1、 Reference number ISO 26430-3:2008(E) ISO 2008INTERNATIONAL STANDARD ISO 26430-3 First edition 2008-07-15 Digital cinema (D-cinema) operations Part 3: Generic extra-theater message format Oprations du cinma numrique (cinma D) Partie 3: Format de message dextra thtre gnrique ISO 26430-3:2008(E) PDF d
2、isclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parti
3、es accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative t
4、o the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. COPYRIGHT P
5、ROTECTED DOCUMENT ISO 2008 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISO
6、s member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO 2008 All rights reservedISO 26430-3:2008(E) ISO 2008 All rights reserved iii Fore
7、word ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a techn
8、ical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
9、electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to
10、 the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for
11、identifying any or all such patent rights. ISO 26430-3 was prepared by the Society of Motion Picture and Television Engineers (as SMPTE 430-3-2008) and was adopted, under a special “fast-track procedure”, by Technical Committee ISO/TC 36, Cinematography, in parallel with its approval by the ISO memb
12、er bodies. ISO 26430 consists of the following parts, under the general title Digital cinema (D-cinema) operations: Part 1: Key delivery message Part 2: Digital certificate Part 3: Generic extra-theater message format ISO 26430-3:2008(E) ISO 2008 All rights reserved 1Table of Contents Page Foreword
13、. 3 1 Scope 3 2 Conformance Notation 3 3 Normative References 3 4 Glossary 4 5 Overview of Generic Extra Theater Message (informative) 5 6 Authenticated and Public (Unencrypted) Information . 6 6.1 MessageId 7 6.2 MessageType. 7 6.3 AnnotationText. 7 6.4 IssueDate . 7 6.5 Signer. 7 6.6 RequiredExten
14、sions (Optional) 7 6.7 NonCriticalExtensions (Optional). 7 7 Authenticated and Private (Encrypted) Information 7 7.1 EncryptedKey. 9 7.1.1 EncryptionMethod . 9 7.1.2 KeyInfo 9 7.1.3 CipherData 9 7.1.4 EncryptionProperties. 9 7.1.5 ReferenceList 9 7.1.6 CarriedKeyName 9 7.2 EncryptedData (Optional) 1
15、0 8 Signature Information 11 8.1 XML Embedding. 11 8.2 SignedInfo 12 8.3 SignatureValue. 13 8.4 KeyInfo Certificate Chain . 13 8.5 Object Information 13 Annex A Design Features and Security Goals (Informative) 14 Annex B Bibliography (Informative) 16 Annex C XML Schema for ETM (Normative) 17 Annex D
16、 XML Diagram Legend (Informative). 19 Revision Notes 22 Page 1 of 22 pages SMPTE 430-3-2008 Revision of SMPTE 430-3-2006 SMPTE STANDARD D-Cinema Operations Generic Extra-Theater Message Format Copyright 2008 by THE SOCIETY OF MOTION PICTURE AND TELEVISION ENGINEERS 3 Barker Avenue, White Plains, NY
17、10601 (914) 761-1100 Approved March 3, 2008 ISO 26430-3:2008(E) 2 ISO 2008 All rights reservedPage 2 of 23 pages Foreword SMPTE (the Society of Motion Picture and Television Engineers) is an internationally recognized standards developing organization. Headquartered and incorporated in the United St
18、ates of America, SMPTE has members in over 80 countries on six continents. SMPTEs Engineering Documents, including Standards, Recommended Practices and Engineering Guidelines, are prepared by SMPTEs Technology Committees. Participation in these Committees is open to all with a bona fide interest in
19、their work. SMPTE cooperates closely with other standards-developing organizations, including ISO, IEC and ITU. SMPTE Engineering Documents are drafted in accordance with the rules given in Part XIII of its Administrative Practices. SMPTE Standard 430-3 was prepared by Technology Committee DC28. SMP
20、TE 430-3-2008 ISO 26430-3:2008(E) ISO 2008 All rights reserved 3 Page 3 of 23 pages 1 Scope This standard presents a specification for a generic Extra-Theatre Message (ETM) format for use with unidirectional communications channels used in security communcations for Digital Cinema (D-Cinema) systems
21、. The ETM specification is a generic XML security wrapper that includes specific fields which can be extended to carry different kinds of information to meet various application-level requirements. (For example, the Key Delivery Message (KDM) is a specific instance of this format.) The ETM uses W3C
22、Extensible Markup Language (see XML) to represent the information payload. It provides security using the XML encryption and signature primitives. Note: The brackets convention “” as used herein denotes either a normative or informative reference. 2 Conformance Notation Normative text is text that d
23、escribes elements of the design that are indispensable or contains the conformance language keywords: “shall“, “should“, or “may“. Informative text is text that is potentially helpful to the user, but not indispensable, and can be removed, changed, or added editorially without affecting interoperabi
24、lity. Informative text does not contain any conformance keywords. All text in this document is, by default, normative, except: the Introduction, any section explicitly labeled as “Informative“ or individual paragraphs that start with “Note:” The keywords “shall“ and “shall not“ indicate requirements
25、 strictly to be followed in order to conform to the document and from which no deviation is permitted. The keywords, “should“ and “should not“ indicate that, among several possibilities, one is recommended as particularly suitable, without mentioning or excluding others; or that a certain course of
26、action is preferred but not necessarily required; or that (in the negative form) a certain possibility or course of action is deprecated but not prohibited. The keywords “may“ and “need not“ indicate courses of action permissible within the limits of the document. The keyword “reserved” indicates a
27、provision that is not defined at this time, shall not be used, and may be defined in the future. The keyword “forbidden” indicates “reserved” and in addition indicates that the provision will never be defined in the future. A conformant implementation according to this document is one that includes
28、all mandatory provisions (“shall“) and, if implemented, all recommended provisions (“should“) as described. A conformant implementation need not implement optional provisions (“may“) and need not implement them as described. 3 Normative References The following standards contain provisions that, thr
29、ough reference in this text, constitute provisions of this standard. At the time of publication, the editions indicated were valid. All standards are subject to revision, and parties to agreements based on this standard are encouraged to investigate the possibility of applying the most recent editio
30、n of the standards indicated below. D-Cinema Digital Certificate SMPTE 430-2-2006, D-Cinema Operation Digital Certificate FIPS-180-2 “Secure Hash Standard” Version 2. August 1, 2002. FIPS-180-2. See: http:/csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf SMPTE 430-3-2008 ISO 26430-3:2008(E) 4
31、 ISO 2008 All rights reservedSMPTE 430-3-2008 Page 4 of 23 pages FIPS-197 “Advanced Encryption Standard (AES)” November 26, 2001. FIPS-197. See: http:/csrc.nist.gov/publications/fips/fips197/fips-197.pdf FIPS-198 “The Keyed-Hash Message Authentication Code (HMAC)” March 6, 2002. File updated April 8
32、, 2002. http:/csrc.nist.gov/publications/fips/fips198/fips-198a.pdf PKCS1 “PKCS #1: RSA Cryptography Specifications Version 2.1” By B. Kaliski. February 2003. RFC 3447 See: http:/www.ietf.org/rfc/rfc3447.txt RFC2253 “Lightweight Directory Access Protocol (v3):UTF-8 String Representation of Distingui
33、shed Names” December 1997. See: http:/www.ietf.org/rfc/rfc2253.txt RFC4051 ”Additional XML Security Uniform Resource Identifiers (URIs)” April 2005. See: http:/www.ietf.org/rfc/rfc4051.txt Time UTC, RFC 3339: Date and Time on the Internet: Timestamps. G. Klyne and C. Newman. Informational, July 2002
34、. See: http:/ietf.org/rfc/rfc3339.txt UUID “A Universially Unique Identifier (UUID) URN Namespace” July 2005. See: http:/www.ietf.org/rfc/rfc4122.txt XML “XML Schema Part 1: Structures” World Wide Web Consortium May 2001. See: http:/www.w3.org/TR/2001/REC-xmlschema-1-20010502 XML-Encrypt ”XML Encryp
35、tion Syntax and Processing” World Wide Web Consortium December 2002. See: http:/www.w3.org/TR/2002/REC-xmlenc-core-20021210/ XML-Sign ”XML-Signature Syntax and Processing” World Wide Web Consortium February 2002. See: http:/www.w3.org/TR/2002/REC-xmldsig-core-20020212/ 4 Glossary The following parag
36、raphs define the acronyms used in this document. AES: Advanced Encryption Standard secret key algorithm. Defined in FIPS-197. ASN.1: Abstract Syntax Notation 1. Base64: A printable encoding of binary data. See Base64. FIPS: Federal Information Processing Standards of NIST. HMAC-SHA-1: Hash-based Mes
37、sage Authentication Code based on SHA-1. Defined in FIPS-198. IETF: Internet Engineering Task Force standards group. IP: Internet Protocol. An IETF standard. ISO: International Standards Organization. KDM: Key Delivery Message An instance of the ETM. See SMPTE 430-1 LE: Link Encrypter. LD: Link Decr
38、ypter. MD: Media Decrypter. ISO 26430-3:2008(E) ISO 2008 All rights reserved 5 SMPTE 430-3-2008 Page 5 of 23 pages NIST: National Institute of Standards and Technologies. OAEP: Optimal Asymmetric Encryption Pattern. See PKCS1. RO: Rights Owner. RSA: Rivest Shamir Adleman public key algorithm. Define
39、d in PKCS1 SE: Security Entity. Any Digital Cinema entity that performs cryptography. SHA-1: Secure Hash Algorithm revision 1. Defined in FIPS-180-2. SHA-256: Secure Hash Algoritm. Defined in FIPS-180-2. SM: Security Manager. S/MIME: Secure Multipurpose Internet Mail Extensions. SPB: Secure Processi
40、ng Block. SSL: Secure Socket Layer protocol. See TLS. TCP: Transmission Control Protocol. IETF standard for reliable bi-directional streams. TLS: Transport Layer Security protocol. See Rescorla. TMS: Theater Management System. X.509: A widely used and supported digital certificate standard. Refer to
41、 D-Cinema Digital Certificate XML: Extensible Markup Language. 5 Overview of Generic Extra Theater Message (Informative) Extra-Theater Messages (ETM) may be used generally between any two D-Cinema Security Entities (SE), however an ETM is particularly appropriate where a unidirectional rather than a
42、 bi-directional communications channel is employed. Such channels would be typical of those between a Distributor and an Exhibitor, or between a Studio and a Distributor. The ETM format defined in this document provides a basic message structure having a useful set of known security properties. It i
43、s intended that all D-Cinema extra-theatre messaging requirements utilize this structure in order to minimize the risk that introduction of new security messages will undermine the integrity of the security system. The following diagram presents an overview of the generic security wrapper. The top-l
44、evel XML element indicates that this structure is a D-Cinema Extra-Theatre security Message. It contains three elements (segments) for data: 1) authenticated and public (viewable by anyone who receives the message), 2) authenticated and private (viewable by the intended recipients only), and 3) auth
45、entication (signature and trust) information. ISO 26430-3:2008(E) 6 ISO 2008 All rights reservedSMPTE 430-3-2008 Page 6 of 23 pages Figure 1 XML Diagram for Generic Extra Theater Message The AuthenticatedPublic segment includes standard message header information and a place to put required standard
46、 extension elements for the particular message type, and a place for proprietary extensions that are not critical to the baseline interoperability standard. The single signer of the ETM is identified in the AuthenticatedPublic segment, and any entity that receives the message is able to read and aut
47、henticate the information in the AuthenticatedPublic segment. For ETMs that carry encrypted information in the AuthenticatedPrivate segment, the identity of the recipient of this private information (as specified by the issuer name and serial number of a certificate) appears in a standard field (Key
48、Info) of the standard XML EncryptedKey element of the AuthenticatedPrivate segment. To avoid redundancy, the recipient information is not also carried in the AuthenticatedPublic segment. The AuthenticatedPrivate segment includes zero or more blocks of information encrypted by RSA (called EncryptedKe
49、y) and an optional block of information encrypted by AES (called EncryptedData). The use of the EncryptedKey and EncryptedData fields is application-dependent. For example, the KDM message uses the RSA blocks in a special way and does not use the AES block. Other instances of the ETM may use the AuthenticatedPrivate segment to carry data that is hidden from all but the intended recipients. The data in this segment is encrypted with a fresh random AES key (i