Friday, June 24, 2011

Encrypted Real Time Messaging Protocol (RTMPE or RTMPTE)

Encrypted Real Time Messaging Protocol (RTMPE or RTMPTE) from Adobe.


It is implemented in flash player 9.0.115 and some versions of Flash Media Server 3.

This technique is used by the Hulu desktop player. 

Streamed content is encrypted by the Flash Media Server "on the fly", so that there is no need to encrypt the source file (a significant difference from Microsoft's DRM). For transmission ("streaming"), a special protocol is required: either RTMPE or RTMPS.
RTMPS uses SSL-encryption. In contrast, RTMPE is designed to be simpler than RTMPS, by removing the need to acquire an SSL Certificate. RTMPE uses Diffie-Hellman key exchange and HMACSHA256, generating a pair of RC4 keys.

One of which is then used to encrypt the stream from the server , while the other key is used to encrypt any data sent to the server. RTMPE caused less CPU-load than RTMPS on the Flash Media Server.

The Adobe RTMPE algorithm tries to provide end-to-end secrecy in exactly the same way that SSL provides end-to-end secrecy,
but the algorithm is subject to man-in-the-middle attacks, provides no security, relies on publicly obtainable information and the algorithm
itself to obfuscate the content, and uses no authentication of any kind.

Specification: http://lkcl.net/rtmp/RTMPE.txt

Wikipedia: Protected Streaming
Whitepaper by Adobe

http://www.rtmpe.com/forum/ 

A usfull utility for working with these streams is rtmpdump.
It's a toolkit for RTMP streams. All forms of RTMP are supported, including rtmp://, rtmpt://, rtmpe://, rtmpte://, and rtmps://.

No comments: