Open DRM

This article is part 3.1 of the "21 Thoughts on Video Streaming in 2021"-series.

Jan Devos (Enterprise Architect at VRT) shares a 2021 thought on Open DRM.

DRM is the last piece of the streaming puzzle that still requires proprietary technology.

There is no doubt that Encrypted Media Extensions and now the unification of encryption methodologies towards CBCS has smoothened the path to implement DRM.

Still I wonder whether it is necessary to keep using voodoo magic and rely on closed technologies to prevent pirating of content.

Is it not possible to have an open and transparent system that one can use and adapt as needed while maintaining or surpassing the level of security of the current systems? I am confident it is, and that 2021 can be the year to start rethinking media content protection.

Keep reading to get 1) context and 2) my take.

Context

Let's try to connect "Encryption", "DRM", "Encrypted Media Extensions" and "Open and Transparent".

  • Video services protect their video streams through encryption. Once a stream is encrypted, the challenge is to store the "key" (which can be used to decrypt the video stream) in a secure fashion. These video services put the key in a "DRM license". If a video app user is allowed to watch a video stream, then the video app fetches the DRM license from the DRM server, and decrypts the video.
  • DRM, or Digital Rights Management, is an infrastructure which companies use to protect their video streams. More specifically, companies setup a multi-DRM infrastructure which use DRM key systems (e.g. FairPlay DRM, Widevine DRM and PlayReady DRM). To keep things simple, one could claim that "FairPlay, Widevine and PlayReady" describe how to "handle" a DRM license. Furthermore, a platform with support for FairPlay/Widevine/PlayReady "knows" how to decrypt a stream protected with FairPlay/Widevine/PlayReady. (It's a bit more complex than that...)
  • Different platforms support different DRM key systems. For example, on Apple devices, you need to use FairPlay, and Android devices you need to use Widevine.
  • These DRM key systems are pretty "closed". Besides through Common Encryption (CENC) and Encrypted Media Extensions (EME), the community (=regular folks like you and me) doesn't have a lot of say (or insights) of how DRM happens. We cannot currently claim that DRM is "open and transparent".

My take

I like the idea of moving towards an open and transparent DRM ecosystem. DRM is messy, and there's definitely some dark magic involved in those black boxes.

An "Open DRM" would definitely be something which would appeal to the community, but perhaps not so much to hardware vendors (please prove me wrong, Apple). I would also love to see a Hollywood executive react to someone pitching "Open DRM".