Open in app

Sign in

Write

Sign in

Common Encryption in ISO based media file format

Poby’s Home
3 min readAug 26, 2021

--

A summary note of ISO/IEC 23001–7:2016

What is “Common Encryption”?

Common Encryption specifies standard encryption and key mapping methods that can be utilized to enable decryption of the same file using different DRM and key management systems.

Goal

  • define encryption algorithms and encryption-related metadata

No Goal

  • rights mapping, key acquisition, and storage, DRM content protection compliance rules → are done by the DRM system

PSSH

  • DRM specific information such as licenses, rights, and license acquisition information can be stored in PSSH
  • Each instance of this box stored in the file corresponds to one applicable DRM system identified by a well-known SystemID.

Protection Scheme

Protection Scheme Type

  • cenc AES-CTR mode full sample and video NAL subsample encryption
  • cbc1 AES-CBC mode full sample and video NAL subsample encryption
  • cens AES-CTR mode partial video NAL pattern encryption
  • cbcs AES-CBC mode partial video NAL pattern encryption

Protection Scheme signaling

  • sinf : Scheme Information Box
  • schm : Scheme Type box, delivering encryption scheme. (scheme_type: [cenc, cbc1, cens, cbcs])
  • schi : Scheme Information Box — holder for tenc
  • tenc : Track Encryption Box, delivering default parameters for encryption

Protection System Specific Header box (PSSH)

Contains information needed by a Content Protection System (i.e. DRM) to playback the content.

system_id specifies the format of the data.

What’s in data?

Information necessary to enable decryption key acquisition and decryption of the media data. For an example of the DRM system,

  • URL of the license servers or rights issuer
  • embedded licenses or rights
  • embedded keys
  • DRM specific metadata

Track Encryption Box (TENC)

Default encryption parameter values for the entire track. For files with only one KEY per track, this box allows the basic encryption parameters to be specified once per track instead of being repeated per sample.

These can be over-ridden by the sample group description associated with a group of samples.

tenc box
  • version: 1 for pattern-based encryption
  • if default_constant_iv is present, it is IV for all samples
  • a constant IV shall not be used with counter-mode encryption

Example box structures

old stream. uuid is for piff player

cbcs contents

schm

tenc

SENC

The Sample Encryption Box contains the sample-specific encryption data, including the initialization vectors needed for decryption and, optionally, alternative decryption parameters. It is used when the sample data in the fragment might be encrypted.

A nice video worth watching

Drm

--

--

Poby’s Home
Poby’s Home

Written by Poby’s Home

25 Followers
12 Following

Software Engineer

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams