DTCP-IP: DIGITAL TRANSMISSION CONTENT PROTECTION - INTERNET PROTOCOL
Now referred to as DTCP-IP (Digital Transmission Content Protection - Internet Protocol), the standard provides a framework for the protection of Internet-based premium content. DTCP-IP is a mandatory requirement for DLNA devices that support protected streaming and applies to many Digital Rights Management (DRM) and content protection solutions. DTCP-IP combines the management of advanced cryptographic functions, authentication, digital signature algorithms, key storage and management, all in accordance with the standard. The development of this type of content protection solutions requires time and expertise in mainy domains including cryptography, DRM and hardware and software design.INSIDE Secure DTCP-IP solutions are ready-to-use.
Server and player support for protected streaming and move/copy
INSIDE Secure solutions for DTCP-IP can be used for streaming media and deployed for both transmission (server side) and reception (client side). When deployed on the server side it encrypts premium contents saved on a server using DTCP-IP and distributes the encrypted files to a client player. DTCP-IP prevents contents from being pirated by performing interactive device authentication between the server and the player before initiating the encrypted communications.
To copy or move between devices content data requiring copyright protection, DTCP-IP copy/move must be supported on both the transmitter and the receiver sides. A device that is capable of recording digital broadcasting programs encrypts and transmits the recorded data, and a receiver displays them. If a receiver device has a server feature, it can also stream and distribute moved/copied content. DTCP-IP also supports the ability to enforce copy rules.
Optimized for mobile to support the growing number and type of mobile devices
Multi-screen viewing and the ability to access premium content on mobile devices has become a standard expectation. Given this expectation and the need to monetize and protect contents, device manufactures are facing the challenge to meet the security requirements of the content providers and to deliver a positive consumer experience. Moreover, a low power consumption in often mandatory in the mobile world. As a consequence, deploying an optimized mobile solution is key. INSIDE Secure DTCP-IP solutions are optimized to reduce the power consumption and to also offer the ability to off-load data processing to the hardware, thus further reducing the power used by the DTCP-IP protocol.
In a system where premium contents are available and require copy protection, the digital content and the communication between two devices must be protected. The secure part of the content protection system can be implemented by a hardware-protected software using a Trusted Execution Environment (TEE).
INSIDE Secure provides ready-to-use software solutions to implement DTCP-IP and guarantee the protection of the secret keys, the encryption of high-value contents, key exchange mechanisms, mutual authentication and repudiation of devices that have been compromised. Our DTCP-IP solutions support the four layers of copy protection: copy control information, device authentication and key exchange, content encryption and system renewability.
In addition, a highly secure and optimized hardware module (EIP-115) is available to provide the maximum security, an easy system integration, optimal performances and low power consumption for applications where no TEE is required or available. The EIP-115 forms the hardware-based secure area where all the secure parameters and the cryptographic computations are managed during all the DTCP-IP protocol phases from authentication of the connected devices up to and including the generation of the key stream.
INSIDE Secure DTCP-IP software provides all the required features for a complete content protection solution comprised of all content control and management capabilities of the DTCP-IP standard. Besides the cryptographic functions and secure computation module, the software includes the implementation of the state machines as defined by the standard and supports the TCP/IP based communication between a transmitter, a receiver and a repeater (bridge).
High Performance Security Module
The EIP-115 Hardware Security Module can be used in cooperation with the INSIDE Secure DTCP-IP software to securely enhance and manage the protocol. The EIP-115 module includes DRM functions that can be used together with INSIDE Secure DRM Fusion agent software to implement an end-to-end content protection solution. It provides all the required services including: secure key storage, cryptographic computations and ciphering as defined by DTCP V1.7 specifications. This module not only generates the session keys and input vectors for the AES-128 based ciphering engine used to encrypt and decrypt the content stream, but also provides all the cryptographic functions for authentication, key exchange, locality check and certificate verification.
In addition to providing the highest level of security, the EIP-115 offers hardware acceleration to perform power optimized cryptographic operations. The module also includes a secure interface to Non-Volatile Memory for the secure storage of the keys.
The EIP-115 is designed to be used in source and sink devices. It can be integrated into application processors, multimedia processors, SoCs for set-top-boxes and graphic processors. It supports multiple commonly used communication interfaces such as USB, Ethernet, WiFi and Bluetooth as well as Media Oriented Systems Transport (MOST) and WirelessHD.
DTCP-IP Solution Features
DTCP-IP Solutions With or Without a TEE
INSIDE Secure offers alternative methods to implement the DTCP-IP protocol:
Both approaches significantly reduce the cost and complexity of bringing to market server and client DLNA-certified media devices.