This article explains how High-bandwidth Digital Content Protection (HDCP) operates within a TesiraLUX system.
TesiraLUX does not currently support playback of HDCP content. However, the TesiraLUX IDH-1 specifically asserts no HDCP support, which generally eliminates potential issues with sources that try to use HDCP when it is not strictly required. For example, Mac computers will still operate and play protected content but only at SD resolutions.
TesiraLUX will support the playback of HDCP in the future with a firmware update. Please check back for more information after the update is released.
What is HDCP?
High-bandwidth Digital Content Protection (HDCP) is a copy protection system that is implemented for digital transport of audio and video media. It was developed by Intel Corporation and the standard is maintained by Digital Content Protection (DCP) LLC organization. DCP licenses the technology to content creators, distributors, and device manufacturers. All HDCP capable devices have embedded HDCP encryption keys that are used to secure content. The primary purpose of HDCP is to prevent copying and playback of media on unauthorized systems.
HDCP has earned the ire of the Pro AV industry as device incompatibility, network transmission restrictions, system topology limits, and handshaking failures are common headaches for integrators and users. A failure of the authentication handshake in one part of the AV system can result in revocation of all content. This means all screens in the system can go blank. HDCP will continue to evolve and continue being an industry standard for the foreseeable future. The DCP has acknowledged limitations with standard consumer HDCP implementations in Pro AV projects. The HDCP Professional standard was introduced in 2016 and provides a path for integrators to have unlimited access to the system without any device limits.
Biamp does not strip the encryption or cheat the rules in our design. There have been several products in the market that were banned from sale due to their non-complaint behaviors. We strongly advise integrators to use solutions that are compliant with the HDCP standards.
HDCP standards define much more than how content will be protected, and the standards can be quite complex. It defines device classes as source, repeater, or sink. TesiraLUX is a repeater in HDCP topology. A media player would be a source and an LCD display would be a sink. It also defines how many HDCP devices may participate in passing and playing protected content, and if that content may be transmitted over a network.
The first important consideration for a video-over-IP system is that HDCP 1.x does not support any Ethernet network transit. HDCP 2.2 does support network transit but has a much more shallow device levels and maximum device counts, which drastically limits the size of an HDCP-compliant AV system. The number of levels and devices in an HDCP capable system include not only source and display devices but also repeaters, such as HDMI distributors or network encoders and decoders.
HDCP devices report how many device levels exist in the topology. Device levels, or device depth, is the number of connections in a signal chain and is another HDCP constraint. Only the hops, or connections, between HDCP device levels count towards device depth. Ethernet switch fabric does not play a role in the calculation. A typical scenario of “source to encoder to decoder to display” equals a device depth of 3 when counting the connections, or hops, between the HDCP devices. HDCP 1.X has maximum levels of 7 and HDCP 2.2 has a maximum of 4.
According to the HDCP specifications, an HDCP device is any device that contains one or more HDCP secured Interface Ports. This includes HDMI and DisplayPort connections. Device count only includes HDCP devices, such as transmitters, video switchers, consumer repeaters, and displays. If it doesn’t have a video port (i.e. switches, routers, etc.), it doesn’t count towards device limit. Thus, AVB Ethernet switches do not count to the device limit. For TesiraLUX, HDCP 1.X device limits do not matter because that specification does not support network transmission regardless of device count. HDCP 2.2 has a device limit of 32.
The above diagram is using again the typical scenario of “source to encoder to decoder to display” to fan a single source out to several monitors. Because each repeater counts against the device limit, this example can only fan the source out to a maximum of 15 monitors. The 32 device limit is suitable for small installations but would fail if another source, repeater or sink is added to the system.
When HDCP enabled devices are connected to each other, they perform a handshake. This handshake exchanges and validates encryption keys, reports device levels and counts back up the chain to the source device and other functions. During the process, all sources will pause playback of protected content and repeaters or sinks may temporarily blank. The handshaking will cascade through all connected devices in a system. If any HDCP devices are connected or removed, the handshake will start again, temporarily blanking media. If a non-HDCP compatible device is added to the system, all displays will go dark. While black screens are not acceptable for a Pro AV system, HDCP 2.2 is an improvement over HDCP 1.X which supported no Leave-Join tolerance.
The above considerations highlight HDCP limitations with video-over-IP systems in projects where protected content will be played. To address these limitations for the Pro AV industry, the DCP created the HDCP Professional (Pro) standard with input of DCP authorized manufacturer corporations, Biamp included. Integrators and sites approved for HDCP Pro will not be subject to device limits, level limits or leave-join handshaking. HDCP Pro allows Pro Repeaters to ignore the traditional topology constraints to allow unlimited access to protected content but it does require extra administrative steps from the integrator.
TesiraLUX does not currently support HDCP Pro, but Biamp plans to add support for it in the future.
Professional Licensed Installer
Any integrator wishing to deploy a HDCP Pro system must be first approved by DCP as a licensed installer of pro repeaters. HDCP Licensed Manufacturers may not sell HDCP Pro devices to unauthorized installers. HDCP Pro is only allowed for pro AV projects. The integrator must agree to the HDCP Professional terms and pay an administrative fee. Once approved, the integrator is placed on the public authorized installer list. Please see the DCP website for information on becoming a HDCP Professional Licensed Installer.
Only site types on the HDCP Professional Authorized Locations white list may receive HDCP Pro approved projects. The following site types are currently allowed:
- Large Retail Outlets
- Shopping Malls
- Cruise Ships
- Merchant Shipping
- Oil & Gas Service Vessels
- Large Private Yachts
- Single Family Dwelling
- Office Buildings
- Education Facilities
- Share Trading Floors
- Hospitals & Medical Training Facilities
- Transport Venues
- Manufacturing Facilities
- Houses of Worship
- Broadcast Production Facilities
- Mining Villages
- Oil/Gas Rigs/Installations
- Military Installations
- Government/Municipal Sites
- Courts & Justice Facilities
- Sporting Facilities
Projects not fitting any of the authorized location criteria will not be granted access to HDCP Pro. Any licensed installer may petition DCP to exempt another type of site.
System Renewablity Message
HDCP Pro enabled repeaters will have a System Renewability Message (SRM) engine. This engine manages authorization of the repeater to use HDCP Pro functionality. Approved projects must receive a SRM updates quarterly. When the SRM is active, repeaters act as a proxy to all standard HDCP sources and sinks. Pro repeaters will report their device count is 1 and the current level 1 one, regardless of the actual topology. This effectively removes all limitations. If the engine detects that the SRM is expired or invalid, the the repeater will default back in to standard HDCP 2.2 functionality, enforcing device and level maximums. DCP and SRM engines will support remote management and updates, eliminating the need for quarterly onsite visits. Any system designed for HDCP Pro should include Internet access for remote SRM updates.