Highlighted

Video encryption for offline playing

New Here ,
Apr 21, 2016

Copy link to clipboard

Copied

Hello!

I am developing a video player where downloaded video tutorials have to be played offline. The video files in mp4 format

I want to secure these video files. What is the best and economical way to encrypt these files per pc or per user

I am tracking the IP of the user's connection also some machine related information.

Can i use this information along with some encryption key to restrict the playing of the video file.

The users get these videos after paying for them. But once they get it, they can share it with others. I want to restrict that.

Please suggest me some ideas of how I can protect these videos from piracy.

Please help

TOPICS
Development

Views

3.2K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Video encryption for offline playing

New Here ,
Apr 21, 2016

Copy link to clipboard

Copied

Hello!

I am developing a video player where downloaded video tutorials have to be played offline. The video files in mp4 format

I want to secure these video files. What is the best and economical way to encrypt these files per pc or per user

I am tracking the IP of the user's connection also some machine related information.

Can i use this information along with some encryption key to restrict the playing of the video file.

The users get these videos after paying for them. But once they get it, they can share it with others. I want to restrict that.

Please suggest me some ideas of how I can protect these videos from piracy.

Please help

TOPICS
Development

Views

3.2K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Apr 21, 2016 0
Participant ,
Apr 26, 2016

Copy link to clipboard

Copied

Hi,

Unfortunately you can't encrypt an MP4 video file like how you want it, it's just not possible. Once the file is downloaded, nothing you can do to stop advanced users from distributing your videos.

However, I have some ideas you may consider (these are really just ideas from the top of my head):

First, if it's a browser app you can't do much, or it will be very difficult to manage files in network and local sandbox separately.

If it's a desktop/mobile app, you can do one of the followings:

  • Rename the files. Instead of downloading YOURMOVIE.MP4, download and save a file named A451ZGH67123BN (can be any random id practically). You still can play back the files (in AIR), but the average user will not be able to identify the type of the file, and most of the video players won't be able to play the file.
  • Download the MP4 header and the content separately. This requires some programming on your server/backend, and you have to get familiar with MP4 file format. Download the header in a file (ie. A451ZGH67123BN.1) and the content (h264 data) in another file (ie A451ZGH67123BN.2). When your user wants to play the video, use NetStream.appendBytes() first to play the header data, then use FileSreams to load and start playing content with NetStream.appendBytes(). You should know that NetStream.appendBytes() is NOT available on iOS for h264 videos, so it only works on desktop/android. With this method the file cannot be played on any video players (except yours) // Of course this method is way more complex to develop, but the basics are these
  • Zip the mp4 file on your server with a unique passcode/password, and make sure your app gets this password before the user wants to play the file. Unzip the video file with the password to a temporary destination (use a random filename again, just to be sure) and play that file back. Downsides:
    • If the video file is large, unzipping can be a long and maybe resource-intensive task on your user's computer/device.
    • When your app exits, you have to delete the temporary file. If your app shuts down unexpectedly, the temporary file remain on the disk/device
    • If the file is large, it can use up extra unnecessary space on disk/device (it's more of an issue on mobile devices)

I hope these can get your thoughts moving

Cheers

Tamas

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Apr 26, 2016 0
Participant ,
Apr 26, 2016

Copy link to clipboard

Copied

Another idea

  • Save the MP4 header (or the first 1000 bytes) on your server in a separate file (VIDEO.HDR)
  • Zero out the header (or the first 1000 bytes) in your mp4 file (keep backups of course)
  • Let users download the video file (VIDEO.DATA), but also download the VIDEO.HDR file
  • Each time the user starts playing the video, write the byte content of the header file at the start of your video file (replacing the zeros with the actual MP4 header) and start playing the file. With this method seek and everything works normally
  • Once the user finished playing, zero out the MP4 header (or the first 1000 bytes) again in the video file by writing zero bytes (or any single character or even a random string)
  • Of course if your app exits unexpectedly before finishing the zeroing-out process, the file is replayable by any other app

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Apr 26, 2016 0
New Here ,
Apr 26, 2016

Copy link to clipboard

Copied

Hello Tamas,

Thank you for your response. It is a desktop application and the size of the video tutorial will be huge only. not less than 500MB. I have already done the first one.. Of naming the file without any extension. But my concern is that i don't want anyone to be able to share it if they get access to the file also.

Your second option of splitting the header and the video separately is a brilliant solution but the you are saying it does not work on iOS.

I just want that the mp4 has a string of data embedded in the file [meta data probably] and only once that is validated should the user be able to see the actual tutorial video.

And this needs to work on a Windows PC and a MAC PC. not required for mobile devices.

Do you think this is achievable?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Apr 26, 2016 0
IGZN LATEST
Participant ,
Apr 26, 2016

Copy link to clipboard

Copied

If it's a desktop app (and only your app supposed to play back the videos) then you don't need to worry about iOS, it works on Mac (OSX)

Well, the most important thing is to somehow obfuscate the content of your video file and make sure you restore the original content just before playing and obfuscate again after playing stopped. You might need to experience a little, but changing 1000-2000 bytes at the beginning of the file shouldn't be difficult on any operating systems, especially on desktop. Just make sure internet connection is always needed and do not store the header bytes in a file, just download it right when the user click "Play" (Show a progress bar, like "Initializing...." or similar while you download the write the header content)

Method 2 is a lot more work, I already created something similar a couple years back. You have to take care of seeking and timing manually which can be challenging (if a user seeks to for example 1:15:10 then you have to load the appropriate bytes from the FileStream, which can be difficult for VBR videos), but this method might be more rewarding. I think you should try Method 4 first, it's a lot more easier

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Apr 26, 2016 0