9

I want to implement video encryption in php and play encrypted video in HTML5 video. I have read some documents about it:

And I know there are alternative tools and services that I can use:

I want to provide like this example:

What steps should I pass? I use PHP (laravel) in server-side.

Ali Farhoudi
  • 5,350
  • 7
  • 26
  • 44
  • From: https://arstechnica.com/information-technology/2017/03/drm-in-html5-is-a-victory-for-the-open-web-not-a-defeat/ `EME does not specify any DRM scheme per se. Rather, it defines a set of APIs that allow JavaScript and HTML to interact with decryption/protection modules. These modules will tend to be platform-specific in one way or another and will contain the core DRM technology.` – enhzflep Sep 22 '17 at 10:30
  • not sure if this helps your case but for future readers check this article which i wrote recently : http://aameer.github.io/articles/digital-rights-management-multi-drm/ it explains in details about how to achieve multi-drm – Aameer Nov 16 '17 at 14:52
  • Thank you @Aameer. I read your article. That was helpful, but was not what I needed. I want to somehow encrypt videos on my server and when playing it on web page using html5 video tag, it gets decrypted and no one can download it. – Ali Farhoudi Nov 19 '17 at 16:58
  • You can only expect so much. At the end of the day, if you did come up with a software solution that meets all of your criteria and the user simply cant download the video without using your new stream-decrypting video player, they can still use your player to display the video and simply record their screen. If its being seen on a screen its piratable. – Anthony Cregan Nov 25 '17 at 22:54

1 Answers1

6

If you want to support the major commonly used DRM's, at this time Widevine, PlayReady or FairPlay then you do need either a multi-DRM server or service.

If you just want basic protection the you could use AES encryption or clearly with DASH.

These are not as secure but are sometimes good enough for certain needs.

You can use ffmpeg and openssl to create an AES encrypted HLS stream - the ffmpeg documentation (http://ffmpeg.org/ffmpeg-all.html#Options-34) includes this example script:

#!/bin/sh
BASE_URL=${1:-'.'}
openssl rand 16 > file.key
echo $BASE_URL/file.key > file.keyinfo
echo file.key >> file.keyinfo
echo $(openssl rand -hex 16) >> file.keyinfo
ffmpeg -f lavfi -re -i testsrc -c:v h264 -hls_flags delete_segments \
  -hls_key_info_file file.keyinfo out.m3u8

You can also use mp4Box (https://gpac.wp.imt.fr/mp4box/encryption/common-encryption/) to create basic clear DASH encryptions:

MP4Box -crypt drm_file.xml movie.mp4 -out movie_encrypted.mp4

The drm info is included in the drm_file.xml and is explained at the link above.

Mick
  • 24,231
  • 1
  • 54
  • 120
  • Thank you @Mick for your answer. Can I use my VPS as a multi-DRM server? And I could not use MP4Box encryption since it needs a xml info file! (Should I create that manually?) – Ali Farhoudi Nov 19 '17 at 15:35
  • 1
    A multi DRM server is a specialist solution which is usually actually hosted over multiple servers. It would typically include SDK's rom the major DRM providers. It is not really something you would want to build yourself even if you could make the required agreements to get the SDK's. – Mick Nov 27 '19 at 08:01