ISO IEC 23001-7-2023 PDF

Full title and description

Information technology — MPEG systems technologies — Part 7: Common encryption in ISO base media file format files. This international standard (MPEG‑B Part 7, commonly called “CENC”) defines metadata, protection schemes and formats to enable common encryption of media stored in any file format based on the ISO base media file format (ISO/IEC 14496‑12), allowing multiple key-management/DRM systems to interoperate with the same encrypted file or stream.

Abstract

This document specifies common encryption formats for ISO base media file format files, including schemes using AES‑128 in counter (CTR) and cipher block chaining (CBC) modes, pattern-based partial encryption, subsample encryption for NAL‑structured video (e.g., AVC/HEVC), and metadata for file/item/track/track‑fragment level key identification. It also specifies an XML representation for key and license-related information. The standard does not define a DRM system itself.

General information

• Status: Published
• Publication date: August 2023 (Edition 4, published in August 2023)
• Publisher: International Organization for Standardization (joint ISO/IEC publication; developed under ISO/IEC JTC 1/SC 29)
• ICS / categories: 35.040.40 (Coding of audio, picture, multimedia and hypermedia information)
• Edition / version: 4 (2023)
• Number of pages: 42

Source data for the bibliographic and publication details above.

Scope

The standard applies to any file format derived from ISO/IEC 14496‑12 (ISOBMFF). It defines the structure and semantics of metadata needed to carry encryption information at file, item, track and track‑fragment levels so multiple DRM/key‑management systems can reference and use the same protected content. It specifies AES‑128 encryption of media samples (CTR and CBC protection schemes), pattern-based partial encryption, subsample encryption for NAL‑structured video to permit pre‑decryption processing/editing, and an XML representation for exchanging key/licence information. The document itself does not specify or mandate a DRM.

Key topics and requirements

• Definition of a common encryption metadata model for ISOBMFF files (file/item/track/track‑fragment scope).
• Protection schemes using AES‑128: CTR and CBC modes; description of IV handling and key identification.
• Pattern-based partial encryption (clear/encrypted block patterns) to support bitrate/processing tradeoffs.
• Subsample encryption for NAL‑structured video (AVC/H.264, HEVC/H.265) to allow editing/processing before decryption.
• XML representation for key and license related information to support pre‑download license/key management and interoperability.
• Explicit statement that the standard does not define a DRM — it specifies formats to be used by multiple DRM/key management systems.
• Amendment work (draft) to add support for AES‑256 is under development (DAmd 1).

Technical details and the protection‑scheme semantics are specified in the published text; amendment activity (e.g., AES‑256 support) is in progress as a draft.

Typical use and users

Used by content packagers, OTT streaming platforms, DRM and key‑management vendors, player and device manufacturers, media tool developers and archivists. Typical workflows include packaging encrypted MP4/ISOBMFF files for multi‑DRM delivery, authoring content with subsample or partial encryption, and exchanging key/ license metadata between packaging and license servers.

Related standards

Directly related to ISO/IEC 14496‑12 (ISO base media file format), which defines the container used by CENC. It is part of the ISO/IEC 23001 (MPEG‑B) series of “MPEG systems technologies” (e.g., Part 1 BiM, Part 5 BSDL, Part 9 common encryption for MPEG‑2 TS). Previous editions and amendments of 23001‑7 (2016 and 2016/Amd1:2019) were superseded by the 2023 edition.

Keywords

CENC, common encryption, ISOBMFF, ISO/IEC 23001‑7, AES‑128, AES‑CTR, AES‑CBC, subsample encryption, NAL, AVC, HEVC, multi‑DRM, track fragment, initialization vector, key identifier, XML representation.

FAQ

Q: What is this standard?

A: ISO/IEC 23001‑7:2023 (MPEG‑B Part 7) specifies a common encryption format and associated metadata for media files based on the ISO base media file format to enable multiple DRM/key‑management systems to interoperate with the same encrypted content.

Q: What does it cover?

A: It covers metadata and protection schemes for encrypting media samples (AES‑128 CTR and CBC), pattern/partial encryption, subsample encryption for NAL video formats, IV and key identification handling, and an XML representation for key/license information. It does not define a DRM system itself.

Q: Who typically uses it?

A: Content packagers, DRM and key‑management providers, streaming platforms, player and device implementers, media‑processing tool vendors and archivists use this standard to create, deliver and consume encrypted ISOBMFF media interoperably.

Q: Is it current or superseded?

A: The 2023 edition (Edition 4) is the current published version and supersedes the 2016 edition and its 2019 amendment. Amendment work to add AES‑256 support is in draft as of the latest update.

Q: Is it part of a series?

A: Yes — it is Part 7 of the ISO/IEC 23001 (MPEG‑B) series of MPEG systems technologies; related parts include Part 1 (BiM), Part 5 (BSDL), Part 9 (common encryption for MPEG‑2 TS), and others. It also relies on ISO/IEC 14496‑12 (ISOBMFF) for the container format.

Q: What are the key keywords?

A: Common encryption, CENC, ISOBMFF, AES‑CTR, AES‑CBC, subsample encryption, NAL, AVC, HEVC, multi‑DRM interoperability, key identifier, initialization vector, XML representation.