[vlc] Re: [OT?] Encrypted Video

JB mail at bettigole.us
Thu Jan 12 20:37:06 CET 2006 

Here's some thoughts on encryption:

 From what I've learned about DishNetwork, their "streams" are encrypted 
with their own Nagravision2 and the receiver/smartcard pair contain the 
keys to decrypt the signal.  A similar system could be possible with VLC 
either built-in or using a separate proxy-type program.  I'll outline 
the proxy program because to me, it would seem more versatile.

A server program, preferably commandline, would take the video stream 
and a user provided key (either, on the commandline or from a file) and 
output an encrypted stream.  This program could be run on the same 
system or a separate system as a proxy to the stream.  On the user end 
the same program would act as a second proxy and retrieve that encrypted 
stream and use the provided key to decrypt the signal:

     VLC ---> Encryption Proxy ---> Decryption Proxy ----> VLC/Media 
Payer/Real Player/Etc...

A system like this would allow for multiple inaccessable streams coming 
from within a private network running through a single (or multiple) 
accessable proxy system on the web.  The client could either have an 
installed program and be provided a key, or the program could be a 
binary on a USB dongle with the key built-in (in the event that the 
person providing the stream doesn't want to divulge the key).  Using the 
second method, the client could tune in to streams represented as 
"channels" on the dongle.  These "channels" would merely be shortcut 
URLs through the client proxy back to the proxy server's output streams.

(This should probably be on the development mailing list, but since the 
topic was brought up here, I wanted to add to it)


Rémi Denis-Courmont wrote:

>Le Mercredi 11 Janvier 2006 11:01, Ow Mun Heng a écrit :
>  
>
>>>That is to say, settings up HTTP/SSL is very complicated. Also, one
>>>has to keep in mind that TCP is usually very poor for streaming
>>>purposes.
>>>      
>>>
>>Yep..Yep.. however, the idea I'm having right now   is leaning more
>>towards making sure the video can only be viewed by select
>>individuals etc. Just like GPG etc.
>>    
>>
>
>We could add GPG keyrings support for SSL authentication as well, but 
>that is a "proprietary" or at least non-standard (though LGPL'd) 
>extension of SSL/TLS that only GnuTLS implements.
>
>For now, you should be able to use a CA and give certificate/private key 
>pairs to any of the client you want to grant access to said video. 
>However, I've never tested that succesfully, and in any case, the 
>access control will be limited to granting access to all videos or no 
>videos at all, to any given client.
>
>
>There could be better alternative, but I don't know any standard, nor 
>anyone willing to dedicate time into that.
>
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.videolan.org/pipermail/vlc/attachments/20060112/a8764610/attachment.html>

More information about the vlc mailing list