Introduction
• 4k is a new opportunity for Sony, consumers and content providers
• 4k is a “green field” for all stake holders– No legacy 4k devices
• The studios will set a high bar for content protection for 4k
• This presentation is only about 4k– HD and SD versions of content continue to be offered,
delivered and protected by existing means
Consumer Experience
• Options for delivery– Download, play on any capable device– Purchase physical media, play on any capable device– Stream to any capable device
• Store content on device and in the cloud• Don’t need physical media to play content• Play on any capable device
– TVs, set top boxes, BD players, home media servers, PCs, laptops, tablets
• Output to any capable screen• Down-res transparently to non-4k devices• Any Online Account can be shared with the family
Studio Requirements
• A new approach to security– Different from AACS and BD+
• New compliance & robustness requirements– AACS compliance & robustness is
based on rules from the last century
• Designed and reviewed by organizations expert in security, e.g. NDS, Farcombe, Merdan
• Single content protection system• 3rd party device certification• Active monitoring and response
• Renew security with every download or with every title
• Hardware protected video path• Hardware root of trust
– e.g. Intel Insider, properly implemented TrustZone
• HDCP 2.0 only• Verance watermark detection• Playback license tied to
consumer’s Online Account• Forensic watermark traceable to
consumer’s Online Account
Content Delivery
• Common container for download and physical media– DECE Common File Format (CFF)– Physical media and download are just different ways to get the 4k
file to the consumer
• Streaming with MPEG-DASH– DECE Common Streaming Protocol (CSP)– Uses CFF– Adaptive streaming
Adaptive sub-sampling as well as compression
• Two codecs will allow for early deployment– H.264 now and add H.265 later though software upgrades
Use Cases
• EST– Consumer purchases title (ownership or rental) through Online Account– Consumer downloads content container to device registered to Online
Account– Device transparently obtains playback license– Consumer plays content on any device registered to their Online
Account
• Streaming– Consumer purchases title (ownership or rental) through Online Account– Device connects to streaming provider using Online Account– Device transparently obtains playback license– Consumer streams content to any device
Use Cases
• Stand alone physical media – Consumer purchases title on physical media– Consumer plays content directly from physical media– (Consumer cannot copy content, must have physical media)
• Physical media using Online Account– Consumer purchases title on physical media– Registered device responds to media insertion, checks if content
license is unused and adds to consumer’s Online Account – Device obtains playback license– Consumer plays content directly from physical media– Consumer copies file to any device registered to their Online Account
Consumer Offering
• Increasingly consumers do not want to buy physical media without an electronic copy– With HD and SD the only way to give the consumer both physical
media and a digital copy is to sell them a Blu-ray disc and bundle a digital offering with it (UV, bonus digital copy, AACS managed copy, etc.)
• Studios are selling 2 copies for the price of one– Consumers keep the disc and use the digital offer – Consumers keep the disc and sell the digital offer – Consumer use the digital offer and sell the disc
• 4k must be a single copy per sale– Effects implementation of delivery on physical media
Principles for New Content ProtectionIssue with current systems Mitigation for 4K
Software systems are vulnerable Hardware protected systems only allowed (Intel Insider, Trust Zone)
Permanently offline players cannot be authenticated, revoked or updated
4K security architecture will require online authentication, renewability/revocation and update checks
Self-certification allows lazy OEMs through Mandatory 3rd party certification of 4K devices
Single, long-standing security architecture gives hackers time to attack, and means that attacks have high impact, if successful (as whole device base is vulnerable)
4K security will be renewable, at least for each Title and preferably for each download, at a system and individual device level, and support diversity across devices and Titles
HDCP 1.4 is vulnerable HDCP2.0 only allowed, with backward compatibility turned off
Existing compliance robustness rules are outdated and too broad
New robustness rules, for devices with hardware security only and cognoscente of threats, will be developed
Systems allowing multiple content protection systems are only as strong as the weakest system
A single, renewable, content protection system.
The Consumer’s Online Account
• Consumer offering works with their Online Account• For example: Ultraviolet, iTunes, SEN Video Unlimited or
Disney Key Chest• Registers consumers and manages accounts• Records content rights in digital library• Handle device registration• Hands out content licenses to registered devices• Actively monitors for breaches• Pushes security updates
SPE Recommendations
• Proceed swiftly to set the market rather than waiting for the market to respond
• Leverage existing (delivery) technologies– Common File Format (CFF)– Common Streaming Format (CSF) - MPEG-DASH– H.264 with the option to adopt H.265– Proven independent commercial content protection system, e.g. NDS
• Avoid vendor lock-in for delivery• Allow for extensibility e.g. new codecs• Content is bound to consumer’s Online Account• Devices are registered to consumer’s Online Account
Action Plan
• Test H.264 compression for 4k– Native 4k footage shot on F65 and on film
• Agree interface specifications with Sony TV group• Prototype a proof of concept set-top box
– HDCP 2.0 protected HDMI 1.4 output– Software player running in protected hardware environment– 24fps 4k content
• Select, or at least short list, content protection vendors• In fall demonstrate streaming over fiber to the home network
– Or cable if data rate allows (dependent on outcome of H.264 testing)
• At CES demonstrate playback of downloaded file and from Blu-ray data disc