The WebM Project | WebM Encryption

<!DOCTYPE html>    <html class="no-js"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>The WebM Project | WebM Encryption </title> <meta name="google-site-verification" content="k48O6zrnreFHIEU7DjyqpOK8REgb_WD1_OyorIE4Ti0">  <link rel="stylesheet" href="/media/css/bootstrap.css" nonce="mT0pVYrPB-c2gzYhm6y3Ug"> <style type="text/css"> body { padding-top: 80px; } </style> <link rel="stylesheet" href="/media/css/bootstrap-responsive.css" nonce="mT0pVYrPB-c2gzYhm6y3Ug"> <link rel="stylesheet" href="/media/css/webm.css" nonce="mT0pVYrPB-c2gzYhm6y3Ug"> <style> table { border-collapse: collapse; } th, td { border: 1px solid #ccc; padding: 7px 14px; } th { font-weight: bold; background-color: #f7f7f7; } td {} .new-element, .elements-table tr+tr, .elements-table tr+tr code { background-color: #fce5cd; } .elements-table tr+tr code { border: none; } </style> <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js" nonce="mT0pVYrPB-c2gzYhm6y3Ug"></script> <script src="https://storage.googleapis.com/downloads.webmproject.org/media/js/bootstrap.min.js" nonce="mT0pVYrPB-c2gzYhm6y3Ug"></script> <script nonce="mT0pVYrPB-c2gzYhm6y3Ug"> $(function(){ setTimeout(function(){ var shiftWindow = function() { var hash = "#" + location.hash.replace(/[^A-Za-z0-9_\-]/g, ""); if (hash && $(hash).offset()) { var pos = $(hash).offset().top - 60; $(window).scrollTop(pos); } }; if (location.hash) shiftWindow(); window.addEventListener("hashchange", shiftWindow); },10); }) </script> <link rel="shortcut icon" href="/media/images/webm-48px.png">  </head> <body class="" id="None"> <div id="not-footer"> <header> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container">  <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </a> <a class="brand" href="/" title="The WebM Project" style="padding: 0; margin: 3px 20px 0 0;"><img src="/media/images/webm-558x156.png" alt="" style="height: 46px; padding: 0"></a>  <div class="nav-collapse collapse"> <ul class="nav"> <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown"> About <b class="caret"></b> </a> <ul class="dropdown-menu"> <li><a href="/about/">About WebM</a></li> <li><a href="/about/press/">Press Info</a></li> <li><a href="/about/faq/">FAQ</a></li> <li><a href="/about/discuss/">Discuss</a></li> <li><a href="/about/supporters/">Supporters</a></li> <li class="divider"></li> <li><a href="/vp9/">VP9 Codec</a></li> </ul> </li> <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown">Developer <b class="caret"></b></a> <ul class="dropdown-menu"> <li><a href="/code/">Overview & Code Repos</a></li> <li><a href="/code/contribute/">Contribute</a> <li><a href="/code/contribute/submitting-patches/">Submitting Patches</a></li> <li><a href="/code/contribute/code-reviews/">Code Reviews</a></li> <li><a href="/code/contribute/workflow/">Workflow</a></li> <li><a href="/code/contribute/conventions/">Conventions</a></li> <li class="divider"></li> <li><a href="https://build.webmproject.org/jenkins/">Continuous Integration</a></li> <li class="divider"></li> <li><a href="/code/bug-reporting/">Bug Reporting</a></li> <li><a href="/code/build-prerequisites/">Build Prerequisites</a></li> <li><a href="/code/repository-layout/">Repository Layout</a></li> <li><a href="/code/releases/">Releases</a></li> <li><a href="/code/roadmap/">Roadmap</a></li> </ul> </li> <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown">Docs <b class="caret"></b></a> <ul class="dropdown-menu"> <li><a href="/vp9/">Draft VP9 Bitstream Format</a></li> <li><a href="/vp9/mp4/">VP Codec ISO Media File Format Binding (MP4)</a></li> <li><a href="/vp9/levels/">VP9 Levels and Decoder Testing</a></li> <li><a href="http://datatracker.ietf.org/doc/rfc6386/">RFC 6386: VP8 Data Format</a></li> <li><a href="/docs/container/">WebM Container Format</a></li> <li><a href="/docs/webm-encryption/">WebM Encryption</a></li> <li><a href="http://tools.ietf.org/html/draft-ietf-payload-vp8">VP8 RTP Proposal (Draft)</a></li> <li><a href="/docs/encoder-parameters/">Encoder Examples</a></li> <li><a href="http://wiki.webmproject.org/">Wiki</a></li> </ul> </li> <li><a href="/tools/">Tools</a></li> </ul> <script type="text/javascript" src="https://www.google.com/jsapi" nonce="mT0pVYrPB-c2gzYhm6y3Ug"></script> <script type="text/javascript" nonce="mT0pVYrPB-c2gzYhm6y3Ug"> google.load('search', '1'); google.setOnLoadCallback(function() { google.search.CustomSearchControl.attachAutoCompletion( '003367860376540524942:a7a4auyo1la', document.getElementById('q'), 'cse-search-box'); }); </script> <form action="https://www.google.com/cse" class="navbar-search pull-right searchbox"> <div class="control-group"> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-search"></i></span><input type="text" name="q" id="q" autocomplete="on" class="span2" placeholder="" style="background-image: none;"> <input type="hidden" name="cx" value="003367860376540524942:a7a4auyo1la"> <input type="hidden" name="ie" value="UTF-8"> </div> </div> </div> </form> </div> </div> </div> </div> </header> <div class="container"> <div class="row"> <div class="span10 offset1"> <ul class="breadcrumb"> <li><a href="/"> Home </a><span class="divider">></span> </li> <li><a href="/docs/"> Docs </a><span class="divider">></span> </li> <li class="active"> Webm Encryption </li> </ul> </div> </div> <div class="row"> <div class="span10 offset1"> <h2>WebM Encryption</h2> <p><em>Last modified: 2016-09-19</em><br> <em>Author: Frank Galligan</em></p> <p><a class="btn btn-mini btn-primary toggle-all tocbutton pull-right" href="#">Show Contents</a></p> <div class="toc"> <ul> <li><a href="#objective">Objective</a></li> <li><a href="#background">Background</a><ul> <li><a href="#10-definitions">1.0 Definitions</a><ul> <li><a href="#11-aes">1.1 AES</a></li> <li><a href="#12-block-cipher">1.2 Block Cipher</a></li> <li><a href="#13-counter-block">1.3 Counter Block</a></li> <li><a href="#14-ctr">1.4 CTR</a></li> <li><a href="#15-initialization-vector">1.5 Initialization Vector</a></li> <li><a href="#16-live-streaming">1.6 Live Streaming</a></li> <li><a href="#17-cenc">1.7 CENC</a></li> <li><a href="#18-vod">1.8 VOD</a></li> </ul> </li> <li><a href="#20-use-cases">2.0 Use Cases</a><ul> <li><a href="#21-playback-of-encrypted-content-over-a-network">2.1 Playback of Encrypted Content Over a Network</a></li> <li><a href="#22-playback-of-encrypted-content-from-a-storage-medium">2.2 Playback of Encrypted Content from a Storage Medium</a></li> <li><a href="#23-out-of-order-decryption">2.3 Out of Order Decryption</a></li> </ul> </li> <li><a href="#30-goals">3.0 Goals</a><ul> <li><a href="#31-primary-goals">3.1 Primary Goals</a></li> </ul> </li> </ul> </li> <li><a href="#design">Design</a><ul> <li><a href="#40-webm-common-encryption-with-integrity-checking">4.0 WebM Common Encryption with Integrity Checking</a><ul> <li><a href="#41-common-encryption-format">4.1 Common Encryption Format</a></li> <li><a href="#42-new-matroskawebm-elements">4.2 New Matroska/WebM Elements</a></li> <li><a href="#43-supported-matroska-encryption-elements">4.3 Supported Matroska Encryption Elements</a></li> <li><a href="#44-unencrypted-block-format">4.4 Unencrypted Block Format</a></li> <li><a href="#45-full-sample-encrypted-block-format">4.5 Full-sample Encrypted Block Format</a></li> <li><a href="#46-subsample-encrypted-block-format">4.6 Subsample Encrypted Block Format</a><ul> <li><a href="#461-sample-partitions">4.6.1 Sample Partitions</a></li> </ul> </li> <li><a href="#47-signal-byte-format">4.7 Signal Byte Format</a></li> <li><a href="#48-initialization-vector">4.8 Initialization Vector</a><ul> <li><a href="#481-incrementing-initialization-vector">4.8.1 Incrementing Initialization Vector</a></li> </ul> </li> <li><a href="#49-ctr-counter-block-format-generation">4.9 CTR Counter Block Format Generation</a></li> <li><a href="#410-excess-key-stream-data">4.10 Excess Key Stream Data</a></li> <li><a href="#411-examples">4.11 Examples</a><ul> <li><a href="#4111-three-encrypted-frames">4.11.1 Three Encrypted Frames</a></li> </ul> </li> <li><a href="#412-fast-startup-recommendation">4.12 Fast Startup Recommendation</a></li> </ul> </li> <li><a href="#50-lacing">5.0 Lacing</a></li> <li><a href="#60-revision-history">6.0 Revision History</a></li> </ul> </li> </ul> </div> <h3 id="objective">Objective</h3> <p>Define a mechanism for supporting AES encryption in the <a href="/docs/container/">WebM video container</a> specification.</p> <h3 id="background">Background</h3> <p>There is a <a href="https://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html#simple-decryption">W3C proposal</a> to add extensions for encrypted media. In order for WebM to be supported, it requires a system-independent way of encrypting the files.</p> <p><a href="https://matroska.org/technical/specs/index.html">Matroska</a> has support for encrypting certain elements with AES (<a href="https://matroska.org/technical/specs/index.html#ContentEncryption">ContentEncryption</a> element), but does not define how they are encrypted.</p> <h4 id="10-definitions">1.0 Definitions</h4> <h5 id="11-aes">1.1 <a href="https://en.wikipedia.org/wiki/Advanced_Encryption_Standard">AES</a></h5> <p>Advanced Encryption Standard</p> <h5 id="12-block-cipher">1.2 <a href="https://en.wikipedia.org/wiki/Block_cipher">Block Cipher</a></h5> <p>An encryption algorithm that works on fixed length blocks of data.</p> <h5 id="13-counter-block">1.3 <a href="https://tools.ietf.org/html/rfc3686#page-7">Counter Block</a></h5> <p>This is the block used to generate the keystream with AES-CTR.</p> <h5 id="14-ctr">1.4 <a href="https://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29">CTR</a></h5> <p>A mode of AES encryption that uses Counter Blocks to generate a key stream that is then XORed with the plaintext to produce the ciphertext.</p> <h5 id="15-initialization-vector">1.5 <a href="https://en.wikipedia.org/wiki/Initialization_vector">Initialization Vector</a></h5> <p>A non-secret auxiliary input to cryptographic algorithms used to prevent certain classes of attacks. Fixed size input to the cryptographic algorithm.</p> <h5 id="16-live-streaming">1.6 Live Streaming</h5> <p>Media that is captured and sent to users at a specific time.</p> <h5 id="17-cenc">1.7 CENC</h5> <p>MPEG Common Encryption (ISO/IEC 23001-7)</p> <h5 id="18-vod">1.8 <a href="https://en.wikipedia.org/wiki/Video_on_demand">VOD</a></h5> <p>Video on demand. Previously recorded media files that are watched when a user decides to watch them.</p> <h4 id="20-use-cases">2.0 Use Cases</h4> <h5 id="21-playback-of-encrypted-content-over-a-network">2.1 Playback of Encrypted Content Over a Network</h5> <p>In this use case, a content distributor wants to serve protected content to users. The users want to watch the encrypted content, while also seeking to other times within the media.</p> <h5 id="22-playback-of-encrypted-content-from-a-storage-medium">2.2 Playback of Encrypted Content from a Storage Medium</h5> <p>In this use case, the user wants to playback the encrypted content from local storage.</p> <h5 id="23-out-of-order-decryption">2.3 Out of Order Decryption</h5> <p>In this use case, encrypted frames may arrive to a client out of order. The client may want to decrypt the frames as soon as they arrive. An example of this use case is WebRTC, which decodes out of order video frames.</p> <h4 id="30-goals">3.0 Goals</h4> <h5 id="31-primary-goals">3.1 Primary Goals</h5> <p><strong>3.1.1</strong> Use the smallest possible number of encryption parameter combinations, ideally one.</p> <p><strong>3.1.2</strong> Add as little overhead to the stream data as possible.</p> <p><strong>3.1.3</strong> Support seeking within VOD files.</p> <p><strong>3.1.4</strong> Minimize added latency after a seek.</p> <p><strong>3.1.5</strong> Support live streaming.</p> <p><strong>3.1.6</strong> Strive compatibility with CENC.</p> <p><strong>3.1.7</strong> Lowest possible startup latency.</p> <h3 id="design">Design</h3> <h4 id="40-webm-common-encryption-with-integrity-checking">4.0 WebM Common Encryption with Integrity Checking</h4> <p>Having one common encryption for WebM benefits both the delivery side and client comsumption.</p> <h5 id="41-common-encryption-format">4.1 Common Encryption Format</h5> <p>The WebM common encryption algorithm is AES. The key size is 128 bit. Information on how the blocks are encrypted is stored in the Track element and interleaved with the Block鈥檚 data.</p> <h5 id="42-new-matroskawebm-elements">4.2 New Matroska/WebM Elements</h5> <p>A master element named <code class="new-element">ContentEncAESSettings</code> is added as a sub-element of the <code>ContentEncryption</code> element, which contains elements representing the features of AES. <code class="new-element">ContentEncAESSettings</code> contains one sub element. <code class="new-element">AESSettingsCipherMode</code> conveys the <a href="https://en.wikipedia.org/wiki/Block_cipher">block cipher mode</a> used with the AES encryption. <code class="new-element">AESSettingsCipherMode</code> contains one value, <code>CTR</code>.</p> <div class="elements-table"> <table> <thead> <tr> <th>Element Name</th> <th>L</th> <th>ID</th> <th>D</th> <th>T</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><code>ContentEncryption</code></td> <td>5</td> <td><code>[50][35]</code></td> <td>-</td> <td>m</td> <td>Settings describing the encryption used. MUST be present if the value of <code>ContentEncodingType</code> is 1 and absent otherwise.</td> </tr> <tr> <td><code>ContentEncAESSettings</code></td> <td>6</td> <td><code>[47][E7]</code></td> <td>-</td> <td>m</td> <td>Settings describing the encryption algorithm used. If <code>ContentEncAlgo</code> != 5 this MUST be absent.</td> </tr> <tr> <td><code>AESSettingsCipherMode</code></td> <td>7</td> <td><code>[47][E8]</code></td> <td>1</td> <td>u</td> <td>The cipher mode used in the encryption. Predefined values: 1 - CTR</td> </tr> </tbody> </table> </div> <dl> <dd><span class="new-element">Cells in orange</span> = Additions to Matroska</dd> <dd>L = Level</dd> <dd>ID = Matroska/Webm Element ID</dd> <dd>D = Default</dd> <dd>T = Type</dd> </dl> <p>With these new elements, clients should be able to decode frames encoded with AES.</p> <h5 id="43-supported-matroska-encryption-elements">4.3 Supported Matroska Encryption Elements</h5> <p>The following Matroska elements and values are added to the WebM specification.</p> <ul> <li><code>ContentEncryption</code></li> <li><code>ContentEncAlgo</code> (Supported AES value = 5)</li> <li><code>ContentEncKeyID</code></li> <li><code>ContentEncAESSettings</code></li> <li><code>AESSettingsCipherMode</code> (Supported CTR value = 1)</li> </ul> <h5 id="44-unencrypted-block-format">4.4 Unencrypted Block Format</h5> <p>The payload of unencrypted Blocks is comprised of two parts. The first part is the <a href="#47-signal-byte-format">Signal Byte</a>. The last part is frame data.</p> <pre><code> 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Signal Byte | | +-+-+-+-+-+-+-+-+ | : Bytes 1..N of unencrypted frame : | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</code></pre> <h5 id="45-full-sample-encrypted-block-format">4.5 Full-sample Encrypted Block Format</h5> <p>The payload of a Full-sample Encrypted Block is comprised of three parts. The first part is the <a href="#47-signal-byte-format">Signal Byte</a>. The second part is the <a href="#48-initialization-vector">IV</a>. The last part of an Encrypted Block payload is frame data. The only part of the Block that is encrypted is the frame data.</p> <pre><code> 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Signal Byte | | +-+-+-+-+-+-+-+-+ IV | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | |-+-+-+-+-+-+-+-+ | : Bytes 1..N of encrypted frame : | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</code></pre> <h5 id="46-subsample-encrypted-block-format">4.6 Subsample Encrypted Block Format</h5> <p>The Subsample Encrypted Block format extends the Full-sample format by setting a "partitioned" (P) bit in the <a href="#47-signal-byte-format">Signal Byte</a>. If this bit is set, the <code>EncryptedBlock</code> header shall include an 8-bit integer indicating the number of sample partitions (dividers between clear/encrypted sections), and a series of 32-bit integers in big-endian encoding indicating the byte offsets of such partitions.</p> <pre><code> 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Signal Byte | | +-+-+-+-+-+-+-+-+ IV | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | num_partition | Partition 0 offset -> | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| | -> Partition 0 offset | ... | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| | ... | Partition n-1 offset -> | |-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| | -> Partition n-1 offset | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Clear/encrypted sample data | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</code></pre> <h6 id="461-sample-partitions">4.6.1 Sample Partitions</h6> <p>The samples shall be partitioned into alternating clear and encrypted sections, always starting with a clear section. Generally for <em>n</em> clear/encrypted sections there shall be <em>n-1</em> partition offsets. However, if it is required that the first section be encrypted, then the first partition shall be at byte offset 0 (indicating a zero-size clear section), and there shall be <em>n</em> partition offsets.</p> <p>Please refer to the "Sample Encryption" description of the "Common Encryption" section of the <a href="https://storage.googleapis.com/downloads.webmproject.org/docs/vp9/vp-codec-iso-media-file-format-binding-20160516-draft.pdf">VP Codec ISO Media File Format Binding Specification</a> for more detail on how subsample encryption is implemented.</p> <h5 id="47-signal-byte-format">4.7 Signal Byte Format</h5> <pre><code> 0 1 2 3 4 5 6 7 +-+-+-+-+-+-+-+-+ |X| RSV |P|E| +-+-+-+-+-+-+-+-+</code></pre> <dl> <dt>Extension bit (<em>X</em>)</dt> <dd>If set, another signal byte will follow this byte. Reserved for future expansion (currently MUST be set to 0).</dd> <dt>RSV bits (<em>RSV</em>)</dt> <dd>Bits reserved for future use. MUST be set to 0 and MUST be ignored.</dd> <dt>Encrypted bit (<em>E</em>)</dt> <dd>If set, the Block MUST contain an IV immediately followed by an encrypted frame. If not set, the Block MUST NOT include an IV and the frame MUST be unencrypted. The unencrypted frame MUST immediately follow the Signal Byte.</dd> <dt>Partitioned bit (<em>P</em>)</dt> <dd>Used to indicate that the sample has subsample partitions. If set, the IV will be followed by a <code>num_partitions</code> byte, and <code>num_partitions</code> * 32-bit partition offsets. This bit can only be set if the <em>E</em> bit is also set.</dd> </dl> <h5 id="48-initialization-vector">4.8 Initialization Vector</h5> <p>The IV MUST be unique for every frame for a given key. The IV SHOULD start with a random value on the first encrypted frame.</p> <h6 id="481-incrementing-initialization-vector">4.8.1 Incrementing Initialization Vector</h6> <p>The IV MUST be increased by 1 for every encrypted frame. The IV MUST be stored as a raw stream of bytes. Incrementing of the IV should be treated as an unsigned 64 bit number, i.e., if the IV value of the current encrypted frame is 0xFFFFFFFFFFFFFFFF, then the IV value of the next encrypted frame should be 0.</p> <h5 id="49-ctr-counter-block-format-generation">4.9 CTR Counter Block Format Generation</h5> <p>The Counter Block Format generation is only valid if the stream has a <code>ContentEncAlgo</code>=5 and a <code>AESSettingsCipherMode</code>=1. If the stream has any values that are different then this, Counter Block Format generation MUST NOT be used.</p> <p>Every encrypted frame MUST reinitialize the decryptor with a unique Counter Block. Each Counter Block MUST be unique within the same stream for the same encryption key. All Counter Blocks MUST be 16 bytes.</p> <p>The most significant 8 bytes of the Counter Block is the IV, which is set from the IV data in the encrypted Block. The least significant 8 bytes is the Block Counter that is initialized to 0.</p> <h5 id="410-excess-key-stream-data">4.10 Excess Key Stream Data</h5> <p>After encrypting a frame there may be excess key stream data. This data MUST be discarded before the next frame is encrypted.</p> <h5 id="411-examples">4.11 Examples</h5> <h6 id="4111-three-encrypted-frames">4.11.1 Three Encrypted Frames</h6> <pre><code>IV = 0xFFFFFFFFFFFFFFFE Block Counter = 0x0000000000000000 Counter Block = 0xFFFFFFFFFFFFFFFE0000000000000000</code></pre> <pre><code>IV = 0xFFFFFFFFFFFFFFFF Block Counter = 0x0000000000000000 Counter Block = 0xFFFFFFFFFFFFFFFF0000000000000000</code></pre> <pre><code>IV = 0x0000000000000000 Block Counter = 0x0000000000000000 Counter Block = 0x00000000000000000000000000000000</code></pre> <h5 id="412-fast-startup-recommendation">4.12 Fast Startup Recommendation</h5> <p>Acquiring keys for the decryption may take longer than some clients deem acceptable. To speed startup, it is recommended to create Tracks that have the first number of frames unencrypted.</p> <h4 id="50-lacing">5.0 Lacing</h4> <p>Lacing is not supported.</p> <h4 id="60-revision-history">6.0 Revision History</h4> <table> <thead> <tr> <th>Version</th> <th align="left">Comment</th> </tr> </thead> <tbody> <tr> <td>1.1</td> <td align="left">Add subsample encrypted block and partitioning scheme.</td> </tr> <tr> <td>1.0</td> <td align="left">Initial public release.</td> </tr> <tr> <td>0.5</td> <td align="left">Changed storing of IV values to be a raw stream of bytes.</td> </tr> <tr> <td>0.4</td> <td align="left">Removed HMAC.</td> </tr> <tr> <td>0.3</td> <td align="left">Frames may be encrypted or unencrypted. Adding signal byte to every frame. Adding Use Cases.</td> </tr> <tr> <td>0.2</td> <td align="left">Changing IV prepended to every frame.</td> </tr> <tr> <td>0.1</td> <td align="left">First released revision. All frames encrypted. HMAC prepended to every frame. IV derived from Block timestamp.</td> </tr> </tbody> </table> </div> </div> <div class="row"> <div class="span10 offset1"> </div> </div> </div>  </div> <footer class=""> <div class="container handfoot"> <div class="row"> <section class="span2 offset1"> <h6>About</h6> <ul> <li><a href="/about/">About WebM</a></li> <li><a href="/about/faq/">FAQ</a></li> <li><a href="/about/discuss/">Discuss</a></li> <li><a href="/about/supporters/">Supporters</a></li> </ul> <h6>More</h6> <ul> <li><a href="/tools/">Tools</a></li> <li><a href="/license/">Licenses</a></li> <li><a href="https://storage.googleapis.com/downloads.webmproject.org/releases/webm/index.html" class="no-ext">Downloads</a></li> <li><a href="/cross-license/">VP8 Cross-License</a></li> </ul> </section> <section class="span2"> <h6>Developer</h6> <ul> <li><a href="/code/">Overview</a></li> <li><a href="/code/contribute/">Contribute</a></li> <li><a href="/code/contribute/submitting-patches/">Submitting Patches</a></li> <li><a href="/code/contribute/code-reviews/">Code Reviews</a></li> <li><a href="/code/contribute/workflow/">Workflow</a></li> <li><a href="/code/contribute/conventions/">Conventions</a></li> <li><a href="/code/bug-reporting/">Bug Reporting</a></li> <li><a href="/code/build-prerequisites/">Build Prerequisites</a></li> <li><a href="/code/repository-layout/">Repository Layout</a></li> <li><a href="/code/releases/">Releases</a></li> <li><a href="/code/roadmap/">Roadmap</a></li> </ul> </section> <section class="span3"> <h6>Docs</h6> <ul> <li><a href="/docs/webm-sdk/">WebM Codec SDK</a></li> <li><a href="/docs/container/">WebM Container Format</a></li> <li><a href="/docs/webm-encryption/">WebM Encryption</a></li> <li><a href="http://tools.ietf.org/html/draft-ietf-payload-vp8">VP8 RTP Proposal (Draft)</a></li> <li><a href="http://datatracker.ietf.org/doc/rfc6386/">RFC 6386: VP8 Data Format</a></li> <li><a href="/docs/encoder-parameters/">Encoder Examples</a></li> <li><a href="http://wiki.webmproject.org/">Wiki</a></li> </ul> </section> <section class="span3 badges" style="text-align: center;"> <div class="row"> <div class="span3" style="margin-bottom: 1em; margin-top: 1em;"> Copyright 2010 - <script type="text/javascript" nonce="mT0pVYrPB-c2gzYhm6y3Ug">document.write(new Date().getFullYear()); </script><br> The WebM Project </div> </div> <div class="row"> <div class="span3" style="margin-bottom: 1em;"> <a href="http://www.w3.org/html/logo/" class="no-ext"><img src="/media/images/html5-logo.png" alt="HTML5 Powered with CSS3 / Styling, and Semantics" title="HTML5 Powered with CSS3 / Styling, and Semantics"></a> </div> </div> <div class="row"> <div class="span3"> <a href="mailto:webmaster@webmproject.org">webmaster@webmproject.org</a> </div> </div> </section> </div> </div> </footer> <script nonce="mT0pVYrPB-c2gzYhm6y3Ug"> $(document).ready(function(){ $("a.tocbutton").click(function () { $("div.toc").slideToggle("slow"); var text = $(this).text() == 'Show Contents' ? 'Hide Contents' : 'Show Contents'; $(this).text(text); }); $("a[href*='http://']:not([href*='http://www.webmproject.org'])").not("[href^='http://blog.webmproject.org']").not("[href^='http://wiki.webmproject.org']").not("[href^='http://build.webmproject.org']").attr("target","_blank").addClass("ext").attr("title","Opens new window"); }); </script>  <script type="text/javascript" nonce="mT0pVYrPB-c2gzYhm6y3Ug"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript" nonce="mT0pVYrPB-c2gzYhm6y3Ug"> try { var pageTracker = _gat._getTracker("UA-16111505-1"); pageTracker._setDomainName(".webmproject.org"); pageTracker._trackPageview(); } catch(err) {} </script> </body> </html>

CINXE.COM

The WebM Project | WebM Encryption