Digital Cinema Security

i hope that it was good now we enter into a world where moviegoers generate tens of billions of dollars of revenue a year tim defoe stands to discuss digital cinema security i was hoping for intro like that hi everyone uh welcome back from lunch and uh glad you're at besides 2020 this year uh my name is tim defoe i'm presenting on digital cinema security and i want to get into some of why i'm interested in this it's a personal interest this is a opinions are my own sort of good faith talk that i want to get into some of the security and some of the interesting parts of this i have a lot of experience on standards bodies

for securities this is part of why i had an interest in this what i'm really hoping you'll take away from this talk is that when it comes to um big asset values and security solutions that's starting to get in the realm of hardware when you're starting to get away from the trust and some kind of other sorts of security um these are some examples i think you can really learn from and take something away from so in terms of the scope of this talk i had to necessarily limit it because most of these topics are talk in and of themselves this forensic marking you could have a talk on that for an hour so let me talk

about digital cinema and the transition to it and the dcp format some of the security that's built into that and get about what is a dcp and how they're made um so in terms of dr ram we'll be talking about that and obviously this talk is also not a pro con on dm drm this is just a technology talk so in terms of film as an asset the thing i want you to take away here is that film became a business asset very quickly uh in terms of the formation of the industry obviously film's a cultural aspect uh sorry asset and a phenomenon but um it very quickly became business and you can see right here in terms of

like the asset values you know jaws being the first domestic box office smash to beat a hundred million and then to go on some more um and then the global box office uh grabbed last year being two sorry 42.5 billion dollars so this is a very um still new and growing industry but it's very profitable industry and now they're facing the transition between those old 35 millimeter assets to digital assets we're in the d cinema digital cinema era now so this is something that started around you know 1999-2001 i think jurassic park three may have been the first digital only premiere so um we're still kind of new here and you can see the difference even

in the film festival circuit that five years made at con this took off very quickly and it did so because there was very clear business goals they wanted to meet or exceed the reliability of 35 millimeter and change the way they're distributing films and you know get into some different levels of projections so the issue that we face as security people though and that the industry has faced is that digital formats come with all the digital security challenges that we're used to and when we're talking about asset values like these those challenges are no joke um we're talking about um you know when dark knight came out and it was a very big deal because it was a 200

plus million budget it was you know broke one billion at the box office and now we're looking at the sort of marvel universe we're looking at the kind of um you know lifetime growth something like endgame might see so if you think about the asset values you've protected in your work you can probably contrast it and compare it to what you're seeing here and see that this is a serious security problem um and they're also up against um profoundly patient and persistent interested adversaries so traditionally um how the film industry has done their physical security their operational security in protecting you know their post houses um these are some of the things they've done for a long time they did it with

film and some of the things are well known but some of them are interesting like the code names um if you work at a post house and avengers end game is in your post house you don't run around talking about end game in the hallway all day you talk about mary lou you use the code name um you think it's made me physically labeled with a code name so there's things that they do to just keep things on the down low and compartmentalize they're also subject to audit all these production consortiums and you know alliances and associations have the right to audit they can make sure your facility security is where it needs to be

to do the kind of work and deal with these assets that they have and also comes down to trust and reputation film can be a small community and there are expectations about trust and integrity if you're a vfx house that loses a movie everyone you know year or two guess what you're not doing in two or three years being a vfx house anymore um trust and reputation goes a long way but there's also ways to do trust in the digital world we'll get into um physical controls over a film is something that's been happening for a long time this has always existed but now we're in the digital cinema era and instead of locking up a film canister

now we're taking around what's called the dcp which is basically a hard drive and an enclosure uh it's a crew drive enclosure they're ext 3 formatted some specific i know size and they're transported around pelican cases i don't want to get too much into this side of it though because it's a great talk from defcon 16 that mike renland gave i think if this interest in you in the sort of projection booth in the theater side check out his talk what i want to get into is the dcp format so the dcp format is the digital cinema package um the best way to describe it dcp is the content delivery package for digital cinema this is a thing that goes

from the post house when they do their distribution master the dc dm package it up and get it to a theater so they can display it and show it and we can go see it um in terms of what comprises a dcp what constitutes it's basically a mix of xml in a format called mxf mxf is an exchange format it's basically wrapping your encapsulation if you looked at the header and footer design it would remind you a lot of protocols and a lot of file formats this used to just generically wrap different kinds of media essence in terms of sound and picture um and yes it has an rfc someone from pbs actually submitted this rfc in 2006 and there's

different kinds of dcps there's interop which is basically the original version when digital cinema got started in those early days and then there's a new reform called simply dcp and i'll get in some of the differences later um there's a very complex naming convention for dcps um and it's it's amazing how much information emitted you can convey in just a name in this the inner society digital cinema forum is the people that uh codify and uh standardize on these names and finally once the dscp is created in in this crew drive you transport it via physical media you can't transport it you get usb and sometimes they are transmitted via satellite so here is what a crew drive looks like

it is an enclosure it's lockable it's ruggedized the the back pins i think they have a insertion um meantime to be failure about 30 000 in insertions into a media server so these are pretty burly little things and this is the standard enclosure for uh digital cinema and if you want to see how ruggedized it is if you have any knowledge of what a cage code is or what an nsn number is you'll see two dx115s here um crew has been playing in other markets for some times in terms of ruggedized gear and this speaks to that and as you can see here digital cinema is universally loved and no one has any problems with every you know movies

living on hard drives everyone thinks it's a great idea um there's no controversy at all and i think that the best way here to to celebrate our friend quentin in the the death of all cinema is to build our own dcp so that's exactly what i did for this talk i created my own besides toronto 2020 um feature of the movie and created a dcp out of it so what is in the dcp for real um picture picture and audio that's your media assets and those are the mxf files but you also have other things you'll have subtitles you'll have fonts because you don't necessarily want to use the dorky projector default font you want

your cool font on screen there could be versioning there could be versions of that movie there could be subtitle language versions and some metadata about that content there'd be metadata about the composition and some of the things including the security yes there's security in the dcp and yes it is optional you don't have to secure and encrypt tcps but for the kind of asset values we're talking about you are so in terms of the metadata the xml all the various things on these drives what is it the first thing is a composition playlist and the best way to explain this is that you don't play a dcp you you distribute and install and just a

dcp contents but you were playing from the composition playlist this is the place that a theater would generate their show playlist from and it includes a uuid that absolutely uniquely identifies that dcp that's a very important thing there's an rfc for it um there's also a packing list the packing list is going to contain all those mxfs the sound your audio um all those are going to be in that packing list and they are assigned their base64 encoded mxf hashes so that scene retired tyler durden just puts in the one frame of film not so much with this every one of those files is hashed and encrypted so in terms of the rest of the drive you'll

have a volume index and asset map just to show you the structure and give you some information about that particular dcp drive so this is a lot in terms of format who's who you know who's responsible for setting this up well dcp does pretty dci but digital sentiment initiatives is basically the industry consortium that is currently running the d cinema specification uh the best way to describe them would be it's where the film production world and all the production houses meet the equipment world so the dolbys and the dormies and marcos and christie there was very simple business goals in forming dci and creating the digital cinema security model and the way it's done in the dci spec

about 40 to 50 percent of that spec is security so that kind of speaks to some of their business goals and their mindset in designing this and they had some good mindset in terms of open security architecture in terms of making sure that um they had rules in terms of how certificates and keys are generated uh they wanted to make sure that there was gonna be you know some good sense of rigor and that included up into um our up in two including um fips 140-3 or sorry 154-2 certification of the media blocks of the actual secure portion um of the d cinema infrastructure these could be a board or a module or even a blade that goes right

into a projector or it could be a standalone device in a rack that talks to a media server or could be built into a media server potentially so the media block is kind of the security processing brain of what we're talking about when we talk about the d cinema model there's more specific kind of specific words about these things but for the purpose of this talk i want to just talk about media blocks in terms of the fips 140 to level 3 physical security what we're talking about is tamper resistance and tamper reactivity um you can't just go into the non-serviceable parts of that board it will zero-eyes keys it will wipe csps it will react to that attack uh in terms

of the the chassis and enclosures and doors um projectors of this type don't play if the doors are open um there's switches and monitoring an audit of the physical chassis and everything is logged and those logs are signed so this gives you a sense of the physical security that has to exist because these media blocks and these media servers are installed in theaters they are not necessarily you know uh completely secure environments they are managed environments but um dci has to due to the asset values through the business impact um take this to the next level anyhow and the securing engineering and the hardware side the big key thing to take away here is that there is a vendor install

certificate actually several certificates inside that media block they're in secure silicon and they are protected in a non-serviceable portion of that chassis that's monitored so in terms of the cryptography that's on these boxes um you'll see here some of the usual cryptographic suspects and here's what they're used for so we have good old aes 128 cbc mode this is that picture in audio mxf those wrappers um this is how they're encrypting it so that's your your block cipher on all of that data and you also have data links it's possible if you have a media block that's um standalone or rack mount um you may have some meteor data links to the projector and you need to do aes across that you can't

just be talking to certain other pieces of gear in the clear this is not the level of security we're at with cinema at this level um and also you have your certificates you have your sha-256 rsa 2048 uh certificates there's signing going on and there is some hashing and here's one that's the interesting one is the sha1 there is shot one happening here um before you freak out i would say do some research on both hmac construction and how the optimal asymmetric encryption padding works um and ask yourself just you know what is the collision resistance really demanded by these two functions so i would check that first but i will say there are there is some sha-1 hashing happening in

the security model and i've looked at both um interrupt and simply dcps to validate this so that is uh an interesting thing to note so in terms of dci and how these certificates get in the hardware well here's the list these are the only vendors the dci allows to have a dci recognized cert cut and installed from the manufacturer into the secure silicon on these media block devices and you'll see here you'll have dolby door and you have some media server type companies but you also have projector companies like marco and christy um so they would be looking at media blocks that could maybe install as a blade or a module directly in a projector but this is actually the

entire list it's a very small select group of companies that answer to a small consortium of production companies and here's a good example of a fifth cert this is a fifth search for the um the security uh media block that would go into an ims 3000 that's a dolby media server um so you can see here that they've actually exceeded the the physical security uh they're actually doing level three but they're also doing level three fips at the design assurance and the authentication level because there's actually a lot of role based access access control on these media servers there's tends to be different accounts that could do certain things you can't just show up as the person

that does the show playlist and also necessarily change security settings so you can see here that this is an officially certified item and in fact for a while dolby was fully fip certifying fully level three um some of the products so i think that's a really interesting data point about how far they're willing to go to meet and exceed the dci standard and there's a level of security engineer we're talking about here it's not everything in the entertainment world it gets built to this kind of spec and here's a picture of a media blog this is dolby cat 745 you can see it's a rack mount kind of ruggedized looking box and this is where that secure

silicon that holds those uh rsa keys is gonna live in a theater and this would be an imb um screen certificate this is the media block screen certificate um screen certificate just means that this is the certificate that controls what that can send to the projector and actually display and you can see it here represented in x509 they use a somewhat constrained version of x509 version three but you can see here it identifies itself as a media block as a cat 745 and spells out it's using rsa 2048 and shops 256. oh sorry shot 256. um and this that's about it basically this certificate is used to properly get that aes key uh to that media block encrypted and allow it

to read the content that dcp and it can actually read it either ingest it into the media server and actually you can play media directly off the dcp in cases so who wants to do this who is asking you for dcps well one place they'll ask you for dcps is film festivals so here's sundat's 2020 and here's their instructions for how to get them dcps and you can see here this is con 2019 and this is con 2020 the marshaded film and they're asking for dcps and how to encrypt them and what you're starting to see here from sundance and here is they strongly recommend delivering non-encrypted dcps um that is not always possible um there are some really big

films that screen these festivals that likely can't take those chances in those cases you see they're asking for something called a kdm so what is a kdm how does this how does this interact with a dcp to get your film to con which hopefully you want to do as a filmmaker um it's a key delivery message and the best way to describe this is this is the control distribution of the aes key to the end point to the theater will be displayed so that essence encryption for the mxfs in that dcp are going to be unlocked by this this key but it has to get there securely using rsa it's also considered a simply extra theater

message and then the kdm is a message that leaves the theater and it comes from outside the theater they're always cut to a target certificate so if you remember that picture that dolby 745 when i created the dcp for this presentation i got adobe 745 certificate and i wrote my kdm to it so i'm saying i'm targeting this particular not even particular theater particular screen in a particular part of that theater um on my booking dates and you can also do this with a trusted device list um there are um distributors that do nothing except keep lists of where your bookings will be what screens they have which media blocks they have they will validate all

that hardware as current and they will be able to generate kdm's for you so you can imagine there's a lot of maintenance that goes into these lists but that's part of the logistics of the security model one of the big things that kdm does other than getting that key there is it determines a play-out window and this is when the movie can and can't screen uh they can only screen for particular duration um that is just part of what they do to control security and control bookings for you know films of this level and there's various ways to get these ktms there and the one often uses just email it's all public key cryptography so they

just email the xml over um an aspect of this i want to get into very briefly is that you can get a distribution kdm when you're submitting these film festivals um they often might not know which screen you're projecting on just yet so they need the ability to cut kdm's on your behalf of their media blocks so you can cut them a distribution version kdm that uses the exact same format that'll allow them to do that and finally for um anyone using encrypted dcps um there's a few um i think four or five situations where a dcp will not screen a movie and one of them is you've not ingested valid kdm if that's encrypted there's no kdm the show

does not go on so i don't expect you actually read this screen but this is the entirety of a kdm a key delivery message and i can zoom in here a little bit you can see it identifies itself it's got that rfc uuid at the top it identifies itself as the besides toronto 2020 feature film um in the issue date of the kdm and gives you information of where this kdm came from this is the interesting part this is the crucial part of the kdn that determines the dates where the movie is actually going to screen and when i say crucial i mean when you go to author at kdm this is literally the first thing

that asks you is when is the movie screening for how long um what you can see here is that for the besides toronto 2020 movie i have cut the um the play-out window to be valid for the duration of this talk so from one to 140 today you can play this movie um and you can see again it's cut for adobe cat 745 of that particular serial number and right here at the top here are your aes keys so my movie had um one mxf for picture one mxf for audio you can see here this kdm is carrying two aes keys to that theater for those two mxfs so what this means is when you have a dcp

you're going to have mxfs that are individually aes encrypted and then the composition playlist the packing list and the kdm are all signed so in terms of trying to alter any of this stuff it's not going to happen um all these things are interleaved just so and are signed and validated to prevent you from doing that and in terms of um changing those mxfs or doing anything to them this is designed to not let you do that so here's the question i've just basically fire hosed you with dcp um breakdowns in design how secure is this how secure is this model my take is that there's no widespread sense that the inherent model um that's

that's operated by dci um has been broken in any way uh i don't get that sense at all from what i've done research for this talk but there have been some different rumors and i want to express them i'm going to do that carefully as i can so uh in 2016 there was a rumor that a 4k version of the hateful eight had been leaked and it was leaked um and the people that leaked it were kind of running their mouth a bit about cracking dcp to get it this obviously caused a lot of concern in the industry given how much has gone into this model you can see um but it doesn't seem to be the case

and the main thing is that there just hasn't really been a pattern of leaks since then um generally speaking in talking with private um sorry piracy um analysts that i talked about in in the industry um there's a trickle in a flood pattern where if you have a true break and a true leak and you can look back and see this pattern you'll see a big feature nothing a big feature nothing and then you'll see 20 titles and that didn't happen after 2016. um what happened is this one thing happened and there hasn't been a lot since um so that seems that rumor was probably not true the next rumor is concerning is it's about something called ghost one or

ghost number one um this is a story that came to china about mid last year about a series one pre-dci rumored projector that someone had cloned a valid rsa key pair into um obviously that being a series one older model it doesn't have the non-serviceable um secure silicon all that stuff in it um but the point is that uh and this is conjecture this has been reported this has been written up but i don't want to con i don't convey it in any other sense then um i've heard this and i need to share it um but the idea is that they had a ring of people that could supply them with valid dcps um and they built this into quite a

little enterprise and they actually had to use physical intrusion to obtain those keys so i'm presenting this to this audience as sort of unconfirmed information i encourage you to research this if you're interested in i'm going to continue researching it myself but it's something that um really points out that supply chain security and we're back to trust um these vendors have a responsibility to adhere the dci spec and there's rules that they can and can't do with these certs and what they can't retain from search they have in the field that was really changed um a few years back and so we need to make sure that make sure that the supply chain manufacturer side is going to be there to back this

up it also means that the standards bodies behind these standards need to stay relevant and engaged they have to make sure that those relationships with those vendors are intact so they can play the role they need to play to make sure that supply chain question is being addressed but i think rumors aside um given the business goals that dci had they were very simple um you know make sure that we know where movies gonna play the movie plays where it's supposed to play when it's supposed to play and you know protect a certain business case that they had and given the business goals and given the fact that as a design level consideration they want to make

sure they didn't need um it people to do this in theaters they wanted something that could be done as a day-to-day business they didn't want to have something elaborate um the level of security they've managed to build out and the level of hardware security and the buy-in they've got from vendors um given those business goals this is actually tremendous i think that dci has done something really spectacular and i think it's something that other other um parts of industry and those of us in infosec um can take away in terms of how to build systems that incorporate trust hardware and how to solve something where the asset values have really really climbed some observations however i carefully

titled this slide observations um there's things i've noticed going through these things and looking at dcps and the specs um and one is that the dci spec has a lot of controls and caveats about um key generation uh for those rsa certs um use of uh secure drbg storage and handling on the vendor side on the equipment side there's a lot of those rules i haven't come across a whole lot yet about the dcp authoring aside and when i was you know cutting dcps and kdm's in terms of the aes key generation or you know we're using cbc mode i didn't get any pop-up about random versus fixed ivs i didn't i didn't see anything like that and i can

tell you right now that when i did author this dcp it dumped that aes key in the clear to an xml file in my working directory um good enough for my you know film school grad project yes good enough for avengers endgame no um and this is the hard truth of it is that because the cinema scene amateur film creator culture has expanded so much there's been a tremendous growing demand to supply dcp authoring tools to a broader community that's great that's awesome the hard truth is that some of these dcp authoring tools have a hard time authoring dcps that work as a security person i have a hard time making a leap that those same tools are also

flawlessly doing um aes key generation key handling key storage all this stuff um flawlessly on the dcp authoring aside and i say that partly because of that clear text aes key um would a cinemagrade professional dcp authoring suite mastering a suite using a properly encrypted key store probably yes and that's my understanding that they do but i think this bears some some study and and some further questions um and especially when this empty standard for mxf essence encryption has an abstract that reads we don't specify how you manage your cryptographic keys in the standard you know we will create a syntax and then you know design for it um but this kind of doubles the

curiosity of this question in the dci spec itself there's a lot of tls mentioned tls is not necessary to use in the same environment but there could be times when you're using it there could be things where you have tls happening over certain kinds of links or networks you may have a nas dolby sells a nas with dolby firmware on it it's a qnap adobe firmware there's different things where there could be tls happening um they're very clear on tls versions they're not clear in tls cipher suites and this is interesting because they're all over the fips 140-2 and now 140-3 certifications but there's a lot of non-fips ciphers in the cypher suites for tls 1.3

so this this struck me is a little odd in terms of not constraining or recommending cypher suites in these environments there's also the fact that mxf is a wrapper it's an encapsulation format right in the 2006 rfc for mxf there's a warning that someone could wrap executable code in the mxf format and if you were to trust that uh you might experience a denial of service um i'm sure the people at this conference can think of way more interesting than things we could do with mxf if we could convince people in these environments to run stuff as executables from them i am not convinced that a warning nrc addresses this and i think that we're in

a different world now from when this may have been considered so i think that in terms of the resilience of authoring suites and equipment um i would look into this there's also uh in the media block and sort of the media server world um there's a whole lot of auto scanning and auto discovery going on in some of this equipment and if you look at how incredibly secure and buttoned down the media blocks are this struck me a little strange to see the amount of auto detection and auto discovery going on that and i would assume is going on securely and with good design but it's a lot and finally satellite distribution dcps like i said are usually physically taken

to a theater um they can be distributed by satellite um unfortunately um we're in a different world now this is a now versus den thing and when i say then i mean i've seen diagrams of cinema networks where there's firewalls in front of all the scary internet stuff and nothing in front of the satellite link and if you look at um james pavris talks from blackout or defcon this year um i think they're very eye-opening in terms of the current state-of-the-art and amateur satellite intercepts and what can and can't be done the aerospace village has some fascinating talks in this topic and i think this is an area to look at so in terms of other areas that are

following suite other industries that may have taken some lessons from this already um i think it's likely that's happened i think a really good example is likely the xbox one came out in 2013. um tony chen gave a fantastic talk at the uh platform security summit in redmond last year about what actually went into the design the hardware design of the xbox one and it was jaw dropping much like dci did extremely simple business goals we don't want people cheating on xbox live we don't want people stealing and selling games the their list of business goals is very simple and they took that and ran with it and what they designed is bananas um it is a custom system on chip there is

literally nothing in the clear outside that system on a chip that system on chap and chip actively assumes every piece of hardware in the box is trying to attack it and defeat it um they are monitoring for voltage side channel attacks environmental this is almost fips level four stuff in an xbox um and it's all hypervisor based it's all multiple operating systems and there's successive levels of encryption decryption and signing that happen in hashing within this device that make it in tony chen's words utterly miserable for attackers and the thing that really impressed me about this is that they're really leveraging the manufacturer the the build time of the devices to make sure they can you know much like dci

get trusted protected certs on those devices and actually properly bury them and properly protect them and do proper you know hard resets on cold boots like they've really taken at that level and what i would love to be able to do is i'd love to go back in time and tell someone from the 90s you know uh by the way the you know you've seen the new memory management for trusted solaris they've really started using the features from the gameboy to secure that because that's where we're at the hypervisor security in xbox one has trickled into the windows server ecosystem which is one of the most mind-blowing things if if you could take anything in this talk in terms of where

we are at and trust in hardware security and security engineering that one's awesome and i think this is the sort of thing where in my perspective um i see the lessons dci showing up in other fields now like the xbox uh xbox one um and finally it's also a format called imf this is the uh the interoperable uh master format and uh this is something that sentinel groups are working on and the reason i'm bringing up is because you may have noticed i have not mentioned netflix or vod yet that's because they don't use dcps they use something called imf and imf is something that's coming to the fore it offers a lot of different

pluses over dcp it's directly derived from it but if you think about how netflix and vod works like their versioning requirements are very intense they are localizing heavily they have a lot of other content they need to display um so imf is geared to their needs and i think they're on a similar security journey right now with imf and i'd be very fascinated to see where that goes and i'd love to see a talk on this if anyone's curious so here's the next chapter for digital cinema quantum computing and i think that we're all more aware of quantum computing now you know leveraging quantum mechanics to vastly increase our ability to process information um vast improvements in some kinds of math

and problems not all of them but some and some of them are cryptographically relevant um i think that the threat to public key cryptosystems is much more widely understood now i think that's much more the public consciousness when i was going to some things back in conferences in 2014 um i didn't see that as much now but i think that is being discussed more widely and if you're hearing talk about crypto agility um a lot of this is about this topic in terms of being able to move faster and if you were in a shop that took a lot of time with tls 1.2 or if you were you know struggling with shot one certs or you had a hard time the

heartbleed um you know what a lack of agility feels like in the cryptographic space and this is a significantly more difficult problem so people really are talking about how to do this um but work is taking place in key sectors people are really trying to um you know do the work to to solve these problems and the solutions are coming so interesting implications for digital cinema on the quantum side i think number one the significant impact to rsa 2048 rsa 2048 has become the target of choice for quantum prognostication when it comes to cryptographic breaks um so i think that the the hard truth is that the digital cinema industry is going to have to

wrestle with rsa 2048 in the light of what is likely coming um are there some impacts to their other constructions yes um they are at sort of the the line in terms of ves security strength um but i'm not sure it's what people were afraid of and people said in the early days of being a clean 50 break you're gonna lose 50 of your as security strength um i've seen studies since then to say you know it's maybe not quite half it's closer to half than we'd like um but it's not quite half um but i think there will be some impact um and there'll be some discussion about this other algorithms and constructions they're using

there's also implications even after post quantum algorithms come into the play and we have quantum safe systems number one being these are very high asset value systems they are protecting against a much wider range physical attack than [Music] some industries might be looking at and they're also looking at fips 140-3 which expands the definitions of non-invasive attacks in terms of side channel resistance if any of you reviewed the the nist finalists report for the the post quantum algorithms there is not uniform great exciting side channel resistance yet in summer many of these um this will be something to look at when we're talking about the security space and the security problem but there's also some things i think

that might be not so bad for the film industry uh number one we're not talking about constrained devices we're talking about you know blades and and modules so they're not talking about constrained devices um in terms of when you know how often keying happens um and how real time it is um the public key size question there's always been an issue in the post quantum space but the size of public keys um and the good news is that i don't think this is going to hurt them as badly as it will hurt some kinds of transactions and second and this seems to be seems to be uh looking at structured lattices for some of the um first moves

in this space and they kind of hit the middle of the road on those key sizes so i'm not sure the digital center is going to be hit too hard by some of these downsides or some of these potential concerns and the final thing is that the design of dcp is in the kdm and the way they've they've built everything is modular enough i think that if they have to do a hybrid approach um that will be pretty easy to take with this uh i think that they have enough to work with they could use the modularity they have and look at a hybrid approach in the interim so in terms of the timeline how soon

they may be looking at this given they're based on rsa2048 so dr michele mosca he's the co-founder of the institute for quantum computing in waterloo and he has this particular stat he loves to bring up which is his chances of an rsa break and he's updated this several times he did this recently it's november 2019 in seattle um he has polled dozens of researchers and i mean researchers i mean the people doing the real deal work in the quantum computing space in the labs um looking at the peer-reviewed stuff they see the funding they know who's doing which work he pulls them and his new prediction is a one in five chance by the end of this decade of an rsa 2048

break and when he means a break he means 24 hours so that sometimes seems to some people like a good window but i want to break this down how is maybe not a good window so let's say best case nist has the finalists approved and standardized in 2022 at the earliest um okay great that goes to the manufacturers they start building to the spec they have to fix certify anything that comes out of the spec using those algorithms against fips 140-3 including the expanded non-invasive attacks then it has to actually hit the market then you need to procure it by it deploy get it installed test it and then run it and that might be anywhere from a year

to two or three so that 2030 date starts to get nearer and nearer when you actually go through the gymnastics of the approval standardization validation certification market process and i want to caution people about their optimism about how fast these dates can creep up because we've seen less difficult cryptographic problems take more time so are changes coming is digital cinema gonna have to make some literal quantum shifts um in my estimation absolutely um they are at the you know outside of some of their security strength um when it comes to what they're working with right now it's fantastic what they built i think it's actually really commendable but should these things come to pass changes are going to have to happen and

i think dci is just showing too much focus to miss this um i really have to to shout them out because um dci was warning their consortium members their vendors about fips 140-3 transition back in 2010 they're all over this stuff i've seen national governments pay less attention to fifth standards than dci does um so they're they're really good and they they also understand security that right in this back they're talking the dynamic nature of security and technology uh means that changes and evolutions will have to happen and they are always amending these specs so they get it and i think their their focus is too good to miss this and not move that said it was simpty the um

society of motion picture television engineers um symptom was the one that moved to the dc dc p spec that included subtitles in the encryption um and i think there's good reasons for that i think i i want to say that i think simply in terms of encrypting subtitles may have been a good move because if you think if someone had lost just the subtitles to end game like holy spoilers guys um like i see that move as being indicating that sympty is evaluating the security question uh in the impact so we'll see what happens but there's movements happening here especially the small shifts that already happen like tls 1.3 now being the dci spec things like fips

140-3 being called out very early on and now recommended as the testing regime for the vendors and just the fact that the assets values are there we're dealing with a security problem space where this question has to come up um but the good things are the solutions are in progress and there's positive indications the industry can actually make the leaps and i say that because i think that the film industry may be uniquely suited to take this challenge on for one they tend to push technology they're bullish in technology you know it never renders quick enough the machine's never fast enough there's never enough dry space that's that's film and i think that these standards bodies can play a

crucial role in capturing that momentum and that energy and that interest in technology and steering it in the future evolution of their security um and they also do already doing some of the work i mean simply does have working groups that occasionally will look into potential vulnerabilities dci has already demonstrated they can roll up the times and get gls 1.3 in place warn people what's coming and they've built a really impressive system so i i think they have the chops i mean even the dci spec right here um they're basically describing crypto agility in this quote so i think that between this and initiatives like the trusted part network where it's just like mpa and the tv and the streaming

industry is all putting their security audit eggs in one basket putting more eyes on the problem i think all these things actually bode really well and i think the film industry has an amazing opportunity right now and the skills and the the culture um to be almost uniquely suited to surmount this and this is a metaphor actually about why i think they're so suited it says dcp kit this is a dcp kit number one from crew crew drivers used to just go in a pelican case but if you've ever opened a pelican case and how to almost take your fingers off with those latches you know it's not the most user friendly experience and if you zoom in on this

you will see these nice soft thumb levers on the crew drive case so not only this is the more user-friendly design but it's also half the depth of some of the pelican cases and there's reasons for this because the the the major security threat facing this crew this dcp this screwdrive is not falling off the side of a boat in an ocean it's drops this is a purpose design drop test box that was drop tested above and beyond the usual for the express purpose of meeting the security and reliability needs of the screwdrive in this dcp so i think this is the perfect metaphor to show how film knows its problems can evolve and improve on products can

work with vendors and come up with good solutions that more truly meet the security needs and improve along the way so i hope what you get this talk is just that in terms of high asset value questions a trust where we need to start looking at security engineering and maybe even hardware i think there are serious lessons learned and a lot of um blood sweat and tears that went into what dci has accomplished here and with the cinema model has um that's accomplished for security i'd love to take some questions absolutely thank you for that talk uh very comprehensive as the people are saying so it was well received um first question is uh what does the staff at the movie theater

need to do to play the movie is it um very complicated where is the pre-setup making the encryption work and who's responsible for that so because the certificate is already installed on the media block what you do is you just take that dcp drive you receive take out of the case and there will be a slot and a just slot that's in the media server you slap that drive in like an irremovable drive and hit ingest and it pulls that cpl out and it will want that kdm so what you'll have by that point is those email kdms using a thumb drive you'll put the thumb drive in ingest kdm and it'll show your playlist it'll be like kdm ding

that's pretty much it it's considered to be a problem they wanted to solve without going to technical lengths and the media servers are all optimized and have great uis to help you do this cool uh thanks there's also another question um slightly differently so is there a performance impact based on all the encryption and is it used for kind of shuttling between places uh such as for performing animation and cgi as well um so it is possible to edit dcps but generally if you're still in the post-production process if you're still doing that sort of thing you're not there yet you're using different formats so i would say that this is unlikely to be the format that would use there um

and to the the previous part of the question um can you just repeat that actually sorry it was um about the performance impact yeah well they're using aes and as far as i know these media servers are built using commodity hardware so they would benefit from aes hardware acceleration the cpu um so as far as to know i don't think there's performance hit um they're designed to be able to read the movie and project it straight out the dcp so if there was serious bottlenecks or serious encryption problems i don't think that would even be feasible but it is feasible okay great um thanks and last question that we'll field here before heading to the channel

is uh is this done across the world and the question is really based around the fact that uh there's encryption exportation limitations between countries this talk is heavily north american based in terms of my understanding however obviously the international film festivals are asking for and receiving dcps i'm not sure how encryption export controls tie in this to be perfectly honest um and i've also noticed that the eu countries tend to have different different distribution models and different distributors that handle this stuff so i would say to to air on this out of caution and interpret this talk as north america and i i plan in the future to look into what's being done elsewhere awesome wonderful thank you very much

for the great informative in-depth talk thanks so much and i'll be on the discord and feel free to drop me a line there on twitter