PallyCon > Content Security  > Multi-DRM  > CMAF – The Quest for Single Format Streaming
Single Format Streaming CMAF

CMAF – The Quest for Single Format Streaming

Image by mohamed Hassan from Pixabay

 

In the early days when online video services started to apply DRM, most of them used `single DRM` from a chosen DRM vendor.

 

Many service providers have deployed a single DRM to content packaged in a single format (HLS, Smooth Streaming, HDS, etc.) and provided services across multiple platforms using plug-ins or SDKs for the DRM.

 

At this time, services such as Netflix have prepared contents by applying almost all formats and DRMs to support as many platforms as possible. Today, Netflix is packaging hundreds of versions of a single piece of content in a combination of several video formats, codecs, resolutions, and bitrates.

 

`Single DRM` had problems such as the inconvenience of installing browser plugin and limited platform support. To solve this problem, each platform started to provide its own DRM. And `Multi-DRM` is used to support multiple platforms.

 

Widevine, MS Playready, Apple FairPlay logo

 

Although multi-DRM has been able to eliminate user inconveniences and support more platforms, service providers have to prepare one content in two formats (DASH and HLS) to support multi-DRM.

 

In this post, we will look at `unification of multi-DRM contents` through a new standard called `CMAF`.

 

Two dominant streaming format – HLS and DASH

 

To support as many platforms as possible using multi-DRM, the content must be packaged in two streaming formats:

 

Http Live Streaming (HLS)

apple HLS

The HLS protocol created by Apple is the most popular streaming method, which accounts for about 70% of the total (including DRM and Non-DRM) online streaming.

 

Especially, it is necessary to package contents with HLS to apply `FairPlay Streaming` DRM which is essential for premium content security on Apple devices.

 

HLS has the following features.

 

  • It consists of m3u8 playlist and media chunks in MPEG2-TS container format (fMP4 supported later)
  • H.264 (AVC) or H.265 (HEVC) codec support
  • FairPlay Streaming (Widevine DRM support added later)
  • AES CBC mode for media chunk encryption when DRM applied

 

 

MPEG-DASH (Dynamic Adaptive Streaming over Http)

 

The MPEG-DASH is the next most popular streaming format after HLS. DASH content supports `CENC (Common Encryption)` standards, so PlayReady and Widevine DRM can be applied to one content.

 

DASH has the following features.

 

  • Configured as mpd manifest and media chunks in MP4 or MPEG2-TS container format (fMP4 supported later)
  • Various codecs such as AVC, HEVC, VP9 can be used. It is codec-agnostic.
  • PlayReady and Widevine DRM applicable
  • AES CTR mode is used for media chunk encryption when DRM is applied (CBC mode added later)

 

 

Problems with multi-DRM content

 

Multi-DRM content consisting of HLS and DASH has the following disadvantages compared to single content.

 

  • Increased storage costs: Storage costs increase as two pieces of content must be stored for the same content.
  • Reduced CDN caching efficiency: Different media files are delivered according to the client platforms, resulting in less caching efficiency than single content, resulting in higher CDN costs.
  • Live encoding performance: For live content, two formats must be packaged in real time, so a higher server performance is required to reduce latency.

 

To solve these multi-DRM content issues, related companies have made efforts to create a standard for single format at various stages, including video codecs, containers, encryption methods, and streaming protocols.

 

 

Common Media Application Format (CMAF)

 

In February 2016, Apple and Microsoft propose the CMAF specification to [Moving Pictures Expert Group (MPEG). The CMAF standard was officially announced by MPEG in January 2018.

 

CMAF was created for three purposes:

 

  • Saves the cost of packaging and storing the same content in multiple formats
  • Simplify content workflow and increase CDN efficiency
  • Chunked encoding and transmission to minimize video latency

 

Among the purposes of the above CMAF, `minimizing video latency` is called as `Ultra Low Latency` technology, and it has become one of the biggest topics in the live streaming industry in recent years.

 

Ultra Low Latency streaming using CMAF will be discussed in detail in a separate post.

 

CMAF is constructed by referencing media chunks made in a single specification from the m3u8 playlist in HLS or the mpd manifest in DASH. Depending on the client, it will play in DASH or HLS format, but the media files is a single set for the content.

 

 

To this end, Apple, Microsoft, Google, and other related companies have discussed the following areas.

 

Container format

 

CMAF uses the `fMP4 (Fragmented MP4)` container format.

 

DASH specification added support for fMP4 container in 2015, and as a result of Apple’s support for fMP4 HLS in iOS / tvOS 10 and macOS 10.12 in 2016, a single container is now available.

 

Encryption method

 

The AES encryption method that encrypts the media chunks of multi-DRM content has been divided into the following two methods.

 

  • DASH (Widevine, PlayReady): AES-128 CTR mode
  • HLS (FairPlay Streaming): SAMPLE-AES CBC mode

 

CMAF can use both encryption modes, but one of them should be a standard for the single content format.

 

So each platform and DRM provider has worked to support CMAF as follows:

 

  • Google: Android N (7.1) version and Chrome browser 68 version or later supports CBC mode
  • Microsoft: Supports AES-128 CBC mode on Xbox One device (PlayReady 4.0)

 

 

Current status of CMAF DRM content

 

As we have seen above, with the efforts of related industries, the CMAF single content has become a reality. In order to service CMAF multi-DRM contents, the following conditions must be satisfied.

 

  • DRM license server: Need to support PlayReady 4.0
  • DRM content packager: Need to create AES-128 CBC encrypted fMP4 media chunks and two playlists (mpd, m3u8) for a content
  • DRM client: Need to support DASH or HLS, AES-128 CBC mode decoding, and common codec (mainly H.264)

 

In the above conditions, license server and packager can be handled by DRM solution vendor, but CMAF support of client device is still limited.

First of all, CMAF is supported by Android 7.1 or later devices. But there are still many devices older than 7.1 on the market.

 

And Windows PCs cannot play CBC-encrypted PlayReady DASH content because the OS does not support CBC mode yet. Instead, you need to use software-based Widevine DRM with Chrome/Firefox browser.

 

For more information about CMAF supported platform, please refer to PallyCon Docs site.

 

Also, because there are HTML5 players that do not support CMAF yet, you should also check if your HTML5 player supports CMAF.

 

 

PallyCon’s CMAF support and recommendations

 

PallyCon supports CMAF single content packaging from version 3.3.0 of `CLI packager`.

 

 

You can generate single media chunks encrypted with AES-128 CBC mode and DASH(mpd) and HLS(m3u8) playlists with the `–cmaf` option of CLI packager. (See the CLI Packager Guide)

 

PallyCon Mobile SDK for Android and Apple devices also supports playback of a single content packaged in CMAF. (in supported devices only)

 

Recommendations for mobile-targeted services

 

For iOS, over 90% of devices (iOS 10+) currently support CMAF as of 2019.(Note) However, as of October 2018, more than half of the Android devices (7.0 or earlier) are still not supporting CMAF.(Note) Therefore, we do not recommend applying CMAF multi-DRM content to mobile-targeted services.

 

Recommendations for PC (Browser) Targeted Services

 

For services that only target PC browsers, you can serve CMAF content to most Windows and macOS PCs through Chrome/Firefox and Safari browsers. In this case, however, because Widevine DRM applied to Windows (Chrome) is software-based, it is not suitable for premium content such as Hollywood studio movies. Also, it has a disadvantage that it does not support Windows default browsers such as Edge or IE11. This issue can be solved when Microsoft add CBC mode support to Windows OS in the future.

 

 Applying CMAF to UHD content

 

H.264(AVC) is the most popular codec for SD/HD/FHD content and it is supported by most devices. So AVC is the best codec to be used for CMAF content.

 

resolution compare

 

However, 4K/UHD content uses HEVC or VP9 codec supported by platforms as below:

 

  • HEVC support: Apple devices (iOS/tvOS 11.0, macOS 10.13 or later), Android 5.0 or later devices, Windows 10 PC (Edge browser or UWP app), various OTT devices such as game console and smart TV
  • VP9 support: Android 4.4 (KitKat) or later, Edge/Chrome/Firefox browser, various OTT devices

 

For Android, HEVC or VP9 codec may not be supported depending on the hardware specification of each device.

 

Since VP9 codecs can not support Apple devices and HEVC is not supported by some browsers such as Chrome and Firefox, we recommend CMAF packaging with HEVC codec for UHD content that requires hardware level security.

 

 

Conclusion – Not there yet, but it is promising

 

With the use of multiple streaming formats such as DASH and HLS, online video service providers are faced with complex packaging processes and increased storage/CDN costs.

 

`CMAF` standard, developed to solve this problem, enables efficient streaming process and ultra-low latency for live stream.

 

But it is difficult to apply CMAF in most multi-platform services due to client devices which does not support CMAF with multi-DRM.

 

Currently, it is not recommended to apply CMAF to DRM content. But most of the streaming content will be unified into CMAF as the proportion of supported devices increases in the future.

 

Please keep an eye on `CMAF` standard, which is leading the innovation of online streaming with the advantage of `efficient workflow` and `minimizing live delay`.