Multi-key playback and HDCP on the player recap
Online piracy has been growing throughout the world for years now, causing a loss of revenue and affecting the real market value of products. Therefore, it’s vital to follow best practices for content keys with digital rights management (DRM) to minimize risks associated with potential content leaks.
We’ve started a series of webinars around our PRESTOplay SDKs and the first one was on the topic of multi-key playback and high-bandwidth digital content protection (HDCP) on the player. In this blog post, we’ve summarized this webinar or you can watch it here.
Devices with different playback and security capabilities
Nowadays, we have a wide variety of devices: regular mobiles, tablets, set-top boxes, smart displays, etc. Ideally, we’d like to have just one piece of content that could be played on all of them. However, this isn’t an option due to their different capabilities.
Devices have different codecs: video and audio, profiles, implementations in hardware and software. In addition, they have diverse security capabilities, such as TEE (Trusted Execution Environment), digital and analog output protection, secure bootloader and storage, encryption schemes, which are defined by security metrics and levels.
Let’s take a closer look at security metrics and levels
Widevine certifies devices according to their security capabilities and targets L1 and L3 levels. L1 is the most secure level, where decrypted content is never exposed to the host central processing unit. Compared to it, L3 is less protected and L2 is usually not used due to lack of demand.
- L1 – secure bootloader, secure video path, TEE with all content processing, decryption, and crypto operations.
- L3 – content processing, decryption, and crypto operations are protected by software hardening and obfuscation.
EME (Encrypted Media Extensions) – security metric with five levels, where the fourth and fifth correspond to the L1 Widevine level. Level 5 is the most strict and allows only secure codecs, while level 4 allows insecure ones. Level 3 matches with L2 and levels 2 and 1 with L1.
Digital and analog output protection – part of the license response, which can have all variations of HDCP levels from unprotected to the older versions (from 1.4 to 2.2 and the latest 2.3). Devices can be set-top boxes or regular mobiles with USB-C to HDMI capabilities. In this case, both the device and the external display need to support common HDCP levels.
Now that we’ve discussed all of the 3 metrics, what can we do?
Let’s talk specifically about audio and video content as they need to have separate keys because their security requirements are different. Audio codecs are usually insecure L3 or L1 (EME 4) and rarely L1 (EME 5) levels. Video codecs are secure L1 (EME 5). If there’s only one key for both audio and video, it’ll leak into the insecure codecs. The presence of L1 audio and video keys, which are both EME 4, will still allow the use of an unprotected video codec and expose the video key. Thus, maximum security can only be reached when the audio key requires EME 4 and video EME 5 levels, having a separate video key from the audio key.
A DRM service can definitely help with the management of content protection and meeting all of these requirements. Our world-class DRMtoday service supports multi-key content for Widevine, PlayReady, and FairPlay Streaming DRM systems. Just one integration gives you multi-DRM access, which can be easily customized to required security levels, including the combination of EME 4 audio and EME 5 video levels.
Additionally, the multi-key option allows avoiding restrictions on the content or requirements for videos with SD, HD, UHD, and HDR content by providing separate keys for different video renditions. Here are some examples of possible content security requirements:
- UHD and HDR content on L1 devices only
- L3 devices are allowed to play SD resolutions only
- Some content requires EME 5 secure codec only
What about multi-key playback?
A multi-key solution can be delivered from the DRM server in multiple ways. One server can deliver only one key, while another can return all keys required for the content. As a result, simultaneous delivery of all keys can provide smoother playback and a more efficient workflow.
In order to meet all requirements, the playback or the player must be aware of these features. The player needs to monitor the state of the keys and disable tracks that cannot be played. Some devices don’t support this option, so in this case, errors have to be handled gracefully.