How encryption for Cinema Movies works
a year ago
- #Encryption
- #Digital Cinema
- #DCI
- The DCI (Digital Cinema Initiatives) specification defines standards for secure movie distribution, including file formats, encryption, and projection systems.
- DCP (Digital Cinema Package) contains all movie components (metadata, subtitles, audio, and video) in separate files, encrypted with a static AES-128 key.
- KDM (Key Delivery Message) is an XML file containing cryptographic information to decrypt a DCP for playback on a specific projector.
- The distribution process involves encrypted AES keys, certificate chains (Root CA, Intermediate CA, Leaf Certificate), and trusted device lists.
- Projection systems consist of a server, audio processor, and projector, with a 'Media Block' handling DRM and decryption in real-time.
- DCPs are stored encrypted and can be imported via USB/CRU hard drives or internet download.
- MXF (Material Exchange Format) files are used for movie frames, encrypted with AES-128 and unique IVs (Initialization Vectors) per frame.
- DCI compliance ensures security through unique AES keys per DCP, TPM-like hardware for key storage, and distributor verification of projector certificates.
- DCI v1.4.4 now allows playback of DCPs with expired signer certificates, with manufacturers working on updates.
- Open-source tools like DCP-o-matic and asdcplib are used for DCP creation and decryption.