``Because the TDL can decrypt content in real time, movies never need to be transported to the aircraft in the clear, says Pellegrini. Content remains encrypted from the time it leaves post-production until it is safely read by the TDL. The TDL provides built-in hardware decryption on the aircraft that supports DES, 3DES, and AES. The TDL uses a physically secure FIPS 140-1, level 2-compliant hardware device to perform authentication and encryption key storage.

emit.. FIPS is a piece of hardware for the key management only...

As for the three types of file encryption..they`re standard....a content vendor can encrypt files in any one of the three....the TDL will have the ability to decrypt the files with the complementing mechanisms....insiders can gain access to complementing file decryptors.

They need not even do that...they can off ramp files after file decryption.

IMS has gone to the extent of telling the world how they do things.. to the point of spelling out the encryption types as well as the key protection.

The problem is.. when a content vendor encrypts..choosing one of the three.....the generated keys are unprotected until they are delivered to the TDL and stored within the FIPS.

They`re separate of the encrypted files and are delivered in that manner.

As for the encrypted files...they place them in a storage device on the TDL until called for.

There are problems of breach...it would not be hard to coordinate a breach for a technical insider.

The WENCOR/e.Digital driven scheme does not allow the keys and encrypted files to be separate within the delivery scheme...or at the final destination...they stay together...within an encompassing hardware encryption scheme.

technical insiders will not have an ability to coordinate a breach between the two....and if by chance they do there are other security layers.

doni