Protected Streaming
Encyclopedia
Protected Streaming is a DRM
technology by Adobe
. The aim of the technology is to protect digital content (video or audio) from unauthorized use.
Protected Streaming consists of many different techniques; basically there are two main components: encryption
and SWF
verification.
This technique is used by the Hulu
desktop player and the RTE Player
. Fifa.com also uses this technique to serve the videos on the official site. Some videos on YouTube also use RTMPE, including those uploaded there by BBC Worldwide.
's DRM). For transmission ("streaming"), a special protocol is required: either RTMPE or RTMPS.
RTMPS uses SSL
-encryption. In contrast, RTMPE is designed to be simpler than RTMPS, by removing the need to acquire a SSL Certificate. RTMPE makes use of well-known industry standard cryptographic primitives, consisting of Diffie-Hellman key exchange
and HMACSHA256, generating a pair of RC4
keys, one of which is then used to encrypt the media data sent by the server (the audio or video stream), whilst the other key is used to encrypt any data sent to the server. RTMPE caused less CPU-load than RTMPS on the Flash Media Server
.
Adobe fixed the security issue in January 2009, but did not fix the security holes in the design of the RTMPE algorithm itself. Analysis of the algorithm shows that it relies on security through obscurity
. Amongst other things, this renders RTMPE vulnerable to Man in the Middle attacks
.
Tools which have a copy of the well-known constants extracted from the Adobe Flash
player are able to capture RTMPE streams, a form of the trusted client
problem. Adobe issued DMCA takedowns on RTMPE recording tools, including rtmpdump, to try to limit their distribution. However in the case of rtmpdump, this led to a Streisand effect
.
player uses a well-known constant, appended to information derived from the SWF file (a hash of the file and its size), as input to HMACSHA256. The HMACSHA256 key is the last 32 bytes of the server's first handshake packet. The Flash Media Server uses this to limit access to those clients which have access to the SWF file (or have been given a copy of the hash and the size of the SWF file).
All officially allowed clients (which are in fact *.swf files) need to be placed on the Flash Media Server streaming the file. Any other client requesting a connection will receive a "connection reject".
The combination of both techniques is intended to ensure streams cannot be sniffed and stored into a local file, as SWF verification is intended to prevent third party clients from accessing the content. However, it does not achieve this goal. Third party clients are free to write the decrypted content to a local file simply by knowing the hash of the SWF file and its size. In practice, therefore, Adobe's own implementation of the Macromedia Flash Player is the only client which does not allow saving to a local file.
The only possible way to restrict connections to a Flash Media Server is to use a list of known hosts, to avoid the whole player (the Flash client) being placed on an unauthorised website. Even this has no real benefit for mass-distributed files, as any one of the known hosts could take a copy of the data and re-distribute it at will. Thus "known host" security is only useful when the known hosts can be trusted not to re-distribute the data.
Digital rights management
Digital rights management is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that...
technology by Adobe
Adobe Systems
Adobe Systems Incorporated is an American computer software company founded in 1982 and headquartered in San Jose, California, United States...
. The aim of the technology is to protect digital content (video or audio) from unauthorized use.
Protected Streaming consists of many different techniques; basically there are two main components: encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
and SWF
SWF
SWF is an Adobe Flash file format used for multimedia, vector graphics and ActionScript. Originating with FutureWave Software, then transferred to Macromedia, and then coming under the control of Adobe, SWF files can contain animations or applets of varying degrees of interactivity and function.,...
verification.
This technique is used by the Hulu
Hulu
Hulu is a website and over-the-top subscription service offering ad-supported on-demand streaming video of TV shows, movies, webisodes and other new media, trailers, clips, and behind-the-scenes footage from NBC, Fox, ABC, and Obstacle on October 20th 2011 Nickelodeon and CBS and many other...
desktop player and the RTE Player
RTÉ player
RTÉ player is an on demand video service provided by RTÉ for programmes broadcast on RTÉ Television. RTÉ player is available in two formats; one for the Republic of Ireland and Northern Ireland and another format for international audiences...
. Fifa.com also uses this technique to serve the videos on the official site. Some videos on YouTube also use RTMPE, including those uploaded there by BBC Worldwide.
Encryption
Streamed content is encrypted by the Flash Media Server "on the fly", so that there is no need to encrypt the source file (a significant difference from MicrosoftMicrosoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
's DRM). For transmission ("streaming"), a special protocol is required: either RTMPE or RTMPS.
RTMPS uses SSL
Transport Layer Security
Transport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
-encryption. In contrast, RTMPE is designed to be simpler than RTMPS, by removing the need to acquire a SSL Certificate. RTMPE makes use of well-known industry standard cryptographic primitives, consisting of Diffie-Hellman key exchange
Diffie-Hellman key exchange
Diffie–Hellman key exchange Synonyms of Diffie–Hellman key exchange include:*Diffie–Hellman key agreement*Diffie–Hellman key establishment*Diffie–Hellman key negotiation...
and HMACSHA256, generating a pair of RC4
RC4
In cryptography, RC4 is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer and WEP...
keys, one of which is then used to encrypt the media data sent by the server (the audio or video stream), whilst the other key is used to encrypt any data sent to the server. RTMPE caused less CPU-load than RTMPS on the Flash Media Server
Adobe Flash Media Server
Flash Media Server is a proprietary data and media server from Adobe Systems . This server works with the Flash Player runtime to create media driven, multiuser RIAs . The server uses ActionScript 1, an ECMAScript based scripting language, for server-side logic...
.
Adobe fixed the security issue in January 2009, but did not fix the security holes in the design of the RTMPE algorithm itself. Analysis of the algorithm shows that it relies on security through obscurity
Security through obscurity
Security through obscurity is a pejorative referring to a principle in security engineering, which attempts to use secrecy of design or implementation to provide security...
. Amongst other things, this renders RTMPE vulnerable to Man in the Middle attacks
Man-in-the-middle attack
In cryptography, the man-in-the-middle attack , bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other...
.
Tools which have a copy of the well-known constants extracted from the Adobe Flash
Adobe Flash
Adobe Flash is a multimedia platform used to add animation, video, and interactivity to web pages. Flash is frequently used for advertisements, games and flash animations for broadcast...
player are able to capture RTMPE streams, a form of the trusted client
Trusted client
In computing, a trusted client is a device or program controlled by the user of a service, but with restrictions designed to prevent its use in ways not authorised by the provider of the service. That is, the client is a device that vendors trust and then sell to the consumers, whom they do not trust...
problem. Adobe issued DMCA takedowns on RTMPE recording tools, including rtmpdump, to try to limit their distribution. However in the case of rtmpdump, this led to a Streisand effect
Streisand effect
The Streisand effect is a primarily online phenomenon in which an attempt to hide or remove a piece of information has the unintended consequence of publicizing the information more widely...
.
SWF verification
The Adobe FlashAdobe Flash
Adobe Flash is a multimedia platform used to add animation, video, and interactivity to web pages. Flash is frequently used for advertisements, games and flash animations for broadcast...
player uses a well-known constant, appended to information derived from the SWF file (a hash of the file and its size), as input to HMACSHA256. The HMACSHA256 key is the last 32 bytes of the server's first handshake packet. The Flash Media Server uses this to limit access to those clients which have access to the SWF file (or have been given a copy of the hash and the size of the SWF file).
All officially allowed clients (which are in fact *.swf files) need to be placed on the Flash Media Server streaming the file. Any other client requesting a connection will receive a "connection reject".
The combination of both techniques is intended to ensure streams cannot be sniffed and stored into a local file, as SWF verification is intended to prevent third party clients from accessing the content. However, it does not achieve this goal. Third party clients are free to write the decrypted content to a local file simply by knowing the hash of the SWF file and its size. In practice, therefore, Adobe's own implementation of the Macromedia Flash Player is the only client which does not allow saving to a local file.
The only possible way to restrict connections to a Flash Media Server is to use a list of known hosts, to avoid the whole player (the Flash client) being placed on an unauthorised website. Even this has no real benefit for mass-distributed files, as any one of the known hosts could take a copy of the data and re-distribute it at will. Thus "known host" security is only useful when the known hosts can be trusted not to re-distribute the data.