-
Notifications
You must be signed in to change notification settings - Fork 0
Encryption Introduction
HOME » MP4Box » Encryption Introduction
MP4Box can be used to encrypt or decrypt media streams in a more or less format-agnostic manner, according to the Common Encryption, ISMA E&A and OMA DRM 2.0 specifications. An XML language is used by MP4Box to get/set the encryption parameters.
As of version 0.2.4, GPAC supports the ISMA E&A specification, better known as ISMACryp. This specification provides reliable transmission of encrypted media data with key signaling and cryptographic resynchronization in case of packet loss or random access.
As of version 0.4.4, GPAC supports the OMA DRM PDCF specification available here. This specification is derived from the ISMA E&A specification and OMA DRM PDCF files have a structure almost equivalent to ISMA protected files. GPAC does NOT support the ROAP protocol and other tools from the OMA DRM framework, but has a dedicated module API (still at beta stage) allowing for pluging a decryption agent in the streaming core.
As of version 0.5.1, GPAC supports the Common Encryption specification available. GPAC uses the same dedicated module API of ISMA to plug in a decryption agent in the streaming core.
Note that, unlike OMA DRM, ISMACryp or CENC do not mandate anything regarding how keys are to be distributed (hereafter refered to as KMS - Key Management System) which is up to the content provider/distributor. In other words, CENC and ISMACryp are concerned with cryptographic interoperability only, not rights management.
The current version of the specification uses for encryption the AES 128 bit algorithm in counter mode (AES-CTR) for ISMA and CENC, or in CBC mode for CENC. You do not need to know of all these things, the only thing you need to know is that you will need a 128 bit key and a 64 bit salt, which would have to be fetched by the client at some point for decryption. In this document, the key and the salt will simply be refered to as key unless specified otherwise.
One interesting feature of the CENC and ISMACryp specifications is that they allow for selective encryption, in other words you may decide to encrypt only specific samples in the media track rather than the whole media. Selective encryption will reduce the complexity of the decryption process, and may also be very nice in demonstrations - for example, encrypting only I-frames in a video can give very nice effects ...
If you are familiar with MPEG-4 IPMPX specification, you must be aware that this selective encryption is different from IPMP-X one: in CENC or ISMACryp, selective encryption means whether or not a sample is encrypted while in IPMP-X selective encryption usually means whether specific bitstream syntax elements (motion vectors, DCT, audio codewords, etc) are encrypted or not.
Another interesting feature of CENC and ISMACryp is the possibility to roll keys, eg have more than one key needed for stream decryption: sample-based synchronization of keys and media are provided in both specifications. GPAC does not currently support usage of multiple keys in ISMACryp, only one key can be used in the stream lifetime.
Note: Usage of ISMACryp with MPEG-4 AVC/H264 video in GPAC is only supported as of version 0.4.4
General
Overview
Usage
Language tagging
Dump TS streams
DASH
Introduction
Fragmentation
DASH Support
Key-frame alignment
DASH Sequences
HEVC Tile-based adaptation
DASH SRD and HEVC tiling
Fragmented MP4 in HLS
Encryption
Introduction
Common Encryption
ISMACryp
OMA DRM
Subtitles
Introduction
TTXT Format
EBU-TTD
Scene coding
BIFS Textual Format
XMT Format
Scene Commands
BT and XMT tips
Misc Features