The Case for a Common DRM Framework

It is possible to overstate the complexity of multi-screen video, but the absolute number and types of display devices are indeed increasing, which means that efforts to promote standards and greater simplicity address a live concern. A current initiative, playing out within the MPEG-DASH Industry Forum, among other places, to enable Digital Rights Management (DRM) interoperability is a case in point.

First, however, a few words about complexity. As underscored in several recent stories, Apple’s iPad continues to dominate the second-screen. Pay TV operators can meet much of the multi-screen demand simply by delivering to that one device, which stands atop a sort of multi-screen pecking order.

“In order to deploy Over-The-Top (OTT) services quickly, operators have strategically prioritized the CE devices that they wish to support, based on consumer popularity and market adoption,” writes Steve Tranter, VP at NDS (now part of Cisco) in a paper delivered during a TV Everywhere session at the SCTE Cable-Tec Expo in Orlando. “The most popular being the Apple iPad, followed by PCs, Android tablets and smart phones, game consoles and connected TVs.”

But even delivering to a single device would not eliminate complications. “Not only do you have iOS and Android fragmentation,” said Albert Lai, Innovation Architect for Media and Entertainment at Brightcove, during another session in Orlando, “but within iOS, there is fragmentation within the devices, and within Android, much more.” Thus the countervailing efforts to promote common platforms: HTML5 in the case of Brightcove; and a common DRM framework, in the case of NDS (Cisco) and others.

Building his case for a common downloadable DRM framework that is independent of but compatible with CE devices of all shapes and sizes, Tranter names three standards that could play a foundational role, namely:

  • Simulcrypt — the long-standing DVB protocol published by ETSI used to enable multiple key management systems;
  • MPEG-DASH — Dynamic Adaptive Streaming over HTTP (DASH), which became an ISO standard in late 2011;
  • UltraViolet — an authentication and cloud-based rights system deployed over the past few years by a consortium of studios, manufacturers and service providers.
Enhancements to Simulcrypt that Tranter believes would advance this cause include multiple encoder algorithms; in-band delivery that would move beyond proprietary manifest mechanisms; forensic watermark and key fingerprinting insertion; periodic key rotation on linear channels; and separate encryption keys for different bitrates. As for MPEG-DASH, he notes that while it provides a standard way for DRM systems to exchange encryption keys, it does not define how a system acquires decryption keys or distributes licenses. Finally, while Tranter leans toward local rather than centralized storage of licenses, which UltraViolet promotes, he sees value in the consortium’s common license format.

The end goal is giving Pay TV operators more control. “This is the key thing: You’re not relying on Apple or other devices to upgrade their security systems,” Tranter said during the session. “You can drive your own service portfolio.”

Reached for comment, Robin Wilson, VP Business Development at Nagra, seconded this effort to build bridges within the DRM ecosystem. “There is work well underway in the MPEG-DASH Industry Forum to come up with something analogous to Simulcrypt,” he said. The idea, proposed in one instance by Nagra and being discussed in one of the Forum’s sub-groups, is to refresh the aging standard with updates and extensions to enable that the lowest level of key that works on any given stream is shared between DRM systems.

Wilson said that UltraViolet is not trying to invent anything, but is looking at MPEG-DASH as the underlying standard, which could bring with it this ongoing work in interoperability. “But all is not totally rosy (with MPEG-DASH), because it may become too challenging to make all DRM or all file formats work together,” Wilson said.

Given enduring differences in implementation, it is likely that two branches—or what Wilson called two “half” or “partner” standards—will emerge from the overarching MPEG-DASH project. In terms of DRM, he said that even though the schemes falling within MPEG-DASH use AES encryption and 128-bit keys, they use different AES modes, which would make it hard to share keys and re-purpose streams.

“But at least the licensing and key servers will work together,” Wilson said.

So where does the 800-pound gorilla stand on these efforts? “Apple is helping around the sidelines on MPEG-DASH Industry Forum; they’re not driving it,” Wilson said. “They have their own vertically integrated ecosystem, so there’s no strong desire for them to go outside for a different DRM.”

“On the other hand, they are trying to help make HLS (HTTP Live Streaming) compatible with MPEG-DASH.” he said. “There is quite a lot of commonality between MPEG-DASH and how HLS works.”

By Jonathan Tombes, Videonet