Jump to content

Protected Streaming: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
No edit summary
No edit summary
Line 12: Line 12:
tools were able to capture rtmpe Streams by taking advantage of a security hole within the flash
tools were able to capture rtmpe Streams by taking advantage of a security hole within the flash
player object. Adobe fixed that issue in Jan. 2009.
player object. Adobe fixed that issue in Jan. 2009.



==SWF-Verification==
==SWF-Verification==

Revision as of 05:27, 22 May 2009

Protected Streaming is a DRM-Technology by Adobe. It is used to protect digital content (video or audio) from unauthorized use.

In fact, Protected Streaming consists of many different techniques; basically there are two main components:

This technique is used by the RTE Player.

Encryption

All contents are encrypted by the Flash Media Server "on the fly". This means, there is no encryption of the source file needed (which is different to Microsoft DRM, for instance). For data transmission, a special protocol is used: rtmpe or rtmps.

rtmps uses SSL-encryption, rtmpe makes use of proprietary encryption algorithms. rtmpe causes less CPU-load than rtmps on the Flash Media Server. In the past, some tools were able to capture rtmpe Streams by taking advantage of a security hole within the flash player object. Adobe fixed that issue in Jan. 2009.

SWF-Verification

This technique is used to ensure that only the official Flash client, delivered by the content owner, can be used to request the streaming data.

All officially allowed clients (which are in fact *.swf Files) need to be placed on the Flash Media Server. Any unknown client requesting a connection will receive a "connection reject".

The combination of both techniques ensures that streams cannot be sniffed and stored into a local file. SWF verification is needed to avoid that manipulated clients can access the content. Those clients could possibly write the unencrypted content to a file.

Besides that, it is possible to restrict connections to the Flash Media Server to a list of known hosts, to avoid that the whole player (the flash client) is placed on a foreign site.

References

  • [1] - Whitepaper by Adobe
  • [2] - rtmpe (Adobe LiveDocs)
  • [3] - rtmps (Adobe LiveDocs)