Get Started Today! Contact Us For More Information

DTCP Solutions

DTCP-IP: DIGITAL TRANSMISSION CONTENT PROTECTION – INTERNET PROTOCOL

A Complete Solution Comprised of Software and Hardware IP

Accelerating the development of interoperable media devices both, wired and wireless

Digital Transmission Content Protection – Internet Protocol (DTCP-IP) is a method of protecting digital entertainment content such as high-definition movies, pay-per-view television or music on home and personal networks including devices such as PCs, tablets, smartphones and gaming devices. It has been widely adopted across the globe in consumer electronics products from set top boxes and digital TVs to Blu Ray and DVD recorders; in conjunction with a spectrum of cable, satellite, and media services; and over a variety of wireless and wired interfaces.

 
dtcp-multiscreen_medium

Now referred to as DTCP-IP (Digital Transmission Content Protection — Internet Protocol), the standard provides a framework for the protection of Internet-based premium content. DTCP-IP support is a mandatory requirement for DLNA devices that support protected streaming and applies to many Digital Rights Management (DRM) and content protection solutions. DTCP-IP combines managing and performing advanced cryptographic functions, incorporating authentication, digital signature algorithms, key storage and management all in accordance with the specified standard. The development of this type of encryption engine and management software requires expertise in cryptography, digital rights authentication, verification against the DTLA standards, hardware and software design, a level of specialization best handled by experts and which can lead to long development cycles for those looking to implement DTCP-IP internally without the required expertise.

 

DTCP-IP Solution Features

  • Comprehensive support for the DTCP-IP standard
    • DLNA compliant
    • Supports all four layers of copy protection
  • Broad platform support: ARM, MIPS, x86 (32 and 64 bit), PPC, Tensilica
  • Implementation for  designs using a Trusted Execution Environment (TEE)
  • Hardware IP-based content protection for designs without a TEE
 

DTCP-IP Solutions With or Without a TEE

Inside Secure offers alternative methods for implementing an DTCP-IP solution:

  • Designs using a Trusted Execution Environment (TEE): Inside Secure provides a software solution, easily integrated with a TEE, which implements all the functions of the DTCP-IP protocol.
  • Designs without a TEE: The DTCP-IP software can be implemented simply with OS interfaces or, optionally, Inside Secure delivers a solution with all the DTCP-IP content protection functions implemented in a secure hardware IP module.

Both approaches significantly reduce the cost and complexity of bringing to market server and client DLNA-certified media devices.

 
   

Server and player support for protected streaming and move/copy

INSIDE Secure’s solutions for DTCP-IP can be used for streaming media and deployed for both transmission (server-side) and receiving (client-side).  When deployed server-side it encrypts premium content files saved on a content serving device using DTCP-IP and streams the encrypted files to a client player device.  DTCP-IP prevents contents from being leaked illegally by performing interactive device authentication between server and player devices before initiating the encrypted communications.

To copy or move content data requiring copyright protection between devices, DTCP-IP move/copy must be supported by both content data’s transmitter and receiver. A device that is capable of recording digital broadcasting programs encrypts and transmits the recorded data, and a receiver displays it. If a receiver device has a server feature, it can also stream and distribute moved/copied content. DTCP-IP also supports the ability to enforce copy rules regarding whether copies may be made and the number of copies allowed under license.

 

Optimized for mobile to support the growing number and type of mobile devices

Multi-screen viewing and the ability to view premium content on a mobile device has become the expected standard rather than the exception. Given this expectation and the need to protect content, which invariably relies on encryption, device manufactures are faced with a challenge of meeting the requirements of content providers and delivering a positive consumer experience. This challenge arises because power consumption on mobile devices is at a premium and encryption typically is power intensive; as a consequence, deploying an optimized solution is key.  INSIDE Secure’s DTCP-IP solutions are optimized to reduce power consumption and also offer the ability to offload processing to hardware, thus further reducing the power used in the DTCP-IP media consumption.

 

Technology Overview

In a system where high value, premium content is available and which requires copy protection, the digital content and the technology that provides the secure communication between two devices must be protected. The secure part of the content protection system can be implemented in hardware-protected software by using a Trusted Execution Environment (TEE).

Inside Secure provides complete software solutions for implementing DTCP-IP to ensure the protection of the device secret keys, the encryption of high-value content, key exchange mechanisms, mutual authentication and repudiation of devices that have been compromised. Our DTCP-IP solutions support all four layers of copy protection: copy control information, device authentication and key exchange, content encryption, and system renewability.

In addition, a highly secure and optimized hardware module (EIP-115) is available to provide maximum security, easy system integration, optimal performance and lowest power dissipation in applications where no TEE is required or available. The EIP-115 forms the hardware-based security boundary wherein all secure parameters and cryptographic computations are managed during all the DTCP-IP protocol phases from authentication of the connected devices up to and including the generation of the key stream.

 

DTCP-IP Software

INSIDE Secure’s DTCP-IP software provides all the required features for a complete content protection solution comprised of all content control and management capabilities for the DTCP-IP standard. Besides the cryptographic functions and secure computations module the software includes the implementation of the state diagrams as defined by the DTCP-IP standard and supports the TCP/IP based communications between a transmitter, receiver and repeater (bridge).

 

High Performance Security Module

The EIP-115 Hardware Security Module can be used seamlessly with the INSIDE Secure’s DTCP-IP software by replacing the content protection requirement in the protocol. The EIP-115 module includes API’s for DRM that can be used with DRM Fusion agent software to implement an end-end content protection solution. It provides all the required technology for implementing secure content protection including: secure key storage, cryptographic computations and ciphering as defined by DTCP V1.7 specifications. This module not only generates the session keys and input vectors for the AES-128 based cipher engine used to encrypt and decrypt the content stream but also provides all the cryptographic functions for authentication, key exchange, locality check and certificate verification.

In addition to providing the highest level of security the EIP-115 provides hardware-based acceleration that exceeds the capabilities of software to perform power optimized cryptographic operations. The module also includes a secure interface to Non-Volatile Memory for retrieving the device unique keys that must be programmed as part of the manufacturing process.

The EIP-115 is designed to be used in source and sink devices or in combination with both (bridge/repeater devices). It can be integrated into Application Processors, Multimedia Processors, SOCs for Set-top boxes and Graphics Processors. The EIP-115 generates session keys and input vectors which are used by the AES-128 based cipher module and it supports the use of multiple commonly used interfaces such as USB, Ethernet, WiFi and Bluetooth as well as Media Oriented Systems Transport (MOST) and WirelessHD.