Dr. Dobb's Journal November 2002
The prevailing wisdom is that the modern economy has been driven by one constant—digital is always better than analog. Surprisingly, this axiom may be jeopardized by the evolution of High-Definition Television (HDTV) displays. Analog proponents point out that digital inputs to HDTV displays will not yield a sharper image than analog inputs and will shackle consumers with onerous recording restrictions. Digital advocates, on the other hand, state that digital interfaces are more cost effective and will promote an explosion of HDTV content. In this article, I examine analog and digital HDTV interfaces, focusing on how copy-protection protocols work with these technologies.
Most people are stunned to learn that critical components in most HDTV configurations are analog. These viewers assume that HDTV's breathtaking picture quality is due to the miracles of digital video processing. While it's true that the HDTV content is transmitted in a compressed digital format (MPEG-2) to cable or satellite set-top boxes in your home, once the set-top decompresses the video, it is very likely that it outputs an analog signal to your HDTV display.
There are two fundamental reasons why analog technologies don't noticeably impact the HDTV viewing experience: signal transmission topologies and video scaling. Analog connections don't significantly degrade HDTV signals because of the type of signal transmitted and the cable quality used to transmit the signal. Conventional analog video signals are transmitted via RCA and S-video cables. These cables combine video signals into a single cable. The display must break the video signal back into its color (red, blue, and green; or RBG) components. This combining/splitting of color components degrades video quality and contributes to ghosting, lines, and other artifacts.
By contrast, HDTV uses three separate component video cables to transmit the video signals in their native component form of luminance, luminance minus blue, and luminance minus red (Y Pb Pr). This technique bypasses the analog color component conversion process and reduces video artifacts. The combination of three component cables with higher quality cabling and connectors makes it possible to achieve an amazing picture that is difficult to distinguish from a completely digital connection.
A second reason that analog connections have a negligible impact on HD picture quality is scaling. HD content can be delivered in two flavors:
All HD-compatible devices must be able to decode high-resolution interlaced and progressive content. The predominant interlaced HD resolution is called "1080i" because each frame contains 1080 lines (the actual resolution is 1920×1080), while the main progressive HD resolution is known as "720p" since every frame has 720 lines (1280×720). Analog resolutions defined by the National Television Standards Committee (NTSC), however, have a maximum resolution of 480i (or 480 interlaced lines).
While HD displays must accept a 1080i or 720p image, they usually alter the image before it's displayed. These devices display HD frames by scaling (or adjusting) the image to their native internal resolution. For instance, imagine that Acme Electronics produces a plasma display that has a maximum internal resolution of 1280×768 pixels. To display a 1080i frame, the Acme display scales the 1920×1080 image down to 1280×768.
To compensate for any noise (or errors) introduced by analog cables, these displays often combine sophisticated scaling algorithms with noise-reduction techniques. Therefore, even though quality analog cables may introduce errors, these errors only affect a miniscule portion of the image and aren't detectable after the noise reduction and scaling process.
Although the combination of digital media and analog video cables can produce stunning images, HDTV deployment has been slowed by the vulnerability of analog connections. Movie studios and other content houses are loath to release HDTV content since the analog connection can't be protected from pirates—thieves can intercept video transmitted on the analog medium to create copies that are visually indistinguishable from originals.
Unfortunately, the resulting dearth of interesting HD content makes it difficult for consumers to justify purchasing HD displays and set-tops. To allay the studios' piracy fears and consumers' content concerns, the electronics industry proposed two digital display interface alternatives—Digital Visual Interface (DVI; see http://www.ddwg.org/downloads.html) and IEEE 1394 (Firewire or i.Link; see http://www.1394ta.org/Technology/Specifications/specifications.htm).
As its name implies, DVI specializes in transporting digital video to display devices. Each time a video stream is compressed/decompressed with a lossy compression algorithm such as MPEG-2 or DiVX, video quality is slightly degraded. Therefore, to maximize video quality, all video streams transported over DVI aren't compressed.
An uncompressed 1080i HDTV video stream requires a pipe capable of moving 1.78 gigabits per second. Fortunately, DVI has 5 gigabits available to transport video content. Given that 1080i content consumes less than half of the DVI bandwidth, this interface has room to accommodate newer video standards (like 1080p) as they are defined.
While DVI appears to be ideal for HD display devices, it originally was not targeted at consumer electronic display devices and set-top boxes. Rather, when the initial DVI spec was released in 1999, its primary goal was to facilitate the connection of digital display devices such as LCDs, plasma monitors, and digital projectors to computers.
Because these displays are pure digital entities, it is cumbersome for computers to convert the video signal into the analog domain (with the associated introduction of noise and errors) because the display must convert the signal back into the digital domain. DVI lets computers send digital images directly to the display without onerous analog-to-digital conversions. This not only improves picture quality, but reduces costs as analog components are removed from both the display and computing devices.
Unfortunately, transporting content over a digital interface does not automatically eliminate piracy. In reality, using a digital transport actually increases the theft risk since intruders can create pristine digital copies that aren't encumbered by analog noise. Therefore, the High-Bandwidth Digital Content Protection (HDCP; http://www.digital-cp.com/) specification was developed by the Digital Display Working Group (DDWG) to secure DVI.
The three elements used by HDCP to secure content are authentication, encryption, and renewal. HDCP is based on the principle that only authorized components may transmit or receive video streams. Each HDCP-enabled device is issued a secret device key from Digital Content Protection LLC (the licensors of HDCP).
Before any video content is exchanged between parties, the video sender transmits a Key Selection Vector (KSV) to the receiver (the KSV is an identifier that enables remote parties to lookup the device key of the remote party). The receiver responds with its KSV and both parties compute a shared secret (see Figure 1). Finally, the receiver runs an algorithm on the shared-secret key it computed and transmitted to the video sender. If both parties are in agreement regarding the shared secret, the authentication process has succeeded.
When the authentication process succeeds, the shared-secret key encrypts video content. However, symmetric key algorithms do not efficiently scale to thousands of devices (see my article "PacketCable Security," DDJ, November 2001). Luckily, there are a limited number of devices between the DVI sender and receiver, so the performance impact of using a symmetric algorithm isn't relevant.
The third pillar of HDCP is renewal. Once every 2 to 2.5 seconds, the video receiver—during its Vertical Blanking Interrupt—transmits a reauthentication message to the sender (Figure 2). This message contains a value that is obtained by running an algorithm on the video frame and from encryption information associated with that frame. The sender performs the same computation and compares it to the value transmitted by the video receiver. If the video receiver's message contains an invalid authentication value, the video sender considers the DVI link insecure and immediately ceases transmitting content.
The Consumer Electronics Association (CEA) realized that DVI and HDCP were a potent combination capable of not only solving the studios' issues with analog HD connections, but also reducing costs and increasing customer satisfaction. Consequently, they issued the EIA/CEA 861 family of specifications. The initial EIA/CEA 861 draft describes how set-top boxes use an uncompressed digital video interface like DVI to select the optimal video format for digital displays.
Although DVI solves copy-protection issues that were stifling the growth of HDTV, it has weaknesses when used in consumer environments. For instance, since DVI doesn't support audio, separate cables are required to transport audio signals. Therefore, to reduce cable clutter, the CEA published the 861A spec, which describes how audio information may be transported across a Digital Television (DTV) interface, while 861B defines the protocols necessary to transmit this audio/visual content.
Since 861A and 861B focus exclusively on the logical protocols necessary to transmit audio, interfaces such as those defined by the High Definition Multimedia Working Group (HDMI) are necessary to physically transport the uncompressed content. HDMI was formed by Hitachi, Matsushita Electric (Panasonic), Philips, Silicon Image, Sony, Thomson, and Toshiba. Its charter is to make DVI consumer friendly while maintaining backwards compatibility with the DVI 1.0 spec and HDCP. It has the ability to transport up to eight channels of uncompressed audio in addition to 1080i or 720p HD video content. Furthermore, while HDMI is pin compatible with DVI, it uses a smaller, easier-to-insert connector. Finally, HDMI supports the European AV.link protocol that enables a single remote to control other HDMI devices.
Unlike DVI, which targets display devices, IEEE 1394 is a general-purpose, high-speed interface that excels at multimedia transportation. Furthermore, it is a bidirectional protocol that lets multiple devices transport data over a single network.
Although 1394 is capable of supporting any multimedia command-and-control protocol, the AV/C Digital Interface Command Set (AV/C) has become the preeminent 1394 multimedia protocol. AV/C is based on the premise that a controller (master) device issues commands to Audio/Video (A/V) target (slave) devices.
Illustrating the power of the AV/C and 1394 combination, consider the specification published by the DVD Forum entitled "Guideline of Transmission and Control for DVD-Video/Audio through IEEE 1394 Bus," which describes how next-generation DVD players should interact with other AV/C-enabled 1394 devices. A 1394-compatible HDTV display is considered the controller (since it provides the primary user interface), and the DVD player is considered the target device (since it contains the media to be manipulated). The controller issues instructions (play, stop, or pause) to the DVD player via the 1394 AV/C "PASS THROUGH" panel subunit command (Figure 3). Panel subunit commands let controllers alter the state of target devices from remote network locations. The actual MPEG-2 audio/video streams are transported over the 1394 bus via the Partial MPEG-2 Transport stream spec.
Although 1394 offers robust networking and remote-control features not possible with DVI, first-generation 1394 devices are bandwidth starved compared to DVI—they're "only" capable of 400 megabits per second. Since these rates are grossly inadequate for HD streams, content must be compressed (usually via MPEG-2) before transporting over 1394.
Compression has two negative ramifications for consumer electronics devices—video quality and complexity. Again, each time a stream is compressed by a lossy algorithm, the picture quality may be degraded (the amount of degradation varies depending on the quality of the MPEG-2 compressor). Furthermore, to decode incoming MPEG-2 streams, receiving devices must include an MPEG-2 decompressor and associated software. Since display devices are typically dumb, the additional hardware and software not only increase cost, but also the likelihood of bugs.
By default, 1394 is just as vulnerable to pirates as DVI. Therefore, the 5C consortium—Sony, Toshiba, Panasonic, Intel, and Hitachi—published the Digital Transmission Copy Protection (DTCP; http://www.dtcp.com/) Standard to secure content transported over 1394. Like HDCP, DTCP has authentication, encryption, and renewal. Unlike HDCP, however, DTCP lets legitimate users make backup copies, while preventing pirates from stealing content.
Before content is transported on a 1394 network, an Encryption Mode Indicator (EMI) flag is added to control the actions—''unlimited copying," "no copying," "copy once," and "copy no more"—DTCP devices may perform on the content. "Unlimited copying" lets any 1394 device copy the stream being transported. By contrast, "no copying" prevents any device from making a copy of the stream. "Copy once" permits one additional copy to be made of the stream, while "copy no more" means content may be moved from one device to another but no new copies may be made.
DTCP divides network elements into sources that produce data and sinks that consume them. The source always forwards the EMI status associated with the content to the sink. If the sink detects that the EMI flag restricts copying, it initiates the DTCP Authentication and Key Exchange (AKE) process; see Figure 4.
The AKE process varies depending on the value of the EMI flag. If EMI is marked "copy never," full AKE must be completed before the encrypted content may be streamed. Full AKE is a symmetric, public-key protocol where the sink device issues a random challenge that is combined with its device certificate (the device certificate is obtained from the Digital Transmission Licensing Administrator, DTLA).
The source device, in turn, responds with a random challenge and its device certificate. Once certificates are exchanged, each device verifies the validity of the other's certificate. If the certificates are legitimate, the devices then exchange keys using the Diffie-Helman algorithm over Elliptical Curve cryptography. This exchange also establishes the renewability parameters whereby reauthentication may occur on a periodic basis.
If the stream is marked "copy once" or "copy no more," the sink device first attempts to execute full AKE. However, it is possible that certain devices on the network don't have the memory or processing capacity for full AKE. Consequently, DTCP offers the restricted authentication option (restricted AKE is not permitted with "copy never" content). This restricted authentication is asymmetric and can be squeezed onto resource-constrained devices (Figure 5).
When the sink realizes it must resort to restricted AKE processing to authenticate the source device, it issues an authorization request that contains its device certificate. The sink then computes a verification value and transmits this to the source. The source computes its own verification value and compares it to the value transmitted by the sink. Once these values are validated, encrypted content may be exchanged between devices.
Once a device has been authenticated, DTCP uses system renewability messages to detect devices that have been compromised. For example, it is possible that an intruder could break into a 1394 device manufactured by Joe's FlyByNight Electronics and use it to pilfer content. In these cases, it is critical that the rogue device be detected and its access terminated. This detection process is performed in DTCP via System Renewability Messages (SRMs). SRMs may be issued when removable media (such as a DVD) is inserted into a DVD player or sent from a server on a cable or satellite network to a set-top box in your home (Figure 6).
Once the DTLA discovers that Joe's FlyByNight Electronics digital VCR has been compromised, it issues an SRM revoking the device certificate assigned to Joe's digital VCR (this would effectively terminate the device's ability to access encrypted content). When the source device in the 1394 network detects a legitimate SRM request from the DTLA, it forwards the SRM information to downstream devices. Once this SRM update propagates throughout the network, Joe's digital VCR can no longer participate in DTCP encrypted streams.
While DVI or Firewire zealots insist their interface will dominate, the reality is that both interfaces have serious restrictions preventing them from becoming the exclusive interface for HD devices. DVI's unidirectional nature and inability to record stops it from being used as a general-purpose interface. However, the robust protection offered by HDCP is attractive to studios because it eliminates the ability to record uncompressed, high-resolution digital streams.
Similarly, 1394's lack of bandwidth and recording capabilities removes it from consideration as the preferred bus for the transmission of uncompressed digital video to display devices. Yet, its bidirectional capabilities, AV/C command set, and DTCP encryption make it the preferred mechanism to network HD devices.
Consequently, it is likely that both buses will coexist in HD configurations. To maximize video quality, uncompressed video quality will be delivered over DVI connections to HD display devices and be protected by HDCP. Similarly, compressed video content will be transported over IEEE 1394 to HD-ready digital VCRs, camcorders, and other devices on the local 1394 network.
While HDCP and DTCP solve the concerns of content producers, they have caused angst amongst early HDTV adopters who have purchased expensive HD displays that only have analog inputs. Unfortunately, OpenCable's Host Device Core Functional Requirements spec (http://www.opencable.com/specifications.html) mandates that when a decoding device detects it is processing a video stream whose Copy Control Information (CCI) limits (or prevents) copying and whose resolution exceeds 520,000 pixels per frame (720p or 1080i), it must down-convert analog outputs to NTSC resolutions (480i or 480p); see Figure 7.
Since the OpenCable specs have tremendous influence in the cable arena, this downgrade approach is likely to become widely adopted. Consequently, early adopters' equipment may be crippled to the point that the video images are barely distinguishable from bargain televisions. Furthermore, the lack of digital interfaces also eliminates their ability to record high-definition streams. Consequently, there is considerable debate within the industry about how these legacy devices should be handled.
Some believe that the legacy devices should be exempted from analog downgrade requirements. Others suggest that early adopters be required to upgrade to display devices with digital inputs. Since there are millions of these early adopters, this issue clearly has the industry's attention. Alas, there is no easy answer of how to arrive at a solution that is acceptable to both content producers and consumers.
DDJ