Tag Archives: Secure video streaming

RTMPe Streaming: How does Secure RTMP Streaming work?

rtmp Stream, rtmpe streaming

RTMP Stream: The Technology

Real Time Messaging Protocol is used to stream multimedia data – audio and video  – between Flash Media Server and Flash Player. The chief utility of RTMP stream is in the optimization of the audio and video data transfer between the server and player. Its major use comes in Dynamic live streaming, and because of the encryption service RTMPE (which, despite of its security flaws, has a wide use) . In this blog post I expand upon – 

  • Use as Streaming protocol – How RTMP evolved as a widely used real time streaming protocol
  • Differences from other streaming protocols, strengths – In what aspects it differs from newer streaming protocols such as  HLS & HDS.
  • Use Cases – We also discuss certain RTMP use cases.
  • RTMPE – Utility of Encrypted RTMP and the flaws in its security services.
  • Flaws in Security & Streaming reliability

RTMP transfer across media server, CDN and flash player

Is RTMP Stream Optimal for Low Latency Transmission ?

RTMP stream does not use either of the 80/443 ports(HTTP/HTTPS) ports, but instead uses the 1935 port. An exclusive port for video packet transmission signifies that the RTMP stream protocol is suitable for transmission of low latency content – essentially live streaming of video content, and streaming of media without buffering. However, by using this port RTMP stream becomes vulnerable to being blocked by certain corporate firewalls.

RTMP stream is theoretically optimal for low latency streaming as the RTMP pointer is always in sync with the media server at the exact point of stream. This means that if their is signal interruption for say 5 seconds, the flash player will not display the signal for 5 seconds, but would resume at the real time when the signal over the network resumes. The stream should therefore never lag inspite of poor network, although the quality of video may suffer.

RTMP Stream: VOD across media server, CDN, Flash Player

Adaptive Streaming through RTMP

RTMPE is suitable for live streaming as it does not download any video packets except at the time of streaming – there is no buffering of content as would occur with a progressive media player. The bitrate can be dynamically decided to optimize user experience over the available network. Dynamic streams consist of multiple single streams of the same content, all of different quality. RTMP stream relies on dynamically adaptive content transfer to maintain video playback at periods of uneven network quality

RTMP stream is distinct from Progressive Streaming Players

Progressive media players, a category that includes popular video players Youtube, Vimeo & VdoCipher, allow video portion of the future video part to be downloaded as well. Essentially it allows for a future buffer in player. Progressive Streaming is now a common feature across all popular video hosting services across the internet. The shifting of video metadata from the end of media file to the front allows this possibility. Thus, before the download of complete media file, the media player has all the information that it requires to start playback.

In progressive streaming, the media is stored in the temporary directory of the associated web browser. This is the concept on which most downloaders or download software/plugins work. They are able to fetch this data which is coming into the browser.

With RTMP there is no storage in a temporary directory, and instead a continued direct streaming between the two servers. It is conceptually live and does not have any future buffer even for recorded videos.

Encrypted RTMPE & Security

Encrypted RTMP (RTMPE) wraps the RTMP stream session in a lightweight encryption layer. Through Encrypted RTMPE, the streaming protocol provides low-level stream encryptions for high-traffic sites. RTMPE uses Anonymous Diffie-Hellman key exchange method. In this algorithm two parties – the media server and the flash player – establish a shared secret key over an insecure channel. However, the initial point of secret key sharing is unsecure. The media server cannot verify the identity of the media player. This leaves the player vulnerable to man-in-the-middle attacks at session initializations.

RTMPS is an RTMPE over a secure TLS/SSL connection. The underlying algorithm of RTMPE remains the same, but a secure SSL connection precludes a man-in-the-middle attack from unknown third parties. However there is still the case in which the client can grants access to a third party.  Through  this user can download the stream content.  In that case the video download is easy, leaving the content provider vulnerable to the potential piracy from end users for illegal distribution.

Security

RTMP Stream Encryption

As explained, RTMP stream never has a block of data, only a pointer to the current live data. Owing to this no local storage of data RTMPE occurs. RTMPE can therefore, with an additional layer of security, be a means for video transmission locally. As discussed, RTMPE was quite different from other streaming players in concept of its streaming protocol. Thus, not many downloaders or plugins are built to grab it. Thus, it has a certain level of protection sometimes pitched with it.

RTMPDump to Download RTMP Videos

RTMP dump is an RTMP toolkit to connect to Flash Media servers just like normal flash players. It stores the data from the RTMP connection, sometimes used to capture the stream from the server. This allows local saving of the video file. This opens a means by which TV shows and videos on demand being streamed via this can be downloaded to cause piracy.

RTMP Stream and Content Delivery Networks(CDN)

RTMP also requires direct constant connection with a Flash Media Server throughout the period of playback, as there is no local storage. Every flash client has to maintain state with the media server all the time.  This results in higher CDN cost. 

Currently, CDNs have started to phase out RTMP. Although CDNs Akamai and Amazon Cloudfront have committed to supporting its streaming, they accept that usage traffic has declined considerably over the previous years. Limelight supports RTMP for video ingestion from content provider to CDN server, which routs to the video user through HTTP. 

Alternative to RTMP – High Secure & Smoother Streaming

As seen above, it has primary two problems –
1. Poor streaming due to no future buffer and constant server to player connections.
2. Downloadable through RTMPdump compromises security from piracy.

VdoCipher encryption through backend OTP

VdoCipher offers completely encrypted data transfer, viewer specific watermarking and backend authentication. This ensures highest security from any downloader or plugin looking to hack content. The OTP given to the specific viewer is authenticated at backend, precluding access from anyone except the intended video user.
VdoCipher has a progressive buffer-conserving player. On seeking the video to past or future timeline, the buffer remains conserved, thereby demanding lower bandwidth. Our video player is optimised for serving at both low and high bandwidth – VdoCipher serves viewers in tier II and tier III cities in India, we also have major clients across Africa. Our streaming has been highly effective even at lower connection speeds.

For a full version 5 GB free trial , please visit VdoCipher.

Ref – 1

Video Streaming Hosting VdoCipher

All these things, VdoCipher handles for you. Launch Today.

 

VdoCipher package Workflow and demo – Secure video streaming

Here is a brief video detailing the features that we offer at VdoCipher, supplemented by screen demos.

 

Here is our statistical research on the prevalence of piracy – we studied usage of piracy tools worldwide in terms of number of unique downloads from video hosting sites. Every 4th computer seems to be using video download tool to pirate content from video streaming sites.

Register for a free full version secure video streaming trial at VdoCipher.

How many use easy video download piracy tools ?

Use VdoCipher for Secure Video Hosting

How much is your video content at risk?

In this blog I present statistics about the popularity of freely available video download tools. These downloader tools enable piracy of your proprietary video content. These tools in the form of software, plugins, sites and extensions are available quite freely across the web. These tools work against non secure video streaming sites to encourage easy video downloads.

Number of users of video download piracy tools

I have included the link to sources from where I have obtained the relevant numbers for the video download tools. For sites, I have taken the estimated annual unique visits from Alexa. Details for the top 10  video downloader tools are given here. Total number of video pirates are calculated at end.

Video Download Tool Name No. of downloads/Annual Unique Visits Source
Savefrom 40,000,000 Alexa
Keepvid 25,000,000 Alexa
Video Download Helper 4,100,000 Sites
Internet Download Manager 3,500,000 Alexa
Video Downloader Professional 3,200,000 Site
Audials 800,000 Alexa
Video Downloader Pro 370,000 Site
All mytube wondershare 25,000,000 Site
ANT video downloader 2,000,000 Alexa
Clip Grab 1,500,000 Alexa
Total Users from 10 tools- 110 Million confirmed Pirates  
World Total user estimate (Assuming top 10 downloaders contributing to 20% of the total downloading piracy, total there are over 100s of options) 500 Million estimated Pirates.
That is Every 4th Computer user in world uses video download tools. 

(Total 2 billion desktop users estimated by Reference)
 

 

Obvious Need & Source for Secure Video Streaming

To prevent such huge number of illegal video downloads, there is an obvious demand for highly secure video streaming. An encrypted streaming technology that can block all these downloaders and sites from accessing protected video content.  VdoCipher offers exactly the required secure video hosting solution. A proprietary encrypted streaming and watermarking technology to prevent video downloads. We are helping premium video businesses grow their revenues by ending online piracy.

To get a free full version 5 GB trial of the most secure video streaming service in the world , Register at VdoCipher.

Business Video Alternative to Vimeo and YouTube

Why not to host videos on Vimeo and YouTube ?

Vimeo and YouTube have a free offering to help consumers and businesses host videos on either their own platform or on Vimeo/ YouTube directly. Still, many times businesses tend to choose options other than Vimeo and YouTube to better fulfill their requirements and make large revenues.

7 Reasons to choose VdoCipher instead of YouTube or Vimeo ?

  1. Secure Video Streaming

    Viewers can easily download videos from Vimeo and from YouTube,  using so many free tools, downloaders, plugins and hacks. VdoCipher encrypted video streaming ensures 100% download protection from piracy.

  2. Customers & Testimonials Ease of Video Management

    Vimeo and YouTube do not provide detailed aspects related to custom Video deletion, ID management, upload from server, FTP, URL, Dropbox or Tag-based video management. VdoCipher offers all these features through APIs and GUIs.

  3. Custom Bitrates , Custom player themes & controls

    Vdocipher unlike others allows you to set custom multiple bitrates, using a full enterprise level encoder for all devices. The Vdocipher player can be modified by developers to change controls, add call to actions, change color and fully provide the desired look and interaction.

  4. Enterprise level variety of APIs

    Sometimes, as part of your video hosting requirements you may require your customers to upload to a mid way portal and to manage streaming. Upload, embed, tagging, watermarking, security, user based authentication, licensing, lot of things need to be managed in an API workflow. VdoCipher is far ahead of vimeo or youtube in API offerings.

  5. Analytics

    Data for details of video playback, seek, pause, viewer variety, demographics, is what enterprises are looking through GUI and APIs. VdoCipher again one step ahead in fulfilling analytics requirement than its competitors.

  6. Specific solutions for education & media

    VdoCipher is inherently built for businesses. Due to vast experience of providing full packaged solutions to online education and media customers, the understanding and implementation is quick and revenue effective.

  7. Great Support

Email, phone, site chat , 24*7 availability for emergency cases, is what vdocipher strives for. Customers look to vdocipher for an awesome support and is thus far more reliable then its free competitors like vimeo & youtube.

Hear our customers saying few good things about us at – Customers & Testimonials

Forget Youtube, For Free full version 5 GB secure video streaming VdoCipher trial,  please register at – www.vdocipher.com

 

Video Streaming Hosting VdoCipher

All these things, VdoCipher handles for you. Launch Today.

Encrypted Video Streaming: VdoCipher & Others

The main encrypted video streaming protocols in use by most streaming providers are Apple’s HLS Encryption (HTTP Live Streaming) , HTTPS (HTTP Secure), Real Time Messaging Protocol (RTMP) and RTMP Encrypted (RTMPE). HLS encryption, with AES 128 bit encrypted streaming, in particular is widely used and marketed by companies as a completely secure streaming protocol. However, inspite of the existing security features, these streaming protocols are insufficient as complete encrypted streaming protocols themselves. This is because, from the perspective of protecting content from piracy, their security flaws lie in:

  • Partial encryption of streaming content
  • Open key exchange mechanism for decryption

The security vulnerabilities in these encrypted streaming protocols have led to design of tools that may be used to decrypt the encrypted video content, thereby allowing illegal and un-authorized downloads. These tools include IDM, Video Download Helpers, RTMPDump and many similar other tools used for pirating proprietary content.

Although widely used, these streaming protocols are not the only streaming protocols that can be used. VdoCipher uses a modified version of the existing streaming protocols to increase video security, and minimize bandwidth usage.

Here we explain how VdoCipher Encrypted Video Streaming works, and how our proprietary encrypted video streaming technology is hackproof. Complete workflow is mentioned below. Steps 5 and 6 of the video streaming workflow are the key differentiators.

Video Streaming Hosting VdoCipher

All these things, VdoCipher handles for you. Launch Today.

  1. Upload

    The video content is uploaded by the registered customer through Desktop, FTP, Drop Box, directly from server and direct from URL. VdoCipher supports all typical video formats.

  2. Transcoding for Protected Streaming

    At VdoCipher we have designed our own proprietary format that we convert videos in. It is in this format that the encrypted streaming takes place in. After user uploads the video the VdoCipher player converts content into encrypted format. The video is transcoded for optimization at multiple bitrates, so that viewers on networks of any quality can conveniently view videos.

  3. Storage of Encrypted Content

    The videos are stored securely on Amazon’s AWS S3 servers using our own server-side encryption technology, creating a double layer of protection.

  4. Encrypted Video Transfer – Differentiator

    Now the encrypted content has to be streamed to the final viewer interface , be it app or browser. Unlike many other streaming protocols, there are two key differences:

    Firstly, the entire stream (not partial) is encrypted using a non-public key whose exchange mechanism is hidden and is proprietary. Others like RTMP does it partially and not fully secure.

    Secondly, the transfer of this encrypted content is not through direct access to the video file. There is a one time URL that is generated and the content is transferred in different chunks to optimize streaming.

  5. Licensing & Authentication – Differentiator

    If the video has a direct video URL that can be shared, then the encrypted video streaming has completely ineffective security. This is because there can be multiple browser playback of the same video, and therefore the video can be easily downloaded. Our key service differentiator is that we have One Time generated video URLS. These URLs are accessed only through custom video embed codes, allowing licensing duration for each single video stream. This prevents any URL based sharing.

  6. Decryption & Playback – Differentiator

    Finally, the encrypted stream content is decrypted inside the player with a dynamic key. Our proprietary key transfer protocol is fundamentally different from the public key transfer protocol in cases of HLS, HTTPS and RTMPE Encrypted Streaming Protocols.

    A private key transfer between the website and our API signifies that it is not possible for hackers to decrypt our streams. The One Time encryption that we use is theoretically and practically hack-proof . We regularly update our authentication mechanism to keep the security features up to date.

    Video licensing and playback are combined to generate customizable viewer specific watermarks. Within the watermark offering, IP address, Email ID  and User ID can be shown as light transparent watermark, to identify a playback session by the viewer.

    Result – Progressive High Secure Video Streaming

    Through this 6-step Video Hosting, Encryption and Streaming process, VdoCipher is able to provide a progressive high security video streaming with future buffer possible. This is also different from RTMP which does not maintain any buffer and can be quite erratic as a result.  Also, once a part of a video is buffered it remains conserved, even when the viewer seeks back or forth. This ensures fastest loading times and minimal bandwidth usage for secure video streaming.

encrypted video streaming                          To try the product trusted by customers across 30+ nations secure video streaming, Add more revenues by eliminating video piracy, have a full free 5 GB trial at www.vdocipher.com

 

The many limits of HTML5 & Why Flash is not going anytime soon?

Famously or infamously, Steve Jobs showed his disregard for Flash in 2010, it has been 5 years and Flash has been running since. Flash was never a major player for mobiles ever nor it is expected to change in near future. It is expected to stay a lot longer on desktops because of the various functionalities which It handles at ease and has made a legacy since start.

I will point out key technical details, statistics and live examples to describe the limitations of HTML 5 for video related purposes and the efficiency of flash in handling the same.

Firstly, for budding entrepreneurs looking to start a video streaming business soon , check these famous sites out and try their video playback on computer – Nbcnews , bbc , starsports, Lynda, foxnews, udemy, dailymotion . Yes , the video plays on a flash player. A large number of media and e-learning sites rely on flash to provide a customized player which can deliver effective video

streaming along with security.

Pros for Flash

Flash has a long legacy for use in producing certain types of media and players. Years ago it was really the only show in town if you wanted to produce certain types of animation, interactive content or streaming video,”  quotes  James Lyne from Security institute SANS. Flash allows developers to play with pixels and bits which allows for lot of customization and innovative interfaces & technologies to come up.

Flash has a much more mature 2D API and now 3D API. HTML5 Canvas is still primitive, and SVG does not mix and match with HTML as well as it could.

It’s true that browser technology with both html5, video and webgl are improving, but the problem is currently  getting standards and similar implementations across all platforms and browsers.  Given that there is still a significant portion of the globe on Win XP, IE 6 – 8, it is expected that it will be many years before browser penetration will equal the capabilities of the current Flash Player. (See image below)

A Mozilla spokesperson told Business Insider the company will continue supporting the updated version of Flash.[1]

A Microsoft spokesperson was more direct, telling Business Insider the firm plans to continue supporting Flash for the foreseeable future. “We are working with Adobe to include a version of Flash optimised for Microsoft Edge. This optimised Flash component will be shipped as part of Windows 10 and will be serviced through Windows Update as Flash currently does in Windows 8 and 8.1,” said the spokesperson. [1]

Limitations of HTML5 video DRM

Full-fledged HTML5 DRM applications,, require an external software library called a Content Decryption Module (CDM). To date the browser and mobile OS vendors have chosen only to support their own proprietary CDMs (like Adobe Access in the case of Firefox, Widevine for Chrome), which are not interoperable. The table below summarizes which CDM each browser and OS supports.[2]

In name of HTML5 , now there are four CDMs with EME (Encrypted Media Extension). Isn’t this worse kind of fragmentation possible. For using HTML5 video playback with DRM on all browsers and devices, you can’t use keys from a single DRM provider. Choosing a single DRM will make the viewer to install plugins on most of the browsers or devices. And what if a new player tries to come in DRM market on HTML5 , will it be able to make its CDM acceptable on any of the browser ?

With Flash on desktops for all browsers and native sdk for mobiles , VdoCipher in a single go provides DRM across all platforms with the easiest use case of integration.

Way ahead

The major concern with Flash is the security. Adobe continuously fixes security concerns for flash and makes it better with each version. As mentioned in the interviews by Business insider, all browsers have agreed to support flash for still long next time. As so many sites, applications and games are made on flash, it can be expected to last  atleast for 3 years.

HTML5 needs to be more developed and support made easy for it to be accepted as a full fledged solution particularly for DRM purposes.

So currently, one needs to cater to 4 CDM requirements for HTML5 video DRM , pay them separately, integrate in your existing solutions to provide viewer a decent experience. Else, the viewer will have to install a certain plugin for his/her particular browser. One option here is the flash based DRM. Other case can be, for some of the enterprises it might be a lucrative solution to provide their own branded player for all platforms. Lets say for ABC company, providing a player named ABC for all platforms. This player can be built using native technologies.

Visit www.vdocipher.com , for complete solution with secure video streaming for businesses.

References

  1. http://www.businessinsider.in/Why-Adobe-Flash-wont-die-even-though-we-all-want-it-to/articleshow/48087987.cms
  2. http://www.jwplayer.com/blog/premium-html5-video/
  3. http://www.adobe.com/in/products/flashplatformruntimes/statistics.html
  4. http://www.adobe.com/devnet/flashplatform/articles/recent-updates.html

 

Add images and text to video with dynamic watermarking

Below is a sample video with dynamic watermark features.

The stream is encrypted for highest security. For playing it on mobile, ask for an app or app sdk. This video is displayed using our WordPress plugin annotation features. It can be customized for movement , color, size , transparency. For a watermark on your own video, get a free full version trial at www.vdocipher.com

All you need to give is a JSON string describing how and what you need to overlay on your protected videos. Videos streamed on VdoCipher are protected from unauthorized downloads. Watermarking user information further cuts down on the chances of sharing a recorded video.

How to get started?

I am assuming you have uploaded your video to your VdoCipher account and are ready to embed the video either using WordPress plugin or implementing the API yourself. In both the cases, you need to pass an “annotation code” or a “json string” to tell us what and how to annotate.  Let’s see how to create this annotation json and add text to video. (A json string is a form of representing structured data in a way machine can understand.)

Here is a sample:

[
{'type':'image', 'url':'https://example.com/url/to/image.jpg','alpha':'0.8', 'x':'100','y':'200'}, 
{'type':'rtext', 'text':'moving text', 'alpha':'0.8', 'color':'0xFF0000','size':'12','interval':'5000'},
{'type':'text', 'text':'static text', 'alpha':'0.5' , 'x':'10', 'y':'100', 'color':'0xFF0000', 'size':'12'}
]

The above code adds a moving text, static text and a static image for your video.

Technically, this is a JSON array of objects, where each object describe a single annotation item. Each of these items will be described by its parameters.
Every item requires a type parameter which defines the type of watermark. The type of watermark can be either a static text, a moving text or a static image. The rest of the parameters depends on the type. Following a short description of how each of these parameters affect the display of text and image. The text after “//” denotes a comment about the parameter value.

Static text
‘type’ : ‘text’,   //do not change, this defines the type of annotation item
‘text’ : ‘the text you like to be displayed’,
‘x’ : ’10’,  //the distance from the left border of video.
‘y’: ’50’,  //the distance from the top border of video.
‘alpha’: ‘0.8’,    //the opacity of the rendered text, 0 is invisible, 1 is full opaque
‘color’:’0xFF0000′,    //the color of the text specified as hexadecimal or uint
‘size’:’12’,
      //Height of the text, in pixels.

Moving text
‘type’: ‘rtext’,
‘text” : ‘Enter whatever text you like to be displayed’,
‘alpha’:’0.8′,
‘color’:’0xFF0000′,
‘size’:’12’,
‘interval’:’5000′    // the interval in milliseconds when the text changes position

Image
‘type’ : ‘image’,
‘url’ : ‘http://example.com/path/to/image.png’,     // the direct link of image
‘x’ : ’10’,
‘y’ : ‘100’

 

  • Note that both the name and the value of these parameters should be in quotes. This rule applies to both text as well as numbers.
  • Each parameter is to be separated by comma. There should not be a comma after the last parameter for the dynamic watermark video settings.

Final Step

Now you need to integrate the above watermark info in your actual video. Pass this json string as a post parameter when making the OTP call with key value annotate. Note that, our current v2 API requires post data to be sent as Content-Type: application/x-www-form-urlencoded  . So, there will be two different post keys: 1) clientSecretKey 2) annotate

Only if you are writing the http requests from scratch you will need to url encode the json string when appending it to the post data. Most web frameworks have inbuilt method of generatig post data. In such cases, you should ensure that data is not doubly encoded i.e. just set the json string when calling your web framework’s addPostParam() method.

Still having problems with the dynamic watermark on video code? Send us the code you are using and the output you wish to be shown to info@vdocipher.com

Secure video streaming and hosting: Advances in technology

VdoCipher provides highest secure video streaming in the world market.

It is a full packaged video streaming, hosting, Encoding+DRM service offered in easy to use manner.

This post presents an overview on various practices adopted by VdoCipher to deliver secure video streaming for its clients. For e-learning and media companies hosting streaming videos on their sites, having a secure video player on the site is the primary requirement. For better user experience, forcing the viewer to install some plugin is also not preferable.  VdoCipher ensures that its customers can use secure video streaming without deteriorating the viewer experience.

The encryption and authentication technology is built in with the VdoCipher player.

Secure video streaming technology

Dynamic watermarking the videos with viewer detail further enhances security from screen capture. It discourages distribution of content captured using external cameras.

Encryption, authentication and  dynamic water marking are thus the tools by VdoCipher for secure video streaming.

You can also limit access to certain IP addresses and Geographical locations using the whitelisting features.

A light weight video player which allows buffer retention ensures a smooth streaming experience for the viewer. Buffer retention here means , that as the viewer seeks back and forth on the video player, the buffer remains conserved. This ensures minimal bandwidth usage and a smooth streaming experience for  viewers with slow internet speeds.

A note on secure video hosting – As already mentioned, encryption, watermarking & licensing are the key features that prevent illegal access of streaming videos. Coming to the hosting part of videos in secure fashion, VdoCipher stores videos in a proprietaryy format on its owned AWS(Amazon) + Akamai servers. These are internationally the largest server + CDN companies catering about almost all the media content in the world. The direct access to the servers for any piracy or hack attempt is impossible owing to strict hosting security standards maintained by these server companies. The fact that the one time url for the secure hosted video is a link to the raw encrypted file with no access to its decryption key, it makes even the rare access of the encrypted video useless.

Integration with secure video player

Integration of VdoCipher with any website is quick with embed codes provided through easy to use APIs. For websites built with services like wordpress and joomla , VdoCipher has ready to use plugins. Features which are supported along with secure video streaming are- video analytics, bulk upload through computer, dropbox or shared url, custom video player design, pay per use pricing and live customer support.

So, how to start using this secure video streaming video with VdoCipher ?

To start with a free full version 5 GB trial of VdoCipher – you just need to signup with a mail id. No credit card , no details , no time limit, just signup and you are ready to sell videos online.

  Signup for free trial

If you have any queries, team VdoCipher is here to help you. Please send your queries and specific requirements to the contact link located here.