DRM as a Service: What Makes It Tick? (Part 4: Encryption )

In this final highlight in our short series on the basics of video security , we tackle the core issue of Encryption. Please remember that we have wrapped up all our current FAQ information up in our published book on DRMaaS - download today and register your T-shirt size!

Which part of the DRM process happens on the server or cloud side of the video delivery service?
The short answer to this question is that the server-side components of DRM are concerned with encryption of the video content in a way that makes it impossible to view the video without also having access to an appropriate license. The encryption or packaging process actually is a part of the video delivery workflow and takes place between video encoding and actual video stream delivery. The key values used for video stream encryption are generated by the DRM service together with a video asset identifier and supplied via a secure API to that encryption process. The important point about this arms-length separation is that the encrypted video and the database of keys used to protect it are never stored in conjunction with one another. In fact, the encryption key/video asset identifier pairs are only stored in the context of the DRM server-side component, which is regarded as specifically secure for this purpose, whereas the now protected video files can now be made available via standard, highly optimized web request/response protocols.

Compressed video and audio playback are universally supported on today's computers and consumer hardware. But the process of compression makes the data in the video file or stream exceptionally sensitive to alterations in its binary content – only minor corruption of the video data is needed to have a massive ripple effect on the decompression and rendering functions. You can see that sometimes, when a video you are watching glitches and dissolves into a mass of seemingly randomly colored pixels. Such data changes, that disrupt the playback function, can happen accidentally - when communication protocols break for example. Or the video can be “corrupted” deliberately at its source by partially or completely encrypting the content using a scrambling key.

Unlike random corruption of files or streams, DRM-oriented encryption is a very precise process using controlled scrambling keys and a well-defined algorithm. The whole design concept of this algorithmic encryption process is that it is, of necessity, 100% reversible. With this premise, under the right circumstances, it is possible to reconstruct the original high-quality source material from the scrambled stream or file.

Scrambled/encrypted video content is essentially valueless without knowledge of how to reverse the encryption process. It can’t be played or redistributed. Effectively, scrambled video content often uses a different scrambling key for each time period of a live stream, and certainly for every individual video asset in a library. Reversing the encryption process, of course, requires access to the scrambling key or keys used for protection and knowledge of the algorithm used. Controlling this access is the essence of video security and why it is core to the video service business.

Visit our Frequently Asked Questions page for the full story - or download the full DRMaaS - What Makes it Tick? reference document. When you request this document, you'll also get in in line to receive our latest cool T-shirt swag! Something that shouldn't be missed in this time of virtual "no gift available" trade shows :)

Thanks for reading.

The Team at EZDRM
Digital Rights Management. Simplified.