Apple FairPlay Streaming DRM – How Does It Work?

DRM / By /

In this edition of the Hitchhiker’s Guide to DRM, we take a look at the FairPlay Streaming DRM solution from Apple used for securely distributing content iOS, tvOS, and macOS devices. Let’s look at the building blocks, basic workflow, and some interesting features of Apple FairPlay Streaming in this article.

The Hitchhiker’s Guide to DRM

What is Apple FairPlay Streaming?

FairPlay Streaming is a DRM solution from Apple to securely deliver streaming media using the HLS (HTTP Live Streaming) protocol. FairPlay Streaming DRM is supported natively on iOS, tvOS, and macOS.

Apple’s FairPlay Streaming provides technology & guidance for a content provider

  1. to encrypt their content
  2. to store its keys and associated KeyIDs securely.
  3. To securely exchange the encryption keys with the player using player-side technology to request DRM keys, decrypt video, decode, and display the content securely.

In this article focused on FairPlay Streaming, we’ll take a look at the following.

  1. Encryption algorithms supported by FairPlay
  2. The Building Blocks of FairPlay Streaming
  3. How FairPlay Streaming works.

Note: “FairPlay Streaming” and its acronym “FPS” will be used interchangeably throughout this article.

Building Blocks of FairPlay Streaming (FPS)

Before we dive deep into FairPlay, let’s look at a few main modules whose references repeatedly appear in any discussion on FairPlay DRM.

1. HLS Packager

Before encrypting your videos, they must first be packaged using the HTTP Live Streaming (HLS) protocol. HLS is a streaming protocol from Apple used for ABR streaming and can support file storage in both MPEG-TS (ts) or fragmented mp4 (fmp4) container formats.

2. Encryption using SAMPLE-AES and AES-128

After packaging, the content must then be encrypted using AES-128 CBC encryption where CBC stands for Cipher Block Chaining.

  • The CBC mode uses the output of the last block encryption to affect the current block.
  • An initialization vector (or IV) is used to ensure different ciphertexts (output of the encryption process) are produced even when the same plaintext (input) is encrypted multiple times independently with the same key.
  • The IV behaves like a randomizer and prevents hackers from observing the ciphertext patterns to identify repetitions and thus learn about the encryption key.

Apple FairPlay Streaming allows you to encrypt your videos using either SAMPLE-AES or AES-128.

Before we understand the difference between SAMPLE-AES and AES-128, do remember that both techniques use AES-128 bit encryption (which we read about in our building blocks of DRM article) but apply it differently to the videos. Let’s see how.

2.1. SAMPLE-AES

In this technique, only samples of the audio packets and video frames are encrypted using AES-128 with Cipher Block Chaining (CBC). You do not have to encrypt the entire video segment, and this results in power-savings both for the encryption and decryption process (especially as the video resolution increases).

As an example, as per the FairPlay specification, in an H.264/AVC bitstream, if the NAL unit type is 1 or 5, then that NAL unit is encrypted; otherwise, it is not encrypted.

Why? Because NAL units with type 1 and 5 contain information about a non-IDR and an IDR frame, respectively. An IDR (Instantaneous Decoder Refresh) frame in a video codec bitstream represents the start of a video segment. Without the IDR frame, the remaining frames cannot be decoded (until the next IDR or I-frame is reached).

This illustrates that the goal of SAMPLE-AES is to encrypt a small portion of valuable audio and video content to conserve processing resources and battery power.

For further details, please look at MPEG-2 Stream Encryption Format for HTTP Live Streaming specification from Apple.

Here is how SAMPLE-AES is indicated in the m3u8 playlist.

  • The EXT-X-KEY tag would indicate SAMPLE-AES,
  • followed by Content Key’s URI,
  • and the Initialization Vector to be used with the key.
#EXTM3U
#EXT-X-TARGETDURATION:10
#EXT-X-VERSION:3
#EXT-X-MEDIA-SEQUENCE:0
#EXT-X-PLAYLIST-TYPE:VOD
#EXTINF:9.96,
#EXT-X-KEY:METHOD=SAMPLE-AES,URI="https://dummyurl/test.key",IV=0x73fbe3277bdf0bfc5217125bde4ca589
test_0.ts
#EXTINF:10,
test_1.ts
#EXTINF:10,

Note: For those who don’t know, an m3u8 is a file used in HLS streaming that describes the number of bitrate-resolution combinations available, the number of segments, the length of each segment, the order in which the segments have to be played, encryption details, ad insertion points, etc. Please refer to the HLS specification for more details.

2.2. AES-128

In this technique, the segment (audio and video) is completely encrypted with a 128-bit key, Cipher Block Chaining (CBC), and Public-Key Cryptography Standards (PKCS7) padding. The CBC is restarted at each segment boundary, using either the Initialization Vector or the Media Sequence Number (in lieu of the Initialization Vector).

Here is how AES-128 is indicated in the m3u8 file.

  • The EXT-X-KEY tag would indicate AES-128,
  • followed by Content Key’s URI,
  • and the Initialization Vector to be used with the key.
#EXTM3U
#EXT-X-TARGETDURATION:10
#EXT-X-VERSION:3
#EXT-X-MEDIA-SEQUENCE:0
#EXT-X-PLAYLIST-TYPE:VOD
#EXTINF:9.96,
#EXT-X-KEY:METHOD=AES-128,URI="https://dummyurl/test.key",IV=0x73fbe3277bdf0bfc5217125bde4ca589
test_0.ts
#EXTINF:10,
test_1.ts
#EXTINF:10,

3. Client Application

The Client Application refers to the application or player being used to playback the videos on Apple’s operating systems such as iOS, tvOS, and macOS.

  • It is responsible for sending request messages to the License Server to obtain the decryption keys.
  • Content service providers can use Apple’s sample code to develop their own FPS client application or use an FPS SDK provided by their DRM solution provider.

4. AVFoundation

The best definition of AVFoundation comes from Apple itself –

AVFoundation is the full featured framework for working with time-based audiovisual media on iOS, macOS, watchOS and tvOS. Using AVFoundation, you can easily play, create, and edit QuickTime movies and MPEG-4 files, play HLS streams, and build powerful media functionality into your apps.

5. App Delegate

The App Delegate is at the root of the application and acts as a “controller” for the application. It is notified of all the events and states the object it is attached to reaches. In FairPlay Streaming, the app delegate takes care of the coordination & communication between the player, AVFoundation Framework, and the Key Server.

6. Key Server and Key Security Module (KSM)

  • The Key Server manages the keys used for encrypting and decrypting FairPlay-protected content.
  • The Key Security Module (KSM)
    • receives & decrypts the license request from the player. The request from the player is called the SPC or Server Playback Context.
    • wraps the content key (returned by the Key Server) into a Content Key Context (CKC) message and sends it back to the player.
  • Apple allows you to implement your own KSM using their sample C reference code.
  • Apple also provides you with test vectors to test your KSM implementation. You can use these test vectors to check if your KSM implementation can
    1. correctly handle incoming SPC messages, and
    2. correctly format and return valid CKC messages to the player.

How Does FairPlay Streaming Work?

Let’s see how the building blocks of FairPlay interact with each other to play FairPlay-encrypted content.

apple fairplay streaming drm
apple fairplay streaming drm

Step 1: The user opens a content provider’s app and presses “Play” to start watching a movie.

Step 2: The application notifies AVFoundation that it needs to play a video and provides the details about the m3u8 playlist’s location for HLS streaming.

Step 3: AVFoundation downloads the m3u8 file and parses it.

Step 4: AVFoundation searches the m3u8 file for the #EXT-X-KEY tag to see whether the video is encrypted or not. If the content is encrypted, AVFoundation will ask the AVFoundation App Delegate for the Content Key to decrypt the content.

Step 5: In return, the App Delegate requests the AVFoundation Framework to generate Server Playback Context (SPC) message.

Step 6: After receiving the SPC from AVFoundation, the App Delegate sends it to the Key Server.

  • The KSM in the Key Server unwraps the SPC
  • and, the Key Server uses the information in the SPC to do a Content Key look-up.
  • The Content Key is sent to the FSM which wraps it into a CKC (Context Key Context).

Step 7: the KSM sends the CKC to the AVFoundation App Delegate. The delegate pushes the CKC into AVFoundation.

Step 8: AVFoundation uses the Content Key inside the CKC to decrypt, decode, and display the content to the user – securely.

That’s an explanation of the basic workflow of FairPlay Streaming. Next, let’s look at a couple of interesting features of FairPlay Streaming.

AVContentKeySession for obtaining Encryption Keys

AVContentKeySession is a class in AVFoundation for handling decryption keys and was announced in WWDC 2017. It provides more control over the loading and lifecycle of Content Keys and is aimed at de-coupling key-loading from the media playback lifecycle.

Why is the AVContentKeySession class important?

In the basic FairPlay workflow, the content keys are loaded after the playback session starts. In terms of the user experience, it means that the user has to wait for the SPC – CKC workflow to complete before the video playback begins. This wait increases the “Startup Delay” or “Latency” and is annoying to the end-user.

However, using AVContentKeySession, the application can request for the content keys even before the user presses the Play button (referred to as “key preloading”).

By pre-emptively loading content keys, a content provider can cut down on the start-up delay (latency) and improve the user’s experience.

Dual Expiry Windows for Video Rental

Apple FairPlay also has a “Dual Expiry Windows” feature that can be used in conjunction with Persistent Keys for offline playback. A persistent key is a key

  • stored securely on the device,
  • and can be used to playback rented content for a predefined time-period without needing to contact the license server (offline playback).

In the rental business model, there is a need for two expiry windows defined as follows –

  • first window: when a user rents a movie, that movie can be watched within a 30-day window (for example)
  • second window: once the user presses play, the movie must to be watched within a 48-hour window. After this window expires, even the 30-day window expires.

To account for this rental model, FairPlay Streaming introduced the Dual Expiry Windows feature in which,

  • the First Key from the license server establishes the longer rental period (storage duration)
  • the Second Key is obtained when the user begins playback and it supersedes the first Key (playback duration). When the second key’s expiry window is exceeded, the user cannot access or playback that content any longer.
  • Suppose the user never watches the movie after renting it. In that case, the movie’s first Key is the only key on the system, and it automatically lapses after its expiry window is exceeded.

Where is FairPlay Streaming Supported?

FairPlay Streaming is supported on the following platforms –

  • Safari browser using Encrypted Media Extensions (EME).
  • iOS Devices
  • Apple TV
  • Airplay (Apple’s wireless content delivery protocol)

Conclusion

I hope this introduction to FairPlay Streaming was helpful to you. There is a wealth of information on Apple’s Developer portal with development guides, code samples, etc. to help you implement FairPlay Streaming for your service!

So, until next time, take care and see you soon!

krishna rao vijayanagar
Krishna Rao Vijayanagar
Founder at OTTVerse

Krishna Rao Vijayanagar, Ph.D., is the Editor-in-Chief of OTTVerse, a news portal covering tech and business news in the OTT industry.

With extensive experience in video encoding, streaming, analytics, monetization, end-to-end streaming, and more, Krishna has held multiple leadership roles in R&D, Engineering, and Product at companies such as Harmonic Inc., MediaMelon, and Airtel Digital. Krishna has published numerous articles and research papers and speaks at industry events to share his insights and perspectives on the fundamentals and the future of OTT streaming.

1200x200-Pallycon

6 thoughts on “Apple FairPlay Streaming DRM – How Does It Work?”

  1. Pingback: Microsoft PlayReady DRM - How Does It Work? - OTTVerse

  2. Pingback: EME, CDM, AES, CENC, and Keys - The Essential Building Blocks of DRM - OTTVerse

  3. David sudo

    Can u tell me y my iPhone broadcasts all media I play (audio or video) without me authorising it. Still plays on other devices if Wi-Fi is off and airplane is no cellular is off. Then I get loads of crash reports in analytics??

    Reply

  4. Pingback: Women in Streaming: Interview with Olga Kornienko - OTTVerse

  5. Pingback: What is DRM? Digital Rights Management Simplified - OTTVerse

  6. Sridhar

    there is a mistake in Step 6 CKC (Context Key Context), instead of Content you mention as Context. Replace with (Content Key Context).

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

Enjoying this article? Subscribe to OTTVerse and receive exclusive news and information from the OTT Industry.