Best Solutions to Encrypt Video?

[pone44]

It is hard to believe that here in 2017 we still don't have any video formats that incorporate encryption directly into the standard, so that all players of that format would - for example - be able to detect encryption and challenge the user for a password. If a vendor wants to provide at least a crude basic encryption for proprietary video content, what are the options?

One option I see is to use a proprietary encryption product like AxCrypt to convert the MP4 video into a proprietary encryption format. But that requires the content creator and the content viewer to both use a proprietary application like AxCrypt to exchange the video. This are is also no easy way to revoke permissions to view the content later.

Another option would be to use a file sharing network like Dropbox, together with an encryption layer on top of that file sharing network, such as Boxcryptor. That again requires everyone to agree on a proprietary set of products to exchange content.

What are other possible solutions? It would be nice if a product like AxCrypt existed that let users be given permissions in the Cloud, and the service could manage all of the key exchange issues transparently.

[raffriff42]

Yes, ffmpeg can do it.

- explained here (sounds complicated)
https://stackoverflow.com/questions/32734578/ffmpeg-encryption

Discussion thread: ffmpeg support for reading / writing encrypted MP4 files
https://ffmpeg.org/pipermail/ffmpeg-devel/2015-December/thread.html#184558

https://ffmpeg.org/pipermail/ffmpeg-devel/2015-December/185220.html
"I'm not familiar with any player that can play it as is, but it can be played once repackaged to MPEG-DASH. In this form, it can be played by Chrome with Widevine / Edge with PlayReady etc."

[pone44]

Yes, ffmpeg can do it.

- explained here (sounds complicated)
https://stackoverflow.com/questions/32734578/ffmpeg-encryption

Discussion thread: ffmpeg support for reading / writing encrypted MP4 files
https://ffmpeg.org/pipermail/ffmpeg-devel/2015-December/thread.html#184558

https://ffmpeg.org/pipermail/ffmpeg-devel/2015-December/185220.html
"I'm not familiar with any player that can play it as is, but it can be played once repackaged to MPEG-DASH. In this form, it can be played by Chrome with Widevine / Edge with PlayReady etc."

Okay, but if you are a person selling 100 copies of a cooking show to home computer users, that clearly isn't going to work. 95% of your user base won't understand how to use the tool with complex command line arguments. And it isn't worth your time to invest many thousands into development of custom software. Feels like there should be an easier way than this.

[JVRaines]

The DRM focus has been on internet delivery in HLS and DASH. That's where you need to head if you eschew proprietary solutions.

[pone44]

The DRM focus has been on internet delivery in HLS and DASH. That's where you need to head if you eschew proprietary solutions.

All of that requires extensive custom software development, and that doesn't have any return on investment outside of large consumer markets.

I'm okay with a cloud based key exchange system and delivery of encrypted video to the end user.

[raffriff42]

You wouldn't have to spend thousands on implementing DASH encryption, but some work is involved. Chrome or Edge are what the customer would see - not command-line tools.

For an easier solution, you could use a digital delivery service - where the download link is encrypted, not the content itself. Sample services are squarespace and fetchapp. They handle secure login & CC processing for you, a not insignificant development effort, and something you need with encrypted content anyway.

Before you say, "but one of my 100 customers might share the video with a friend or on YouTube!", yeah, somebody might do that whatever protection you put on it.

[pone44]

You wouldn't have to spend thousands on implementing DASH encryption, but some work is involved. Chrome or Edge are what the customer would see - not command-line tools.

For an easier solution, you could use a digital delivery service - where the download link is encrypted, not the content itself. Sample services are squarespace and fetchapp. They handle secure login & CC processing for you, a not insignificant development effort, and something you need with encrypted content anyway.

Before you say, "but one of my 100 customers might share the video with a friend or on YouTube!", yeah, somebody might do that whatever protection you put on it.

Fetchapp looks interesting. Essentially they are putting a shopping cart in front of access to individual files on a Dropbox-type network. They have a good economic model as well. If you store the content on Dropbox for example they only take $10/month. Do you know what kind of per-transaction fees they charge?

It's far from perfect but worth considering.

Regarding copying of content, the feature I would really love to see is a cloud service that puts a hidden user-specific identifier into each copy of a stream. If someone copies your content to Youtube, the name of the offender is there in the video, and you can at least terminate their further access.

[raffriff42]

$10 monthly, the link says. The CC company (or PayPal etc) would also charge you something, probably around 5%.

To watermark each copy, you would have to re-encode each one. This is expensive & is usually done only for high value content like pre-release movie screeners.

[pone44]

$10 monthly, the link says. The CC company (or PayPal etc) would also charge you something, probably around 5%.

To watermark each copy, you would have to re-encode each one. This is expensive & is usually done only for high value content like pre-release movie screeners.

You would have to re-encode each instance, but I bet a cloud-based service could mux in a different watermark for each user, mixing the customized watermark with a single source media file. In any case, it doesn't appear to exist.