CMAF – The Quest for Single Format Streaming
In the early days when online video services started to apply DRM, most of them used `single DRM` from a chosen DRM vendor.
Many service providers have deployed a single DRM to content packaged in a single format (HLS, Smooth Streaming, HDS, etc.) and provided services across multiple platforms using plug-ins or SDKs for the DRM.
At this time, services such as Netflix have prepared contents by applying almost all formats and DRMs to support as many platforms as possible. Today, Netflix is packaging hundreds of versions of a single piece of content in a combination of several video formats, codecs, resolutions, and bitrates.
`Single DRM` had problems such as the inconvenience of installing browser plugin and limited platform support. To solve this problem, each platform started to provide its own DRM. And `Multi-DRM` is used to support multiple platforms.
Although multi-DRM has been able to eliminate user inconveniences and support more platforms, service providers have to prepare one content in two formats (DASH and HLS) to support multi-DRM.
In this post, we will look at `unification of multi-DRM contents` through a new standard called `CMAF`.
Two dominant streaming format – HLS and DASH
To support as many platforms as possible using multi-DRM, the content must be packaged in two streaming formats:
Http Live Streaming (HLS)
The HLS protocol created by Apple is the most popular streaming method, which accounts for about 70% of the total (including DRM and Non-DRM) online streaming.
Especially, it is necessary to package contents with HLS to apply `FairPlay Streaming` DRM which is essential for premium content security on Apple devices.
HLS has the following features.
- It consists of m3u8 playlist and media chunks in MPEG2-TS container format (fMP4 supported later)
- H.264 (AVC) or H.265 (HEVC) codec support
- FairPlay Streaming (Widevine DRM support added later)
- AES CBC mode for media chunk encryption when DRM applied
MPEG-DASH (Dynamic Adaptive Streaming over Http)
The MPEG-DASH is the next most popular streaming format after HLS. DASH content supports `CENC (Common Encryption)` standards, so PlayReady and Widevine DRM can be applied to one content.
DASH has the following features.
- Configured as mpd manifest and media chunks in MP4 or MPEG2-TS container format (fMP4 supported later)
- Various codecs such as AVC, HEVC, VP9 can be used. It is codec-agnostic.
- PlayReady and Widevine DRM applicable
- AES CTR mode is used for media chunk encryption when DRM is applied (CBC mode added later)
Problems with multi-DRM content
Multi-DRM content consisting of HLS and DASH has the following disadvantages compared to single content.
- Increased storage costs: Storage costs increase as two pieces of content must be stored for the same content.
- Reduced CDN caching efficiency: Different media files are delivered according to the client platforms, resulting in less caching efficiency than single content, resulting in higher CDN costs.
- Live encoding performance: For live content, two formats must be packaged in real time, so a higher server performance is required to reduce latency.
To solve these multi-DRM content issues, related companies have made efforts to create a standard for single format at various stages, including video codecs, containers, encryption methods, and streaming protocols.
Common Media Application Format (CMAF)
CMAF was created for three purposes:
- Saves the cost of packaging and storing the same content in multiple formats
- Simplify content workflow and increase CDN efficiency
- Chunked encoding and transmission to minimize video latency
Among the purposes of the above CMAF, `minimizing video latency` is called as `Ultra Low Latency` technology, and it has become one of the biggest topics in the live streaming industry in recent years.
Ultra Low Latency streaming using CMAF will be discussed in detail in a separate post.
CMAF is constructed by referencing media chunks made in a single specification from the m3u8 playlist in HLS or the mpd manifest in DASH. Depending on the client, it will play in DASH or HLS format, but the media files is a single set for the content.
To this end, Apple, Microsoft, Google, and other related companies have discussed the following areas.
CMAF uses the `fMP4 (Fragmented MP4)` container format.
DASH specification added support for fMP4 container in 2015, and as a result of Apple’s support for fMP4 HLS in iOS / tvOS 10 and macOS 10.12 in 2016, a single container is now available.
The AES encryption method that encrypts the media chunks of multi-DRM content has been divided into the following two methods.
- DASH (Widevine, PlayReady): AES-128 CTR mode
- HLS (FairPlay Streaming): SAMPLE-AES CBC mode
CMAF can use both encryption modes, but one of them should be a standard for the single content format.
So each platform and DRM provider has worked to support CMAF as follows:
- Google: Android N (7.1) version and Chrome browser 68 version or later supports CBC mode
- Microsoft: Supports AES-128 CBC mode on Xbox One device (PlayReady 4.0)
Current status of CMAF DRM content
As we have seen above, with the efforts of related industries, the CMAF single content has become a reality. In order to service CMAF multi-DRM contents, the following conditions must be satisfied.
- DRM license server: Need to support PlayReady 4.0
- DRM content packager: Need to create AES-128 CBC encrypted fMP4 media chunks and two playlists (mpd, m3u8) for a content
- DRM client: Need to support DASH or HLS, AES-128 CBC mode decoding, and common codec (mainly H.264)
In the above conditions, license server and packager can be handled by DRM solution vendor, but CMAF support of client device is still limited.
First of all, CMAF is supported by Android 7.1 or later devices. But there are still many devices older than 7.1 on the market.
And Windows PCs cannot play CBC-encrypted PlayReady DASH content because the OS does not support CBC mode yet. Instead, you need to use software-based Widevine DRM with Chrome/Firefox browser.
For more information about CMAF supported platform, please refer to PallyCon Docs site.
Also, because there are HTML5 players that do not support CMAF yet, you should also check if your HTML5 player supports CMAF.
PallyCon’s CMAF support and recommendations
PallyCon supports CMAF single content packaging from version 3.3.0 of `CLI packager`.
You can generate single media chunks encrypted with AES-128 CBC mode and DASH(mpd) and HLS(m3u8) playlists with the `–cmaf` option of CLI packager. (See the CLI Packager Guide)
PallyCon Mobile SDK for Android and Apple devices also supports playback of a single content packaged in CMAF. (in supported devices only)
Recommendations for mobile-targeted services
For iOS, over 90% of devices (iOS 10+) currently support CMAF as of 2019.(Note) However, as of October 2018, more than half of the Android devices (7.0 or earlier) are still not supporting CMAF.(Note) Therefore, we do not recommend applying CMAF multi-DRM content to mobile-targeted services.
Recommendations for PC (Browser) Targeted Services
For services that only target PC browsers, you can serve CMAF content to most Windows and macOS PCs through Chrome/Firefox and Safari browsers. In this case, however, because Widevine DRM applied to Windows (Chrome) is software-based, it is not suitable for premium content such as Hollywood studio movies. Also, it has a disadvantage that it does not support Windows default browsers such as Edge or IE11. This issue can be solved when Microsoft add CBC mode support to Windows OS in the future.
Applying CMAF to UHD content
H.264(AVC) is the most popular codec for SD/HD/FHD content and it is supported by most devices. So AVC is the best codec to be used for CMAF content.
However, 4K/UHD content uses HEVC or VP9 codec supported by platforms as below:
- HEVC support: Apple devices (iOS/tvOS 11.0, macOS 10.13 or later), Android 5.0 or later devices, Windows 10 PC (Edge browser or UWP app), various OTT devices such as game console and smart TV
- VP9 support: Android 4.4 (KitKat) or later, Edge/Chrome/Firefox browser, various OTT devices
For Android, HEVC or VP9 codec may not be supported depending on the hardware specification of each device.
Since VP9 codecs can not support Apple devices and HEVC is not supported by some browsers such as Chrome and Firefox, we recommend CMAF packaging with HEVC codec for UHD content that requires hardware level security.
Conclusion – Not there yet, but it is promising
With the use of multiple streaming formats such as DASH and HLS, online video service providers are faced with complex packaging processes and increased storage/CDN costs.
`CMAF` standard, developed to solve this problem, enables efficient streaming process and ultra-low latency for live stream.
But it is difficult to apply CMAF in most multi-platform services due to client devices which does not support CMAF with multi-DRM.
Currently, it is not recommended to apply CMAF to DRM content. But most of the streaming content will be unified into CMAF as the proportion of supported devices increases in the future.
Please keep an eye on `CMAF` standard, which is leading the innovation of online streaming with the advantage of `efficient workflow` and `minimizing live delay`.
Daniel is a DRM specialist and has been associated with this industry for over 10 years. His research and development has reaped a lot of achievements in the content security industry. Other than this, he is addicted to reading and writing.