The value of the DCI specification is the agreement among studios on distribution packaging and security. Distribution packaging is homegrown: the concept was developed in SMPTE before DCI was even formed, with the result that the industry has a lot of control over changes in the packaging format. But not so for DCI’s security concepts, most of which rely on specifications by the National Institute of Standards and Technology, known as NIST. Although NIST once hosted an event in Maryland around 2002 to discuss digital cinema, NIST’s primary role in security matters is to ensure that government agencies have well-defined and well-regulated security technologies. NIST has no connection to the entertainment industry. But the entertainment industry now relies on NIST, and therein lies the rub: a rub that likely cannot be fixed.
It has been known since 2005 that NIST planned to update its core security specification, FIPS 140-2, to a revised FIPS 140-3. But in January 2010, NIST released a revision to Annex A of FIPS 140-2, which requires compliance to the new FIPS 180-3 Secure Hash Standard, updated from FIPS 180-2, and FIPS 186-3 Digital Signature Standard, updated from FIPS 186-2. The new standards call for changes in the use of the SHA-1 and SHA-256 algorithms, used in digital signatures. SHA-1 is also used in content packaging. In particular, NIST FIPS 186-3 imposes a new requirement to not reuse digital signature key pairs for other purposes. Further, NIST SP800-57 Part 3 says that a “server’s TLS keys should not be sued to support other applications.” These requirements will impact media block designs, which use the same public key to decrypt KDMs, sign security logs, and conduct TLS sessions. Manufacturers are told that equipment tested after December of this year must follow the new rules. But NIST also makes it clear that it will review existing certifications and will remove references to no-longer-valid algorithms.
The full impact on existing digital cinema equipment remains to be determined. While the core algorithms and key lengths used in digital cinema appear to be consistent with those in the new FIPS 180-3, the new rule restricting reuse of keys will likely impact the design of equipment to be approved after 2010. Possibly more worrisome is a statement on the NIST site that says: “Federal agencies should stop using SHA-1 for digital signatures, digital time stamping and other applications that require collision resistance as soon as practical, and must use the SHA-2 family of hash functions for these applications after 2010.” SHA-1 is the algorithm used for digital signatures in digital cinema equipment, and is used in content packaging with the “message integrity code”. While not made obsolete by FIPS 180-3, the algorithm will likely be made obsolete by a future version of the standard, which could be incorporated in the final FIPS 140-3.
To manage the obsolescence process, NIST explained in its January recommendation regarding the end-of-year transition that equipment operation in a “FIPS-approved” or a “non-FIPS-approved” mode is possible. At first, this appears intriguing. It may be possible to simply freeze digital cinema in the use of its current security algorithms, while newly approved equipment must add the new FIPS-approved algorithms to become FIPS-compliant. But this would create a situation where the algorithms used in digital cinema would no longer be tested in the FIPS-compliance process. The NIST document released in January had this to say: “For practical purposes, it may be necessary to extend the use of some algorithms, key sizes and protocols to allow a non-interruptive transition as agencies procure and replace legacy solutions.” In other words, NIST recognizes the problem, and relies on your tax dollars to fix it all up.
But tax dollars won’t fix up digital cinema. JP Morgan and its syndicate banks behind DCIP do not want to hear about early equipment obsolescence. DCI has yet to take steps to learn the probable impacts to its specification by current and future changes by NIST. In February, DCI simply asked SMPTE to investigate and fix digital cinema standards per the new NIST standards. But can changes really take place if they cause the obsolescence of existing equipment? Is DCI evaluating this from a business-impact perspective?
Even if early obsolescence doesn’t occur through NIST’s current actions, it will likely occur in the future. The elegant way to prevent early obsolescence is for the industry to decouple from NIST and “roll its own” security specification. That, in fact, was the response given your author by Peter Kim, when asked how other industries do it. Mr. Kim is the NIST expert responsible for much of the security-related “errata” in the DCI spec. Of course, the last thing to happen will be for the major studios to quickly agree on spending money to underwrite a new industry security specification. However, DCI may have no choice but to eventually decouple from the FIPS 140 standard.
In a nutshell: the studios created a specification they cannot control, the manufacturing industry has spent millions trying to comply, uncontrollable changes are starting to occur, there is no one to complain to (that will listen), and it may require a fix that the industry isn’t prepared to pay for. Long live DCI compliance.
For reference, a list of links to FIPS-related documents, including the January 2010 transition recommendation, are posted at http://www.mkpe.com/isdcf/. (Scroll to bottom of page.)