CN113055717A - HLS streaming media DRM method - Google Patents
HLS streaming media DRM method Download PDFInfo
- Publication number
- CN113055717A CN113055717A CN202110252318.9A CN202110252318A CN113055717A CN 113055717 A CN113055717 A CN 113055717A CN 202110252318 A CN202110252318 A CN 202110252318A CN 113055717 A CN113055717 A CN 113055717A
- Authority
- CN
- China
- Prior art keywords
- file
- key
- https
- service
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 17
- 238000013507 mapping Methods 0.000 claims description 3
- 238000011161 development Methods 0.000 description 3
- 230000002457 bidirectional effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 101100272163 Schizosaccharomyces pombe (strain 972 / ATCC 24843) meu8 gene Proteins 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/234—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
- H04N21/2347—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/80—Responding to QoS
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/83—Generation or processing of protective or descriptive data associated with content; Content structuring
- H04N21/845—Structuring of content, e.g. decomposing content into time segments
- H04N21/8456—Structuring of content, e.g. decomposing content into time segments by decomposing the content in the time domain, e.g. in time segments
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/85—Assembly of content; Generation of multimedia applications
- H04N21/858—Linking data to content, e.g. by linking an URL to a video object, by creating a hotspot
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Multimedia (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The invention relates to a method for DRM of HLS streaming media, which comprises the following steps: slicing the video stream, and simultaneously, automatically encrypting the content of a TS file of the slice by using a specified key, wherein an M3U8 index file generated after slicing is finished can also be generated according to a specified format and contains an encrypted key pointed by an https link, and a player of a client can obtain a decrypted key through the https link in M3U8 as long as the player supports a standard HLS protocol, so that the downloaded encrypted TS file is decrypted and played.
Description
Technical Field
The invention relates to the technical field of digital media, in particular to a method for DRM of HLS streaming media.
Background
The HLS is a streaming media network transmission protocol based on HTTP provided by apple Inc., has better network compatibility, can conveniently penetrate through a firewall and a proxy server, can conveniently utilize CDN to accelerate distribution, and is convenient for client implementation. HLS is currently widely used in the live and on-demand fields.
Content such as music or video programs is transmitted over the internet and is easily copied. To avoid these risks, program content is generally protected by encryption during transmission over the internet, and so is the need for Digital Rights Management (DRM) technology that controls and limits the rights to use such digital media content after use.
Disclosure of Invention
The invention provides a method for HLS streaming media DRM, aiming at the technical problems in the prior art, and the method comprises the following steps: slicing the video stream, and simultaneously, automatically encrypting the content of a TS file of the slice by using a specified key, wherein an M3U8 index file generated after slicing is finished can also be generated according to a specified format and contains an encrypted key pointed by an https link, and a player of a client can obtain a decrypted key through the https link in M3U8 as long as the player supports a standard HLS protocol, so that the downloaded encrypted TS file is decrypted and played.
The technical scheme for solving the technical problems is as follows: a method of HLS streaming DRM, comprising: firstly, ffmpeg source codes are modified, transcoding parameters are newly added, plaintext of encrypted KEYs and https links of protection KEYs are transmitted, when the direct-current slices are cut, an AES library in the source codes is called to conduct bidirectional symmetric encryption of a specific algorithm on a TS file, then a line of EXT-X-KEY is automatically inserted into a generated M3U8, the line of EXT-X-KEY comprises an encryption method AES-128 and https links where the encryption KEYs are located, and then ffmpeg is recompiled. Calling an ffmpeg instruction in a multithreading mode to process a source live stream, storing a generated m3u8 index file and a generated slice ts file in a specific directory, mapping the index file and the slice ts file into a common https file service by using nginx, and accelerating the https file service by using a CDN service on a cloud (such as an Ali cloud, a Tencent cloud and a Huashi cloud), so that a client can smoothly play the https file service by accessing an m3u8 file address corresponding to the accelerated https as long as the client supports a standard HLS protocol.
The invention has the beneficial effects that: according to the scheme, a simple and reliable DRM scheme can be realized only by developing a small amount of open source software ffmpeg and then recompiling, the scheme conforms to a standard HLS protocol, so that a client player can play without additional development, and a sliced m3u8 index file and a sliced TS file can be distributed by the CDN, so that a high-availability safe and reliable HLS streaming media service is realized.
Drawings
Fig. 1 is a flowchart of a method for DRM of HLS streaming media according to an embodiment of the present invention.
Detailed Description
The principles and features of this invention are described below in conjunction with the following drawings, which are set forth by way of illustration only and are not intended to limit the scope of the invention.
As shown in fig. 1, the present invention provides a method for DRM of HLS streaming media, which includes: firstly, ffmpeg source codes are modified, transcoding parameters are newly added, plaintext of encrypted KEYs and https links of protection KEYs are transmitted, when the direct-current slices are cut, an AES library in the source codes is called to conduct bidirectional symmetric encryption of a specific algorithm on a TS file, then a line of EXT-X-KEY is automatically inserted into a generated M3U8, the line of EXT-X-KEY comprises an encryption method AES-128 and https links where the encryption KEYs are located, and then ffmpeg is recompiled. Calling an ffmpeg instruction in a multithreading mode to process a source live stream, storing a generated m3u8 index file and a generated slice ts file in a specific directory, mapping the index file and the slice ts file into a common https file service by using nginx, and accelerating the https file service by using a CDN service on a cloud (such as an Ali cloud, a Tencent cloud and a Huashi cloud), so that a client can smoothly play the https file service by accessing an m3u8 file address corresponding to the accelerated https as long as the client supports a standard HLS protocol.
The transcoding software uses ffmpeg, the ffmpeg function is very powerful, the source video stream is provided with HLS slicing and transcoding functions, if the source video stream does not meet the video and audio coding standard of HLS, transcoding parameters are required to be added during slicing to transcode and slice the source video stream at the same time, and if the source video stream meets the video and audio coding standard of HLS, only slicing is required.
After the source code of ffmpeg contains AES, calling the AES library to use a specified KEY and a specified AES algorithm to bidirectionally encrypt the whole file after the video stream is sliced by the ffmpeg, wherein all the ts files of the slices can be encrypted by using the same KEY, or each ts file of the slices can be encrypted by using different KEYs, but generally in order to relieve the pressure of a server, all the ts files in m3u8 are encrypted by using the same KEY, the KEY can be protected by an https link, then modifying the source code to enable the https link and the plaintext of the KEY to be used as input parameters of an ffmpeg instruction to be transmitted, when an MEU8 index file is generated, adding an EXT-X-KEY into the head of the file, wherein an attribute URI is an htps tps link for protecting the KEY, when a client plays the HLS stream, firstly downloading the m3u8 file, requesting the https link of the URI in the EXT-X-KEY to obtain a decrypted KEY, and then downloading the ts file encrypted in m3u8, and decrypting the ts file by using the obtained decrypted key to realize playing, wherein the player supporting the standard HLS protocol automatically realizes the processes of decryption and playing without additional development processing.
According to the scheme, a simple and reliable DRM scheme can be realized only by developing a small amount of open source software ffmpeg and then recompiling, the scheme conforms to a standard HLS protocol, so that a client player can play without additional development, and a sliced m3u8 index file and a sliced TS file can be distributed by the CDN, so that a high-availability safe and reliable HLS streaming media service is realized.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (2)
1. A method for DRM of HLS streaming, comprising the steps of:
the FFmpeg transcoding service module acquires a source video stream and a key which is provided by https service and contains each stream encryption, transcodes and slices the source video stream to generate a ts file, and encrypts the ts file by using link parameters of the key and the key; inserting an https link containing an encryption method AES128 and an encryption key into the generated index file M3U 8;
the client downloads the index file M3U8 and downloads the encrypted ts file through the index file M3U 8; requesting https service to obtain a key for decrypting ts; the ts file is decrypted by the key and played.
2. The method of claim 1, further comprising: the FFmpeg transcoding service module maps the index file M3U8 and the encrypted ts file into https file service by using Nginx, and accelerates the https file service through CDN service of a cloud server after mapping the index file M3U8 and the encrypted ts file into https file service.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110252318.9A CN113055717A (en) | 2021-03-08 | 2021-03-08 | HLS streaming media DRM method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110252318.9A CN113055717A (en) | 2021-03-08 | 2021-03-08 | HLS streaming media DRM method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113055717A true CN113055717A (en) | 2021-06-29 |
Family
ID=76510536
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110252318.9A Pending CN113055717A (en) | 2021-03-08 | 2021-03-08 | HLS streaming media DRM method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113055717A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113965775A (en) * | 2021-10-22 | 2022-01-21 | 武汉博晟安全技术股份有限公司 | Multimedia video safe playing method based on slice and intelligent CDN acceleration |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120246462A1 (en) * | 2011-03-23 | 2012-09-27 | General Instrument Corporation | System and methods for providing live streaming content using digital rights management-based key management |
| CN107483978A (en) * | 2017-07-19 | 2017-12-15 | 河南神州数码索贝科技有限公司 | A kind of video anti-stealing link method based on FFMPEG |
| CN112449213A (en) * | 2020-11-25 | 2021-03-05 | 杭州视洞科技有限公司 | HLS slicing service scheme realized based on FFmpeg |
-
2021
- 2021-03-08 CN CN202110252318.9A patent/CN113055717A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120246462A1 (en) * | 2011-03-23 | 2012-09-27 | General Instrument Corporation | System and methods for providing live streaming content using digital rights management-based key management |
| CN107483978A (en) * | 2017-07-19 | 2017-12-15 | 河南神州数码索贝科技有限公司 | A kind of video anti-stealing link method based on FFMPEG |
| CN112449213A (en) * | 2020-11-25 | 2021-03-05 | 杭州视洞科技有限公司 | HLS slicing service scheme realized based on FFmpeg |
Non-Patent Citations (1)
| Title |
|---|
| HSJ0170: "《HLS加密、解密细节》", 《CSDN》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113965775A (en) * | 2021-10-22 | 2022-01-21 | 武汉博晟安全技术股份有限公司 | Multimedia video safe playing method based on slice and intelligent CDN acceleration |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10698985B2 (en) | Extending data confidentiality into a player application | |
| CN106331751B (en) | An online encrypted slice video playback method based on iOS operating system | |
| CN104471913B (en) | Indicate and process content is transmitted and the content-encrypt in transmission and rights management | |
| CN105939484B (en) | A kind of audio and video encryption playback method and system | |
| US8700897B2 (en) | Method and terminal equipment for applying digital rights management | |
| US20170118537A1 (en) | Adaptive watermarking for streaming data | |
| CN113259720B (en) | Video encryption method and system based on HLS protocol | |
| US20040199771A1 (en) | Method for tracing a security breach in highly distributed content | |
| CN106936770A (en) | A kind of HLS index lists encrypted antitheft catenary system and method | |
| CN106375834B (en) | A kind of offline playback method of online encrypted slice video and device based on iOS operating system | |
| US9794230B2 (en) | Method and system for encrypting multimedia streams | |
| KR20130099995A (en) | Key rotation in live adaptive streaming | |
| TW201204011A (en) | Systems and methods for securely streaming media content | |
| KR20130085926A (en) | System and method for processing security based on http live streaming | |
| CN108881205A (en) | A kind of safety broadcasting system and playback method of HLS Streaming Media | |
| CN106657162B (en) | Online streaming media playing method, streaming media downloading method and offline playing method | |
| CN113965775A (en) | Multimedia video safe playing method based on slice and intelligent CDN acceleration | |
| US11880475B2 (en) | Secure fast channel change | |
| CN113055717A (en) | HLS streaming media DRM method | |
| CN108462566A (en) | A kind of multimedia file encryption method and system | |
| CN104661109A (en) | Method, system and terminal for hiding media URI in CDN | |
| CN112752122A (en) | Video encryption transmission method of intelligent camera and computer readable storage medium | |
| US20200275142A1 (en) | A method for delivering digital content to at least one client device | |
| CN114040229B (en) | Video encryption and decryption method and device | |
| JP2025514754A (en) | Multi-source method and system for coded media - Patents.com |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210629 |
|
| RJ01 | Rejection of invention patent application after publication |