Home Analysis Delivery Infrastructure MovieLabs specs set a new benchmark for content protection

MovieLabs specs set a new benchmark for content protection

Share on

Comcast’s Xfinity TV Go on the PC. The company is going to stream 4K video through its app on Samsung Smart TVs

In order to bring broadcast Ultra HD television to market successfully, large parts of the content-to-consumer value chain need to be upgraded, including encoding and decoding (there is a consensus that this format requires HEVC/H.265 compression) and television sets. But until now one issue has been overlooked in the discussions about new technology, and that is content protection. That is about to change thanks to the MovieLabs Specification for Enhanced Content Protection – Version 1.0, a set of guidelines issued by and for the major studios that is viewed as a new benchmark for how the industry will protect its best content.

The MovieLabs specs are notable because they were prompted by the need to protect 4K/UHD services, including 4K streaming video, and so represent the most important effort today to upgrade content protection to match the value and pristine quality of the new format. Expert commentators think they are an important intervention in the evolution of ultra high resolution services but one that will also have implications for the delivery of high value content generally.

That is because they take onboard the new threat profile that has emerged in the connected era and put a greater emphasis on stopping redistribution over IP networks and shutting down activities that exploit redistributed and pirated content. They also rely upon remedies to ‘hack once, hack all’ scenarios and show a new attitude to content security solution revocation.

It should be pointed out that each member of MovieLabs can decide the extent to which they use the specifications or require others to adhere to them. So the MovieLabs Specification for Enhanced Content Protection – Version 1.0 is, in effect, a recommendation to studios by their own technology experts for what they should adopt as best practice.

André Roy, Head of Security Practice at Farncombe, a leading content security consultancy that also audits content protection technologies, says the MovieLabs specification represents the best industry attempt today to specify content security requirements for UHD/4K content. “It is seen by the studios as an opportunity to reset the bar on content security requirements for the distribution of 4K/UHD content,” he says.

Steve Christian, VP Marketing at Verimatrix, whose content security solutions are widely used across IPTV and multiscreen TV deployments, views the document as an effort to advance what is currently thought of as the ‘state-of-the-art’ for content protection generally. He thinks 4K and UHD provide the perfect opportunity to encourage advanced technologies into the market. “MovieLabs wants to use 4K as a catalyst to drive advances in security generally,” he declares.

Peter Fregelius, Head of Entertainment Devices at Swisscom, which is looking at the possibility of offering UHD VOD in 2015,  says the specification has implications across the delivery chain. “There are implications from the encoder to the watermarking server down to the set-top box, which must support HDMI 2.0 and HDCP 2.2 and maybe client watermarking technologies. These are all new technologies that must be implemented if studios make the requirements that are stated in their MovieLabs specification,” he explains.

The MovieLabs specifications address revocation and renewal (including active monitoring for security breaches), response to security breaches, hack containment, the establishment of secure media pipelines and trusted computing environments, outputs and link protection, among other things. The document calls for renewable software-based security, secure device authentication and the need to individualize the security process, from per-asset playback policies through to watermarking.

Roy at Farncombe thinks the requirement for the individualization of security solutions, the need for content watermarking and the requirement for monitoring represent a change in philosophy when it comes to protecting premium content. “These are a reflection of the increasing risk posed by content redistribution over IP networks and the importance of being able to reliably identify and shut down sources of pirated and re-distributed content,” he explains.

Roy explains that the most stringent content protection requirements today are aimed at protecting the integrity of the display device (whether that is a set-top box or an application on a tablet), the cryptographic keys and the operations that support content encryption, plus the video path.

“The next generation of premium content, like UHD/4K, also requires that pirated content is dis- coverable and traceable to its source, hence the requirements for watermarking and monitoring. It requires that ‘hack once, hack all’ scenarios that assist in the proliferation of piracy are avoided, hence the requirement for individualization.”

Petr Peterka, CTO at Verimatrix, shares the view that the MovieLabs specifications mark a new approach to content protection. He says they emphasize a shift towards server-side security management rather than client-side management, and also towards what he calls a ‘moat and castle wall’ approach where there are multiple layers of protection.

The specs call for the ability to authenticate devices at the time that consumption happens. “It leans on two-way networks and security is then based on a two-way communication between the headend and device,” Peterka explains.

He thinks the attitude to revocation is also important. “The studios have realized that content security solutions can be broken, so they want an environment where they can revoke a solution and get it fixed and re-instated.”

The MovieLabs specifications gather together some best-in-class technologies that are already deployed or specified elsewhere, including side-channel attack resistance, secure execution environments and hardware root of trust. Others are not widely used. Roy gives individualization of the security solution,
security monitoring, forensic watermarking, and a workable revocation and renewal capability as examples. Verimatrix says its VCAS content security solution has these boxes ticked.

Peterka points out that the studios are not defining the actual technologies that have to be used but providing broad requirements in the hope that the industry will deliver the solutions to meet them. This is a very different approach to what we saw with Blu-ray, when there was a prescriptive requirement for AACS, which failed over time, leaving the studios putting their best HD content into a ‘broken’ content protection environment. “With the new approach, if one of the technologies fails, they can stop releasing content onto that technology,” Peterka points out.

This is an edited excerpt from Videonet’s recent report, ‘Completing The Ultra HD Jigsaw’, which argues that while 4K streaming services will give consumers a taste of very high-resolution video this year, it will be Pay TV operators that deliver true UHD and a new kind of immersive TV experience. The report considers the addressable market and likely roadmap for true UHD and highlights important changes in the emerging ecosystem, including the arrival of the MovieLabs specifications and why these could herald a new era in content protection. The report includes insights from Strategy Analytics, Futuresource, Swisscom, Farncombe, Verimatrix, Harmonic and Elemental Technologies, among others. It is free to download.

Share on