Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is the point of encrypting HLS files?

Tags:

video

ffmpeg

encryption

http-live-streaming

video-conversion

I am currently working on a project of videos on demand where I convert videos to HLS using FFMPEG.

Videos are publicly hosted on AWS S3 and there is an API giving the URL of the HLS playlist.

Now, I was looking at encrypting HLS files with AES-128 so that people can't download and watch the video offline. I found the procedure which consists in hosting the key online and using that key while converting the video to encrypt the segments.

The URL of the key is written in the HLS playlist, and the file is publicly available online.

So anyone has access to the encryption key.

I don't understand what is the point of encrypting the segments if anyone has access to the key.

Can someone enlighten me? I know I must be missing something. Thanks!

like image 502
APE Avatar asked Jan 29 '16 02:01

APE

People also ask

What is HLS encryption?

HLS AES-128 encryption refers to video streams using HLS streaming protocol wherein the video files are encrypted using the AES-128 algorithms. The key exchange happens through the secure HTTPS protocol.

How can we protect the HLS stream?

For some of the protection schemes, the API supports multiple protection schemes as well as key rotation. HLS streams can also be protected by using key files stored in the Wowza Streaming Engine server's keys folder ([install-dir]/keys).

What is HLS AES?

Apple HLS supports two encryption methods: AES-128 It encrypts the whole segment with the Advanced Encryption Standard (AES) using a 128 bit key, Cipher Block Chaining (CBC) and PKCS7 padding. The CBC will be restarted with each segment using the Initialization Vector (IV) provided.

Is HLS a DRM?

HLSe does secure the content against most standard users trying to get the content, but is not considered DRM level content protection. Video Cloud supports HLS encryption in Brightcove Players. For more information on Brightcove Player support, see Brightcove Player System Requirements.

1 Answers

Encrypting HLS provides transport security as long as the key is requested over HTTPS as it should be. This is not a considered a DRM-level solution, it's just a very basic form of content protection.

In addition to using HTTPS for the keys you can improve it by authenticating key requests (eg. using a token based authentication mechanism) and rotating the keys every n minutes following the HLS standard.

If you want true DRM you have to look at other solutions like Widevine, Primetime etc.

like image 65
aergistal Avatar answered Oct 14 '22 18:10

aergistal
Sign in to Comment

Related questions

Autoplay video like facebook , Android
how to select the video from gallery in phonegap?
FFmpeg: Parallel encoding with custom thread pool
Changing <Video> src based on screen size with Javascript
Android : Show quick preview (live) before exporting FFmpeg Video
On the fly transcoding and HLS streaming with ffmpeg
How to stream Base64 data into a video
How to do Flash pseudo-streaming?
HTML5 <video> element on Android does not play
Python scene change detection
Avfoundation - Play and record video (along with audio and preview) simultaneously
HTML5 video timeupdate event not firing
How to upload video from a(n Android) phone as it is being recorded
iOS - Reversing video file (.mov)
Custom Gallery with Images and Videos in android to select multiple items
Picasso image loading library: how to load video thumbnails
Creating multiple videos with Avisynth
Unable to read frames from VideoCapture from secondary webcam with OpenCV
Mapping pixel formats from CVPixelBuffer to their equivalent V4L
How to make AVPlayer appear instantly instead of after video ends?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!