Level of Protection. Core Functions" of DTCP include encryption, decryption, authentication, the functions described in Sections 2 (excluding Sections 2.2.1.1 and 2.2.1.3), 3 and
4.4.1 of Part 1 of this Exhibit B and Sections 2.3 and 3 of Part 2 of Exhibit B, maintaining the confidentiality of Highly Confidential cryptographic algorithms and Device Keys and preventing exposure of compressed, Decrypted DT Data. The Core Functions of DTCP shall be implemented in a reasonable method so that they:
3.5.1 Cannot be defeated or circumvented merely by using general-purpose tools or equipment that are widely available at a reasonable price, such as screwdrivers, jumpers, clips and soldering irons ("Widely Available Tools"), or using specialized electronic tools or specialized software tools that are widely available at a reasonable price, such as EEPROM readers and writers, debuggers or decompilers ("Specialized Tools"), other than devices or technologies whether Hardware or Software that are designed and made available for the specific purpose of bypassing or circumventing the protection technologies required by DTCP ("Circumvention Devices"); and
3.5.2 Can only with difficulty be defeated or circumvented using professional tools or equipment, such as logic analyzers, chip disassembly systems, or in-circuit emulators or any other tools, equipment, methods, or techniques not described in Section 3.5.1 such as would be used primarily by persons of professional skill and training, but not including professional tools or equipment that are made available only on the basis of a non-disclosure agreement or Circumvention Devices.
Level of Protection. The identifier for the relevant NIJ Standard, such as NIJ Standard- 0101.06, NIJ Standard- 0101.07 or NIJ Standard-0115.00 or NIJ Standard- 0115.01 (Combination armor shall indicate both).
Level of Protection. Handling of Volume ID, Media ID, Binding Nonce and PMSN. In a Licensed Player that does not implement AACS Drive Authentication, the portion of such Licensed Player that retrieves AACS Content from the optical media and the portion of such Licensed Player that performs the AACS decryption function shall be designed and manufactured in a manner associated and otherwise integrated with each other such that the Volume ID, Media ID, Binding Nonce and PMSN (as those terms are defined in the Specifications) flowing between them are reasonably secure from modification.
Level of Protection. “L1 Core Functions” of DTCP2 consist of “Primary L1 Core Functions” and “Other L1 Core Functions.”
3.5.1 The Primary L1 Core Functions shall be implemented in Hardware, and include the following:
(a) handling in plaintext form of the DTCP2 Device Private Key, Exchange Keys (KM, KS, KR and KXM in Table 1 in Exhibit C-General), and parameters applicable to DTCP2 disclosed by DTLA as Highly Confidential Information (collectively, the “DTCP2 L1 Core Keys”), such as calculations of device signature and Content Key;
(b) maintaining the confidentiality and integrity of (i) DTCP2 L1 Core Keys, (ii) algorithms classified by DTLA as Highly Confidential Information, and (iii) other information or materials, including but not limited to cryptographic keys used to encrypt or decrypt the DTCP2 L1 Core Keys, from which any of the DTCP2 L1 Core Keys could reasonably be derived including the values of u, XK and XXXXX in Table 1 in Exhibit C-General;
(c) verifying the signature signed by DTLA or another device during the DTCP2 authentication protocol; and,
(d) maintaining the integrity of the usage rules defined in the DTCP2 Specification.
(e) maintaining the integrity of the values of C1, L1, X1, XSRMV, XSRMC, IDU, IID, NC, IDSM, IDSU, CMI and SRM in Table 1 in Exhibit C-General.
3.5.2 The "Other L1 Core Functions" of DTCP2 include encryption, decryption, authentication, the functions described in Sections 2 (excluding Sections 2.2.1.1 and 2.2.1.3), 3, 4.4.1 and 4.4.2 of Part 1-A of this Exhibit B and Sections 2.3 and 3 of Exhibit B Part 2 and preventing exposure of compressed, Decrypted DT Data, which are not Primary L1 Core Functions.
3.5.3 The L1 Core Functions of DTCP2 shall be implemented in a reasonable method so that they:
3.5.3.1 Cannot be defeated or circumvented merely by using general-purpose tools or equipment that are widely available at a reasonable price, such as screwdrivers, jumpers, clips, file editors, and soldering irons ("Widely Available Tools"), or using specialized electronic tools or specialized software tools that are widely available at a reasonable price, such as EEPROM readers and writers, debuggers or decompilers, integrated development environments and similar software development products (“Specialized Tools”), or software tools such as disassemblers, loaders, patchers, or any other software tools, techniques or methods not described in Widely Available Tools and Specialized Tools (e.g., the software equivalent of in-circuit emulators, softw...
Level of Protection. The protection functions of the Specifications (maintaining the confidentiality of Keys, key generation methods and the cryptographic algorithms, conformance to the Compliance Rules and preventing Controlled Content that has been decrypted, from copying or unauthorized viewing) shall be implemented, at a minimum, in a way that they:
(i) Cannot be reasonably foreseen to be defeated or circumvented merely by using general purpose tools or equipment that are widely available at a reasonable price, such as screw drivers, jumpers, clips and soldering irons (“Widely Available Tools”), or using specialized electronic tools or specialized software tools that are widely available at a reasonable price, such as EEPROM readers and writers, debuggers or de-compilers or similar software development tools (“Specialized Tools”), other than devices or technologies whether hardware or software that are designed and made available for the specific purpose of bypassing or circumventing the protection technologies required (“Circumvention Devices”); and
(ii) Can only with difficulty be defeated or circumvented using professional tools or equipment (excluding Circumvention Devices and professional tools or equipment that are made available only on the basis of a non-disclosure agreement), such as logic analysers, chip disassembly systems, or in-circuit emulators or other tools, equipment, methods or techniques not included in the definition of Widely Available Tools and Specialized Tools in subsection (i) above.
Level of Protection. The content protection requirements of the HDCP Specification and the Compliance Rules shall be implemented in a reasonable method so that such implementations:
3.5.1 cannot be defeated or circumvented merely by using general-purpose tools or equipment that are widely available to average users at a reasonable price, such as screwdrivers, jumpers, clips and soldering irons (“Widely Available Tools”), or using specialized electronic tools or specialized software tools that are widely available at a reasonable price, such as eeprom readers and writers, debuggers or decompilers (“Specialized Tools”) other than devices or technologies, whether Hardware or Software, that are designed and made available for the specific purpose of bypassing or circumventing the protection technologies required by HDCP (“Circumvention Devices”); and
3.5.2 can only with difficulty be defeated or circumvented using professional tools or equipment, such as logic analyzers, chip disassembly systems, or in-circuit emulators or any other tools, equipment, methods, or techniques not described in Section 3.5.1 of these Robustness Rules such as would be used primarily by persons of professional skill and training, but not including either professional tools or equipment that are made available on the basis of a non-disclosure agreement or Circumvention Devices.
Level of Protection. 3.1 The Trusted Execution Environment shall be implemented, at a minimum, in a way that it:
(i) Cannot be reasonably foreseen to be defeated or circumvented merely by using Widely Available Tools or Specialized Tools, or any software or hardware being part of the Licensed Product but not being part of the CI Plus ECP Trusted Boundary,
(ii) Can only with difficulty be defeated or circumvented using Professional Tools, and
(iii) Cannot be reasonably foreseen to be defeated or circumvented due to a transition of power state, whether authorized or unauthorized.
3.2 The Secure Boot process shall be implemented, at a minimum, in a way that:
(i) It cannot be modified merely by using Widely Available Tools or Specialized Tools, or any software or hardware being part of the Licensed Product but not being part of the CI Plus ECP Trusted Boundary,
(ii) It can only with difficulty be modified using Professional Tools, and
(iii) Compromise for one Device Type cannot be directly exploitable on another Device Type.
3.3 The CI Plus 2nd RoT Trust Values shall be protected, at a minimum, in a way that they:
(i) Cannot be modified merely by using Widely Available Tools or Specialized Tools, or any software or hardware being part of the Licensed Product but not being part of the CI Plus ECP Trusted Boundary, and
(ii) Can only with difficulty be modified using Professional Tools.
3.4 The CI Plus 2nd RoT Secret Values shall be protected, at a minimum, in a way that they:
(i) Cannot be modified or discovered merely by using Widely Available Tools or Specialized Tools, or any software or hardware being part of the Licensed Product but not being part of the CI Plus ECP Trusted Boundary, and
(ii) Can only with difficulty be modified or discovered using Professional Tools.
3.5 The Secure Storage shall be implemented, at a minimum, in a way that it:
(i) Cannot be defeated or circumvented merely by using Widely Available Tools or Specialized Tools, or any software or hardware being part of the Licensed Product but not being part of the CI Plus ECP Trusted Boundary, and
(ii) Can only with difficulty be defeated or circumvented using Professional Tools
3.6 The CI Plus ECP Trusted Boundary shall be implemented, at a minimum, in a way that it:
(i) Cannot be defeated or circumvented merely by using Widely Available Tools or Specialized Tools, or any software or hardware being part of the Licensed Product but not being part of the CI Plus ECP Trusted Boundary, and
(ii) Can only with difficu...
Level of Protection. The protection functions of the Specifications ((i) maintaining the confidentiality of Keys, (ii) key generation methods and the cryptographic algorithms, (iii) conformance to the Compliance Rules, (iv) preventing Controlled Content that has been decrypted, from copying or unauthorized viewing and (v) Overt Watermarking) shall be implemented, at a minimum, in a way that they:
(i) Cannot be reasonably foreseen to be defeated or circumvented merely by using general purpose tools or equipment that are widely available at a reasonable price, such as screw drivers, jumpers, clips and soldering irons (“Widely Available Tools”), or using specialized electronic tools or specialized software tools that are widely available at a reasonable price, such as EEPROM readers and writers, debuggers or de-compilers or similar software development tools (“Specialized Tools”), other than devices or technologies whether hardware or software that are designed and made available for the specific purpose of bypassing or circumventing the protection technologies required (“Circumvention Devices”); and
(ii) Can only with difficulty be defeated or circumvented using professional tools or equipment (excluding Circumvention Devices and professional tools or equipment that are made available only on the basis of a non-disclosure agreement), such as logic analysers, chip disassembly systems, or in-circuit emulators or other tools, equipment, methods or techniques not included in the definition of Widely Available Tools and Specialized Tools in subsection (i) above.
Level of Protection. Content Protection Requirements other than Core Functions. The content protection requirements, other than Core Functions, of the HDCP Specification Rev 2.0 and the Compliance Rules shall be implemented in a reasonable method so that such implementations: For review only - Not valid for execution
4.4.1 cannot be defeated or circumvented merely by Widely Available Tools or Specialized Tools, as those capitalized terms are defined in Section 4.3.1 but not including Circumvention Devices; and
4.4.2 can only with difficulty be defeated or circumvented using Professional Tools Or Equipment, such as logic analyzers, chip disassembly systems, or in-circuit emulators or any other tools, equipment, methods, or techniques not described in Section 4.4.1 of these Robustness Rules such as would be used primarily by persons of professional skill and training, but not including either Professional Tools Or Equipment that are made available on the basis of a non-disclosure agreement or Circumvention Devices.
Level of Protection. Core Functions. “Core Functions” of AACS include encryption, decryption, authentication, maintaining confidentiality of Secrecy Required Values and integrity of Integrity Required Values, and preventing exposure of the video portions of compressed, Decrypted AACS Content. The Core Functions of AACS shall be implemented in a reasonable method so that they:
3.6.5.1 Cannot be defeated or circumvented merely by using general- purpose tools or equipment that are widely available at a reasonable price, such as screwdrivers, jumpers, clips and soldering irons ("Widely Available Tools"), or using specialized electronic tools or specialized software tools that are widely available at a reasonable price, such as EEPROM readers and writers, debuggers or decompilers ("Specialized Tools"), other than devices or technologies whether hardware or software that are designed and made available for the specific purpose of bypassing or circumventing the protection technologies required by AACS ("Circumvention Devices"); and
3.6.5.2 Can only with difficulty be defeated or circumvented using professional tools or equipment, such as logic analyzers, chip disassembly systems, or in-circuit emulators or any other tools, equipment, methods, or techniques not described in Section 3.6.5.1 such as would be used primarily by persons of professional skill and training, but not including professional tools or equipment that are made available only on the basis of a non-disclosure agreement or Circumvention Devices.
