key Management from Browsers: – HTML5 EME (Encrypted Media Extensions) • Use-case: – Netflix and Microsoft IE11 2/27/2014 Hangout Squad #2 3
  • 4. MPEG CENC (Common Encryption) 2/27/2014 Hangout Squad #2 4
  • 5. One standard to rule them all 2/27/2014 Hangout Squad #2 5
  • 6. A new standard, what for? • Abstracting encryption from DRMs • Allows DRMs to share: – keys, key identifiers, encryption algorithm, parameters and signaling – location to store proprietary data • Protection System Specific Header (PSSH ISOBMF box) – leaves DRM implementation to individual systems • Prior to this standard: – different set of files required for each different DRM type – interchange of files between authorized devices generally not possible because of different DRMs. 2/27/2014 Hangout Squad #2 6
  • 7. Did you say standard? • • • • • • MPEG ISO Standard 23001-1 (2012, CENC) MPEG ISO Standard 23001-7 (2012, ISOBMF) MPEG ISO Standard 23001-9 (2014, MPEG-TS) Natural fit with MPEG-DASH Base of DECE CFF (UltraViolet) More on that later… 2/27/2014 Hangout Squad #2 7
  • 8. Buzz word slide • Protection System Specific Header (PSSH) in file header – – – – Possibly several PSSH boxes = several DRMs For all tracks or a single track Association done via Key ID (128 bits): KID Crypto System • AES-CTR and AES-CBC 128 bits • InitializationVector (IV) : 64 or 128 bits (8 or 16 bytes) • Default key + key-roll • Storage of cypher instructions: – senc box (HbbTV, CFF) – or saiz/saio boxes 2/27/2014 Hangout Squad #2 8
  • 9. Example: AES/CTR for AVC • Different IV for each sample • Note: clear and encrypted data in NAL Unit 2/27/2014 Hangout Squad #2 9
  • 10. Deployments • HbbTV 1.5+ • CFF (Common File Format), DECE, UltraViolet • Current HTML5/EME demos • Implementations: – Proprietary (interoperability?) – GPAC 2/27/2014 Hangout Squad #2 10
  • 11. HTML5 EME (Encrypted Media Extensions) 2/27/2014 Hangout Squad #2 11
  • 12. EME • EME is not: – Not a DRM – Not an official W3C recommendation: • Only a Working Draft since May 2013 ------------------------> – Not a mandatory part of HTML5 • EME is: – A HTML 5 Media Elements extension: • • Mandatory: <audio>, <video> Optional extensions: – – – Media Source Extensions (MSE) Encrypted Media Extensions (EME) Web Crypto Extensions (WebCrypto) – Editors: • • • David Dorwin, Google, Inc. Adrian Bateman, Microsoft Corporation Mark Watson, Netflix, Inc. – Jeff Jaffe, W3C (quote): • • • • 2/27/2014 APIs that would provide access to content decryption modules (CDMs) part of DRM systems. W3C is not standardizing CDM technology Hangout Squad #2 12
  • 13. Overview • JavaScript API – permits a Web application to hand Key Material to a Content Decryption Module (CDM) Browser (Javascript) Key Material CDM (blackbox) 2/27/2014 Hangout Squad #2 13
  • 14. CDM • Nature of the Key Material unspecified. – i.e. “Key Material” is not simply a key – Likely encrypted • Not accessible in the browser • Large scope – Decoder or not – No codec/container specified (H264/VP8, ISOBMF/WebM, *can* use CENC) – Deployed with the browser or within the OS or the hardware (ARM trusted zone…) • The EME draft defines one very simple CDM – Clear Key – Not realistic because Key Material is accessible to the Web application and the browser – permits the HTML WG to demonstrate interoperability of the API 2/27/2014 Hangout Squad #2 14
  • 15. 2/27/2014 Hangout Squad #2 15
  • 16. 2/27/2014 Hangout Squad #2 16
  • 17. But EME still unsufficient • CDMi by Microsoft: http://download.microsoft.com/download/E/A/4/EA470677-6C3C-4AFE-8A86A196ADFD0F78/Content%20Decryption%20Module%20Interface%20Specificatio n.pdf 2/27/2014 Hangout Squad #2 17
  • 18. Controversy • Not the role of W3C? • CDM = black box – Return of our beloved: Flash, Silverlight, NaCl, … – DMCA forbids inspection of DRMs – Platform independence • EME not self-sufficient (CDMi) • Privacy: – not only ask a server for a key, but also allow the CDM to transmit back a session id – control who views what when with which software – PKI (revocable certificates) • “Watermarking is better than DRM” – OTOY/ORBX.js: https://brendaneich.com/2013/05/today-i-saw-the-future/ 2/27/2014 Hangout Squad #2 18
  • 19. Deployment • Internet Explorer 11 + Windows 8.1 – Microsoft announces to leverage EME (and DASH through MSE) for PlayReady: • http://www.microsoft.com/playready/features/ClientO ptions.aspx • Google Chrome (multi-platform): Widevine – Chrome OS 2/27/2014 Hangout Squad #2 19
  • 20. Netflix and Microsoft IE11 2/27/2014 Hangout Squad #2 20
  • 21. Buzzword demo 2/27/2014 Hangout Squad #2 21
  • 22. Performance demo • Microsoft IE11/Win8.1 – MSE: • hardware (GPU) accelerated by WMF – EME: • with PlayReady CDM – WebCrypto: • Encrypt communications between the Netflix JavaScript application and the Netflix servers 2/27/2014 Hangout Squad #2 22
  • 23. Thank you romain.bouqueau@gpac-licensing.com @rbouqueau @gpaclicensing 2/27/2014 Hangout Squad #2 23