DRM Demystified
At IBC in September, Adobe announced some significant DRM and security upgrades to Flash Media Server 2, as well as a preview of Flash Media Server 3. The highlights of this preview included the announcement of a new encrypted version of the proprietary Adobe RTMP protocol (RTMPE) and a new object-based approach called "SWF hashing."
"These two new technologies are designed to be seamlessly deployed using Flash Media Server 3 and are easily integrated with existing services," according to Chris Hock, senior product director for the Flash Media Server at Adobe at the time this story was written. (In mid-2007, Hock left Adobe; Kevin Towes is the new Flash Media Server senior product director.) "We wanted the implementation of these new features found in Flash Media Server 3 to be as transparent and light as possible to ensure wide adoption."
As expected, support for these two new features is provided via Adobe’s new Flash Player 9. Released in beta in late August, this product is codenamed "Moviestar," a subtle indicator of how serious Adobe is taking its present and future content security and video delivery development efforts.
To address the added expense and system lag that SSL introduces, Adobe designed the RTMPE protocol. This technology provides further security for delivering streaming content from Flash Media Servers to a geographically diverse end-user audience. From Adobe’s website: "Similar in strength to our current SSL protocol (RTMPS), RTMPE can be leveraged by content owners and communication developers to add additional protection to their content."
Adobe designed the new SWF hashing system to provide additional file-level security to streaming Flash content. This technology will also help protect SWF files from being reused, modified, or hosted in alternate locations and ensure that the SWF file that is playing back is indeed the one created by the publisher.
Developers no longer need to purchase and maintain an SSL certificate or incur the traffic hit on their web platform, since the RTMPE and SWF hashing processes are performed via the Flash Media Server 3 and supported via the Flash Player 9. To take advantage of these new features, developers must push their end users to upgrade their SWF engine to the Flash Player 9 bits.
With the increased encryption load at the server level, developers may see minor hardware and software performance degradation compared to unencrypted RTMP delivery without SWF hashing. This should be factored into future Flash Media Server 3 deployment plans and as a rule of thumb—"bigger" CPUs produce better results.
Adobe’s current RTMP standard has been well-received by major content owners and licensees and, to date, the protocol has not been compromised. I asked Hock about rumors that RealNetworks had reverse-engineered RTMP and would soon be shipping support for RTMP recording in a future version of its industry-rattling RealPlayer.
Hock was very clear about the company’s position on the matter: "To the extent that Real or anyone else would reverse-engineer RTMP, we would see this as a specific violation of our patents." Hock further stated, "We have communicated this to RealNetworks and to our customers and the public via our website."
It’s safe to say we will see future announcements from Adobe regarding DRM improvements to the Flash ecosystem. When asked about Adobe’s future as a DRM technology innovator, Hock predicted that "we will continue to treat DRM as an extra layer of protection and continue to update and modify our technology. There is no holy grail of content protection and it’s a continued effort."
For more on Adobe’s DRM, see http://www.adobe.com/devnet/flashcom/articles/digital_media_protection.html.