Secure Digital Music Initiative(SDMI) Overview

Provided by Texas Instruments

June, 2000

What is SDMI?

SDMI is: An architecture A set of reference models

Applications Layer Licensed Compliant

Module (LCM) Layer Portable Device (PD)

Layer A set of requirements:

Security Robustness Content screening

A work in progress

SDMI is NOT A true standard A single file format A single cryptographic

algorithm A single coder Designed for

interoperability

Secure Digital Music Initiative = SDMI

TI and SDMI

SDMI grew out of a meeting at Comdex ‘98 that was sponsored by TI and the RIAA

TI supports SDMI, and believes a programmable TI Digital Signal Processor (DSP) solution is the best choice for the changing SDMI environment

TI was first to announce SDMI-compliant portable solutions (with Liquid Audio, FhG and SanDisk)

SDMI-compliant portable players using TI DSPs are shipping now. The first SDMI-compliant player was the Sony VAIO® Music Clip™, which started shipping in the US in January ‘00.

TI and SDMI (cont’d)

The Verance Phase I watermark decoder will be available on TI’s TMS320C54x™ DSPs in early 3Q00

The TI C54x-based evaluation module (EVM) is one of the 3 platforms that Phase II proposers will use to implement their technology. Therefore SDMI Phase II will be available on C54x very soon after the Phase II technology is chosen.

TI has been approved as an SDMI ID Assignment Authority and has been granted a block of 64-bit unique IDs for use in TI DSP-based devices with built-in flash memory

SDMI-Compliant System Layers The Licensed Compliant Module (LCM) transfers content between SDMI-

compliant applications (S/W jukeboxes, etc.) and portable devices (PDs) or portable media (PM). It is roughly equivalent to a device driver.

The application may delegate screening and other functions to the LCM or other trusted task -- this is simply one possible structure.

Music

Application Layer

LCM Layer

Consumer

LCM

PD Layer

LCM LCM

Proprietaryrelationship

Proprietaryrelationship

SDMI Interfaces

PD PDPD PD

Application1

Application2 Application N

LCM

Audio Renderer

ScreeningFunction

RightsMgmt.

QueryDataSet

SDMI Version 1.0 Reference Model The SDMI Version 1.0 Reference Model includes a host with application(s)

and LCM(s) interfaced to a portable player and/or portable media. Inputs to the Reference Model may include CD, Electronic Music Distribution

(EMD), portable media, DVD, etc.

PD

PDInterface

PD – Version 1.0

Host

LCMAuthenticatedInput APIs

AnalogOutput

PD ImportControl

PM

SDMI-compliantPortable Media

RenderingDriver

Audio Out

PMInterface

CDExtraction

DVD

CD

EMD

PMInterface

Non-removablesecure storage

PM

LC

M A

pp

Interface

Screening

The most important concept within SDMIConsidered by the record labels to be a major concessionAllows perpetual usage of current (“legacy”) content

(existing CDs and MP3s, etc.), but legacy content must be screened, encrypted, and bound to a specific player or piece of media

Designed to enable the secure distribution of “new” (watermarked) content

Phase 2 technology will use watermarking or similar means to detect new content that has been illegally copied and distributed.

SDMI Screening Timeline

Phase I - begins when SDMI-compliant applications start to ship Verance (formerly Aris/Solana) watermarking technology selected for Phase I 3 bits decoded: “Phase 1 trigger” plus two copy control bits (DVD-A CCI bits) All SDMI-compliant Phase I applications must implement screening for the

Phase I trigger

Phase II - begins when content providers start shipping content with the Phase I trigger and the Phase II technology Phase II technology should be selected late 2000 or early 2001. Phase II

proposals are due in June 2000. The Phase II technology may require re-marking (changing “copy once” to

“copy no more”. When Phase II begins, applications will see the Phase I trigger and request an

upgrade for the application to a Phase II application Users who decline the upgrade will only be able to play legacy content Users who upgrade will be able to play new content plus legacy content

SDMI Phase 1 Content Flow and Usage The “Biddle Diagram” specifies the flow of content into, out of, and within the SDMI

Domain, and specifies the Phase I screening process.

Audio

MoveRender

MoveSecurely

Protected Store

Phase 1 ScreenTrigger Detector

Want SDMI ?

Protect for dist.

SDMI Protection•Trace-ability•Encryption

Re-dist?

UniqueCertificate

Protectfor local

use

SDMI PDSDMI PM

Render Copy

Store

Non-SDMI PDNon-SDMI PM

SDMIlogo

SDMIDomain

Theworld

Non-SDMIDomain

SDMIProtectedContent?

No

Yes

No

Yes

No

Pass

FailYes “Player X”

The “?” box represents the ability of an SDMI-Compliant application to implement a variety of licensed operations, including requiring an upgrade to Phase 2 .

Rules InterpreterTrigger Detector

?

The SDMI Version 1 Portable Device (PD) General Requirements: A PD must

Store all content in SDMI-protected form Observe content usage rules Only accept portable media with content in SDMI-protected format

Inputs: SDMI-protected content from an LCM or PM Embedded microphone, limited to mono, voice-grade (-3db @100 Hz, -60 dB @8

KHz. Microphone input must be stored in SDMI-protected form, and screened before it can be exported from the SDMI domain.

Unprotected digital and analog inputs must be screened within the PD and stored in SDMI-protected form

Outputs: Analog output is allowed. Playback >1.5 normal speed must be degraded or pitch-

corrected. Output during seek (FF/rewind) must be noticeably degraded Unprotected digital output of content is not allowed

IDs and Binding

Binding: Content must be “bound” To the portable memory (PM), if the PM is removable To the PD, if the PD has non-removable memory

IDs: IDs must be Readable by the LCM and PD Statistically or truly unique across all devices or components for a given

manufacturer A minimum length of

128 bits, if randomly assigned 32 bits, if assigned by an appropriate authority

Security must not depend on the secrecy of the ID

Robustness (i.e., Security and Tamper-Proofing)

Content Content must be maintained in a secure form at all times until it is played out No unprotected content on a user-accessible bus (PCMCIA, device bay, 1394, Cardbus,

etc., EXCEPT unprotected digital playback (e.g., USB speakers) is permitted, limited to 16-bit stereo at 48 KHz or less.

Bypass/Defeating Functions or Procedures No switches, jumpers, traces that can be cut, secret control functions, etc., that will

access to unprotected content

Software Must be secured or encrypted Must perform self-checking/authentication to prevent unauthorized modification

Hardware Must protect keys/algorithms using hardware or software means Must be designed so that removing or replacing components cannot be done without

risk of damage Must require professional tools and difficulty to defeat security functions

SDMI Status -- June 1, 2000 Current SDMI priorities (in rough priority order) Definition of testing methods and procedures for evaluating Phase II screening

technology candidates Selection of Phase II technology

Must detect that content has been compressed and then uncompressed Need not be watermarking Highest priority of record companies

Discussions of the implications of screening on usability and the consumer experience May lead to temporary relaxation of screening procedures

Discussion of SDMI requirements for wireless devices, and what constitutes a SDMI Portable Device

Completion of final trademark and licensing agreement Requires agreement on what constitutes SDMI compliance Difficult liability issues still remain

SDMI Information on the Web

The SDMI Portable Device Specification, Part 1, Version 1.0, is available on the public area of the SDMI Web site at

http://www.sdmi.org/

Additional information including a FAQ and how to join SDMI is also available on the public area of the Web site. SDMI members are given a login name and password to access the private area of the Web site, where all SDMI documents are stored.