Encrypting a Multicast Video Stream? 34
Samhain138 asks: "My company streams video via multicast in a pretty large network. They have a client program for viewing this video stream. Everything works fine, and since the stream is ISMA MPEG-4, almost any player would be able to view it. Lately, they've been looking for a solution for encrypting the video on-the-fly with minimal delay, however all of the solutions they've come across require something physical (dongle, smart-card) which may cause a problem (we can't physically reach all the viewers and it might also become expensive when we have a lot of viewers). Can Slashdot readers suggest anything that is simple to implement (or buy...)?"
Re:IPSec (Score:2, Interesting)
Maybe you don't consider these as proper, so I would really like to know which IP implementations support secure multicast via IPSec, including group key management etc.
To my knowledge, the secure multicast concepts and potential implementations haven't left the research labs (except Secure Spread which I mentioned in another post and isn't based on IPSec).
I would be glad to be wrong and it would be nice if you could provide us with some implementation links... .)
FYI: For the DRM/kill crowd (Score:4, Interesting)
For good points see one the post "Secure Multicast IETF and Secure Spread" in replies.
DRM crows, hold on. Multimedia streaming is not just used for movies and ripped TV serials. Inside corporations it is used for webcasting (to intranet) meetings, training talks, company policies and LOT more... at a given time there might be THOUSANDS of employees world wide tuned in to the webcast (say, Taiwan mfgr office, US HQ dev office and India dev office in a 24hr development + manufacturing setup).
Now you DO NOT want outsiders and even unauthorized employees to sneek in on the sales report meeting webcast! Its plain and simple. Its NOT DRM, its access control!
Multicasting in such an environment is a bitch. You need to devise a secure mechanism of distributing keys, administrating and monitoring the listeners. Multicasting has multicasting groups, so you need to provide some kind of scalable encryption accesscontrol mechanism that works at least across few main stream OSs (Windows 2k/XP/2k3, OSX, Linux and FreeBSD).
Trust me kn this, this *is* a fairly new problem and very good one at that. Three cheers to anybody coming up with a *proper* FREE SPEECH solution for that!