digital bridge proposal - wikileaks la... · digital bridge proposal. introduction ... ecosystem...

March 5, 2014March 5, 2014

AACS LA, LLCAACS LA, LLC

Digital Bridge ProposalDigital Bridge Proposal

IntroductionIntroduction

March 5, 2014March 5, 2014 Confidential: Disclosure Pursuant to BDA-Confidential: Disclosure Pursuant to BDA-AACS LA NDAAACS LA NDA

22

This proposal is intended to describe the scope of This proposal is intended to describe the scope of Digital Bridge capabilities that AACS can support. Digital Bridge capabilities that AACS can support. AACS acknowledges that the ultimate approach AACS acknowledges that the ultimate approach with respect to these capabilities will be as agreed with respect to these capabilities will be as agreed upon between AACS and BDA.upon between AACS and BDA.

This presentation regarding Digital Bridge includes:This presentation regarding Digital Bridge includes: Background and assumptionsBackground and assumptions

““UHD BOD 43 FINAL” slidesUHD BOD 43 FINAL” slides Examples and Illustrations of Use CasesExamples and Illustrations of Use Cases

AACS ProposalAACS Proposal Protocol overviewProtocol overview Capabilities of Disc/Player/ServerCapabilities of Disc/Player/Server

AACS Proposal BenefitsAACS Proposal Benefits

Disc File Format: BDMV-FE

◦ Provided bridge output is acceptable

Copy Protection: AACS Next Gen (and BD-ROM mark and BD+ if applicable), pending CPG approval◦ CPG to review next-gen AACS developed in

collaboration with MovieLabs (and BD-ROM mark and BD+ if applicable) to ensure compliance with BDA requirements (to be established by CPG)

CONFIDENTIAL: DISCLOSURE PURSUANT TO BDA-AACS LA NDA 3

Digital Bridge:Export

File Format: SFF◦ SFF to be available for other entities to use without license from BDA;

format needs to be finalized in conjunction with the BDMV-FE format; TF will ensure bridge format conversion is as reasonable and cost-effective as possible; TF to study details of use cases and ecosystem of bridge function

File Rules & Mechanics: To be developed with reference to Studio proposal and considering any proposals from AACS or others

Obligation: Mandatory/Mandatory (with exceptions), subject to Studio ratification in a reasonable time; otherwise Optional/Optional◦ The measure will be ratified if no Studio objects by December 2, 2013.

In any case, the BDA will create a specification to support digital bridge as defined in this proposal


Digital Bridge:Export (continued)

Copy Protection: List of approved DRMs◦ List to be defined, updated and managed under strict

criteria using a process to be proposed by AACS that involves MovieLabs and is subject to approval by CPG.

Legacy Support: Optional◦ Output format must be same container format as FE

export; technical feasibility of converting requires further study; may be mandatory (on both devices and new discs, with exceptions) if determined to be cost-effective and no Studio objects. In any case, the BDA will create a specification to support digital bridge as defined in this proposal.


Digital Bridge: Bound to unique ID of originating player

File Format: BDMV-FE

Copy Protection: AACS Next Gen (and BD+ if applicable), pending CPG approval◦ CPG to review next-gen AACS developed in

collaboration with MovieLabs (and BD+ if applicable) to ensure compliance with BDA requirements to be established by CPG


March 5, 2014March 5, 2014Confidential: Disclosure Pursuant to BDA-AACS LA NDAConfidential: Disclosure Pursuant to BDA-AACS LA NDA 77

AACS Bound Copy

Media-binding

Domain-binding

• Playback from the library on storage w/o optical disc

• Streaming video to mobile / TV from UHD BD Player

Use case

• Playback from mobile / TV / media player / car AV system etc.

Use case

• Media player supporting specific service/ecosystem

Use case

• Internal/External HDDbound to BD Player/Recorder

Target Devices

• Flash memory• HDD

Target Media

• Example: Movie distribution ecosystem (like UV)

Target Domain

• Playback from the library on storage

• Streaming video to mobile / TV from Home Server

• Playback from mobile

Use case

• Standalone Home Server• Mobile• BD Player / recorder

Target DevicesBDMV

A-ENC

SFF

C-ENC

AACS Bound Copy: BDMV-FE or SFF

Export: SFF

SFF

C-ENC

SFF

C-ENC

SFF

C-ENC

UHD BD-ROM

BDMV

A-ENC

UHD BD Player

1. AACS Bound Copy2. Non-AACS Device Binding3. Media Binding4. Domain Binding

1. AACS Bound Copy2. Non-AACS Device Binding3. Media Binding4. Domain Binding

Non-AACS Device Binding

Digital Bridge

Export: SFF

Export: SFF

A-ENC

AACS Stream Encryption defined for

BD

C-ENC

Common Encryption

AA

CS

Bound C

opy Method

DR

M E

cosystem

[Illustration] AACS Bound Copy Use Cases[Illustration] AACS Bound Copy Use Cases

March 5, 2014March 5, 2014Confidential: Disclosure Pursuant to BDA-AACS LA NDAConfidential: Disclosure Pursuant to BDA-AACS LA NDA

88

1: In case of BDMV-FE

2: In case of SFF

UHD BD-ROM

BDMV

A-ENC

UHD BD Player (Type 1)

BDMV

A-ENC

AACS Bound Copy Playback

Export

PROS of Type 1 Player:[AACS Bound Copy] Bit-for-bit copy from BD to storage / No re-encryption [Playback] All the BD features available

UHD BD-ROM

BDMV

A-ENC

UHD BD Player(Type 2)

AACS Bound Copy Playback

File Copy

PROS of Type 2 Player:[AACS Bound Copy] Copied SFF is used for both playback and export / Save storage capacity[Export] Bit-for-bit copy from storage to external device/media

A-ENC AACS Stream Encryption

defined for BD

C-ENC Common Encryption

SFF

C-ENC

DRM Server

SFF

C-ENC

[Illustration] Domain Binding Use Case[Illustration] Domain Binding Use Case


99

Export

UHD BD-ROM

BDMV

A-ENC

UHD BD Player

CopySFF

SFF

Home Server with DRM-A

Media Player/HDD with

DRM-C

DRM-A Server

DRM-C Server

In case of Domain Binding, exported file will be shared with multiple devices. Such multiple devices would implement different DRM, but file format is SFF and file encryption scheme is Common Encryption (C-ENC).

In case of Domain Binding, exported file will be shared with multiple devices. Such multiple devices would implement different DRM, but file format is SFF and file encryption scheme is Common Encryption (C-ENC).

SFF

C-ENC

License File for DRM-A

License File for DRM-C

SFF

C-ENC

SFF

C-ENC

DRM-B Server

License File for DRM-B

Mobile with DRM-B

CopySFF

Domain

A-ENC AACS Stream Encryption defined for

BD

C-ENC Common Encryption

Management Server (e.g. Rights Locker)

AACS ProposalAACS Proposal


1010

AACS’s role for Export:AACS’s role for Export: If decryption and re-encryption are required for Export,If decryption and re-encryption are required for Export,

AACS Compliance and Robustness Rule are applied to Export functionAACS Compliance and Robustness Rule are applied to Export function AACS provides authentication for the creation of the SFF export fileAACS provides authentication for the creation of the SFF export file AACS provides SFF re-encryption keyAACS provides SFF re-encryption key AACS provides consumer information about the license acquisition AACS provides consumer information about the license acquisition AACS relays manifest information necessary to create the SFF fileAACS relays manifest information necessary to create the SFF file AACS Server performs Permission Protocol transaction with UHD BD PlayerAACS Server performs Permission Protocol transaction with UHD BD Player

AACS’s role for AACS Bound Copy:AACS’s role for AACS Bound Copy: AACS Compliance and Robustness Rules are applied to Copy function and AACS Compliance and Robustness Rules are applied to Copy function and

Playback function of AACS Bound CopyPlayback function of AACS Bound Copy For BDMV-FE files, playback license will be distributed from AACS Server; for For BDMV-FE files, playback license will be distributed from AACS Server; for

SFF files, AACS has a capability to provide playback license, tooSFF files, AACS has a capability to provide playback license, too For BDMV-FE files, re-encryption is not applicableFor BDMV-FE files, re-encryption is not applicable AACS Server performs AACS Offer/Permission Protocol transaction with UHD AACS Server performs AACS Offer/Permission Protocol transaction with UHD

BD PlayerBD Player AACS Specification:AACS Specification:

AACS would specify the Offer/Permission protocol and the use of the ISO AACS would specify the Offer/Permission protocol and the use of the ISO standard Common Encryption scheme for Digital Bridgestandard Common Encryption scheme for Digital Bridge

SOAP/WSDL based protocol is used to keep current resourceSOAP/WSDL based protocol is used to keep current resource

AACS Proposal – Export Protocol forAACS Proposal – Export Protocol for Re-encryptionRe-encryption

March 5, 2014March 5, 2014Confidential: Disclosure Pursuant to BDA-AACS LA NDAConfidential: Disclosure Pursuant to BDA-AACS LA NDA

1111

UHD BD Player

UHD BD-ROM

Coupon Code

Destination Storage/Device

AACS Server

Outside DRM Server

PMSN

Offer Request

Coupon/PMSN (Optional),

Content ID/Device ID

Device Priv Key/Cert

Offer Response

Offer (price info etc.)

Main Title Indicator

Permission Request

Selected Offer ID

Permission Response

Contents

Financial Transaction / DRM license download (Out of AACS scope)

Report of DRM license issuance (optional)

Content ID

Export

This would be composed of •Shop Front Server (by e.g. Retailer)•DRM License Distribution Server•Payment Server etc.

AACS Server provides SFF Re-enc Key per title, generated by AACS Server or Content Provider.

AACS Proposal – AACS Bound Copy ProtocolAACS Proposal – AACS Bound Copy Protocol

March 5, 2014March 5, 2014Confidential: Disclosure Pursuant to BDA-AACS LA NDAConfidential: Disclosure Pursuant to BDA-AACS LA NDA 1212

UHD BD Player

UHD BD-ROM

Coupon Code

Local Storage

Payment Server

PMSN

Offer Request

Coupon/PMSN (Optional),

Content ID/Device ID

Device Priv Key/Cert

Offer Response

Offer (price info, Payment server URL etc.)

Main Title Indicator

Permission Request

Selected Offer ID

Permission Response = Playback licensePermission,

SFF Re-enc Key (in case of SFF)

e.g. Price info, Session ID etc.

Contents

Content ID

Bound Copy

AACS Server

Protocol of Financial Transaction is outside the scope of AACS and

defined by each payment platform.

AACS Proposal – UHD BD-ROMAACS Proposal – UHD BD-ROM


1313

Main Title Indicator (e.g. manifest file) is Main Title Indicator (e.g. manifest file) is required by the format specification to be required by the format specification to be resident on the discresident on the disc

PMSN (Pre-recorded Media Serial PMSN (Pre-recorded Media Serial Number)/Coupon Code Number)/Coupon Code Optional for UHD BD-ROMOptional for UHD BD-ROM

AACS Proposal – UHD BD PlayerAACS Proposal – UHD BD Player


1414

Device authentication with AACS Server requiredDevice authentication with AACS Server required In case of AACS Bound Copy, UHD BD content is copied to its In case of AACS Bound Copy, UHD BD content is copied to its

storage in the UHD BDMV-FE format (i.e. bit-for-bit copy and storage in the UHD BDMV-FE format (i.e. bit-for-bit copy and no re-encryption)no re-encryption) SFF format could also be supported in case of AACS Bound SFF format could also be supported in case of AACS Bound

CopyCopy Player provides its own User InterfacePlayer provides its own User Interface

BD-J is not used for Digital Bridge U/I purposeBD-J is not used for Digital Bridge U/I purpose AACS specification does not define any BD-J APIs for Digital Bridge AACS specification does not define any BD-J APIs for Digital Bridge

purposepurpose AACS will follow BDA’s guidance in supporting U/IAACS will follow BDA’s guidance in supporting U/I

Functions:Functions: To perform Permission transaction with AACS ServerTo perform Permission transaction with AACS Server To process Offer for AACS Bound CopyTo process Offer for AACS Bound Copy To decrypt, transmux and re-encrypt for SFFTo decrypt, transmux and re-encrypt for SFF

AACS Proposal – AACS ServerAACS Proposal – AACS Server


1515

Leverage an existing server for both Export and AACS Bound CopyLeverage an existing server for both Export and AACS Bound Copy Capabilities:Capabilities:

To provide Offer/PermissionTo provide Offer/Permission Price info etc. can be sent to a customer in advance before copy processPrice info etc. can be sent to a customer in advance before copy process

To issue SFF Re-encryption Key and share with Outside DRM Server (if To issue SFF Re-encryption Key and share with Outside DRM Server (if necessary)necessary)

To validate UHD BD PlayerTo validate UHD BD Player Allows refusal to distribute title key for re-encryption to a revoked UHD BD Allows refusal to distribute title key for re-encryption to a revoked UHD BD

PlayerPlayer Ensures the integrity of Device ID uploaded from UHD BD PlayerEnsures the integrity of Device ID uploaded from UHD BD Player

To control Export (i.e. copy count) using PMSN or Coupon CodeTo control Export (i.e. copy count) using PMSN or Coupon Code

Note:Note: Financial transaction is out of scopeFinancial transaction is out of scope Existing server supports access to PayPal with an interface for other payment Existing server supports access to PayPal with an interface for other payment

processersprocessers

AACS Proposal – Outside DRM ServerAACS Proposal – Outside DRM Server


1616

Transaction between AACS Server and Transaction between AACS Server and Outside DRM Server will be studied by AACSOutside DRM Server will be studied by AACS

Functions outside of AACS (examples):Functions outside of AACS (examples): To provide a DRM license including title key To provide a DRM license including title key

(same as the title key for re-encryption) to (same as the title key for re-encryption) to Outside DRM PlayerOutside DRM Player

To control the count of DRM license downloads To control the count of DRM license downloads (e.g., for copies from a particular disc), if (e.g., for copies from a particular disc), if necessarynecessary

Financial transaction (if necessary)Financial transaction (if necessary)

AACS Proposal BenefitsAACS Proposal Benefits


1717

Leveraging existing server assetLeveraging existing server asset Server is operational and fully tested, and security assessment has been successfully Server is operational and fully tested, and security assessment has been successfully

donedone Development costs to date have been absorbed by AACSDevelopment costs to date have been absorbed by AACS Significant learning – user interface, registration and management of offers, security, Significant learning – user interface, registration and management of offers, security,

consumer support, financial transactions, importance of on-disc meta dataconsumer support, financial transactions, importance of on-disc meta data Improved time to market for Digital BridgeImproved time to market for Digital Bridge

This approach enables all participants, including small to medium content companies, in the This approach enables all participants, including small to medium content companies, in the UHD format to participate in Digital BridgeUHD format to participate in Digital Bridge

Cost efficient – provides low cost for Cost efficient – provides low cost for copy/Exportcopy/Export authorization transaction authorization transaction Consistent user interface for given player for copy/export authorization across different Consistent user interface for given player for copy/export authorization across different

content owners or retailerscontent owners or retailers Consumer interface for obtaining playback license customized by retailer/DRM license Consumer interface for obtaining playback license customized by retailer/DRM license

serviceservice Enables single input point for offer registrationEnables single input point for offer registration Enables support of list of approved DRMsEnables support of list of approved DRMs

Enables device manufactures to create devices with an approved DRMEnables device manufactures to create devices with an approved DRM Consistent with BDA requirement (as provided to AACS)Consistent with BDA requirement (as provided to AACS) Easier for smaller content providersEasier for smaller content providers

Compatible with studio bilateral agreement with retailers or other service providers for Compatible with studio bilateral agreement with retailers or other service providers for ExportExport

digital bridge proposal - wikileaks la... · digital bridge proposal. introduction ... ecosystem...

Documents