10 Encryption
26.2443GPP3GPP file format (3GP)Release 17Transparent end-to-end Packet-switched Streaming Service (PSS)TS
10.1 General
A 3GP file may include encrypted media together with information on key management and requirements for decrypting and/or serving encrypted media. Tracks containing encrypted media use dedicated sample entries for encrypted media, which will be ignored by 3GP readers not capable of handling encrypted media. 3GP readers capable of detecting encrypted media are able to obtain "in the clear" the sample entries that apply to the decrypted media as well as all requirements for decrypting the media. Moreover, 3GP readers supporting extended presentations (see clause 11) referring to media files rather than media tracks are provided with all requirements for decrypting media files.
Clause 10.2 and 10.3 are provided here for information in the context of 3GP files. The definitions follow from [7].
10.2 Sample entries for encrypted media tracks
The sample entries stored in the sample description box of a media track in a 3GP file identify the format of the encoded media, i.e. codec and other coding parameters. All valid sample entries for unencrypted media in a 3GP file are described in Clause 6. The principle behind storing encrypted media in a track is to "disguise" the original sample entry with a generic sample entry for encrypted media. Table 10.1 gives an overview of the formats (identifying sample entries) that can be used in 3GP files for signalling encrypted video, audio and text.
Table 10.1: Formats for encrypted media tracks
|
Format |
Original format |
Media content |
|
‘encv’ |
‘s263’, , ‘avc1’, … |
encrypted video: H.263, H.264(AVC), … |
|
‘enca’ |
‘samr’, ‘sawb’, ‘sawp’, ‘mp4a’, … |
encrypted audio: AMR, AMR-WB, AMR-WB+, Enhanced aacPlus, AAC, … |
|
‘enct’ |
‘tx3g’, … |
encrypted text: timed text, … |
The generic sample entries for encrypted media replicate the original sample entries and include a Protection scheme information box with details on the original format, as well as all requirements for decrypting the encoded media. The EncryptedVideoSampleEntry and the EncryptedAudioSampleEntry are defined in Tables 10.2 and 10.3, where the ProtectionSchemeInfoBox (defined in clause 10.2) is simply added to the list of boxes contained in a sample entry.
Table 10.2: EncryptedVideoSampleEntry
|
Field |
Type |
Details |
Value |
|
BoxHeader.Size |
Unsigned int(32) |
||
|
BoxHeader.Type |
Unsigned int(32) |
‘encv’ |
|
|
All fields and boxes of a visual sample entry, H263SampleEntry. |
|||
|
ProtectionSchemeInfoBox |
Box with information on the original format and encryption |
||
Table 10.3: EncryptedAudioSampleEntry
|
Field |
Type |
Details |
Value |
|
BoxHeader.Size |
Unsigned int(32) |
||
|
BoxHeader.Type |
Unsigned int(32) |
‘enca’ |
|
|
All fields and boxes in an audio sample entry, e.g. MP4AudioSampleEntry or AMRSampleEntry. |
|||
|
ProtectionSchemeInfoBox |
Box with information on the original format and encryption |
||
The EncryptedVideoSampleEntry and the EncryptedAudioSampleEntry can also be used with any additional codecs added to the 3GP file format, as long as their sample entries are based on the SampleEntry of the ISO base media file format [7].
The EncryptedTextSampleEntry is defined in Table 10.4. Text tracks are specific to 3GP files and defined by the Timed text format [4]. In analogy with the cases for audio and video, a ProtectionSchemeInfoBox is added to the list of contained boxes.
Table 10.4: EncryptedTextSampleEntry
|
Field |
Type |
Details |
Value |
|
BoxHeader.Size |
Unsigned int(32) |
||
|
BoxHeader.Type |
Unsigned int(32) |
‘enct’ |
|
|
All fields and boxes of TextSampleEntry. |
|||
|
ProtectionSchemeInfoBox |
Box with information on the original format and encryption |
||
NOTE: The boxes within the sample entries defined in Tables 10.2-10.4 may not precede any of the fields. The order of the boxes (including the ProtectionSchemeInfoBox) is not important though.
10.3 Key management
The necessary requirements for decrypting media are stored in the Protection scheme information box. For the case of media tracks, it contains the Original format box, which identifies the codec of the decrypted media. For both media tracks and media files, it contains the Scheme type box, which identifies the protection scheme used to protect the media, and the Scheme information box, which contains scheme-specific data (defined for each scheme). It is out of the scope of this specification to define a protection scheme.
The Protection scheme information box and its contained boxes are defined in Tables 10.5 – 10.8.
Table 10.5: ProtectionSchemeInfoBox
|
Field |
Type |
Details |
Value |
|
BoxHeader.Size |
Unsigned int(32) |
||
|
BoxHeader.Type |
Unsigned int(32) |
‘sinf’ |
|
|
OriginalFormatBox |
Box containing identifying the original format |
||
|
SchemeTypeBox |
Optional box containing the protection scheme. |
||
|
SchemeInformationBox |
Optional box containing the scheme information. |
Table 10.6: OriginalFormatBox
|
Field |
Type |
Details |
Value |
|
BoxHeader.Size |
Unsigned int(32) |
||
|
BoxHeader.Type |
Unsigned int(32) |
‘frma’ |
|
|
DataFormat |
Unsigned int(32) |
original format |
DataFormat identifies the format (sample entry) of the decrypted, encoded data. The currently defined formats in 3GP files include ‘mp4v’, ‘h263’, ‘avc1’, ‘hvc1’, ‘hev1’, ‘mp4a’, ‘samr’, ‘sawb’, ‘sawp’ and ‘tx3g’.
Table 10.7: SchemeTypeBox
|
Field |
Type |
Details |
Value |
|
BoxHeader.Size |
Unsigned int(32) |
||
|
BoxHeader.Type |
Unsigned int(32) |
‘schm’ |
|
|
BoxHeader.Version |
Unsigned int(8) |
0 |
|
|
BoxHeader.Flags |
Bit(24) |
0 or 1 |
|
|
SchemeType |
Unsigned int(32) |
four-character code identifying the scheme |
|
|
SchemeVersion |
Unsigned int(32) |
Version number |
|
|
SchemeURI |
Unsigned int(8)[ ] |
Browser URI (null-terminated UTF-8 string). Present if (Flags & 1) true |
SchemeType and SchemeVersion identifiy the encryption scheme and its version. As an option, it is possible to include SchemeURI with an URI pointing to a web page for users that don’t have the encryption scheme installed.
Table 10.8: SchemeInformationBox
|
Field |
Type |
Details |
Value |
|
BoxHeader.Size |
Unsigned int(32) |
||
|
BoxHeader.Type |
Unsigned int(32) |
‘schi’ |
|
|
Box(es) specific to scheme identified by SchemeType |
The boxes contained in the Scheme information box are defined by the scheme type, which is out of the scope of this specification to define.