AVPlayerͰ͖ͪΜͱίϯςϯπอޢ ߦ໦ ઍय़ʢͳΊ͖ ͪ͸ΔʣTwitter, GitHub @Ridwy Streaming Client Team, גࣜձࣾ AbemaTV iOSDC JAPAN 2021, day2 (9/19) 

ܦྺ גࣜձࣾϐΫηϥ 2005 ~ 2015 
 TVνϡʔφʔ, Χϝϥ, ը૾ॲཧ Mac, iPhoneͰ஍σδΛݟΔͨΊͷΞϓϦͳͲΛ୲౰ גࣜձࣾαΠόʔΤʔδΣϯτ 2015 ~ Amebaϒϩά iOSΤϯδχΞ AbemaTV Streaming Client Team 

• ৽͍͠ະདྷͷςϨϏʮABEMAʯ • ΠϯλʔωοτςϨϏہʢ2015೥։ہʣ • 20Ҏ্ͷνϟϯωϧ, VOD, ଞ 
 ͞·͟·ͳࢹௌܗଶ • ੜதܧ΍൪૊੍࡞΋ख͕͚Δ גࣜձࣾAbemaTV 

Streaming Client Teamʹ͍ͭͯ • ABEMA͸ଟ͘ͷϓϥοτϑΥʔϜΛαϙʔτ 
 iPhone, Apple TV, Android, Android TV, Web, IPTV, … 
 • ֤ϓϥοτϑΥʔϜͷ࠶ੜΫϥΠΞϯτʹ஫ྗ͠ɺࢹௌମݧΛ୲อɾ޲্͢ Δઐ໳νʔϜ • ϓϨΠϠʔͷ࣮૷, ࢹௌ඼࣭ͷ؂ࢹ, ৽ٕज़ͷPoC 

ΞδΣϯμ AVPlayerͰ͖ͪΜͱίϯςϯπอޢ • AVPlayerʹ͍ͭͯ • HTTP Live Streamingͷ࢓૊Έ • ίϯςϯπอޢ͸ԿͷͨΊʁ • AES-128ʹΑΔ҉߸Խ഑৴ • FairPlay Streaming • ϚϧνϓϥοτϑΥʔϜͰಈըετϦʔϜΛอޢ͢Δʹ͸ 

AVPlayer AppleͷϓϥοτϑΥʔϜͰө૾ɾԻ੠Λ࠶ੜ͢ΔϓϨΠϠʔ ϩʔΧϧͷϑΝΠϧ͚ͩͰͳ͘ɺϦϞʔτͷϑΝΠϧ΍ετϦʔϛϯά΋࠶ੜՄೳ • ϝσΟΞΛѻ͏AVFoundation.frameworkʹ࣮૷͞Ε͍ͯΔ • AVFoundation͸·ͣiOSͰ։ൃ͞Εɺ2011೥ʹMacʹҠ২ • ಈըͳͲͷٕज़ͷਐาͱͱ΋ʹݱࡏ΋׆ൃʹ։ൃ͞Ε͍ͯΔ AVFoundation 

HTTP Live Streaming (HLS) AVPlayerͰ࠶ੜͰ͖ΔετϦʔϛϯάܗࣜ • Live, VODͷͲͪΒʹ΋ରԠ • HTTPΛར༻͢ΔͨΊεέʔϥϏϦςΟʹ༏ΕΔ • Adaptive Bit Rate (ABR) 
 ճઢঢ়گʹΑΓ࠷దͳϏοτϨʔτͷετϦʔϜʹεΠονՄೳ • ࢓૊Έ্ɺ2, 3ඵҎԼͷ௿஗Ԇ഑৴͸࣮ݱग़དྷͳ͔͕ͬͨɺ 
 Low Latency HLSͷొ৔ʹΑΓෆՄೳͰ͸ͳ͘ͳͬͨ AppleʹΑͬͯ։ൃ͞ΕɺRFC8216ͱͯ͠ެ։ Android΍ϒϥ΢βͰ΋࠶ੜՄೳ ಛ௃ 

HTTP Live Streaming M3U8 ϓϨΠϦετ ϝσΟΞηάϝϯτ 
 TS or fMP4 ϓϨΠϠʔ͸ϓϨΠϦετͷதʹهࡌ͞Ε͍ͯΔηάϝϯτΛ্͔Β࿈ଓͯ͠࠶ੜ ରԠCODEC: 
 HEVC or H.264, 
 AAC or AC-3 

M3U8ϓϨΠϦετͷྫ #EXTM3U #EXT-X-TARGETDURATION:10 #EXTINF:9.009, http://media.example.com/first.ts #EXTINF:9.009, http://media.example.com/second.ts #EXTINF:3.003, http://media.example.com/third.ts 

Adaptive Bit Rate (ABR) ϚελʔϓϨΠϦετ = ଳҬ͝ͱͷϝσΟΞϓϨΠϦετΛෳ਺ؚΉϓϨΠϦετ #EXTM3U #EXT-X-STREAM-INF:PROGRAM-ID=1, BANDWIDTH=200000 gear1/prog_index.m3u8 #EXT-X-STREAM-INF:PROGRAM-ID=1, BANDWIDTH=311111 gear2/prog_index.m3u8 #EXT-X-STREAM-INF:PROGRAM-ID=1, BANDWIDTH=484444 gear3/prog_index.m3u8 ετϦʔϜͷ࠷େϏοτϨʔτ (bps) 

Adaptive Bit Rate (ABR) ϓϨΠϠʔ͸ճઢঢ়گʹԠͯ͡࠷దͳετϦʔϜʹεΠον͠ͳ͕Β 
 ׈Β͔ͳ࠶ੜΛଓ͚Δ ి೾͕ѱ͘ͳͬͯདྷͨͧʁ 
 ௿ը࣭ʹ੾Γସ͑ͯ͠ͷ͝͏ ͓ɺվળͯ͠དྷͨ ߴը࣭ʹ໭ͬͨʂ😃 Low High 

ίϯςϯπอޢ͸ԿͷͨΊʁ 

ίϯςϯπอޢͷඞཁੑ Ξφϩάഔମͷίϯςϯπ͸ίϐʔ͢Δͱ඼࣭͕ྼԽ͢Δ • ίϐʔͷՁ஋͕௿͍ͷͰஶ࡞ݖ؅ཧͷඞཁੑ͸ߴ͘ͳ͔ͬͨ σδλϧίϯςϯπ͸׬શͳίϐʔ͕Մೳ • ւ଑൛ͷൢച, ࡞඼ͷվม, … • ੍࡞ऀɾݖརऀ͕๬·ͳ͍ܗͰফඅ͞ΕΔͷΛ๷͙࢓૊Έ͕ඞཁ 

΋͠ɺಈը഑৴ͰԿ΋͠ͳ͔ͬͨΒʁ URLΛ஌͍ͬͯΕ͹ಈըΛݟΒΕΔͷͰ 
 ʮ࡞඼Λߪೖͯ͠΋Β͏ʯͱ͍͏ϏδωεϞσϧ͕੒ཱ͠ͳ͍ ͓ۚͷ໰୊͚ͩͰ͸ͳ͘… • ഑৴ଆʮձһݶఆίϯςϯπΛ഑৴͠Α͏ʂʯˠ ୭Ͱ΋ݟΒΕΔΑʁ • ग़ԋऀʮxxͷ൪૊ʹग़ԋ͠·ͨ͠ʂʯˠ ࣮࣭ɺશੈքͰϑϦʔૉࡐԽ ͋·Γָ͘͠ͳ͍ੈք 

༷ʑͳίϯςϯπอޢͷख๏ ΞΫηεํ๏Λ੍ݶ IP੍ݶ, υϝΠϯ੍ݶ, ॺ໊෇͖URL, ... ίϯςϯπΛ҉߸Խ ɹ҉߸Խ഑৴, DRM഑৴, ... 

DRM σδλϧίϯςϯπͷஶ࡞ݖ؅ཧٕज़ Digital Rights Management ίϯςϯπΛ҉߸Խͯ͠कΔ อޢ͞Εͨܦ࿏ͰͷΈө૾΍Ի੠Λ࠶ੜ ࡞඼͕Ͳ͏࢖ΘΕΔ΂͖͔Λنఆ͠؅ཧ͢Δ 

DRMͷ໰୊఺ ಛఆͷαʔϏε΍؀ڥʹґଘ • DRMίϯςϯπΛར༻Ͱ͖Δͷ͸ɺͦͷίϯςϯπΛߪೖͨ͠αʔϏεͷΈ Ͱ͋Δ͜ͱ͕ଟ͍ • ߪೖͨ͠ίϯςϯπΛӬԕʹར༻Ͱ͖Δอূ͸ͳ͍ 
 ిࢠॻ੶ͷετΞ͕Ϋϩʔζͨ͠Βʁ େྔͷίϯςϯπΛߪೖͨ͠ΞΧ΢ϯτ͸૬ଓͰ͖Δʁ 
 ར༻ํ๏Λنఆ͢Δ΋ͷͳͷͰɺ࢖͍ʹ͘͞ʹܨ͕Γ΍͍͢ • Ωπ͗͢Ε͹੍ݶʹͳΓɺͻͲ͍৔߹͸ফඅऀͷݖརͷ৵֐ʹͳΔɻ 
 ࡞඼Λ࠷େݶʹָ͠ΊΔઃܭͰ͋Δ͜ͱ͕େ੾ 

࡞඼Λ࠷େݶʹָ͠ΊΔઃܭ͕େ੾ 

҉߸Խͷجૅ஌ࣝ ڞ௨伴҉߸ ಉ͡伴Ͱ҉߸Խɾ෮߸Խ Data 🔐 

ϒϩοΫ҉߸ େ͖ͳσʔλΛ҉߸Խ͢ΔࡍɺϒϩοΫʹ෼͚ͯ҉߸Խ Block 🔒 ҉߸Խͷجૅ஌ࣝ Block 🔒 Block 🔒 Block 🔒 Block 🔒 🔑 

҉߸Խͷجૅ஌ࣝ AES (Advanced Encryption Standard) • ୅දతͳڞ௨伴ϒϩοΫ҉߸ • ϒϩοΫ௕ 128bit • ԿϏοτͷ伴Λ༻͍Δ͔ʹΑͬͯ AES-128, AES-192, AES-256ͱදه͞ΕΔ 

Block Block 🔑 🔒 ҉߸Խͷجૅ஌ࣝ ϒϩοΫ҉߸ͷ҉߸ར༻Ϟʔυ CBC (Cipher Block Chaining) Ϟʔυ ෮߸Խʹ͸ॳظϕΫτϧ(IV)ͱ伴͕ඞཁ IV Block Block 🔑 🔒 Block Block 🔑 🔒 ॳظϕΫτϧ XOR XOR XOR 

҉߸Խͷجૅ஌ࣝ ϒϩοΫ҉߸ͷ҉߸ར༻Ϟʔυ CTR (Counter) Ϟʔυ CTR Block Block 🔑 🔒 XOR CTR 🔒 CTR+1 Block Block 🔑 🔒 XOR CTR+1 🔒 CTR+2 Block Block 🔑 🔒 XOR CTR+2 🔒 ҉߸Խɾ෮߸Խͱ΋ʹฒྻԽ͕Մೳ 

҉߸Խͷجૅ஌ࣝ ެ։伴҉߸ • ڞ௨伴҉߸͸伴Λ͍͔ʹ҆શʹ૬खʹ౉͔͕͢՝୊ 
 → ͦΕͳΒ҉߸Խͱ෮߸Խͷ伴Λผʹ͢Ε͹͍͍͡Όͳ͍ 
 ҉߸ԽͰ͖Δ͚ͩͷ伴͕όϨͯ΋໰୊ͳ͍͠ɺͳΜͳΒެ։ͯ͠΋🙆 
 • ڞ௨伴҉߸ͱൺ΂ͯॲཧ͕ॏ͍ͷͰେ༰ྔσʔλʹ͸޲͔ͳ͍ 
 → େ༰ྔσʔλΛڞ௨伴҉߸Ͱ҉߸Խͯ͠ɺ伴Λެ։伴҉߸Ͱ౉͢ 

҉߸Խͨ͠ετϦʔϜΛHLSͰ഑৴͢Δ 

AES-128ʹΑΔ҉߸Խ഑৴ ηάϝϯτશମΛAES-128 CBCϞʔυͰ҉߸Խ Segment 🔒 Segment 🔒 Segment 🔒 Segment 🔒 #EXT-X-KEY:METHOD=AES-128,URI="伴Λऔಘ͢ΔͨΊͷ URI",IV=0x012345678901234567890123456789012 

• URIʹ伴ͷ৔ॴͦͷ΋ͷΛॻ͘ͱɺๅശʹʮ伴͸ςʔϒϧͷ্ʯͱுΓࢴΛͯ͠ ͍ΔΑ͏ͳ΋ͷ 
 
 伴ͷ౉͠ํʹ޻෉͕ඞཁ • 伴ͷαʔόʹೝূػೳΛ͚ͭΔ • ΧελϜεΩʔϚΛར༻ͯ͠ΞϓϦଆͰಠࣗॲཧΛߦ͏ • etc. • εΫϦʔϯγϣοτ΍ը໘࿥ըɺϛϥʔϦϯά͸Մೳ 
 ʢඞཁͳΒΞϓϦͷίʔυͰରࡦʣ AES-128ʹΑΔ҉߸Խ഑৴ 

AVContentKeySession ΞϓϦଆͰ伴Λऔಘ • ίϯςϯπͷ伴Λऔಘ͢ΔͨΊʹઃܭ͞ΕͨAPI • ࠶ੜը໘ʹདྷͨΒɺ͋Β͔͡ΊΩʔΛऔಘ͓ͯ͘͜͠ͱ΋Մೳ 
 → Join Timeͷվળʹ໾ཱͭ • METHOD=AES-128Ͱ΋ɺγϛϡϨʔλͰ͸ಈ͔ͳ͍ʁ 
 ͜ͷΫϥεొ৔લ͔Β͋ΔAVAssetResourceLoader͸ಈ͘ 
 URLProtocolͰ΋ϑοΫՄೳ WWDC18 Session 507 AVContentKeySession Best Practices ࢀߟ: 

session = AVContentKeySession(keySystem: .clearKey) session.setDelegate(self, queue: .global()) let asset = AVURLAsset(url: playlistURL) session.addContentKeyRecipient(asset) player = AVPlayer(playerItem: AVPlayerItem(asset: asset)) extension Foo: AVContentKeySessionDelegate { func contentKeySession(_ session: AVContentKeySession, didProvide keyRequest: AVContentKeyRequest) { getKey(from: keyRequest.identifier) { key in if let key = key { let response = AVContentKeyResponse(clearKeyData: key, initializationVector: nil) keyRequest.processContentKeyResponse(response) } else { keyRequest.processContentKeyResponseError(KeyError.unknown) } } } } AVContentKeySessionͰMETHOD=AES-128ͷ伴Λऔಘ͢Δྫ 

FairPlay StreamingʹΑΔDRM഑৴ 伴ͷ഑৴ํ๏ΛఆΊͯɺ΋ͬͱݎ࿚ʹ͠Α͏ 

FairPlay Streaming (FPS) • AppleʹΑͬͯ։ൃ͞ΕͨಈըετϦʔϜΛอޢ͢ΔͨΊͷDRMٕज़ • AppleͷσόΠεʢ+ AirPlayରԠεϚʔτTVʣͰར༻Մೳ • ωΠςΟϒΞϓϦ & Safari • ηΩϡΞͳ伴ͷ഑৴ • HDCPͳͲʹରԠ͠ɺอޢ͞Εͨܦ࿏ͰͷΈө૾ɾԻ੠Λ࠶ੜ 
 εΫγϣΛࡱΔͱө૾ྖҬ͕ਅͬࠇʹͳΔ • ΦϑϥΠϯ࠶ੜ΍ϨϯλϧͷͨΊͷ࢓૊Έ͕͋Δ 
 ϏδωεϩδοΫࣗମ͸نఆ͠ͳ͍ • ແྉ 

FairPlayͱུ͕ͪ͠Ͱ͕͢ผ෺Ͱ͢…💦 FairPlay = iTunes StoreͷΞΠςϜʹ࢖ΘΕ͍ͯΔDRMٕज़ 

FPSͰͷίϯςϯπͷ҉߸Խํࣜ • ίϯςφ಺ͷϏσΦΛϑϨʔϜຖɺΦʔσΟΦ͸αϯϓϧຖʹ 
 AES-128 CBCϞʔυͰ҉߸Խ • ϏσΦ͸શମͷ10%Λ҉߸Խ (encrypt:skip pattern of 1:9) 
 ϏσΦΛσίʔυͰ͖ͳ͘͢Δʹ͸ɺ෦෼తʹ҉߸Խ͢Ε͹े෼ #EXT-X-KEY:METHOD=SAMPLE-AES,URI="skd://key65", KEYFORMAT="com.apple.streamingkeydelivery",KEYFORMATVERSIONS="1" 

ίϯςϯπͷ伴Λऔಘ͢ΔྲྀΕ Apple device OS App Key server Key Security Module Load Key Get SPC [CKC 🔑 ] [SPC] [SPC] [CKC 🔑 ] ࣮૷Օॴ ͪ͜ΒͰ४උ Apple Provided Key Security Module (KSM) ͸ 
 ҉߸Խ͞ΕͨServer Playback ContextΛड͚औͬͯ 
 ίϯςϯπͷ伴ΛؚΉContent Key ContextΛ 
 ੜ੒ɾ҉߸Խͯ͠ฦ͢ 

ίϯςϯπͷ伴Λऔಘ͢ΔྲྀΕ Apple device OS App Key server Key Security Module Load Key Get SPC [CKC 🔑 ] [SPC] [SPC] [CKC 🔑 ] ࣮૷Օॴ ͪ͜ΒͰ४උ Apple Provided • 伴Λ஌͍ͬͯΔͷ͸Key Serverͱ OSͷΈʢΞϓϦ΋஌Βͳ͍ʂʣ • ίϯςϯπ͸OSͷΧʔωϧͰ෮߸ 

FairPlay Streaming ૊ΈࠐΈखॱ 1. Key Security ModuleΛ࣮૷ 
 ެࣜϖʔδ͔Βμ΢ϯϩʔυͰ͖ΔSDKΛར༻͠ɺ·ͣ͸։ൃ༻ͷূ໌ॻͰ࣮૷ جຊతʹެࣜͷϖʔδΛݟͯ࡞ۀΛਐΊΔ https://developer.apple.com/streaming/fps/ FairPlay Streaming Server SDK • Programming Guide • KSMͷϦϑΝϨϯε࣮૷ • ςετϕΫλʔʢ࣮૷͕ਖ਼͍͔֬͠ೝ͢ΔͨΊͷςετ༻σʔλʣ • ΞϓϦɾSafariͷαϯϓϧίʔυ 

2. https://developer.apple.com/contact/fps/͔Β 
 FairPlay Streaming Deployment package 
 ΛϦΫΤετ FairPlay Streaming ૊ΈࠐΈखॱ ਖ਼͍͠໨తͰར༻͠Α͏ͱ͍ͯ͠Δ͔νΣοΫ͞ΕΔ Appleͷ୲౰ऀͱগ͠΍ΓͱΓ͢Δ͜ͱ΋ 

3. ແࣄঝೝ͞ΕͨΒDeployment packageͷ಺༰ʹैͬͯҎԼΛੜ੒ • FairPlay Streaming ূ໌ॻʢΞϓϦέʔγϣϯূ໌ॻʣ 
 developerͷࣝผʹར༻ • ূ໌ॻʹඥͮ͘private key • Application Secret key (ASk) 4. Key Security Moduleͷ࣮૷Λੜ੒ͨ͠ূ໌ॻͳͲͰΞοϓσʔτ 5. อޢίϯςϯπ४උ 6. ΞϓϦ࣮૷ 
 SDKʹؚ·ΕΔαϯϓϧίʔυHLSCatalog͕ඇৗʹࢀߟʹͳΔ FairPlay Streaming ૊ΈࠐΈखॱ 

SafariͰ΋ಉ༷ͷྲྀΕͰ伴ΛऔಘՄೳ Apple device EME JS Key server Key Security Module 1. Load Key 2. Get SPC 6. [CKC 🔑 ] 3. [SPC] 4. [SPC] 5. [CKC 🔑 ] ࣮૷Օॴ ͪ͜ΒͰ४උ Apple Provided 1. 'webkitneedkey' event 2. Create keySession 3. 'webkitkeymessage' evnt with [SPC] 6. Update keySession with [CKC] 

FairPlay Streaming over AirPlay อޢ͞ΕͨίϯςϯπΛApple TV΍εϚʔτTVͰʂ Apple device OS App Key server Key Security Module Apple TVͳͲ OS Player Streamer CDN ίϯςϯπ ΞϓϦ͸ [SPC], [CKC] ΛϦϨʔ ௥Ճͷ࣮૷͸ෆཁ 

ϚϧνϓϥοτϑΥʔϜͰ 
 ಈըετϦʔϜΛอޢ͢Δʹ͸ 

͞·͟·ͳDRMγεςϜ DRMγεςϜ ఏڙ ରԠϓϥοτϑΥʔϜ PlayReady Microsoft Windows, Android, iOS Widevine Google Android FairPlay Streaming Apple AppleσόΠε 

Common Encryption (CENC) ͱDRM ίϯςϯπͷڞ௨҉߸ԽϑΥʔϚοτ DRMγεςϜ CTR CBC PlayReady ✔︎ ✔︎ Widevine ✔︎ ✔︎ FairPlay Streaming ❌ ✔︎ 4.0Ҏ߱ 

ετϦʔϛϯάܗࣜͱ҉߸ར༻Ϟʔυ ετϦʔϛϯάܗࣜ CTR CBC HLS ❌ ✔︎ MPEG-DASH ✔︎ ❌ MPEG-DASH (CMAF) ✔︎ ✔︎ CENCΛར༻ͯ͠ڞ௨ͷ҉߸ԽίϯςϯπΛར༻Ͱ͖Δͱخ͍͠ 
 ετϦʔϜͷCMAFରԠɺfMP4ԽͳͲ͕ඞཁ 

AVPlayerͰ͖ͪΜͱίϯςϯπอޢ • AVPlayerʹ͍ͭͯ • HTTP Live Streamingͷ࢓૊Έ • ίϯςϯπอޢ͸ԿͷͨΊʁ • AES-128ʹΑΔ҉߸Խ഑৴ • FairPlay Streaming • ϚϧνϓϥοτϑΥʔϜͰಈըετϦʔϜΛอޢ͢Δʹ͸ Recap 

ࢀߟࢿྉ WWDC Sessions WWDC18 Session 507 AVContentKeySession Best Practices WWDC15 Session 502 Content Protection for HTTP Live Streaming Apple։ൃऀ޲͚ϖʔδ HTTP Live Streaming 
 https://developer.apple.com/streaming/ FairPlay Streaming 
 https://developer.apple.com/streaming/fps/ 

͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ 🙇