of interest re: Pace,Pijnenburg/SecureMedia and DRM...?
Remembering that ITRU and Pace have developed a partnership, I'm curious as to how the Pijnenburg/SecureMedia influences Pace and ITRU. Note that SecureMedia and Pace are partnered.
Thank for your interest in our patented Encryptonite(TM) technology. SecureMedia is the leading provider of secure digital media distribution solutions (with very strong encryption) that enable complete end-to-end protection of streamed and downloaded media, from source to point of rendering. Our products are built on patented high-speed, small code size, and embeddable encryption technology that we call Encryptonite. Our solutions are optimized for the demanding requirements of securing digital assets for IP broadband distribution, where speed, scalability, consumer friendliness, and integration with multiple hardware platforms, DRM, systems and e-commerce applications are required.
SecureMedia has established partnerships with industry leaders, such as NTT, Pace, RealNetworks, Intel, Oak Technology, Equator Technologies, King Biscuit Entertainment Group, InvisiMail Ltd., DivX Networks and Communicado/Satlink. Encryptonite is the de facto Windows standard and ships as a standard component in every RealNetworks RealSystem iQ Server and as a no-charge auto-update component for the RealPlayer (over 2,500,000 Encryptonite plug-ins downloaded).
For your reference, I have attached an Introduction to the Encryptonite System White Paper. The Encryptonite System is unique in that it has two significant features; it is a key delivery service that is not dependent upon out-of-band delivery management (simples key management and
eliminates processing overhead), and it is a high-performance media encryption scheme (highly tolerant to packet loss and out of order packet delivery and reception, no overhead to recover from dropout, supports trick play - navigates pre-encrypted media randomly and rapidly, support
real-time variable length records, and codec/format and player independent).
Our Encryptonite products fall into four categories:
1 - SecureMedia PlugIns for RealSystem iQ - Plug-and-play content protection for RealNetworks' RealSystem iQ streamed content. Providing encryption at the server and decryption in the player. RealSystem is the #1 media player with over 200,000,000 RealPlayers installed worldwide.
2 - SecureMedia Toolkits - Easy-to-use software toolkits that enables developers to build security into custom applications, without in-depth knowledge of cryptography.
3 - SecureMedia FastChip - Synthesizable VHDL cores featuring low gate counts, small footprints, and low power requirements. Ideal for incorporating security into portable digital players, set-top boxes and other devices.
4 - Encryptonite System - a set of components managing end-to-end (from encoding thru playback) security of media and keys, and playback access of streaming and pre-encrypted media files.
The White Paper is as follows:
Introduction
This document briefly describes the functionality provided by the SecureMedia
System. The comprehensive set of Encryptonite System White Papers is available under NDA.
The Encryptonite System is an end-to-end data security and key management architecture that
supports the distribution of both pre-encrypted content (movies, videos, etc.) and live encrypted
content (live broadcasts, video-conferencing, music, etc.). The Encryptonite System uses industry
standards and SecureMedia proprietary technology to secure the processing, delivery and playback
of encrypted data, supporting pre-encrypted and live encrypted streams as well as pre-encrypted
downloads.
The Encryptonite System provides the following capabilities:
· Encryption of data (live or pre-encrypted)
· Secure delivery of Media Decryption Keys to the authorized client player
· Streaming or download of pre-encrypted media and encryption of live streams
· Decryption and playback of encrypted media
The Encryptonite System is a system for delivering encrypted media and keys to customers through
appropriate servers, and as such is complementary to any system which allows customers to acquire,
purchase and pay for the right to view or consume media. The Encryptonite System is complementary
to, and can be integrated into, existing e-Commerce/e-Payment systems and systems for controlling
media access using simple, well-defined APIs. Each Encryptonite System delivery contains an
implementation of a sample web store front-end that illustrates simple management of digital rights.
Note that the sample web store is included for illustrative purposes only.
The SecureMedia System architecture is, by design, operating system, hardware
platform and codec/player independent. Demonstration systems on reference platforms are available
for evaluation.
Note that the actual Encryptonite components deployed in commercial implementations will depend
upon the requirements of each unique application (e.g. secure corporate video-conferencing).
Encryptonite System Benefits
· End-to-end content protection ’ ensuring safe delivery and playback of live encrypted or pre-encrypted
media files to authorized clients by use of a Media Decryption Key
· Very high speed trusted and upgradeable strong encryption algorithms
· Separation of media delivery and key delivery for maximum security and revenue control
· Patented Indexed Encryption methodology (packet re-keying without key exchange)
o Immune to lost or garbled data packets by
o Low system overhead ’ low processor requirements and little or no data expansion
resulting from encryption
o DVD-equivalent trick-play control without delay
· Key Server system that scales to meet the increased demands of an expanding consumer base
· Compatible with Conditional Access (CA) systems & Digital Rights Management (DRM) systems
· Support for multiple media types (codecs) & delivery systems (live, streams, downloads)
· Studio validation/acceptance
In processing, delivery and playing pre-encrypted media files and live streams, the Encryptonite
System involves the following participants:
· Encryptonite Producer ’ encrypts media files
· Media Server ’ serves pre-encrypted media files for streaming or download
· Encryptonite System Services ’ refers to a Key Server System and a MediaPass Server
System
o Key Server System ’ refers to a Key Vault and one or more Key Servers coupled
together
§ Key Vault ’ houses the Key Server Database
§ Key Server ’ securely delivers Media Decryption Keys (MDK) to the Client
o MediaPass Server System ’ refers to a MediaPass Database and one or more
MediaPass Servers coupled together
§ MediaPass Database ’ stores MediaPass data
§ MediaPass Server ’ creates MediaPass for the Web Store
· Vendor ’ houses the web store and the MediaPass Server System
o Web Store or other third-party system ’ for optional authentication of the Client and sale
of rights. Securely delivers MediaPass to Client
· Client ’ decrypts and plays encrypted media
The Encryptonite System has been designed so that each of the four major functions (Encryptonite
Producer, Media Server, Key Server System, Vendor) can be operated by separate business entities.
In a specific implementation however, it is possible for some (or even all) of these functions to be
operated by the same business entity.
The Encryptonite System allows for multiple instances of each of the Encryptonite Producer, Media
Server and Vendor to exist. Additionally, systems can be configured with multiple Key Servers
sourced from a single Key Vault and MediaPass Servers sourced from a single MediaPass Database,
to permit flexible scaling and load balancing. For the simplest installation, with reduced key serving
capacity, the functionality of the Key Server may be installed on the same machine as the Key Vault
and with reduced MediaPass serving capacity, the functionality of the MediaPass Server may be
installed on the same machine as the MediaPass Database.
The following is a brief description of how the system works:
Media is encrypted by the Encryptonite Producer using private/public key pairs. The private key
becomes the Media Decryption Key. The Encryptonite Producer securely delivers the Media
Decryption Keys to the secure centralized Key Vault.
After encryption, the encrypted media is delivered (via an external process) to Media Servers at the
network edge which have no access to Media Decryption Keys.
Media Decryption Keys are managed (stored and securely delivered to authorized Clients) by a Key
Server System consisting of one or more Key Server computers and a Key Vault.
A Clients right to play a particular media is regulated by an on-line play request to a Vendor
immediately prior to playing it.
The ability to play a particular media is conveyed to a Client by delivering the Media Decryption Key
from the Key Server, securely, just-in-time to decrypt and play the media within the player.
The authorized Vendor securely delivers a MediaPass to the Client in response to a play request. The
media to be played is then streamed/downloaded to the Client from one or more Media Servers.
Encryptonite Open Interfaces
APIs are provided to facilitate the integration of the Encryptonite components into the commercial
content delivery and playback system. The Encryptonite Open Interfaces are software APIs that are
provided for interfacing the Encryptonite MediaPass Server into third-party systems which provide
interfaces to the MediaPass Delivery services. The sample Web Store application included with the
Encryptonite System demonstrates how these interfaces can be used.
Appendix � Table of Contents for Encryptonite White Papers
Table of Contents for Encryptonite System Overview White Paper
Introduction 1
Overview 3
System Design 5
Design Goals 5
Component Design 5
Security 6
Detailed System View 8
Processes 9
Media Encryption 9
Encrypted Media Delivery 11
MediaPass Database Update 11
Client Play Request 12
Media Rights Acquisition and Management 17
Encryptonite Open Interfaces 17
Tokens 18
Glossary 19
References 19
Table of Contents for Encryptonite System Services White Paper
Introduction 1
Encryptonite System Services 3
Restrictions 4
Key Server System 4
MediaPass Server System 5
Processes 7
Key Securement 7
MediaPass Request 8
Key Request 9
Content Update 10
Token Replenishment 11
Appendix A:
Content List 13
Appendix B:
MediaPass 13
Glossary 14
Bibliography 14
Table of Contents for Encryptonite System RN Edition White Paper
Introduction 1
Encryptonite System RN Edition 3
Version 1.2 Restrictions 4
Processes 7
Encrypt Media 7
Client Play Request 8
Media Decryption Key Use 9
Glossary 11
Bibliography 11 |
