构建DRM系统的重要基石——EME、CDM、AES、CENC和密钥
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><span style="color: black;"><span style="color: black;">▼扫描下图</span></span><strong style="color: blue;"><span style="color: black;"><span style="color: black;">二维码</span></span><span style="color: black;"><span style="color: black;">或点击</span></span><span style="color: black;">阅读原文</span><span style="color: black;"><span style="color: black;">▼</span></span></strong></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><span style="color: black;"><span style="color: black;"><span style="color: black;">认识</span>音视频技术大会<span style="color: black;">更加多</span>信息</span></span></span></span></p>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/45f067825aec45f78cfa1a5f00d52b40~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=LsCz2XhK7a19MeHeZU%2FxRp6l9VM%3D" style="width: 50%; margin-bottom: 20px;"></div>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><span style="color: black;"><span style="color: black;">翻译、编辑:Alex</span></span></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><span style="color: black;"><span style="color: black;">技术审校:刘姗、周亚桥</span></span></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><span style="color: black;"><span style="color: black;">本文来自OTTVerse,作者为Krishna Rao Vijayanagar。</span></span></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">Easy-Tech</span></span></strong></span></span><span style="color: black;"><strong style="color: blue;">#016#——DRM</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><span style="color: black;">任何想要理解</span></span><strong style="color: blue;"><span style="color: black;"><span style="color: black;">DRM</span></span></strong><span style="color: black;"><span style="color: black;">(Digital Rights Management,数字版权管理)的人都要遇到AES、CDM、CENC、EME等缩略词。<span style="color: black;">针对</span>初学者<span style="color: black;">来讲</span>,这些词很容易混淆,但<span style="color: black;">仅有</span>理解了它们,<span style="color: black;">才可</span>真正地理解DRM。<span style="color: black;">咱们</span>将在本文中简单介绍DRM的基本<span style="color: black;">形成</span>:EME、CDM、AES、CENC以及密钥和密钥服务器的<span style="color: black;">运用</span>。</span></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">DRM系统的简化架构</span></span></strong></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">在上一期<span style="color: black;">文案</span>中,<span style="color: black;">咱们</span><span style="color: black;">已然</span><span style="color: black;">晓得</span>DRM<span style="color: black;">运用</span>加密技术和<span style="color: black;">商场</span>规则<span style="color: black;">掌控</span>数字内容<span style="color: black;">拜访</span>和消费。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">简单<span style="color: black;">来讲</span>,DRM系统<span style="color: black;">能够</span>:</span></p><span style="color: black;">为内容供应商加密内容<span style="color: black;">供给</span>工具和<span style="color: black;">基本</span><span style="color: black;">设备</span>。</span><span style="color: black;">围绕加密内容构建生态,从而使内容供应商能够<span style="color: black;">掌控</span>由谁来解密并消费内容。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">在上一期<span style="color: black;">文案</span>中,<span style="color: black;">咱们</span>看到Ram和Shyam将加密后的信息传递给对方。<span style="color: black;">同期</span>,Hari拿着<span style="color: black;">秘码</span>本,由他决定谁<span style="color: black;">能够</span>读/写信息,还记得吗?</span></p>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/8f523e2356524aa79ec0428156728204~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=sIK1aw%2BBBp2b4iQzbH6Kp3FTviI%3D" style="width: 50%; margin-bottom: 20px;"></div>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">此刻</span>,让<span style="color: black;">咱们</span>采用这个简单的系统,并把组件替换成<span style="color: black;">守护</span>和分发视频内容的技术。<span style="color: black;">瞧瞧</span><span style="color: black;">咱们</span>得到了什么?</span></p>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/fc1a365764b445f88c1a9e57133c27b8~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=A4GFWfWk1pUEjjhXK0wBjsbZOcA%3D" style="width: 50%; margin-bottom: 20px;"></div>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">从上图中<span style="color: black;">能够</span>看出,<span style="color: black;">咱们</span>想要向认证用户安全地发送一部电影。需要:</span></p><span style="color: black;">向DRM厂商的服务器请求<span style="color: black;">秘码</span>本</span><span style="color: black;"><span style="color: black;">而后</span><span style="color: black;">运用</span><span style="color: black;">秘码</span>本加密视频</span><span style="color: black;">将电影视频发送给用户</span><span style="color: black;">用户向DRM厂商的服务器请求<span style="color: black;">秘码</span>本解密视频</span><span style="color: black;"><span style="color: black;">此刻</span>用户就<span style="color: black;">能够</span>观看电影了</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">真棒!</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">这些就是关于DRM的所有知识吗?</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">不!<span style="color: black;">咱们</span>上文只是举了一个简单易懂的例子,说明<span style="color: black;">怎样</span><span style="color: black;">运用</span>DRM安全地传送电影。这个例子很好地描述了DRM的本质,但在现实中<span style="color: black;">没法</span>正常运行。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">接下来,<span style="color: black;">咱们</span>将<span style="color: black;">循序渐进</span>地重新思考、设计这个简单的系统,<span style="color: black;">瞧瞧</span>它是<span style="color: black;">怎样</span><span style="color: black;">经过</span>DRM传输视频的。<span style="color: black;">一块</span>来吧!</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">第1步:回到ABR技术</span></strong></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">讨论<span style="color: black;">次序</span>前,让<span style="color: black;">咱们</span>先来修改示例以适应视频传送中的ABR模型。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">复习ABR:</strong><span style="color: black;">经过</span><span style="color: black;">运用</span>ABR技术,电影<span style="color: black;">能够</span>被编码成<span style="color: black;">区别</span>的码率-分辨率组合(<span style="color: black;">亦</span><span style="color: black;">叫作</span>为码率阶梯)并被分割成小的视频块<span style="color: black;">或</span>切片。<span style="color: black;">每一个</span>视频切片<span style="color: black;">包括</span>几秒钟视频,<span style="color: black;">能够</span>被单独解码。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">打包</strong><span style="color: black;">指的是</span>将电影分割成小的视频切片,并<span style="color: black;">运用</span><span style="color: black;">名单</span>(manifest)<span style="color: black;">或</span>播放列表对其进行描述。当用户想要播放电影的时候,他需要<span style="color: black;">根据</span>播放列表的信息播放。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">按照</span>可用带宽,播放器请求特定码率版本的视频切片,CDN响应后返回被请求切片。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">MPEG DASH和HLS是<span style="color: black;">运用</span>ABR进行视频传输的常用手段。想要深入理解这些技术,请阅读:什么是HLS(HTTP Live Streaming)? 和Easy Tech:什么是MPEG-DASH协议。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">让<span style="color: black;">咱们</span>修改<span style="color: black;">照片</span>来<span style="color: black;">暗示</span>ABR视频传送。</span></p>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/e4a7b629d2bf4a388ae6bf3b27b082d9~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=%2Fl0KEVfcORCCLdnzzJHbwNz%2BKg0%3D" style="width: 50%; margin-bottom: 20px;"></div>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">打包和基于CDN的视频传输是其中<span style="color: black;">独一</span>更改的<span style="color: black;">过程</span>。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">好了,<span style="color: black;">此刻</span>让<span style="color: black;">咱们</span>进入加密环节。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">第2步:视频加密</span></strong></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">视频加密<span style="color: black;">指的是</span>当有人截获<span style="color: black;">咱们</span>的数据时,<span style="color: black;">保证</span><span style="color: black;">她们</span><span style="color: black;">没法</span>读取数据信息<span style="color: black;">或</span>观看视频内容。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">复习加密:</strong>加密是一种用于<span style="color: black;">守护</span>数据机密并防止未经授权的人读取数据的技术。加密技术<span style="color: black;">运用</span>密钥将输入数据(明文)转化为一种替代形式——密文。<span style="color: black;">无</span>密钥的<span style="color: black;">状况</span>下,几乎不可能将密文转换为明文。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">然而<span style="color: black;">实质</span>上,<span style="color: black;">无</span>密钥<span style="color: black;">亦</span>有可能解密,<span style="color: black;">然则</span><span style="color: black;">经过</span>逆向工程破解加密算法消耗巨大(<span style="color: black;">包含</span>时间、金钱以及所需计算资源)。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">AES</strong>(Advanced Encryption Standard)是最流行的加密技术之一。AES<span style="color: black;">亦</span>被<span style="color: black;">叫作</span>为Rijndael(由发明者的名字命名),2001年由美国国家标准技术<span style="color: black;">科研</span>所(NIST)推出标准,用于加密电子数据。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">AES的技术要点<span style="color: black;">包含</span>:</span></p><span style="color: black;">对<span style="color: black;">叫作</span>密钥加密算法:<span style="color: black;">运用</span>同一把密钥进行加密和解密。</span><span style="color: black;">基于密钥长度,有三种变体:128bit、192bit和256 bit。密钥长度越长,越难破解。</span><span style="color: black;">如果<span style="color: black;">无</span>密钥的话,破解AES-128需要10亿x10亿年,外加一台超级计算机。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">*鉴于<span style="color: black;">自己</span>并不是<span style="color: black;">秘码</span>学专家,<span style="color: black;">倘若</span>你想深入<span style="color: black;">认识</span>AES标准,<span style="color: black;">能够</span>查看AES的维基页面。</span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">重视</span>:</strong>在视频<span style="color: black;">行业</span>,加密不是编码,解密<span style="color: black;">亦</span><span style="color: black;">区别</span>于解码。<span style="color: black;">针对</span>视频而言,编码和解码常常分别指压缩和解压缩。想要对编、解码和视频编解码器有<span style="color: black;">更加多</span><span style="color: black;">认识</span>,请阅读<span style="color: black;">咱们</span>的<span style="color: black;">文案</span>:视频编码完全指南。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">加密技术<span style="color: black;">仅有</span>AES-128吗?</span></span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">不,还有其他类型的加密技术,让<span style="color: black;">咱们</span>用1分钟思考一下这句话的含义。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">倘若</span>内容供应商决定和三家<span style="color: black;">区别</span>的DRM<span style="color: black;">机构</span>合作,并且它们都<span style="color: black;">运用</span><span style="color: black;">区别</span>的加密技术,这<span style="color: black;">寓意</span>着内容<span style="color: black;">供给</span>商需要加密视频三次,而这么做无疑是对存储空间和其他资源的浪费。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">这<span style="color: black;">便是</span>CENC加密格式产生的<span style="color: black;">原由</span>——降低加密市场的碎片化趋势以及减少存储<span style="color: black;">需要</span>。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">下文中<span style="color: black;">咱们</span>会讲到。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">通用加密CENC</span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">在<span style="color: black;">咱们</span>深入<span style="color: black;">认识</span>CENC之前,让<span style="color: black;">咱们</span>先来看下OTT流<span style="color: black;">媒介</span>协议,尤其是CMAF。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">MPEG-DASH和HLS是<span style="color: black;">日前</span>最常用的两个协议。其他协议还有MSS(Microsoft Smooth Streaming)等,但我们今天暂不讨论。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">在视频传输中,MPEG-DASH<span style="color: black;">一般</span><span style="color: black;">运用</span>mp4容器格式,HLS<span style="color: black;">一般</span><span style="color: black;">运用</span>MPEG-TS (ts)格式。<span style="color: black;">倘若</span>某个内容供应商<span style="color: black;">同期</span><span style="color: black;">运用</span>MPEG-DASH和HLS,<span style="color: black;">那样</span>它需要存储一份mp4和ts文件格式的副本。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">此刻</span>,<span style="color: black;">咱们</span>加上DRM加密问题。假设三个DRM厂商<span style="color: black;">运用</span>三种<span style="color: black;">区别</span>的加密标准,<span style="color: black;">那样</span>内容<span style="color: black;">供给</span>商就需要为<span style="color: black;">每一个</span>视频存储2x3=6种副本。这对存储空间是多么大的浪费!</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">为<span style="color: black;">认识</span>决视频流<span style="color: black;">媒介</span>协议所带来的<span style="color: black;">第1</span>个问题,CMAF标准应运而生,该标准规定<span style="color: black;">能够</span>以分段mp4容器格式(fmp4) 存储视频。在MPEG-DASH 和HLS的支持下,你<span style="color: black;">此刻</span>只用创建一组视频,以fmp4格式存储,两种协议<span style="color: black;">运用</span>同一组文件<span style="color: black;">就可</span>。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">只要<span style="color: black;">保证</span>你创建了两个视频<span style="color: black;">名单</span>(叹气)。</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">统一加密<span style="color: black;">怎样</span>?</span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">倘若</span><span style="color: black;">区别</span>DRM技术<span style="color: black;">运用</span><span style="color: black;">区别</span>标准,<span style="color: black;">咱们</span>仍然需要为每份文件存储<span style="color: black;">区别</span>的副本,对吧?</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">为此,MPEG<span style="color: black;">研发</span>了<strong style="color: blue;">CENC</strong>(Common Encryption specification),规定视频既<span style="color: black;">能够</span><span style="color: black;">运用</span>cenc(AES-128 CTR),<span style="color: black;">亦</span><span style="color: black;">能够</span><span style="color: black;">运用</span>cbcs(AES-128 CBC)加密。CTR<span style="color: black;">表率</span>计数器模式;CBC<span style="color: black;">表率</span>密文分组链接模式。CENC<span style="color: black;">寓意</span>着内容<span style="color: black;">供给</span>商仅需加密视频一次,并且任何解密模块都<span style="color: black;">能够</span>解密它。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">重视</span>:</strong>只要密钥绝对安全,即使加密算法暴露<span style="color: black;">亦</span>不会出问题。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">CENC<span style="color: black;">亦</span>许听起来像是统一DRM的简单<span style="color: black;">办法</span>,但事实并非如此。</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">日前</span>市场中有三种<span style="color: black;">重点</span>的DRM技术:Apple FairPlay、Google Widevine和Microsoft PlayReady:</span></p><span style="color: black;">Apple FairPlay仅支持AES-CBC cbcs模式。</span><span style="color: black;">HLS仅支持AES-CBC cbcs模式(与CMAF无关)。</span><span style="color: black;">Widevine和PlayReady支持AES-128 CTR cenc和AES-128 CBC cbcs 模式。</span><span style="color: black;"><span style="color: black;">运用</span>CMAF的MPEG-DASH支持AES-128 CTR cenc 和AES-128 CBC cbcs 模式。</span><span style="color: black;">不<span style="color: black;">运用</span>CMAF的MPEG-DASH仅支持AES-128 CTR cenc模式。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">如你所见,CMAF和CENC标准<span style="color: black;">诱发</span>了流<span style="color: black;">媒介</span><span style="color: black;">行业</span>的混乱局面和碎片化。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">CMAF和AES-CBC cbcs模式的<span style="color: black;">广泛</span><span style="color: black;">运用</span>可能能够结束混乱的现象,<span style="color: black;">然则</span>它们将<span style="color: black;">怎样</span>影响仅支持CTR<span style="color: black;">或</span>仅支持MPEG-TS的传统设备?</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">咱们</span>下次再讨论。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">第3步:密钥、密钥ID和许可证服务器</span></strong></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">到<span style="color: black;">日前</span>为止,<span style="color: black;">咱们</span><span style="color: black;">已然</span>确定将<span style="color: black;">运用</span> AES-128bit对视频进行加密。在这个<span style="color: black;">周期</span>,<span style="color: black;">显现</span>的几个问题是:</span></p><span style="color: black;"><span style="color: black;">咱们</span>在哪里<span style="color: black;">得到</span>AES-128bit的加密密钥?</span><span style="color: black;"><span style="color: black;">怎样</span>将加密密钥和电影联系起来?</span><span style="color: black;">在哪里存储加密密钥?</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">让<span style="color: black;">咱们</span>来一一回答。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">从哪里<span style="color: black;">得到</span>AES-128bit的加密密钥?</span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">任何内容供应商都<span style="color: black;">能够</span><span style="color: black;">运用</span>专业软件手动生成加密密钥。<span style="color: black;">或</span>,由几个DRM厂商<span style="color: black;">供给</span>生成密钥的必需工具和软件。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">怎样</span>将加密密钥和电影联系在<span style="color: black;">一块</span>?</span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">让<span style="color: black;">咱们</span>先来理解这么做的原因。当你去住酒店的时候,你要向酒店前台报房间号,<span style="color: black;">才可</span>申领房间钥匙,对吧?你做的正是<span style="color: black;">经过</span><span style="color: black;">通知</span>房间号来为钥匙和房间<span style="color: black;">创立</span>联系。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">类似地,当你用一把密钥加密某部电影时,<span style="color: black;">咱们</span>就需要<span style="color: black;">创立</span>这种联系,并将它<span style="color: black;">供给</span>给DRM许可证服务器(<span style="color: black;">亦</span><span style="color: black;">便是</span>酒店前台)。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">在DRM中,密钥ID<span style="color: black;">供给</span>了加密密钥与电影之间的联系,它是一串独特的字符串,在为特定电影创建加密密钥时生成。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">最后,在哪里存储加密密钥和它的密钥ID?</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">加密密钥和密钥ID存储在和DRM许可证服务器<span style="color: black;">一块</span>工作的KMS(密钥库)中。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">当客户端需要播放加密电影时,它<span style="color: black;">经过</span><span style="color: black;">供给</span>此电影的密钥ID向DRM许可证服务器请求解密密钥。<span style="color: black;">倘若</span>DRM许可证服务器对请求(认证请求)认可,它将<span style="color: black;">需求</span>密钥库<span style="color: black;">供给</span>与该密钥ID对应的解密密钥。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">审校者注:<span style="color: black;">通常</span>向DRM许可证服务器申请的不是“解密密钥”,而是“许可证”, 许可证服务器会<span style="color: black;">按照</span>密钥ID申请解密密钥,<span style="color: black;">而后</span>生成许可证下发给客户端。</span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">加赠一问:</strong>密钥ID是<span style="color: black;">怎样</span>传送到播放器的?</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">基本原理:<span style="color: black;">无</span>密钥ID,许可证服务器<span style="color: black;">没法</span>查看电影的解密密钥。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">答案:</strong>密钥ID与DASH<span style="color: black;">或</span>HLS<span style="color: black;">名单</span><span style="color: black;">一块</span>被发送到视频播放器。播放器解析<span style="color: black;">名单</span>,找到密钥ID,<span style="color: black;">而后</span>向DRM许可证服务器请求密钥ID对应的解密密钥。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">此刻</span>,<span style="color: black;">咱们</span>来总结一下围绕加密密钥、密钥ID和许可证服务器的讨论。</span></p><span style="color: black;">加密密钥<span style="color: black;">拥有</span>保密性,需要和对应密钥ID存储在一个安全的密钥库。</span><span style="color: black;">密钥ID<span style="color: black;">能够</span>“公开”。</span><span style="color: black;">任何<span style="color: black;">持有</span>密钥ID的人都能向许可证服务器请求私密密钥(解密密钥)。由DRM厂商对请求者进行身份验证,<span style="color: black;">而后</span>再<span style="color: black;">供给</span>(或拒绝<span style="color: black;">供给</span>)解密密钥。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">下面这张图描绘了<span style="color: black;">咱们</span><span style="color: black;">刚才</span>所学的密钥、加密和许可证服务器知识。</span></p>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/3aa44767a158483ca99c95bf774eaa3c~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=leMRkMndFzvmPAXs%2BXrSgp4oQfo%3D" style="width: 50%; margin-bottom: 20px;"></div>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">第4步:在播放器和密钥服务器上解密视频</span></strong></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">在客户端(播放器应用),用户按下播放键,<span style="color: black;">起始</span>播放他想观看的电影。<span style="color: black;">此刻</span>视频播放器需要一种<span style="color: black;">办法</span>来识别电影是否被加密。否则,播放器将试图播放加密电影,继而崩溃,<span style="color: black;">最后</span><span style="color: black;">引起</span>糟糕的用户体验。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">能够</span><span style="color: black;">经过</span>以下方式发出电影已加密的信号:</span></p><span style="color: black;"><span style="color: black;">能够</span>在<span style="color: black;">名单</span>中添加注释,说明该电影已加密,且<span style="color: black;">供给</span>密钥ID。</span><span style="color: black;"><span style="color: black;">另一</span>一种<span style="color: black;">办法</span>:在视频码流中<span style="color: black;">插进</span><span style="color: black;">有些</span><span style="color: black;">包括</span>独特信息的字节。当播放器在播放前<span style="color: black;">检测</span>视频码流时,它就会采集到该独特信息,并确定这部电影已加密。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">播放器中接下来几个<span style="color: black;">过程</span>更为直观:</span></p><span style="color: black;">播放器<span style="color: black;">发掘</span>密钥ID并向许可证服务器请求解密密钥。</span><span style="color: black;">许可证服务器<span style="color: black;">经过</span>预定义的机制来识别播放器请求<span style="color: black;">是不是</span>经过验证。</span><span style="color: black;"><span style="color: black;">倘若</span>许可证服务器<span style="color: black;">经过</span>了播放器的验证,它将返回带有解密密钥信息的许可证。</span>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/eb778f499898412599bf50bf530ad0cc~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=B9BXpcfCMrOCSzuADIJi2XQghJ4%3D" style="width: 50%; margin-bottom: 20px;"></div>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">咱们</span><span style="color: black;">刚才</span>描绘了一个简单的<span style="color: black;">方法</span>,但无论在技术上还是<span style="color: black;">商场</span>上,都存在<span style="color: black;">非常多</span>问题。让<span style="color: black;">咱们</span>来<span style="color: black;">瞧瞧</span>最<span style="color: black;">起始</span><span style="color: black;">显现</span>的<span style="color: black;">有些</span>问题:</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">1、<span style="color: black;">咱们</span><span style="color: black;">已然</span>描述了一个原型“播放器”,它向 DRM许可证服务器发送解密密钥请求。<span style="color: black;">然则</span>:</span></p><span style="color: black;">许可证服务器<span style="color: black;">怎样</span><span style="color: black;">晓得</span>播放器<span style="color: black;">是不是</span>可信赖?</span><span style="color: black;"><span style="color: black;">倘若</span>播放器中的解密软件<span style="color: black;">泄密</span>出密钥和解密内容该怎么办?</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">2、<span style="color: black;">倘若</span>你是一个视频播放器<span style="color: black;">研发</span>者,你必须为<span style="color: black;">每一个</span>DRM技术<span style="color: black;">研发</span>解密模块吗?当它们更改界面时,你<span style="color: black;">亦</span>必须每次都要跟着更新吗?</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">另外</span>,播放器(客户端)中的事件序列如下所示:</span></p><span style="color: black;">从CDN获取电影及其<span style="color: black;">名单</span></span><span style="color: black;">在<span style="color: black;">名单</span>中提取出密钥ID</span><span style="color: black;">生成许可证请求</span><span style="color: black;">将请求发送给许可证服务器</span><span style="color: black;">静待许可证服务器的响应</span><span style="color: black;"><span style="color: black;">运用</span>来自服务器的解密许可证解密内容</span><span style="color: black;">解码解密内容</span><span style="color: black;"><span style="color: black;">表示</span>解码后的电影</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">一个单一程序<span style="color: black;">或</span><span style="color: black;">机构</span><span style="color: black;">没法</span>完成上面所有<span style="color: black;">过程</span>。</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">它将形成一个紧密耦合的架构,并<span style="color: black;">没法</span>实现任何<span style="color: black;">拥有</span>开放性、即插即用的生态系统。让<span style="color: black;">咱们</span><span style="color: black;">瞧瞧</span><span style="color: black;">能够</span>做些什么。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">播放端架构</span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">在播放器层面,前文描述的职责被划分为<span style="color: black;">区别</span>的模块,如下所示:</span></p><span style="color: black;">播放器负责获取电影,解析<span style="color: black;">名单</span>,提取密钥ID,向DRM许可证服务器发送请求等。</span><span style="color: black;">一个单独的模块(<span style="color: black;">叫作</span>为 CDM 或内容解密模块)负责创建许可证请求、解密和解码内容。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">此刻</span>,让<span style="color: black;">咱们</span>来看下CDM。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">内容解密模块CDM</span></span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">每一个</span>DRM厂商都会<span style="color: black;">供给</span>:</span></p><span style="color: black;">自己的机制创建许可证请求(<span style="color: black;">经过</span>密钥ID、设备标识符、签署请求等<span style="color: black;"><span style="color: black;">)。</span></span></span><span style="color: black;">自己的机制来理解从DRM许可证服务器接收到的许可响应(该响应<span style="color: black;">亦</span>被加密)并提取解密密钥。</span><span style="color: black;">在客户端本地存储许可证,许可证更新以及过期等规则。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">经过</span>上文这些细节,CDM模块便能够嵌入如Chrome、Firefox、Microsoft Edge和Safari<span style="color: black;">这般</span>的浏览器中。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">DRM厂商测试和验证这些CDM来<span style="color: black;">保证</span>:</span></p><span style="color: black;">许可证请求格式正确且符合规范。</span><span style="color: black;">它们不会<span style="color: black;">泄密</span>解密密钥。</span><span style="color: black;">它们不会<span style="color: black;">泄密</span>解密和解码电影。</span><span style="color: black;">它们能够<span style="color: black;">按照</span>许可证规范安全地存储解密密钥(<span style="color: black;">例如</span>存储密钥时长)。</span><span style="color: black;">安全地将视频传输到屏幕,不会<span style="color: black;">泄密</span>。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">因为</span>以上<span style="color: black;">原由</span>,浏览器中的CDM都是闭源的,这<span style="color: black;">亦</span>是行业和外界争议的根源。<span style="color: black;">由于</span>外界<span style="color: black;">没法</span>看到CDM中的源代码,<span style="color: black;">因此</span>人们<strong style="color: blue;"><span style="color: black;">没法</span>信任</strong>它。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">重视</span>:</strong><span style="color: black;">少许</span>几个浏览器<span style="color: black;">供给</span>关闭CDM的选项,<span style="color: black;">然则</span><span style="color: black;">倘若</span>你<span style="color: black;">这般</span>做了,将<span style="color: black;">没法</span>观看受到DRM<span style="color: black;">守护</span>的内容。这<span style="color: black;">便是</span>行业的权衡。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">下面是一张Firefox插件页面中Widevine插件的一张截图(来自我的Ubuntu 20.04计算机)。</span></p>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/314bd7b3a60a4426b667edd0229e1960~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=AOk5nMgG0wI9kSbKdykKQZVG9nQ%3D" style="width: 50%; margin-bottom: 20px;"></div>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">等等,<span style="color: black;">另一</span>一个技术细节<span style="color: black;">咱们</span>还<span style="color: black;">无</span>讨论。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">加密<span style="color: black;">媒介</span>扩展EME</span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">咱们</span>在前文<span style="color: black;">已然</span><span style="color: black;">晓得</span>,播放器应用需要与浏览器中的CDM“对话”,并与许可证服务器交换许可证信息,对吧?</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">为何</span>说这既是一个技术问题,<span style="color: black;">亦</span>是一个<span style="color: black;">商场</span>问题?</span></p><span style="color: black;">播放器厂商需要集成所有<span style="color: black;">区别</span>的许可证服务器和CDM,并跟踪其界面的更改以保持最新状态。</span><span style="color: black;">一家播放器<span style="color: black;">机构</span>说<span style="color: black;">她们</span>不会支持<span style="color: black;">有些</span>广受欢迎的平台,<span style="color: black;">由于</span>这些平台频繁更换界面,就会<span style="color: black;">引起</span>最后极有可能<span style="color: black;">无</span>人来购买播放器,那就糟糕了!</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">这就产生了介于播放器和CDM之间的<strong style="color: blue;">EME</strong>(加密<span style="color: black;">媒介</span>扩展)。EME 为播放器(应用程序)<span style="color: black;">供给</span>了一套标准化的 API 来与 CDM 进行通信。</span></p>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/34f57fd160404d8e962583f5242377a9~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=k%2Fh2vlJlRJjm9HPPHuC%2FYM0nfOM%3D" style="width: 50%; margin-bottom: 20px;"></div>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">此刻</span>让<span style="color: black;">咱们</span>来<span style="color: black;">认识</span>EME和CDM是<span style="color: black;">怎样</span><span style="color: black;">一块</span>工作的:</span></p><span style="color: black;">EME是一个JavaScript API。</span><span style="color: black;">CDM是解密视频、解码和<span style="color: black;">表示</span>视频(可选)的软件。</span><span style="color: black;">视频播放器是一个JavaScript程序,它<span style="color: black;">运用</span>EME API在CDM和许可证服务器之间传输信息。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">EME的<span style="color: black;">优良</span>是:</strong><span style="color: black;">因为</span>EME带来的互操作性,供应商和播放器厂商<span style="color: black;">能够</span><span style="color: black;">研发</span>能在<span style="color: black;">区别</span>浏览器观看视频的流<span style="color: black;">媒介</span>服务。你<span style="color: black;">能够</span><span style="color: black;">研发</span>一个<span style="color: black;">运用</span>EME标准与许可证服务器和CDM通信的App,而<span style="color: black;">不消</span><span style="color: black;">思虑</span><span style="color: black;">运用</span>哪个DRM平台和浏览器。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">视频解码和<span style="color: black;">表示</span></span></strong></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">视频被解密后,需要进行解码并<span style="color: black;">表示</span>给用户,这个过程是<span style="color: black;">不可</span>暴露解码、解密信息<span style="color: black;">或</span>原始帧的。CDM是解密数据的<span style="color: black;">第1</span>个接触点,它在阻止数据<span style="color: black;">泄密</span>方面发挥了重要作用。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">当播放视频时,CDM分别<span style="color: black;">能够</span>:</span></p><span style="color: black;">解密电影并将码流传送给应用程序(不太安全,<span style="color: black;">由于</span>有人会破解应用并转储视频)。</span><span style="color: black;">解密、解码并将解码后的视频帧发送到平台<span style="color: black;">表示</span>引擎。</span><span style="color: black;">自己解密、解码和<span style="color: black;">表示</span>视频(最安全)。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">这个过程在软件和设备硬件(更安全)中<span style="color: black;">亦</span>会<span style="color: black;">出现</span>。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">将所有技术集成在播放器(客户端),<span style="color: black;">咱们</span>得到了下面的图。</span></p>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/e5d178b0acce41dfa9a5297b72fd96aa~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=O1jwVZs00CDnBbtfbSBf5MNzu8s%3D" style="width: 50%; margin-bottom: 20px;"></div>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">咱们</span>的DRM系统原型<span style="color: black;">已然</span>就位。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">然则</span>还缺少<span style="color: black;">有些</span>能够吸引内容供应商的重要特性。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">第5步:身份验证、证书轮换和支持离线播放</span></strong></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">这里</span><span style="color: black;">周期</span>,我想将头部DRM技术供应商(<span style="color: black;">例如</span>Apple、谷歌和微软)和围绕这些技术<span style="color: black;">供给</span>服务的DRM厂商区<span style="color: black;">掰开</span>来。在这一部分,让<span style="color: black;">咱们</span><span style="color: black;">一块</span>来<span style="color: black;">认识</span>一下行业中对DRM技术(可能由DRM技术供应商或DRM厂商直接<span style="color: black;">供给</span>)所提出的<span style="color: black;">有些</span><span style="color: black;">商场</span>规则。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">用户身份验证</span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">FairPlay、Widevine和PlayReady<span style="color: black;">这般</span>的DRM技术供应商不<span style="color: black;">供给</span>用户身份验证服务。但DRM厂商<span style="color: black;">能够</span>!当用户按下播放键,一个单独的服务器来验证用户资格(<span style="color: black;">例如</span>用户ID)。它<span style="color: black;">按照</span>订阅级别、促销优惠码等信息<span style="color: black;">检测</span>用户<span style="color: black;">是不是</span>有权播放该内容。在服务器验证用户权限后,App<span style="color: black;">能够</span>向许可证服务器发出许可证申请。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">重视</span>:</strong>以上只是用户身份验证的简化版本,专业的DRM厂商需要更<span style="color: black;">繁杂</span>的验证流程。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">地域封锁</span></span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">当内容供应商想要阻止一部电影在某些地区的播放,就会<span style="color: black;">运用</span><strong style="color: blue;">地域封锁</strong>。和用户身份验证类似,这是大<span style="color: black;">都数</span>DRM厂商的附加服务。当用户按下播放键播放某部特定电影时,DRM厂商的服务器就<span style="color: black;">能够</span><span style="color: black;">检测</span>这部电影<span style="color: black;">是不是</span><span style="color: black;">能够</span>在用户所在地区观看。<span style="color: black;">按照</span>内容供应商设定的规则,许可证和加密密钥被传送(<span style="color: black;">或</span>拒接传送)给客户端。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">永久和非永久许可证</span></span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">顾名思义,许可证服务器在接收<strong style="color: blue;">永久许可证</strong>后,<span style="color: black;">能够</span>将其存储在客户端设备上。它<span style="color: black;">能够</span><span style="color: black;">始终</span>用来播放电影,直到许可证过期。在许可证过期之前,CDM需要生成一个许可证更新请求。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">非永久许可证</strong>用于立即播放电影。它们并<span style="color: black;">不可</span><span style="color: black;">长时间</span>存储,<span style="color: black;">通常</span>在当前播放会话过期后(<span style="color: black;">或</span>在会话中间,当设置了短期过期时间时)弃用。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">密钥轮换</span></span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">密钥轮换</strong><span style="color: black;">指的是</span>为了减少攻击,<span style="color: black;">运用</span><span style="color: black;">区别</span>密钥加密视频的<span style="color: black;">区别</span>部分(切片)。假如一个黑客<span style="color: black;">得到</span>了某部电影的密钥,在密钥轮换的<span style="color: black;">状况</span>下,他就只能观看这部电影的一小部分,<span style="color: black;">由于</span>其他部分<span style="color: black;">运用</span>了<span style="color: black;">区别</span>的密钥。除此之外,<span style="color: black;">经过</span><span style="color: black;">运用</span>多重密钥,你<span style="color: black;">能够</span>将<span style="color: black;">区别</span>的许可规则对应视频内容的<span style="color: black;">区别</span>部分。<span style="color: black;">例如</span>,某部电影的“幕后独家部分”只向Premium会员开放,其他免费订阅用户只能观看余下的电影内容。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">离线播放</span></span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">当网络连接不可用时,某些服务会<span style="color: black;">供给</span><strong style="color: blue;">离线播放</strong>视频。当我<span style="color: black;">晓得</span>我将要长途飞行时,我就会在Netflix上下载几部电影。在这种<span style="color: black;">状况</span>下,播放器无需与许可证服务器通信获取DRM密钥。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">同期</span>,DRM供应商需要<span style="color: black;">供给</span>一个能够将密钥安全存储在设备上的选项,<span style="color: black;">这般</span>内容<span style="color: black;">才可</span>被解锁,并在不联网的<span style="color: black;">状况</span>下播放。需要高度安全的CDM实现防止密钥<span style="color: black;">泄密</span>。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">视频的优化加密</span></span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">加密和解密电影有可能会非常昂贵,尤其是在UHD和4K电影中,这个时候就需要优化加密。其中一种优化<span style="color: black;">办法</span>是仅加密<span style="color: black;">每一个</span>视频切片的帧内容(关键帧或I帧或IDR帧)。这种<span style="color: black;">办法</span>有几个<span style="color: black;">优良</span>:</span></p><span style="color: black;"><span style="color: black;">由于</span>帧内容只占据电影中<span style="color: black;">所有</span>帧的一小部分,<span style="color: black;">因此</span>加密速度<span style="color: black;">火速</span>。</span><span style="color: black;"><span style="color: black;">仅有</span>在解码帧内容之后,它的<span style="color: black;">关联</span>帧(既依赖于I帧的帧)<span style="color: black;">才可</span>被解码。</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">因此呢</span>,<span style="color: black;">倘若</span><span style="color: black;">无</span>可解码的帧内容,电影就会变得毫无用处。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">Apple FairPlay中的SAMPLE-AES <span style="color: black;">便是</span>一个例子,它仅加密<span style="color: black;">每一个</span><span style="color: black;">媒介</span>切片的部分内容。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">安全级别和阻止播放某些分辨率视频</span></span></strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">内容解密<span style="color: black;">能够</span>在软件或硬件中进行,<span style="color: black;">通常</span><span style="color: black;">状况</span>下,硬件解密被认为更安全,<span style="color: black;">由于</span>解密操作<span style="color: black;">出现</span>在<strong style="color: blue;">可信执行环境</strong>中(TEE,Trusted Execution Environment)。维基百科对TEE的定义是:主处理器的安全区域,能够<span style="color: black;">保证</span>加载代码和数据的私密性和完整性。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">然而,<span style="color: black;">有些</span>设备(<span style="color: black;">通常</span>是低端设备)<span style="color: black;">不可</span>进行硬件解密和解码。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">内容供应商需要一种机制来有<span style="color: black;">要求</span>地<span style="color: black;">准许</span>/阻止在<span style="color: black;">各样</span>设备上播放视频。一种直接的<span style="color: black;">办法</span>是生成DRM许可证,指定<span style="color: black;">准许</span><span style="color: black;">那些</span>设备播放电影码率阶梯中的某些分辨率。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">结 语</span></strong></span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">我<span style="color: black;">期盼</span>你<span style="color: black;">此刻</span><span style="color: black;">已然</span><span style="color: black;">认识</span> AES、EME、CDM、CENC、密钥和密钥服务器是<span style="color: black;">怎样</span><span style="color: black;">形成</span> DRM 系统的。</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;">感谢阅读,<span style="color: black;">咱们</span>下期<span style="color: black;">文案</span>见!</span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">致谢:</strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">本文已<span style="color: black;">得到</span>作者Krishna Rao Vijayanagar授权翻译和发布,特此感谢。</span></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;">原文链接:<span style="color: black;"><span style="color: black;">https://ottverse.com/eme-cenc-cdm-aes-keys-drm-digital-rights-management/</span></span></span></span></p>
<div style="color: black; text-align: left; margin-bottom: 10px;"><img src="https://p3-sign.toutiaoimg.com/tos-cn-i-qvj2lq49k0/f07e01c600584301997ce0b736324ffb~noop.image?_iz=58558&from=article.pc_detail&lk3s=953192f4&x-expires=1728089278&x-signature=G0EsC9jRlcBFsUiHbOzJpeb9eX8%3D" style="width: 50%; margin-bottom: 20px;"></div>
页:
[1]