Verizon Public Policy on Netflix
owen at delong.com
Wed Jul 16 23:22:57 UTC 2014
> However, if there is any concern about either a Netflix server OR an
> ISP's cache being used to obtain illicit copies of the video, the solution
> is simple. This is a trivial problem to solve. Send and store the streams in
> encrypted form, passing a decryption key to the user via a separate,
> secured channel such as an HTTPS session. Then, it is not possible to obtain
> usable copies of the content by stealing either a Netflix server OR an
> ISP-owned cache. Problem solved.
That works for individual sessions, but not for the cache scenario. Either everyone
gets the same key (which is equivalent to no key at all) or the cache has to be
able to participate in the encryption.
Beyond that small fly in the ointment, I believe Netflix current model operates pretty
much as you suggest. However, their cache boxes have to participate actively in the
encryption in order to avoid providing the same decryption key to everyone for any
given show. I suspect (though I don't know) that encrypted content is loaded onto
the cache in a form encrypted with a key known to the software on the cache. That
each streaming request causes said content to be decrypted and immediately re-encrypted
with a user-specific key and/or session-specific key and then sent to the user.
Hence the requirement that the cache be on a box run by Netflix, and probably part of
the reason for the greater power requirements.
More information about the NANOG