Interesting, and the paper is surprisingly accessible to read as well, thanks.
One critique I can lodge against this is that to me it reads like the security model in this scheme trusts the venue to not tamper with the projection equipment. This may not map well to everyday camera recording situations, where the camera owner / operator may have a vested interest and capability in tampering with the camera itself.
There's a fair bit of protection for the projection cameras. They're actually always-connected devices that get streaming permissions from a remote server before starting a show, device roots of trust, tamper detection systems, and so on. The movie file is essentially encrypted at rest until showtime. Plus the techs are generally not that technically advanced, and theaters face the threat of lawsuits/never being allowed to show movies again if they breach their contractual obligations to reverse engineer the equipment. It's generally effective.
The point isn't to completely, 100% close the analog hole here (and at least one piracy group seems to have leaks of raw movie data despite all of this security), but it's effective at making compliance the least costly option for almost everyone involved worldwide. It's one of the major reasons we've seen a shift by pirate groups to preproduction leaks or alternative methods.
One critique I can lodge against this is that to me it reads like the security model in this scheme trusts the venue to not tamper with the projection equipment. This may not map well to everyday camera recording situations, where the camera owner / operator may have a vested interest and capability in tampering with the camera itself.