0

I'm interested in using ClearKey for its open source nature and lack of reliance on external license servers owned by companies like Google and Microsoft. However, I understand Widevine, PlayReady, and FairPlay have excellent hardware integration that allows decryption and playback in secure components, even blocking screen capturing.

ClearKey doesn't seem to support that level of hardware security. Is there a way to get the "best of both worlds" - the openness of ClearKey with the hardware protections of something like Widevine?

For example, could the Widevine browser extension be used just for license handling and decryption while still using a ClearKey server and keys? Or is there another way to implement ClearKey such that it takes advantage of secure hardware playback?

I'm still learning about DRM, so any thoughts or pointers on if hardware DRM can be achieved with open source solutions like ClearKey are appreciated!

Xosrov
  • 719
  • 4
  • 22

1 Answers1

2

In theory the secure key delivery provided by DRM's should be separable from the secure media path used to decrypt and display the media, but in practice I'm not aware of the type of capability today that you are looking for.

The secure media path is usually associated with or tightly integrated with the CDM (Content Description Module) in browsers or with the DRM systems in mobile devices.

As these are provided by the DRM vendors themselves, they are not typically open to modify or build on.

Mick
  • 24,231
  • 1
  • 54
  • 120
  • Yeah, from what I understand Google, Microsoft and Apple have close ties with hardware manufacturers, which helps their DRM systems integrate nicely with them. It just *makes sense* for DRM to work this way, as the whole concept behind it is security though obscurity. Even if someone were to make this work, I think it would be classified more as a security hole or bug rather than a good thing :/ – Xosrov Aug 19 '23 at 15:15