Do I Need DRM? A Look at Standalone AES-128 vs DRM
We are sometimes asked what the differences are between using only AES-128 encryption and a full-fledged DRM system as a solution for video content encryption. Below, we outline the main reasons why AES-128 without a DRM system is not sufficient for security, and why DRM is often the primary part of an encryption solution.
When using AES-128 on its own, the keys provided are considered “clearkey”. In other words, the content keys are delivered in an insecure fashion as they themselves are unencrypted. In this case, a user can potentially obtain the unencrypted key during transmission to a device and thus easily decrypt the content and share it. This is a main reason why studios and content owners broadly do not accept AES-128 as a viable standalone protection method for distributing their assets.
On the other hand, the main benefit with DRM systems is that content keys themselves are also protected. This extends to each point of the delivery chain: from secure key delivery to the viewer, to secure key handling on devices. This protection solution is what content owners widely do recognize.
Security Level of the Decryption Process
When intending to distribute UHD quality content (and most HD content), hardware based security is required by studios on most devices. If hardware support is not available on a given device, generally they will only permit SD quality content to be streamed.
AES-128 alone can only be used as a software protection solution, which is a low form of content protection. This means even if AES-128 on its own was accepted by studios, you would still not be able to stream higher than SD quality content.
DRM, however, does enable you to take advantage of hardware security. Modern devices have DRM protection capabilities built into their chipsets allowing the delivery of next-generation quality content.
When working with video encryption, AES-128 as a standalone solution is considered the low-end of protection. DRM systems offer important security methods that AES-128 lacks and is inherently not able to provide. Studios also generally do not approve AES-128 on its own for content use, and if you are looking to secure your own content, you will be leaving it vulnerable without DRM
We strive to inform the industry on comprehensive and recognized security methods. Content protection can be challenging to navigate at times, but we are here to simplify the process for you! Please contact us if you have any content security questions.
|Feature||DRM systems||AES-128 on its own|
|Studio recognized protection|
|Encrypted content keys|
|Software protection support|
|Hardware protection support
Such as Trusted Video Path or Trusted Execution Environments
|Protected Media Path support|
Posted: 2 Mar 2017