Enabling Effective HDCP Protection – With Or Without a TrustZone
by Deepa Suresh (Senior Manager, Media Client Technologies)
Your premium content requires effective HDCP protection. Take a look at how you can drive secure content flow between HDCP connected devices over wired and wireless interfaces like Miracast – even in the absence of complex TrustZone mechanisms.
While consumer appetite for 4K content continues to rise, content creators face the need to protect their premium quality content from the risk of unauthorized mass duplication and distribution. This explains the growing importance of High Definition Content Protection (HDCP). HDCP protection ensures effective content gatekeeping in the last stage of the distribution process, using rigorous authentication and encryption techniques.
HDCP 2.2 that replaces HDCP v1.x is a truly versatile content protection protocol.
HDCP 2.2 enables secure distribution of high definition audio-visual content over wired (DVI, HDBASE-T and DisplayPort) and wireless (Miracast, WirelessHD and WHDI) interfaces. It drives secure content flow between two or more HDCP connected devices such as smartphones, tablets (typically content transmitters), digital displays, set-top boxes and game consoles (typically content receivers).
To be enabled for HDCP reception, a receiver has to obtain the ‘license key’ from DCP LLC. The key is used during the negotiation with the HDCP transmitter to authenticate the receiver. If the HDCP receiver is compromised, the transmission of the HDCP content is immediately revoked.
Fail proof HDCP protection hinges on the safety of the license keys during storage and runtime operations. This in turn depends on effective adherence to the following compliance and robustness rules for HDCP receivers:
Compliance Requirements for HDCP Receivers
Robustness Requirements for HDCP Receivers
The proven way to drive a highly secure implementation of the HDCP receiver stack is through a protected Arm ‘TrustZone’ environment. However, the support for TrustZone across devices and platforms range from complete to limited or no support. Notwithstanding this fact, HDCP protection remains a critical aspect that cannot be ignored. Therefore, we can leverage any of the following three ways to protect premium content, depending upon our platform or device requirements:
TrustZone based implementation: With full support for TrustZone
Non-TrustZone based implementation: Without a TrustZone
Hybrid implementation: With partial support for TrustZone
HDCP is a critical component of Miracast – a versatile wireless standard that has gained increased relevance in recent times. While customers have a wide range of Miracast requirements, the most common requirement for all the use cases is a reliable HDCP reception stack that integrates with all the relevant Miracast components, and enables secure content playback.
We provide HDCP receiver implementations as a standalone component or in combination with the Ittiam Miracast solution. Take a look at Figure 1. to understand how we execute the various components of an HDCP implementation with and without complex TrustZone mechanisms in the hardware, as well as through a hybrid model.
HDCP Implementation | HDCP Receiver with TrustZone | HDCP Receiver without TrustZone | Hybrid Model |
---|---|---|---|
Key storage | TrustZone | Customized mechanisms to encrypt and store the license key. Keys are dynamically decrypted and used only when there is a requirement. Keys stored this way are never available in the clear. | TrustZone |
HDCP operations - AKE, SKE, locality check | TrustZone | Software implementations – with strict adherence to all the robustness requirements. Customized tools are made available for code obfuscation and anti-tampering, and enabling anti debugging solutions. | Software implementations – with strict adherence to all the robustness requirements. Customized tools are made available for code obfuscation and anti-tampering, and enabling anti debugging solutions. |
Secure boot | Yes | Yes | Yes |
Cryptographic engines | Hardware | Software implementations – well supported with anti-tampering mechanisms | Hardware or software implementations |
Complexity of the receiver | Complex – need the receiver code to be partitioned between the trusted execution environment (TEE) and the normal environment | Entire code runs in the normal environment | Entire code runs in the normal environment |
Portability across platforms | TEE varies across SOC vendors, so extensive effort is involved in understanding each system’s trusted operating system, and adapting the software for the new environment | No issues as all are software implementations | No issues as all are software implementations |
Other applications access | All applications that require the key need to be modified to consider the trusted operating system requirements as and when required | All applications have similar interfaces and will not require any changes | All applications have similar interfaces and will not require any changes |
By leveraging any of the above three implementations, you can meet your specific platform requirements, and ensure complete protection for high definition, copyrighted content in compliance with the mandatory HDCP protection guidelines.
For more insights, contact us @ mkt@www.ittiam.com