This blog explains VdoCipher security technology in details and compares it with most other providers.
The main encrypted video streaming protocols in use by most other streaming providers are:
- HTTP Live Streaming – HLS Encryption with AES-128
- Dynamic Adaptive Streaming over HTTPS – DASH
- Real Time Messaging Protocol (RTMP) and RTMP Encrypted (RTMPE)
HLS encryption, with AES-128 bit encrypted streaming is widely marketed as a secure streaming protocol. Indeed, certain security features have been built into these streaming protocols. However, by themselves, HLS Encrypted, DASH and RTMPE are not sufficient to protect your content. Their security flaws lie in:
- Partial encryption of streaming content
- Open key exchange mechanism for decryption
The encryption that these protocols offer are not foolproof.
Suppose, you have bought a state-of-the-art lock for your home. One that even the most masterful locksmiths cannot break through. But then, well, you leave your key under the door-mat. Does your state-of-the-art lock still ensure state-of-the-art security for your home?
Many tools are widely available that exploit security vulnerabilities in encrypted streaming protocols. Tools such as IDM, Video Download Helper and RTPMDump can even download content that has been encrypted, opening the gates for pirates to download and share your content.
Although widely used, these streaming protocols are not the only streaming protocols that can be used. VdoCipher uses a modified version of the existing streaming protocols to increase video security, and minimize bandwidth usage.
Here we explain how VdoCipher’s Encrypted Video Streaming works, and how our DRM encrypted video streaming technology is hackproof. We explain the complete workflow that our video DRM uses. Steps 5 and 6 of the video streaming workflow are the key differentiators that set us apart from competition.
Online businesses also often require features over and beyond video security. VdoCipher fulfills all major requirements for enterprise video hosting. The complete set of features that VdoCipher offers for enterprise video hosting may be found here.
- Upload – The video content is uploaded by the registered customer through Desktop, FTP, Drop Box, directly from server and direct from URL. VdoCipher supports all typical video formats.
- Transcoding for Protected Streaming – At VdoCipher, we encrypt videos with DRM encryption protocol & multiple bitrates. Each device (Android, IOS, Desktop) has its own encrypted version of file. It is in this format that the encrypted streaming takes place in. After user uploads the video, VdoCipher converts content into encrypted format. The video is transcoded for optimization at multiple bitrates, so that viewers on networks of any quality can conveniently view videos.
- Storage of Encrypted Content – The videos are stored securely on Amazon’s AWS S3 servers using our own server-side encryption technology, creating a double layer of protection.
- DRM Encrypted Video Transfer – Differentiator – Now the encrypted content has to be streamed to the final viewer interface , be it app or browser. Unlike many other streaming protocols, there are two key differences:Firstly, the entire stream (not partial) is encrypted using a non-public key whose exchange mechanism is hidden (Via Google Widevine DRM & Apple Fairplay DRM for all platforms). Others like RTMP does it partially and not fully secure.Secondly, the transfer of this encrypted content is not through direct access to the video file. There is a one time URL that is generated and the content is transferred in different chunks to optimize streaming.
- Licensing & Authentication – Differentiator – If the video has a direct video URL that can be shared, then the encrypted video streaming has completely ineffective security. This is because there can be multiple browser playback of the same video, and therefore the video can be easily downloaded. Our key service differentiator is that we have One Time generated dynamic video URLS. These URLs are accessed only through custom video embed codes, allowing licensing duration for each single video stream. This prevents any URL based sharing.
- Decryption & Playback – Differentiator – Finally, the encrypted stream content is decrypted inside the player with a dynamic key. Our proprietary key transfer protocol is fundamentally different from the public key transfer protocol in cases of HLS, HTTPS and RTMPE Encrypted Streaming Protocols.A private key transfer between the website and our API signifies that it is not possible for hackers to decrypt our streams. The One Time encryption that we use is theoretically and practically hack-proof . We regularly update our authentication mechanism to keep the security features up to date.Video licensing and playback are combined to generate customizable viewer specific watermarks. Within the watermark offering, IP address, Email ID and User ID can be shown as light transparent watermark, to identify a playback session by the viewer.
Result – Progressive High Secure Adaptive Video Streaming
Through this 6-step Video Hosting, DRM Encryption and Streaming process, VdoCipher is able to provide a progressive high security video streaming with future buffer possible. This is also different from RTMP which does not maintain any buffer and can be quite erratic as a result. Also, once a part of a video is buffered it remains conserved, even when the viewer seeks back or forth. This ensures fastest loading times and minimal bandwidth usage for secure video streaming.
Supercharge Your Business with Videos
At VdoCipher we maintain the strongest content protection for videos. We also work extremely hard to deliver the best viewer experience. We'd love to hear from you, and help boost your video streaming business.