Can I set up a DRM-based video stream with both WideVine and play ready?

Could you provide more details about the encryption techniques used by PlayReady and Widevine? How are content keys created, stored, and sent to the client so they can be decrypted? In addition, does the streaming infrastructure need to incorporate any particular DRM licensing servers or services?

1 Like

Yes, the Advanced Encryption Standard (AES) is used by both PlayReady and Widevine to safeguard material. Since AES uses a symmetric encryption technique, the encryption and decryption processes both require the same key. For secure key distribution, Widevine and PlayReady usually combine AES with various key management systems.

It is utilized in the key exchange procedure for RSA. In this stage, content keys are encrypted using the server’s public key before being sent to the client, utilizing a public key infrastructure. After that, the client with the matching private key can decode and use the content key to decrypt the media.

Then, what about content keys? How are they sent to the client during playback and kept safe?

Secure content key management is essential since content keys are a vital part of DRM. Usually created by the DRM supplier, content keys are safely kept on a key server. Hardware security components (HSMs) are frequently installed on this server to improve key protection.

The encrypted content key is supplied to the client together with the encrypted media during playback. After providing the required credentials for authentication, the client obtains the encrypted content key. It can then decrypt and play the media by using its private key to decrypt the content key locally.

This makes the process of handling keys clearer. Specifically, what functions do DRM licensing servers fulfill inside the streaming infrastructure?

These servers are essential to guaranteeing safe access to content. The client contacts the DRM licensing server with a license request whenever a user tries to play content that is protected by DRM. The identity of the client, the content being accessed, and other pertinent information are all included in this request.

After verifying the client’s identity, the licensing server issues a license with the required decryption keys if the client is approved. The client uses this license to decrypt the material after that. Access controls are enforced by DRM licensing servers, guaranteeing that only authorized users possessing legitimate licenses can see the protected content.