Electronic Design

Two-Chip Set Safeguards Digital Video Content

A transmitter-receiver pair provides protection for signals going from a digital video source to a digital monitor.

The Digital Visual Interface (DVI) specification, introduced in April of 1999, established an industry-wide standard for an interconnecting link between a video source and a digital display. Using this, Silicon Image has crafted the SiI 168 PanelLink HDCP transmitter and the companion SiI 861 PanelLink HDCP LCD monitor controller. According to the company, this is the first transmitter-receiver pair to include content protection in a DVI link. This pair of ICs provides 5 Gbits/s of bandwidth to transmit protected high-definition video content without costly, complex video compression.

Even before the advent of content protection, DVI was attractive because an all-digital interface was clearly the path to follow. DVI does away with cascaded analog-to-digital and digital-to-analog conversions. Also, it provides improved, consistent image quality to all display technologies. Even CRT monitors are implementing the DVI interface to realize the benefits of a digital link. The image is sharper because there are fewer errors and less noise.

Digital flat-panel monitors require no analog-to-digital conversion, so they're less expensive than analog flat-panel displays as well. Confirming DVI's appeal, Silicon Image has shipped 10 million PanelLink transmitters and receivers without the content-protection feature over the past three years.

High-bandwidth digital content protection (HDCP), a program devised by Intel, is making DVI even more enticing. This DVI companion protects data flowing over a DVI link, from a video source (such as a PC, set-top box, DVD player, or digital VCR) to a digital display (such as an LCD monitor, television, plasma panel, or projector), so that the content cannot be copied.

HDCP also answers a plea from the entertainment industry, particularly from the studios that provide much of today's premium content. They have been seeking a content-protected solution for transmitting premium data to the next generation of digital television sets. Members of the Motion Picture Association have endorsed the HDCP specification, paving the way for the release of high-definition, digital-video content to consumers in the form of DVDs, HDTV broadcasts, and eventually the Internet. Digital displays such as LCD monitors will become linked to desktop computers, DVD players, set-top boxes, and other technologies.

Data encryption is applied at the DVI transmitter's input (Fig. 1). Decryption occurs at the DVI receiver's output. The available bandwidth is not compromised by HDCP's implementation.

To maintain the output data stream's stable, average dc value, the DVI interface uses a transition-minimized, signaling protocol developed by Silicon Image. Transition minimization is implemented by an encoding algorithm that converts 8 bits of data into a 10-bit, transition-minimized, dc-balanced character for data transmission over copper and fiber-optic cables. Transmission over the DVI link is serialized, so the technology is optimized for reduced EMI across copper cables. The clock recovery at the receiver exhibits high skew tolerance, enabling the use of longer cable lengths, as well as shorter low-cost cables.

A more concretized version of the DVI link appears in Figure 2. A source, designated the graphics controller, supplies data via the SiI 168 PanelLink HDCP transmitter. In turn, the transmitter is linked to the digital display via the SiI 861 PanelLink HDCP LCD monitor controller. The data stream comprises both pixel and control data. It flows over the link, which is made up of four channels. Channels 0, 1, and 2 are assigned to the red, green, and blue data. The fourth, channel C, carries the interface clock and control signals.

Each DVI channel in a single-link configuration can handle up to 1.65 Gbits of pixel data, providing 4.95 Gbits/s of total bandwidth for the link. This permits the use of SXGA (1280 by 1024) pixels at an 85-Hz refresh rate for a CRT, UXGA (1600 by 1200) pixels at a 60-Hz refresh rate for an LCD, and HDTV resolution of 720p (progressive) and 1080i (interlaced) lines for high-definition televisions and projectors.

To support higher resolutions—such as 2048- by 1536-pixel, high-end, PC workstation monitors—two links can be integrated into a single DVI connector interface. This supports a bandwidth of 330 Mpixels/s and above. The dual link comprises six channels and a shared clock. The amount of bandwidth required by a specific display at a given resolution is technology-dependent, relying on blanking overhead, refresh rate, color depth, and other factors.

Three Key Components
The HDCP has three components—authentication and key exchange, encryption, and revocation. Authentication, a cryptographic process, verifies that the DVI digital display is authorized or licensed to receive protected content. Both the authorized host and the display have knowledge of a set of secret keys, stored in their respective, resident PROMs. Supplied to the manufacturer by the HDCP's administrator, the set consists of an array of 40, 56-bit device keys and a corresponding 40-bit binary key-selection vector (KSV).

The host (device A) initiates authentication by sending an initiation message containing its key-selection vector (AKSV) and a 64-bit value. The display (device B) responds by transmitting a message containing its KSV (BKSV). The host then confirms that the received BKSV has not been revoked. Key exchange is initiated at this point. The two devices calculate a shared value that will be equal if both devices have a valid set of keys. If they are equal, authentication is established. This shared value is then used in the encryption and decryption of the protected data.

Reverification occurs every 128 frames to confirm the link's continued security. If at any time the equality of the shared value is lost—for instance, by disconnecting the display or connecting an illegal recording device—the host will consider the display to be inauthentic and end the transmission of protected content. Upon hot-plugged reconnection, the transmitter and the receiver automatically and transparently perform reauthentication and transmission resumes.

Once authentication and the key exchange are successfully completed, content encryption begins. Content is encrypted at the source device—the transmitter—to prevent usable, unauthorized copies of the transmitted content from being made. Encryption is the application of an algorithm, called a cipher, that transforms the content. To recover the content, the DVI HDCP receiver at the display decrypts the content based on its knowledge of the correct decryption key.

The HDCP cipher is a hybrid block/stream cipher. The block cipher operates during the authentication protocol. HDCP uses a stream cipher that accomplishes content encryption by combining a data stream, generated by the HDCP cipher, with the transmitted content through a bit-wise, exclusive-OR (XOR) operation. This provides pixel-by-pixel content protection.

If the encrypted content is viewed on a display device without decryption—possibly by hot-plugging from an authorized display to a nonauthorized display—it is seen as random noise with no discernible content. In this example, though, the video content would quickly cease transmission, as the host performs reverification every two seconds to detect such an event.

Consequently, there are two levels of protection. First, the video itself is encrypted. Second, once the transmitter realizes that the display has been changed, it will cease delivering video within two seconds.

Device Revocation
The HDCP system is revocable. If the display device has been compromised and the secret device keys are exposed, the licensing administrator places the KSV that matches the compromised device key on a key-revocation list. Each display device carries a unique set of keys and KSVs, so revocation is confined solely to the specific compromised (or "hacked") device.

The key-revocation list is carried by system renewability messages (SRMs). The host manages the SRMs and updates them whenever it is presented with a valid, new SRM. SRMs can be fed to the host from a prerecorded or broadcast source.

The SiI 168 PanelLink HDCP transmitter is universal. In addition to operating with the SiI 861 PanelLink HDCP LCD monitor controller, it also functions with earlier PanelLink receivers that lack the HDCP feature. The SiI 168 accommodates scalable bandwidths ranging from 25 Mpixels/s (640 by 480) to 165 Mpixels/s (1600 by 1200).

The interface with the video source features a 12- or 24-bit 1-pixel-per-clock cycle for true-color (16.7 million colors) support. The interface is flexible, as it can accommodate a parallel TTL interface (a 1- to 1.8-V swing) or 3.3-V CMOS.

The three TMDS data channels (0, 1, and 2) can each transfer up to 1.65 Gpixels/s/channel (Fig. 1, again). Channels 0, 1, and 2 carry the three primary colors. Channel C manages the clock and control signals. Attenuation over long cables with varying nominal impedances is compensated by the transmitter, via adjustable low-voltage, swing signaling as well as impedance-matching control in the receiver.

The transmitter's I2C master functional block hosts the communication with the key PROM (Fig. 3). The 40-bit AKSV residing in the transmitter PROM is fed via the block and stream cipher to the CP controller. From there, it's sent to the graphic controller and the HDCP receiver for authentication purposes. The keys themselves never come into the clear, remaining protected and inaccessible.

The I2C slave in the transmitter, which carries bidirectional control signals, interconnects with the graphics controller transmitter and the HDCP LCD monitor controller. Authentication between the receiver and the host occurs through this link.

Arriving data enable (DE), data, and clock signals enter the data-capture circuit. Then they are fed to the XOR mask. There, the cipher is added to the data, thereby encrypting it. The encoder takes the video data of 8 bits of color information per pixel, or a total of 24 bits of information—red, green, and blue—and converts it from an 8- to a 10-bit format by adding two bits of encoding information to the video data. Finally, the data is serialized, becoming three data channels (0, 1, and 2) and one clock channel (C).

Pin-Compatible With Earlier Version
The SiI 168 PanelLink HDCP transmitter is pin-compatible with the earlier SiI 164 transmitter. It provides 165-MHz operation with or without the encryption running. Functions such as key downloading, authentication, frame, and session key calculation are automatic and remain transparent to the user. Dual-link support can be realized by adding a second SiI 168.

A deskewing option lets designers vary the clock-to-data timing. The SiI 168 supports dual-edge/single-clock or single-edge/dual-clock clocking in the 12-bit mode. In the 24-bit mode, it supports single- or dual-edge clocking. Parallel data can be latched on either the positive or negative edge of the clock signal.

The transmitter has a programmable interface to provide power-management control. Chip configuration/programmability, identification information, and 8 bits of user-configuration data in the 12-bit mode are supplied as well.

This setup is hot-pluggable, too. If the transmitter or receiver is unplugged and then reconnected, there is no need to manually tell the system to reissue an authentication. The process is initiated automatically. Also, the procedure is transparent to the user.

The SiI 168 HDCP exhibits high interpair skew tolerance of up to one input clock cycle—6 ns at 165 MHz. The transmitter provides cable-distance support via adjustable low-voltage-swing signaling for long-distance support, as well as dc-balanced signals for direct coupling to modules that are ready for fiber optics.

The companion SiI 861 DVI HDCP LCD monitor controller includes an integrated PanelLink receiver, comprising the deserializer and the decoder, with a 165-MHz scalable bandwidth. It can operate with PanelLink transmitters—both with and without HDCP. Like the transmitter, it supports 165-MHz operation while the decryption is running.

The 40-bit BKSV residing in the receiving PROM is fed via the I2C master through the block and stream cipher to the CP controller (Fig. 4). From there, it's sent to the transmitter for authentication purposes and to the XOR mask for decryption of the data arriving at the receiver. Still, the key itself never comes into the clear.

The I2C slave, which carries bidirectional control signals, interconnects the LCD monitor controller with the transmitter and the graphics controller. Authentication between the receiver and the host occurs through this link. Data arriving on channels 0, 1, 2, and C enters the deserializer and is decoded. It is then fed to the XOR mask and to the pixel precision-image-processing circuit. Next, it's sent to data formatting, which recreates the data and clock signals that are ultimately fed to the LCD panel.

The SiI 861 LCD monitor controller provides flexible and efficient power management, full-featured image processing and scaling, dithering, gamma tuning, and on-screen display. Functions such as key downloading, authentication, frame, and session key calculation are automatic and transparent to the user. Like the transmitter, the LCD monitor's input exhibits an interpair skew tolerance of up to one input clock cycle—6 ns at 165 MHz. The SiI 861 HDCP LCD monitor controller is designed for 3.3-V core operation. A power-down mode is included.

Price & Availability
Sample quantities of the SiI 168 DVI HDCP PanelLink transmitter will be available this quarter. Volume quantities are slated to begin shipping in the third quarter. The price is less than $5.00 each in high volumes. Sample quantities of the SiI 861 DVI HDCP PanelLink LCD monitor controller also will be available this quarter. Volume quantities will begin shipping in the third quarter. Its price is less than $15.00 each in high volumes. The SiI 168 will be shipped in a low-cost, industry-standard 64-pin TQFP, whereas the SiI 861 will be shipped in a 208-pin TQFP.

Silicon Image Inc.,1060 E. Arques Ave., Sunnyvale, CA 94086; (408) 616-4000; fax (408) 830-9530; www.siimage.com.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish