The term “Digital Cinema” generally refers to the theatrical presentation of motion pictures (as well as other types of audio-visual works) by electronic means, such as the use of projectors that receive digital data and render that data into optical stream for projection on a screen. To facilitate the coordination among content creators, content distributors, equipment providers and theaters, seven motion picture studios: Disney, Fox, Metro-Goldwyn-Mayer, Paramount Pictures, Sony Pictures Entertainment, Universal Studios, and Warner Bros. Studios, created an entity known as Digital Cinema Initiatives, LLC (DCI), which published the Digital Cinema System Specification V1.0, (DCI Specification) on Jul. 20, 2005. The primary purpose of DCI was to establish uniform specifications that would ultimately permit full realization of the benefits of digital cinema to theater audiences, theater owners, filmmakers and distributors.
The DCI specification describes the formatting of files representing moving images, audio and other data for distribution to theatres. In the theatre, such files provide a non-fading, non-scratched version of an audio visual presentation that affords the same high quality presentation to viewers each and every time so the presentation looks as good at its last showing as it did during its initial showing. The very advantage of digital cinema makes it very attractive to media pirates. Thus, a danger exists that media pirates will attempt to acquire a copy of the pristine digital files in order to make and sell counterfeit DVDs of high quality and do so ahead of the studio's intended release schedule.
The DCI Specification details a mechanism to secure digital cinema presentations continuously, until the very moment the presentation appears on the theatre screen. Collectively, the files representing a presentation comprise a “package”. Each file of the package is encrypted with a different symmetric key at the time of packing. Those same keys become necessary to decrypt the corresponding files when played for presentation.
Each theater will receive the same package containing the encrypted media files. However, while every package remains the same, each theater receives a different key for each screen. Rather than distribute these keys in an unsecured way, the keys themselves undergo encryption. Further, for each screen there exists a different encryption. Each screen (i.e., each individual auditorium) typically has its own Screen management System (SMS) which includes the secure media block (i.e., media decoder) and an associated projector, constituting all the equipment needed to show a presentation. As a result of the different encryption used for each screen, the key for the target SMS will have no use on another SMS. In other words, each SMS will require its own key. A theater having multiple screens will typically have a theater management system (TMS) for controlling each individual SMS.
In practice, the encryption specified for keys makes use of an asymmetric public key technique. Each target SMS showing DCI compliant presentations will have a secure digital certificate. The target SMS associated with this secure digital certificate has a corresponding private key for decrypting. The distributor will provide the certificate which represents the public key corresponding to the private key known only by the target. In this way, the distributor can prepare and encrypt the package, and distribute it to all theatres, such as by satellite broadcast. The contents have no use to anyone without the keys for decryption.
A distributor will assemble and encrypt the keys for decryption of the package using the certificate provided, thus creating a “Key Distribution Message” (KDM) which comprises an encrypted collection of keys only readable by the target SMS whose certificate was used. When prepared in this way, the KDMs are unique for each theater screen authorized to exhibit the presentation. Typically, the KDMs have a relatively small size (e.g., several kilobytes).
The DCI Specification does not provide many details for distribution of the KDMs. However, the DCI specification does require a dial-up modem connection as the means for transporting KDMs. The specification allows for the provision of alternative interfaces.
The DCI Specification further encourages that the TMS or SMS, following receipt (i.e., ingest) of a complete package at theater, verify the availability of a KDM and display the corresponding time window for showing the content. A show schedule generated by the TMS or SMS can reveal conflicts between the KDM and the scheduled showings. In addition, the DCI Specification encourages that the TMS or SMS alert the projectionist or theatre management when a KDM will expire within 48 hours of the current time.
Present-day, experimental implementations of digital cinema typically find KDMs placed on a removable FLASH storage device having a USB interface. These small, highly portable storage devices can be physically mailed or personally transported to the target system. Once brought to the target system and installed, a projectionist uses a control interface on the target SMS to navigate to the FLASH drive. Then the projectionist manually browses through the directory structure, and selects an appropriate KDM, and commands the target system to load the KDM.
In certain circumstances, e.g. a premiere, where a specific presentation is restricted to a particular screen, then only a single KDM is necessary. However, unnecessary constraints tying a presentation to a specific screen should generally prove undesirable. If a theater has four digital cinema screens and books three movies, the distributor will preferably provide separate KDM for each of the twelve possible combinations. The result proliferation of KDMs makes manual key management difficult.
The combination of present-day digital cinema implementations and the behaviors specified or recommended by the DCI Spec given rise to need to manage a large amount of information theater by the operator, thus giving rise to numerous opportunities to fail to find or timely retrieve a KDM. Additionally, the simple inconvenience generated by the introduction of security keys creates an artifact not presently found in film projection systems, and can ultimately result in the inability to show a presentation at a desired time. There exists a need to overcome this shortfall.