HDCP protection with or without TrustZone
February 12, 2018

Enabling Effective HDCP Protection – With Or Without a TrustZone

by Deepa Suresh (Senior Manager, Media Client Technologies)

Your premium content requires effective HDCP protection. Take a look at how you can drive secure content flow between HDCP connected devices over wired and wireless interfaces like Miracast – even in the absence of complex TrustZone mechanisms.

While consumer appetite for 4K content continues to rise, content creators face the need to protect their premium quality content from the risk of unauthorized mass duplication and distribution. This explains the growing importance of High Definition Content Protection (HDCP). HDCP protection ensures effective content gatekeeping in the last stage of the distribution process, using rigorous authentication and encryption techniques.

HDCP 2.2 that replaces HDCP v1.x is a truly versatile content protection protocol.

HDCP 2.2 enables secure distribution of high definition audio-visual content over wired (HDMI, DVI, HDBASE-T and DisplayPort) and wireless (Miracast, WirelessHD and WHDI) interfaces. It drives secure content flow between two or more HDCP connected devices such as smartphones, tablets (typically content transmitters), digital displays, set-top boxes and game consoles (typically content receivers).

Secure Key Management: The Key to HDCP Protection

To be enabled for HDCP reception, a receiver has to obtain the ‘license key’ from DCP LLC. The key is used during the negotiation with the HDCP transmitter to authenticate the receiver. If the HDCP receiver is compromised, the transmission of the HDCP content is immediately revoked.

Fail proof HDCP protection hinges on the safety of the license keys during storage and runtime operations. This in turn depends on effective adherence to the following compliance and robustness rules for HDCP receivers:

Compliance Requirements for HDCP Receivers

  • No copies can be created with the decrypted content.
  • Audio/video decrypted content may be temporarily buffered, only until it is presented to the rendering display after any decoding/post processing operations.
  • Decrypted content should not be output to any digital output unless the presentation device is a repeater.

Robustness Requirements for HDCP Receivers

  • License keys should be securely stored, protected from commonly available decompiling tools and debugging tools, and not be available to hackers from the file system or in the binary images in the system.
  • Values of the license key should not be available in clear or tampered with at any point of time.
  • Execution of critical functions of the HDCP implementations should be in supervisor mode or in secure hardware.
  • In the case of total software implementation, code obfuscation or other techniques must be implemented to hamper the understanding of the software flow and execution.
  • Decrypted data should not be available for interception and copying during data flow between software modules.
  • In the event these functions are tampered with, it should cause immediate authorization and decryption failure.

 

The proven way to drive a highly secure implementation of the HDCP receiver stack is through a protected Arm ‘TrustZone’ environment. However, the support for TrustZone across devices and platforms range from complete to limited or no support. Notwithstanding this fact, HDCP protection remains a critical aspect that cannot be ignored. Therefore, we can leverage any of the following three ways to protect premium content, depending upon our platform or device requirements:

TrustZone based implementation: With full support for TrustZone

Non-TrustZone based implementation: Without a TrustZone

Hybrid implementation: With partial support for TrustZone

 

How Ittiam Enables HDCP Implementation for Miracast

HDCP is a critical component of Miracast – a versatile wireless standard that has gained increased relevance in recent times. While customers have a wide range of Miracast requirements, the most common requirement for all the use cases is a reliable HDCP reception stack that integrates with all the relevant Miracast components, and enables secure content playback.

We provide HDCP receiver implementations as a standalone component or in combination with the Ittiam Miracast solution. Take a look at Figure 1. to understand how we execute the various components of an HDCP implementation with and without complex TrustZone mechanisms in the hardware, as well as through a hybrid model.

HDCP ImplementationHDCP Receiver with TrustZoneHDCP Receiver without TrustZoneHybrid Model
Key storageTrustZoneCustomized mechanisms to encrypt and store the license key. Keys are dynamically decrypted and used only when there is a requirement. Keys stored this way are never available in the clear.TrustZone
HDCP operations - AKE, SKE, locality checkTrustZoneSoftware implementations – with strict adherence to all the robustness requirements. Customized tools are made available for code obfuscation and anti-tampering, and enabling anti debugging solutions.Software implementations – with strict adherence to all the robustness requirements. Customized tools are made available for code obfuscation and anti-tampering, and enabling anti debugging solutions.
Secure bootYesYesYes
Cryptographic enginesHardwareSoftware implementations – well supported with anti-tampering mechanismsHardware or software implementations
Complexity of the receiverComplex – need the receiver code to be partitioned between the trusted execution environment (TEE) and the normal environmentEntire code runs in the normal environmentEntire code runs in the normal environment
Portability across platformsTEE varies across SOC vendors, so extensive effort is involved in understanding each system’s trusted operating system, and adapting the software for the new environmentNo issues as all are software implementationsNo issues as all are software implementations
Other applications accessAll applications that require the key need to be modified to consider the trusted operating system requirements as and when required

All applications have similar interfaces and will not require any changes

All applications have similar interfaces and will not require any changes
Table 1. Ittiam's HDCP Implementations

By leveraging any of the above three implementations, you can meet your specific platform requirements, and ensure complete protection for high definition, copyrighted content in compliance with the mandatory HDCP protection guidelines.

For more insights, contact us @ mkt@ittiam.com