Encryption in Digital Cinema Packages (DCPs)

Digital cinema secures film files in DCPs with AES and RSA encryption to ensure that only authorized projectors can play the content.

May 2, 2024

DCP Services

KINODCP offers DCP creation starting from $5/min. Get your quote today.

When it comes to digital cinema, the security of the movie files is crucial. Cinema Digital Packages (DCPs) employ sophisticated encryption techniques to safeguard these files, ensuring that only authorized projectors and servers can access and play the content. Let’s explore the mechanics of this encryption system.

Video and Audio Encryption

Both the video and audio tracks within a DCP are encrypted using 128-bit AES (Advanced Encryption Standard). AES is a symmetric encryption method, meaning the same key is used for both encrypting the digital content during the mastering process and decrypting it during playback in theaters. This method is particularly effective due to its robustness and efficiency in securing large files typical of cinema content.

Key Delivery Messages (KDMs)

The real strength of DCP encryption lies in the distribution and management of decryption keys through Key Delivery Messages (KDMs). A KDM is an encrypted file containing the AES keys necessary to decrypt a DCP. These are securely sent to cinemas using a 2048-bit RSA asymmetric encryption method, which involves a pair of keys: a public key and a private key. The content is encrypted using the public key but can only be decrypted with the corresponding private key, ensuring that even if the KDM is intercepted, it cannot be decrypted without access to the private key.

Each KDM is tailored to the specific projector and player's public key in a cinema and includes a validity period to further enhance security and to control when a movie can be played. This means that the same movie can be distributed to various theaters but will require a unique KDM for each auditorium setup.

Efficient Distribution and Security

To facilitate the distribution of KDMs, distributors maintain a database of all projector players along with their public keys and associated theater information. This database allows for efficient generation and distribution of KDMs, ensuring that each theater receives only the keys that correspond to their specific equipment and for the designated playback period.

Conclusion

The dual-layer encryption system used in DCPs—combining AES for content encryption and RSA for key encryption—provides a robust framework that protects against unauthorized access and playback of digital cinema content. This system not only secures the content from piracy but also ensures that the cinematic experience is preserved for authorized venues and audiences.