DVD Content Protection

Developed by the so-called 4C group – Intel, IBM, Matsushita and Toshiba – in co-operation with the Copy Protection Technical Working Group (CPTWG), the Content Protection System Architecture (CPSA) provides an overall framework for content protection across the entire DVD family. The CPSA architecture has been designed to accommodate the major existing content protection technologies as well as allowing the integration of new technologies as they emerge. Through close collaboration between the relevant groups, it has also been designed to be consistent with and avoid duplication of copy protection measures emanating from the Secure Digital Music Initiative (SDMI).

The CPSA architecture is comprehensive, spanning analogue and digital, audio and video, consumer electronics and PC systems and physical and electronic distribution techniques. A comprehensive content protection system depends on both technologies and policies. CPSA specifies the use of two key technologies – watermarking and encryption – to together provide a means to enforce content protection policies.

Watermarking is a technology that allows content management information (CMI) to be embedded in content in a way that is transparent to the end-user of that content and robust against the information being either removed or altered in any way. Sometimes referred to as usage rules, CMI indicates the conditions and requirements constraining use of the content. It stays with the content regardless of the contents’ analogue or digital representation. Watermarking does not, in and of itself, protect the content. Rather, the protection comes from compliant devices responding appropriately to manage the content in accordance with the CMI. Such protection is realised only if there is some means to compel devices to be compliant. That means encryption.

Encryption is a way of scrambling digital content so that it is unusable (not recognisable) unless it is first descrambled (decrypted). To get the necessary intellectual property to be able to decrypt the content, a license is required. That license contract specifies requirements to manage the content according to its CMI.

By late-2000 there were a number of CPSA-consistent content protection technologies in use:

  • Analogue Protection System (APS): A system developed by Macrovision to prevent copying onto consumer VCRs. The producer of the disc decides what amount of copy protection to enable and then pays Macrovision royalties accordingly. The actual copy protection signal applied is comprised of two elements: automatic gain control (AGC) and colourstripe. The former – virtually identical to the technology that has been used on billions of videocassettes – consists of pulses in the vertical interval that TVs do not detect. When a copy is attempted, the pulses confuse a VCR’s AGC circuitry, causing copies to display characteristics such as dim and/or noisy pictures, loss of colour, loss of video, etc. The Colourstripe Process consists of changes to colourburst information that are transparent on original viewing, but produces annoying lines across the picture on unauthorised copy playback.
  • Content Scrambling System (CSS): Method for protecting DVD-Video content via authentication and content scrambling developed primarily by Matsushita and Toshiba. Descrambling requires a pair of keys. One of these is unique to the disc, while the other is unique to the MPEG-2 file being descrambled. The keys are stored on the lead-in area of the disc, which can only read by compliant drives. Anyone wishing to build compliant devices must obtain a license, which contains the requirement that the rest of the copy-protection system be implemented.
  • Copy Guard Management System (CGMS): A serial copy generation management system (SCMS) designed control the amount of legal copies allowed. The CGMS information is embedded in the outgoing video signal, a pair of bits encoding one of three possible rules for copying: copy freely, copy never or copy once. The latter allows a first-generation copy may be made, but not copies of a copy.
  • Digital Transmission Content Protection (DTCP): Specifies robust encryption of content passing between domestic digital devices via IEEE 1394, through the use of copy control information, authentication and key exchange, digital encryption and system renewability. The original proposal (called the 5CP, for five-company proposal) was made by Intel, Sony, Hitachi, Matsushita, and Toshiba in early 1998. Content is marked with standard CGMS flags. Devices that are digitally connected – such as a DVD player and a digital TV – exchange keys and authentication certificates to establish a channel.
  • Content Protection for Recordable Media (CPRM): Specification enabling protected exchange of audio/visual content recorded on various portable data storage media types, including DVD, SD Memory Cards, CompactFlash and IBM Microdrive media. CPRM is a mechanism that ties a recording to the media on which it is recorded. It is supported by all DVD recorders released after 1999. Each blank recordable DVD has a unique 64-bit disc ID etched in the BCA. When protected content is recorded onto the disc, it can be encrypted with a 56-bit C2 (Cryptomeria) cipher derived from the disc ID. During playback, the disc ID is read from the BCA and used to generate a key to decrypt the contents of the disc. If the contents of the disc are copied to other media, the ID will be absent or wrong and the data cannot be decrypted.
  • Content Protection for Pre-recorded Media (CPPM): Specification for robust protection of DVD-Audio content stored on DVD-ROM media. Specifies encrypted storage of content, protected storage of content management information, system renewability and methods to prevent playback of bit-by-bit copies. Replaced the derivative of the CSS algorithm previously used by DVD-Audio following the appearance of the encryption-cracking DeCSS program in late-1999. Keys are stored in the lead-in area, but there are no title keys in the sector headers. The disc key is replaced by an album identifier. Since the authentication mechanism is the same as for CSS, no changes are required to existing DVD drives.
  • High-bandwidth Digital Content Protection (HDCP): A specification developed by Intel Corporation that encrypts each pixel as it moves from a PC or set-top box to digital displays across the DVI interface. The HDCP specification provides a robust and transparent method for transmitting and receiving digital entertainment content to DVI-compliant digital displays. The HDCP Authentication protocol is an exchange between a video transmitter and a video receiver that affirms to the transmitter that the receiver is authorised to receive the protected information. This affirmation is in the form of the receiver demonstrating knowledge of a set of secret device keys.
  • Verance Watermark: Selected for use as a worldwide industry standard in copy protected DVD Audio and for the Secure Digital Music Initiative (SDMI). The Verance watermarking technology is inaudible, robust and tamper resistant and capable of surviving translation from analogue to digital, compressed to decompressed and encrypted to unencrypted.