• Télécharger
HTM5/CENC par Romain Bouqueau de Gpac Licensing
Upcoming SlideShare
Loading in...5
×
 

HTM5/CENC par Romain Bouqueau de Gpac Licensing

on

  • 5,836 vues

 

Statistiques

Vues

Total des vues
5,836
Vues sur SlideShare
1,610
Vues externes
4,226

Actions

J'aime
5
Téléchargements
1
Commentaires
0

13 Ajouts 4,226

http://www.scoop.it 2857
http://ovfsquad.fr 685
http://www.gpac-licensing.com 606
http://www.alkannoide.com 43
https://twitter.com 13
http://dwamcast.tumblr.com 6
http://webcache.googleusercontent.com 4
http://www.slideee.com 4
http://localhost 3
http://www.google.co.uk 2
http://translate.googleusercontent.com 1
http://www.google.co.kr 1
http://ovfs.localhost 1
Plus...

Accessibilité

Catégories

Détails de l'import

Uploaded via as Adobe PDF

Droits d'utilisation

© Tous droits réservés

Report content

Signalé comme inapproprié Signaler comme inapproprié
Signaler comme inapproprié

Indiquez la raison pour laquelle vous avez signalé cette présentation comme n'étant pas appropriée.

Annuler
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Votre message apparaîtra ici
    Processing...
Poster un commentaire
Modifier votre commentaire

HTM5/CENC par Romain Bouqueau de Gpac Licensing HTM5/CENC par Romain Bouqueau de Gpac Licensing Presentation Transcript

  • Leveraging content protection for Web distribution Romain Bouqueau – GPAC Licensing romain.bouqueau@gpac-licensing.com 2/27/2014 Hangout Squad #2 1
  • Me, myself, and I • Open-Source contributor on – – – – – GPAC Rich-media: mix of VLC and Web browser MP4Box packager, Osmo player, streaming tools Building standards (MPEG/W3C/…) ISOBMF(MP4), M2TS, DASH, CENC, HEVC, … www.gpac.io • CEO of professional entity: GPAC Licensing • Acknowledgements 2/27/2014 Hangout Squad #2 2
  • Overview • Abstracting encryption from DRMs: – MPEG CENC (Common Encryption) • Abstracting Key Management from Browsers: – HTML5 EME (Encrypted Media Extensions) • Use-case: – Netflix and Microsoft IE11 2/27/2014 Hangout Squad #2 3 View slide
  • MPEG CENC (Common Encryption) 2/27/2014 Hangout Squad #2 4 View slide
  • One standard to rule them all 2/27/2014 Hangout Squad #2 5
  • A new standard, what for? • Abstracting encryption from DRMs • Allows DRMs to share: – keys, key identifiers, encryption algorithm, parameters and signaling – location to store proprietary data • Protection System Specific Header (PSSH ISOBMF box) – leaves DRM implementation to individual systems • Prior to this standard: – different set of files required for each different DRM type – interchange of files between authorized devices generally not possible because of different DRMs. 2/27/2014 Hangout Squad #2 6
  • Did you say standard? • • • • • • MPEG ISO Standard 23001-1 (2012, CENC) MPEG ISO Standard 23001-7 (2012, ISOBMF) MPEG ISO Standard 23001-9 (2014, MPEG-TS) Natural fit with MPEG-DASH Base of DECE CFF (UltraViolet) More on that later… 2/27/2014 Hangout Squad #2 7
  • Buzz word slide • Protection System Specific Header (PSSH) in file header – – – – Possibly several PSSH boxes = several DRMs For all tracks or a single track Association done via Key ID (128 bits): KID Crypto System • AES-CTR and AES-CBC 128 bits • InitializationVector (IV) : 64 or 128 bits (8 or 16 bytes) • Default key + key-roll • Storage of cypher instructions: – senc box (HbbTV, CFF) – or saiz/saio boxes 2/27/2014 Hangout Squad #2 8
  • Example: AES/CTR for AVC • Different IV for each sample • Note: clear and encrypted data in NAL Unit 2/27/2014 Hangout Squad #2 9
  • Deployments • HbbTV 1.5+ • CFF (Common File Format), DECE, UltraViolet • Current HTML5/EME demos • Implementations: – Proprietary (interoperability?) – GPAC 2/27/2014 Hangout Squad #2 10
  • HTML5 EME (Encrypted Media Extensions) 2/27/2014 Hangout Squad #2 11
  • EME • EME is not: – Not a DRM – Not an official W3C recommendation: • Only a Working Draft since May 2013 ------------------------> – Not a mandatory part of HTML5 • EME is: – A HTML 5 Media Elements extension: • • Mandatory: <audio>, <video> Optional extensions: – – – Media Source Extensions (MSE) Encrypted Media Extensions (EME) Web Crypto Extensions (WebCrypto) – Editors: • • • David Dorwin, Google, Inc. Adrian Bateman, Microsoft Corporation Mark Watson, Netflix, Inc. – Jeff Jaffe, W3C (quote): • • • • 2/27/2014 APIs that would provide access to content decryption modules (CDMs) part of DRM systems. W3C is not standardizing CDM technology Hangout Squad #2 12
  • Overview • JavaScript API – permits a Web application to hand Key Material to a Content Decryption Module (CDM) Browser (Javascript) Key Material CDM (blackbox) 2/27/2014 Hangout Squad #2 13
  • CDM • Nature of the Key Material unspecified. – i.e. “Key Material” is not simply a key – Likely encrypted • Not accessible in the browser • Large scope – Decoder or not – No codec/container specified (H264/VP8, ISOBMF/WebM, *can* use CENC) – Deployed with the browser or within the OS or the hardware (ARM trusted zone…) • The EME draft defines one very simple CDM – Clear Key – Not realistic because Key Material is accessible to the Web application and the browser – permits the HTML WG to demonstrate interoperability of the API 2/27/2014 Hangout Squad #2 14
  • 2/27/2014 Hangout Squad #2 15
  • 2/27/2014 Hangout Squad #2 16
  • But EME still unsufficient • CDMi by Microsoft: http://download.microsoft.com/download/E/A/4/EA470677-6C3C-4AFE-8A86A196ADFD0F78/Content%20Decryption%20Module%20Interface%20Specificatio n.pdf 2/27/2014 Hangout Squad #2 17
  • Controversy • Not the role of W3C? • CDM = black box – Return of our beloved: Flash, Silverlight, NaCl, … – DMCA forbids inspection of DRMs – Platform independence • EME not self-sufficient (CDMi) • Privacy: – not only ask a server for a key, but also allow the CDM to transmit back a session id – control who views what when with which software – PKI (revocable certificates) • “Watermarking is better than DRM” – OTOY/ORBX.js: https://brendaneich.com/2013/05/today-i-saw-the-future/ 2/27/2014 Hangout Squad #2 18
  • Deployment • Internet Explorer 11 + Windows 8.1 – Microsoft announces to leverage EME (and DASH through MSE) for PlayReady: • http://www.microsoft.com/playready/features/ClientO ptions.aspx • Google Chrome (multi-platform): Widevine – Chrome OS 2/27/2014 Hangout Squad #2 19
  • Netflix and Microsoft IE11 2/27/2014 Hangout Squad #2 20
  • Buzzword demo 2/27/2014 Hangout Squad #2 21
  • Performance demo • Microsoft IE11/Win8.1 – MSE: • hardware (GPU) accelerated by WMF – EME: • with PlayReady CDM – WebCrypto: • Encrypt communications between the Netflix JavaScript application and the Netflix servers 2/27/2014 Hangout Squad #2 22
  • Thank you romain.bouqueau@gpac-licensing.com @rbouqueau @gpaclicensing 2/27/2014 Hangout Squad #2 23