Results 1 to 9 of 9

Thread: Need help to figure out how HLS encryption works

  1. #1

    Default Need help to figure out how HLS encryption works

    Hey Guys,

    Just wanted to know, what happens when a video ripper app or someone or something tries to play an encrypted HLS stream ?

    obviously, the useragent and other things can easily be faked, many such apps also come with a web browser. so anything that we do with query params or cookies would also be ineffective.

    So, would they be able to gain access to the key and rip the videos. Do we have something as effective as rtmpe on apple devices ?

    Thanks in advance to everyone who'd take some time out to reply to this query.

  2. #2

    Default

    There is not an RTMPE equivelent for Apples HLS. If someone tries to play an encrypted stream and they do not have the key it will not play. The trick is to guard the encryption key. The chunks are worthless without the key.

    Charlie

  3. #3

    Default

    exactly, so if an app tries to fake itself as safari browser then would it not be able to get the key and decrypt the chunks ? what are the ways that can ensure that the key is provided only to the safari and/or apple media player and not to any other third party app ?

  4. #4
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    Use SSL to pass the keys securely. Take a look at this guide:

    http://www.wowza.com/forums/content....cate-authority

    Richard

  5. #5

    Default

    that's okay. we can use ssl, a server side module for validation, play with cookies etc. but what worries me is how do i ensure that the player to which i am providing the key (even if via ssl) is not rogue. I mean if i were to use rtmpe i can probably rely on flash player and the corresponding swf player that a such a possibility wont arise.

    Can someone please let me know, what do we have in HLS+wowza to take care of this scenario ?

  6. #6
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    Re rogue clients, for Flash RTMP where you have secured your SWF with SecureToken, and you do not want your users to embed your player, then you can use Hotlinkdenial:

    http://www.wowza.com/forums/content....-your-SWF-file

    Richard

  7. #7
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    Also, using authentication provides another layer. You can do it through Flash using Wowza, which could do JDBC connection or file lookup. If your users have already signed in and there is http cookie available you can use Flash ExternalInterface to grab it from the HTML container instead of having users input

    JDBC:
    http://www.wowza.com/forums/content....Authentication

    File based:
    http://www.wowza.com/forums/content....-password-file

    Richard

  8. #8

    Default

    Thanks Richard for the reply but as i said, i was interested in ways to deal with rogue clients on apple devices (i.e HLS and not flash). how would I protect my key from a rogue app faking itself as safari browser ?

    I hope you understand what i am trying to say here. I suppose creating a custom ios app and restricting the video would probably be one of the solutions, but if i allow the videos to be streamed via the browser then what do i have to safeguard the videos from being ripped ?

  9. #9
    Join Date
    Dec 2007
    Posts
    22,013

    Default

    Use AES encryption and SSL to protect the key. You can also use user authentication in this case, which can be entered by user or picked up from a cookie, and validated in onHTTPSessionCreate:

    http://www.wowza.com/forums/content....-and-San-Jose)

    That is all that I know of.

    Richard

Similar Threads

  1. Live stream works everywhere except iOS HLS (where only audio works).
    By chocis in forum Live Streaming and Encoders
    Replies: 3
    Last Post: 04-23-2014, 09:24 AM
  2. HLS AES external encryption and non-iOS devices
    By eTiMaGo in forum Live Streaming and Encoder Discussion
    Replies: 4
    Last Post: 11-05-2013, 05:11 AM
  3. HLS encryption w/o module
    By bosborne in forum General Forum
    Replies: 7
    Last Post: 04-18-2013, 11:27 AM
  4. CDN HLS encryption
    By f4cl3y in forum General Forum
    Replies: 0
    Last Post: 04-16-2013, 04:15 AM
  5. Replies: 0
    Last Post: 10-05-2012, 08:15 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •