Domain: 4centity.com
Stories and comments across the archive that link to 4centity.com.
Comments · 15
-
Re:100 years sounds good...
Portions of the specification are secret.
-
Defective by design
-
Re:Is piracy the only option?
Notice, if you will, that the only Memory Stick, Memory Stick Micro, Memory Stick Pro, and Memory Stick Pro Duos you see bear the company name Sony or that of one of the few strictly sublicensed partner company brand names. Sandisk/Lexar are two examples of such companies, with Sandisk being a direct partner with Sony for the Memory Stick spec. You will find SD cards from Sandisk, Lexar, Crucial, Kingston and numerous other companies. I hope that answers your question about which format is more open and prevalent. There are several companies offering hardware adapters to allow SD cards to be compatible with Memory Stick slots. The SD spec is easily (and more cheaply) licensed for use in all kinds of devices - industrial, commercial, and consumer, from what I've determined.
As for the DRM question: Sony only uses non-compatible proprietary DRM formats for everything, as a rule. Usually Windows-locked by default in any implementation. For the Memory Stick cards, it is optional to use, and is called MagicGate, a software/hardware duality. See: ATRAC. See also: MagicGate [1]. This is not to say enterprising individuals haven't taken care of this issue, it's just a fact of their track record as a company. The SD card DRM [2](CPRM 1|2) scheme on the other hand, is able to be licensed and used in Open Sauce (for a fee), for whatever reason one might choose to do so, and is rarely if ever enforced even when it is present, and is software mostly reliant on software, with the DRM itself only fully working if a CPRM capable device is present for key negotiation. It's been bypassed for years by programs like DVDShrink, etc.
For an example: Sandisk SD cards that contain media/programs/etc of whatever type on the card at retail. You can copy the stuff straight to your hard drive without any trouble, or format the card, again, without any trouble, and proceed to use them. The data isn't locked, even though the DRM is present. Try this with the content that comes on those special MSD cards once for an unhappy experience. Try to erase the data off the card, and you are prevented, so you are stuck with a partially full card from the get-go. Ditto attempting to copy the data.
[1] Note: I apologize for using a Wikipedia link, but I couldn't find any direct information on MagicGate from the Sony website, other than their support section saying that Memory Stick cards or devices without MagicGate can't use ATRAC-based files (it seems the spec page for MagicGate no longer exists or was removed); also listed on the Sony site were several pages on which devices contain it and which do not.
[2] Note: Two best links I found dealing with CPRM.
-
Open source not really the thrust of the brief
I found the footnote where they invoke the name of the W3C to justify patents interesting:
Software interoperability standards such as those promulgated by the World Wide Web Consortium (w3c) and the Internet Engineering Task Force (IETF) are necessary to enable the important uses of software, supra at 18-23, which require acquisition and assimilation of data from numerous heterogeneous sources. With the advent of patent protection for software, firms are able to selectively license innovations on favorable terms to the community of standards users, thus encouraging other firms to participate in and adopt standards.
Emphasis in original (page 29, 42 in pdf). I don't think that is the purpose of the W3C's patent policy, which states that any patented methods described in w3c standards must be freely licensed. The W3C makes recommendations based on common industry practice. IBM's interpretation implies that Patents must be used to rigorously impose standards as is done by: 3D-3C, LLC, DVD Format/Logo Licensing Corporation, 4C Entity, Digital Content Protection LLC, and Digital Transmission Licensing Administrator.
The main point of the Brief seems to be that the test for patentability should not rely on an arbitrary method of implementation. The Brief explicitly states that it relies on the US constitution that says that advances in the "useful arts" (technology) are patentable. As such, many of the claims may not apply in other jurisdictions such as my own. From the brief:
Patenting technological inventions promotes innovation. No sound patent policy supports protection for non-technological processes, including non-technological business methods.
- Page 7.8 of Brief (pages 20,21 of pdf)
I supposed if the scope of software patents is limited enough such that entire fields of innovation are not cut-off (a patent on Morse code was used as an example), I suppose they can't do to much harm.
-
Find a protocol and break itThe ones in the cryptographic literature tend to be okay, or have very subtle flaws, but there are lots of protocols thought up by inexperienced people that nobody has gotten around to breaking yet. Take a few, and the chances are excellent you can find a flaw in one of them.
CPRM might be a bit advanced for high school, but a practical break is an undergraduate homework assignment. (Hint: Assume you have known plaintest for the encrypted media key. How many trial encryptions do you have to do before finding a player key?)
Note that this is a PROTOCOL, not a CIPHER. You can build a flimsy building out of indestructible bricks, and people do it all the time.
In general, the best possible exercise is breaking something, even if it's a bit of a straw man. Implement a discrete log solution (given g, p, and y = g^x mod p, find x) for composite p with known factors less that some convenient limit like 2^32. Or show how to recover a DSA secret key given two different signatures with the same k (and thus r). -
Bad RAM: Mr. Perens is with HPMr. Perens is working with HP to advance Free Software. Since HP is not part of the 4C Entity, it may be easier to get him onto T13.
Sorry about the mis-statement.
-
What about CPRM's sister technologies?
OK, here's my question:
CPRM is obviously just ONE of several technologies designed to build the CPSA (Content Protection System Architecture) framework, as described in the CPSA whitepaper published by the 4C Entity.
Reportedly you're trying to convince the T.13 committee of introducing a possibility to opt-out of CPRM support for Linux.
What are your views on CPRM's sister technologies like CPPM (Content Protection for Prerecorded Media), DTCP (Digital Transmission Copy Protection), HDCP (High-bandwidth Digital Content Protection) etc. and their possible inclusion in upcoming devices such as DVD-RW recorders, Firewire and USB devices, DVI displays, etc.? Will Linux just not support these devices? -
Their web siteIsn't it ironic that their web site is www.4Centity.com...
It pronounces as "Force Entity"...
-
The web site...Isn't it ironic that their web site is 'www.4Centity.com'
...?Pronounce it, and you get 'force entity'...
-
Recordable DVD? Not in the US
but with the (eternally) soon-to-be-released recordable DVD formats
These will be loaded with so much copyright control (DVD CCA is also the 4C Entity) that the only files you'll be allowed to store are works you create yourself and works created before January 1, 1923 (in the US at least). This means that you will need to be in a band to store music on your DVD-R, and you can only store your band's music. And you definitely won't be able to encrypt files on DVD-R, as decryption of works you didn't create is a violation of 17 USC 1201.
Like Tetris? Like drugs? Ever try combining them? -
CPRM is just the tip of the iceberg!!!
Have a look at what those industry morons are up to:The proposal to enhance the ATA-spec with copy protection extensions is an enhancement of CPRM.
CPRM itself is just one of several technologies which are part of the so-called "Content Protection System Architecture" (CPSA).[http://www.4centity.com/4centity/data/tech/cps
a /c psa081.pdf]
Enter CPSA, servants, attendants.
CPSA is an attempt to define a technological framework in order to fulfill the entertainment industry's (RIAA, MPAA etc.) demand for complete control of distribution and copies of audio/video content. The idea is to create a secure end-to-end chain from cable-station/satellite-receiver/settopbox/DVD etc. to the enduser's speaker/digital-display etc.
CPSA is supposed to include the following content protection technologies among others:
Content Protection for Recordable Media (CPRM)
- protected exchange of audio/video on DVD, FlashMedia, (ATA-hdds planned)
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Protection for Pre-recorded Media (CPPM)
- robust protection of DVD-Audio content on DVD-ROM media
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Scrambling System (CSS)
- protecting DVD-Video cotent via authentication and content scrambling
developed by: DVD Copy Control Association (CCA) http://www.dvdcca.orgDigital Transmission Content Protection (DTCP)
- robust encryption of content passing between digital devices in the home e.g. IEEE 1394, USB
- copy control information
- authentication and key exchange
- digital encryption [sic!]
- system renewability
developed by: 5C (Hitachi, Intel, Matsuhita (MEI), Sony, Toshiba) http://www.dtcp.comHigh-bandwidth Digital Content Protection (HDCP)
- encryption on high-bandwith interfaces to digital displays e.g. DVI
developed by: Intel http://www.digital-CP.com4C/Verance Watermark
- technology for creating/reading watermarks (Content Management Information - CMI) in audio content
developed by: Verance Corporation http://www.4centity.comFinally, a video watermarking scheme (to be selected by the DVD CCA)
All information above taken from:
http://www.4centity.com/4centity/data/tech/cpsa/cp sa081.pdf
(Dated February 17th, 2000; revision 0.81) Absolutely recommended reading!!!
So much for the overall framework.
Some interesting details on the technologies described above:
Content Management Information (CMI)
- additional information added to the content in order to establish rules and conditions restricting its usage
Copy Control Information (CCI - a subset of CMI)
- copy restrictions through data flags: copy free, copy once, copy nomore, copy never
There is an enlightening presentation on DTCP (warning: horrible layout):
http://www.dtcp.com/data/dtcp_tut.pdf
A preliminary version of the DTCP specification (v1.1) can be found here:
http://www.dtcp.com/data/DTCP_spec11_informational
A few buzzwords to wet your appetite:
- content encryption, supported ciphers: M6, Blowfish (modified), DES
- authentication: Diffie-Hellman key exchange, PKI
- cryptographic functions: SHA-1, random number generator
[cf. Chapter 4.4 Cryptographic Functions]
The next document makes for another interesting read:
http://www.dvdcca.org/4centity/data/licensing/adop ter/interim_CPRM_CPPM_agreement.pdf
let's have a look at some excerpts:
Exhibit B-1 CPPM COMPLIANCE RULES FOR DVD-AUDIO (p.35ff):
Section 3. Encoding Rules for individual parameters of prerecorded DVD-Audio disc
- specifications for control of copy permission (3.2)
- specifications for control of copy numbers (3.3.1)
- specifications for audio-quality control of copies (3.3.2):
The Audio Quality Parameter (Q) consists of 2 bits and defines the number of channels (ch), sampling frequency (fs), and quantization bit level (Qb) of permitted copies.
another example:
section 4. Playback and output control rules for participating player devices
- playback control by audio watermark: unencrypted content with CCI bit of Audio Watermark set to any other state than "copy freely" will not be played (4.1.1)
- player devices built after Dezember 31, 2000 have to respond to the Verance/4C Audio Watermark (4.1.2)
- as soon as a method is determined players shall, through media type detection, prevent playback of recordable media with CPPM protected content(4.1.3)
An interesting tidbit on HDCP can be found in an article at maximumpc.com:
http://www.maximumpc.com/reprint/intel_revamps/
a quote from that article:
(...) Intel has proposed the High-Bandwidth Digital Content Protection encryption spec. Using hardware on both the videocard and the monitor, HDCP will encrypt data on the PC before sending it to the display device, where it will be decrypted. The rub is that only new DVI-equipment will have the feature, which creates a slight risk of obsolescence for those who invest in DVI early on.
Intel officials have downplayed that issue. They claim that any DVI monitor will be able to display protected content, because the HDCP-equipped DVI card will simply sense that an older DVI monitor lacks HDCP features and will lower the image quality to keep the content protected. Of course, no one has accounted for consumer acceptance. Will people embrace a standard that reduces image quality on their older equipment? Intel officials say the loss won't be enough to irk people.how about this one:
http://www.techweb.com/wire/story/TWB20000218S0008
"HDCP uses a 56-bit key, with individual keys distributed to the various vendors. A violated key could be tracked down and revoked over a satellite broadcast network, for example."Apart from the documents obtained from the specification websites referenced above a search on the manufacturer's websites (Panasonic, Sony, etc.) for keywords like DTCP, CPRM etc. yields further information such as press-releases and other documents.
A couple of devices that already make use of these technologies have already been announced and/or gone into production such as:
Matsushita (Panasonic) DVD-RAM recorder DMR-E10
Panasonic D-VHS VCR PV-HD1000
Silicon Image SiI 168 PanelLink transmitter chip for DVI hardware
Silicon Image SiI 861 PanelLink controller chip for DVI hardware chip
And you guys thought CSS was the only thing to be worried about.
---Police Line - Do Not Cross !--- -
CPRM is just the tip of the iceberg!!!
Have a look at what those industry morons are up to:The proposal to enhance the ATA-spec with copy protection extensions is an enhancement of CPRM.
CPRM itself is just one of several technologies which are part of the so-called "Content Protection System Architecture" (CPSA).[http://www.4centity.com/4centity/data/tech/cps
a /c psa081.pdf]
Enter CPSA, servants, attendants.
CPSA is an attempt to define a technological framework in order to fulfill the entertainment industry's (RIAA, MPAA etc.) demand for complete control of distribution and copies of audio/video content. The idea is to create a secure end-to-end chain from cable-station/satellite-receiver/settopbox/DVD etc. to the enduser's speaker/digital-display etc.
CPSA is supposed to include the following content protection technologies among others:
Content Protection for Recordable Media (CPRM)
- protected exchange of audio/video on DVD, FlashMedia, (ATA-hdds planned)
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Protection for Pre-recorded Media (CPPM)
- robust protection of DVD-Audio content on DVD-ROM media
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Scrambling System (CSS)
- protecting DVD-Video cotent via authentication and content scrambling
developed by: DVD Copy Control Association (CCA) http://www.dvdcca.orgDigital Transmission Content Protection (DTCP)
- robust encryption of content passing between digital devices in the home e.g. IEEE 1394, USB
- copy control information
- authentication and key exchange
- digital encryption [sic!]
- system renewability
developed by: 5C (Hitachi, Intel, Matsuhita (MEI), Sony, Toshiba) http://www.dtcp.comHigh-bandwidth Digital Content Protection (HDCP)
- encryption on high-bandwith interfaces to digital displays e.g. DVI
developed by: Intel http://www.digital-CP.com4C/Verance Watermark
- technology for creating/reading watermarks (Content Management Information - CMI) in audio content
developed by: Verance Corporation http://www.4centity.comFinally, a video watermarking scheme (to be selected by the DVD CCA)
All information above taken from:
http://www.4centity.com/4centity/data/tech/cpsa/cp sa081.pdf
(Dated February 17th, 2000; revision 0.81) Absolutely recommended reading!!!
So much for the overall framework.
Some interesting details on the technologies described above:
Content Management Information (CMI)
- additional information added to the content in order to establish rules and conditions restricting its usage
Copy Control Information (CCI - a subset of CMI)
- copy restrictions through data flags: copy free, copy once, copy nomore, copy never
There is an enlightening presentation on DTCP (warning: horrible layout):
http://www.dtcp.com/data/dtcp_tut.pdf
A preliminary version of the DTCP specification (v1.1) can be found here:
http://www.dtcp.com/data/DTCP_spec11_informational
A few buzzwords to wet your appetite:
- content encryption, supported ciphers: M6, Blowfish (modified), DES
- authentication: Diffie-Hellman key exchange, PKI
- cryptographic functions: SHA-1, random number generator
[cf. Chapter 4.4 Cryptographic Functions]
The next document makes for another interesting read:
http://www.dvdcca.org/4centity/data/licensing/adop ter/interim_CPRM_CPPM_agreement.pdf
let's have a look at some excerpts:
Exhibit B-1 CPPM COMPLIANCE RULES FOR DVD-AUDIO (p.35ff):
Section 3. Encoding Rules for individual parameters of prerecorded DVD-Audio disc
- specifications for control of copy permission (3.2)
- specifications for control of copy numbers (3.3.1)
- specifications for audio-quality control of copies (3.3.2):
The Audio Quality Parameter (Q) consists of 2 bits and defines the number of channels (ch), sampling frequency (fs), and quantization bit level (Qb) of permitted copies.
another example:
section 4. Playback and output control rules for participating player devices
- playback control by audio watermark: unencrypted content with CCI bit of Audio Watermark set to any other state than "copy freely" will not be played (4.1.1)
- player devices built after Dezember 31, 2000 have to respond to the Verance/4C Audio Watermark (4.1.2)
- as soon as a method is determined players shall, through media type detection, prevent playback of recordable media with CPPM protected content(4.1.3)
An interesting tidbit on HDCP can be found in an article at maximumpc.com:
http://www.maximumpc.com/reprint/intel_revamps/
a quote from that article:
(...) Intel has proposed the High-Bandwidth Digital Content Protection encryption spec. Using hardware on both the videocard and the monitor, HDCP will encrypt data on the PC before sending it to the display device, where it will be decrypted. The rub is that only new DVI-equipment will have the feature, which creates a slight risk of obsolescence for those who invest in DVI early on.
Intel officials have downplayed that issue. They claim that any DVI monitor will be able to display protected content, because the HDCP-equipped DVI card will simply sense that an older DVI monitor lacks HDCP features and will lower the image quality to keep the content protected. Of course, no one has accounted for consumer acceptance. Will people embrace a standard that reduces image quality on their older equipment? Intel officials say the loss won't be enough to irk people.how about this one:
http://www.techweb.com/wire/story/TWB20000218S0008
"HDCP uses a 56-bit key, with individual keys distributed to the various vendors. A violated key could be tracked down and revoked over a satellite broadcast network, for example."Apart from the documents obtained from the specification websites referenced above a search on the manufacturer's websites (Panasonic, Sony, etc.) for keywords like DTCP, CPRM etc. yields further information such as press-releases and other documents.
A couple of devices that already make use of these technologies have already been announced and/or gone into production such as:
Matsushita (Panasonic) DVD-RAM recorder DMR-E10
Panasonic D-VHS VCR PV-HD1000
Silicon Image SiI 168 PanelLink transmitter chip for DVI hardware
Silicon Image SiI 861 PanelLink controller chip for DVI hardware chip
And you guys thought CSS was the only thing to be worried about.
---Police Line - Do Not Cross !--- -
CPRM is just the tip of the iceberg!!!
Have a look at what those industry morons are up to:The proposal to enhance the ATA-spec with copy protection extensions is an enhancement of CPRM.
CPRM itself is just one of several technologies which are part of the so-called "Content Protection System Architecture" (CPSA).[http://www.4centity.com/4centity/data/tech/cps
a /c psa081.pdf]
Enter CPSA, servants, attendants.
CPSA is an attempt to define a technological framework in order to fulfill the entertainment industry's (RIAA, MPAA etc.) demand for complete control of distribution and copies of audio/video content. The idea is to create a secure end-to-end chain from cable-station/satellite-receiver/settopbox/DVD etc. to the enduser's speaker/digital-display etc.
CPSA is supposed to include the following content protection technologies among others:
Content Protection for Recordable Media (CPRM)
- protected exchange of audio/video on DVD, FlashMedia, (ATA-hdds planned)
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Protection for Pre-recorded Media (CPPM)
- robust protection of DVD-Audio content on DVD-ROM media
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Scrambling System (CSS)
- protecting DVD-Video cotent via authentication and content scrambling
developed by: DVD Copy Control Association (CCA) http://www.dvdcca.orgDigital Transmission Content Protection (DTCP)
- robust encryption of content passing between digital devices in the home e.g. IEEE 1394, USB
- copy control information
- authentication and key exchange
- digital encryption [sic!]
- system renewability
developed by: 5C (Hitachi, Intel, Matsuhita (MEI), Sony, Toshiba) http://www.dtcp.comHigh-bandwidth Digital Content Protection (HDCP)
- encryption on high-bandwith interfaces to digital displays e.g. DVI
developed by: Intel http://www.digital-CP.com4C/Verance Watermark
- technology for creating/reading watermarks (Content Management Information - CMI) in audio content
developed by: Verance Corporation http://www.4centity.comFinally, a video watermarking scheme (to be selected by the DVD CCA)
All information above taken from:
http://www.4centity.com/4centity/data/tech/cpsa/cp sa081.pdf
(Dated February 17th, 2000; revision 0.81) Absolutely recommended reading!!!
So much for the overall framework.
Some interesting details on the technologies described above:
Content Management Information (CMI)
- additional information added to the content in order to establish rules and conditions restricting its usage
Copy Control Information (CCI - a subset of CMI)
- copy restrictions through data flags: copy free, copy once, copy nomore, copy never
There is an enlightening presentation on DTCP (warning: horrible layout):
http://www.dtcp.com/data/dtcp_tut.pdf
A preliminary version of the DTCP specification (v1.1) can be found here:
http://www.dtcp.com/data/DTCP_spec11_informational
A few buzzwords to wet your appetite:
- content encryption, supported ciphers: M6, Blowfish (modified), DES
- authentication: Diffie-Hellman key exchange, PKI
- cryptographic functions: SHA-1, random number generator
[cf. Chapter 4.4 Cryptographic Functions]
The next document makes for another interesting read:
http://www.dvdcca.org/4centity/data/licensing/adop ter/interim_CPRM_CPPM_agreement.pdf
let's have a look at some excerpts:
Exhibit B-1 CPPM COMPLIANCE RULES FOR DVD-AUDIO (p.35ff):
Section 3. Encoding Rules for individual parameters of prerecorded DVD-Audio disc
- specifications for control of copy permission (3.2)
- specifications for control of copy numbers (3.3.1)
- specifications for audio-quality control of copies (3.3.2):
The Audio Quality Parameter (Q) consists of 2 bits and defines the number of channels (ch), sampling frequency (fs), and quantization bit level (Qb) of permitted copies.
another example:
section 4. Playback and output control rules for participating player devices
- playback control by audio watermark: unencrypted content with CCI bit of Audio Watermark set to any other state than "copy freely" will not be played (4.1.1)
- player devices built after Dezember 31, 2000 have to respond to the Verance/4C Audio Watermark (4.1.2)
- as soon as a method is determined players shall, through media type detection, prevent playback of recordable media with CPPM protected content(4.1.3)
An interesting tidbit on HDCP can be found in an article at maximumpc.com:
http://www.maximumpc.com/reprint/intel_revamps/
a quote from that article:
(...) Intel has proposed the High-Bandwidth Digital Content Protection encryption spec. Using hardware on both the videocard and the monitor, HDCP will encrypt data on the PC before sending it to the display device, where it will be decrypted. The rub is that only new DVI-equipment will have the feature, which creates a slight risk of obsolescence for those who invest in DVI early on.
Intel officials have downplayed that issue. They claim that any DVI monitor will be able to display protected content, because the HDCP-equipped DVI card will simply sense that an older DVI monitor lacks HDCP features and will lower the image quality to keep the content protected. Of course, no one has accounted for consumer acceptance. Will people embrace a standard that reduces image quality on their older equipment? Intel officials say the loss won't be enough to irk people.how about this one:
http://www.techweb.com/wire/story/TWB20000218S0008
"HDCP uses a 56-bit key, with individual keys distributed to the various vendors. A violated key could be tracked down and revoked over a satellite broadcast network, for example."Apart from the documents obtained from the specification websites referenced above a search on the manufacturer's websites (Panasonic, Sony, etc.) for keywords like DTCP, CPRM etc. yields further information such as press-releases and other documents.
A couple of devices that already make use of these technologies have already been announced and/or gone into production such as:
Matsushita (Panasonic) DVD-RAM recorder DMR-E10
Panasonic D-VHS VCR PV-HD1000
Silicon Image SiI 168 PanelLink transmitter chip for DVI hardware
Silicon Image SiI 861 PanelLink controller chip for DVI hardware chip
And you guys thought CSS was the only thing to be worried about.
---Police Line - Do Not Cross !--- -
CPRM is just the tip of the iceberg!!!
Have a look at what those industry morons are up to:The proposal to enhance the ATA-spec with copy protection extensions is an enhancement of CPRM.
CPRM itself is just one of several technologies which are part of the so-called "Content Protection System Architecture" (CPSA).[http://www.4centity.com/4centity/data/tech/cps
a /c psa081.pdf]
Enter CPSA, servants, attendants.
CPSA is an attempt to define a technological framework in order to fulfill the entertainment industry's (RIAA, MPAA etc.) demand for complete control of distribution and copies of audio/video content. The idea is to create a secure end-to-end chain from cable-station/satellite-receiver/settopbox/DVD etc. to the enduser's speaker/digital-display etc.
CPSA is supposed to include the following content protection technologies among others:
Content Protection for Recordable Media (CPRM)
- protected exchange of audio/video on DVD, FlashMedia, (ATA-hdds planned)
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Protection for Pre-recorded Media (CPPM)
- robust protection of DVD-Audio content on DVD-ROM media
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Scrambling System (CSS)
- protecting DVD-Video cotent via authentication and content scrambling
developed by: DVD Copy Control Association (CCA) http://www.dvdcca.orgDigital Transmission Content Protection (DTCP)
- robust encryption of content passing between digital devices in the home e.g. IEEE 1394, USB
- copy control information
- authentication and key exchange
- digital encryption [sic!]
- system renewability
developed by: 5C (Hitachi, Intel, Matsuhita (MEI), Sony, Toshiba) http://www.dtcp.comHigh-bandwidth Digital Content Protection (HDCP)
- encryption on high-bandwith interfaces to digital displays e.g. DVI
developed by: Intel http://www.digital-CP.com4C/Verance Watermark
- technology for creating/reading watermarks (Content Management Information - CMI) in audio content
developed by: Verance Corporation http://www.4centity.comFinally, a video watermarking scheme (to be selected by the DVD CCA)
All information above taken from:
http://www.4centity.com/4centity/data/tech/cpsa/cp sa081.pdf
(Dated February 17th, 2000; revision 0.81) Absolutely recommended reading!!!
So much for the overall framework.
Some interesting details on the technologies described above:
Content Management Information (CMI)
- additional information added to the content in order to establish rules and conditions restricting its usage
Copy Control Information (CCI - a subset of CMI)
- copy restrictions through data flags: copy free, copy once, copy nomore, copy never
There is an enlightening presentation on DTCP (warning: horrible layout):
http://www.dtcp.com/data/dtcp_tut.pdf
A preliminary version of the DTCP specification (v1.1) can be found here:
http://www.dtcp.com/data/DTCP_spec11_informational
A few buzzwords to wet your appetite:
- content encryption, supported ciphers: M6, Blowfish (modified), DES
- authentication: Diffie-Hellman key exchange, PKI
- cryptographic functions: SHA-1, random number generator
[cf. Chapter 4.4 Cryptographic Functions]
The next document makes for another interesting read:
http://www.dvdcca.org/4centity/data/licensing/adop ter/interim_CPRM_CPPM_agreement.pdf
let's have a look at some excerpts:
Exhibit B-1 CPPM COMPLIANCE RULES FOR DVD-AUDIO (p.35ff):
Section 3. Encoding Rules for individual parameters of prerecorded DVD-Audio disc
- specifications for control of copy permission (3.2)
- specifications for control of copy numbers (3.3.1)
- specifications for audio-quality control of copies (3.3.2):
The Audio Quality Parameter (Q) consists of 2 bits and defines the number of channels (ch), sampling frequency (fs), and quantization bit level (Qb) of permitted copies.
another example:
section 4. Playback and output control rules for participating player devices
- playback control by audio watermark: unencrypted content with CCI bit of Audio Watermark set to any other state than "copy freely" will not be played (4.1.1)
- player devices built after Dezember 31, 2000 have to respond to the Verance/4C Audio Watermark (4.1.2)
- as soon as a method is determined players shall, through media type detection, prevent playback of recordable media with CPPM protected content(4.1.3)
An interesting tidbit on HDCP can be found in an article at maximumpc.com:
http://www.maximumpc.com/reprint/intel_revamps/
a quote from that article:
(...) Intel has proposed the High-Bandwidth Digital Content Protection encryption spec. Using hardware on both the videocard and the monitor, HDCP will encrypt data on the PC before sending it to the display device, where it will be decrypted. The rub is that only new DVI-equipment will have the feature, which creates a slight risk of obsolescence for those who invest in DVI early on.
Intel officials have downplayed that issue. They claim that any DVI monitor will be able to display protected content, because the HDCP-equipped DVI card will simply sense that an older DVI monitor lacks HDCP features and will lower the image quality to keep the content protected. Of course, no one has accounted for consumer acceptance. Will people embrace a standard that reduces image quality on their older equipment? Intel officials say the loss won't be enough to irk people.how about this one:
http://www.techweb.com/wire/story/TWB20000218S0008
"HDCP uses a 56-bit key, with individual keys distributed to the various vendors. A violated key could be tracked down and revoked over a satellite broadcast network, for example."Apart from the documents obtained from the specification websites referenced above a search on the manufacturer's websites (Panasonic, Sony, etc.) for keywords like DTCP, CPRM etc. yields further information such as press-releases and other documents.
A couple of devices that already make use of these technologies have already been announced and/or gone into production such as:
Matsushita (Panasonic) DVD-RAM recorder DMR-E10
Panasonic D-VHS VCR PV-HD1000
Silicon Image SiI 168 PanelLink transmitter chip for DVI hardware
Silicon Image SiI 861 PanelLink controller chip for DVI hardware chip
And you guys thought CSS was the only thing to be worried about.
---Police Line - Do Not Cross !--- -
CPRM is just the tip of the iceberg!!!
Have a look at what those industry morons are up to:The proposal to enhance the ATA-spec with copy protection extensions is an enhancement of CPRM.
CPRM itself is just one of several technologies which are part of the so-called "Content Protection System Architecture" (CPSA).[http://www.4centity.com/4centity/data/tech/cps
a /c psa081.pdf]
Enter CPSA, servants, attendants.
CPSA is an attempt to define a technological framework in order to fulfill the entertainment industry's (RIAA, MPAA etc.) demand for complete control of distribution and copies of audio/video content. The idea is to create a secure end-to-end chain from cable-station/satellite-receiver/settopbox/DVD etc. to the enduser's speaker/digital-display etc.
CPSA is supposed to include the following content protection technologies among others:
Content Protection for Recordable Media (CPRM)
- protected exchange of audio/video on DVD, FlashMedia, (ATA-hdds planned)
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Protection for Pre-recorded Media (CPPM)
- robust protection of DVD-Audio content on DVD-ROM media
- encrypted storage of content
- protected storage of content management information (CMI)
- system renewability
- methods to prevent playback of bit-by-bit copies
developed by: 4C (IBM, Intel, Matsushita (MEI), Toshiba) http://www.4centity.comContent Scrambling System (CSS)
- protecting DVD-Video cotent via authentication and content scrambling
developed by: DVD Copy Control Association (CCA) http://www.dvdcca.orgDigital Transmission Content Protection (DTCP)
- robust encryption of content passing between digital devices in the home e.g. IEEE 1394, USB
- copy control information
- authentication and key exchange
- digital encryption [sic!]
- system renewability
developed by: 5C (Hitachi, Intel, Matsuhita (MEI), Sony, Toshiba) http://www.dtcp.comHigh-bandwidth Digital Content Protection (HDCP)
- encryption on high-bandwith interfaces to digital displays e.g. DVI
developed by: Intel http://www.digital-CP.com4C/Verance Watermark
- technology for creating/reading watermarks (Content Management Information - CMI) in audio content
developed by: Verance Corporation http://www.4centity.comFinally, a video watermarking scheme (to be selected by the DVD CCA)
All information above taken from:
http://www.4centity.com/4centity/data/tech/cpsa/cp sa081.pdf
(Dated February 17th, 2000; revision 0.81) Absolutely recommended reading!!!
So much for the overall framework.
Some interesting details on the technologies described above:
Content Management Information (CMI)
- additional information added to the content in order to establish rules and conditions restricting its usage
Copy Control Information (CCI - a subset of CMI)
- copy restrictions through data flags: copy free, copy once, copy nomore, copy never
There is an enlightening presentation on DTCP (warning: horrible layout):
http://www.dtcp.com/data/dtcp_tut.pdf
A preliminary version of the DTCP specification (v1.1) can be found here:
http://www.dtcp.com/data/DTCP_spec11_informational
A few buzzwords to wet your appetite:
- content encryption, supported ciphers: M6, Blowfish (modified), DES
- authentication: Diffie-Hellman key exchange, PKI
- cryptographic functions: SHA-1, random number generator
[cf. Chapter 4.4 Cryptographic Functions]
The next document makes for another interesting read:
http://www.dvdcca.org/4centity/data/licensing/adop ter/interim_CPRM_CPPM_agreement.pdf
let's have a look at some excerpts:
Exhibit B-1 CPPM COMPLIANCE RULES FOR DVD-AUDIO (p.35ff):
Section 3. Encoding Rules for individual parameters of prerecorded DVD-Audio disc
- specifications for control of copy permission (3.2)
- specifications for control of copy numbers (3.3.1)
- specifications for audio-quality control of copies (3.3.2):
The Audio Quality Parameter (Q) consists of 2 bits and defines the number of channels (ch), sampling frequency (fs), and quantization bit level (Qb) of permitted copies.
another example:
section 4. Playback and output control rules for participating player devices
- playback control by audio watermark: unencrypted content with CCI bit of Audio Watermark set to any other state than "copy freely" will not be played (4.1.1)
- player devices built after Dezember 31, 2000 have to respond to the Verance/4C Audio Watermark (4.1.2)
- as soon as a method is determined players shall, through media type detection, prevent playback of recordable media with CPPM protected content(4.1.3)
An interesting tidbit on HDCP can be found in an article at maximumpc.com:
http://www.maximumpc.com/reprint/intel_revamps/
a quote from that article:
(...) Intel has proposed the High-Bandwidth Digital Content Protection encryption spec. Using hardware on both the videocard and the monitor, HDCP will encrypt data on the PC before sending it to the display device, where it will be decrypted. The rub is that only new DVI-equipment will have the feature, which creates a slight risk of obsolescence for those who invest in DVI early on.
Intel officials have downplayed that issue. They claim that any DVI monitor will be able to display protected content, because the HDCP-equipped DVI card will simply sense that an older DVI monitor lacks HDCP features and will lower the image quality to keep the content protected. Of course, no one has accounted for consumer acceptance. Will people embrace a standard that reduces image quality on their older equipment? Intel officials say the loss won't be enough to irk people.how about this one:
http://www.techweb.com/wire/story/TWB20000218S0008
"HDCP uses a 56-bit key, with individual keys distributed to the various vendors. A violated key could be tracked down and revoked over a satellite broadcast network, for example."Apart from the documents obtained from the specification websites referenced above a search on the manufacturer's websites (Panasonic, Sony, etc.) for keywords like DTCP, CPRM etc. yields further information such as press-releases and other documents.
A couple of devices that already make use of these technologies have already been announced and/or gone into production such as:
Matsushita (Panasonic) DVD-RAM recorder DMR-E10
Panasonic D-VHS VCR PV-HD1000
Silicon Image SiI 168 PanelLink transmitter chip for DVI hardware
Silicon Image SiI 861 PanelLink controller chip for DVI hardware chip
And you guys thought CSS was the only thing to be worried about.
---Police Line - Do Not Cross !---