Graham Leggett
2014-09-21 18:09:11 UTC
Hi all,
In the HLS protocol[1], there is the option of serving encrypted data protected by a simple symmetrical key and AES-128. The symmetrical key is served to the client over a secure connection, and the data is then retrieved separately over a probably-insecure-but-cacheable connection and unlocked with the key.
I would like to strengthen the key by using the URL of the content as a salt, and would like to verify the most cryptographically sound way to do this. Would it make sense to create an HMAC out of the key and the salt (inserting them into HMAC’s “message" and “key"), and then using the result as the key that is used to protect the content?
The end goal would be that the holder of a valid HMAC-used-as-key for one URL would find it sufficiently hard to derive the HMAC-used-as-key for the other URLs that might be hosted alongside. In both cases the client will know the URLs and specific HMAC-used-as-keys that here revealed to the client, but won’t know the underlying key that started it all.
Does this make sense?
[1] http://tools.ietf.org/html/draft-pantos-http-live-streaming-13
Regards,
Graham
—
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
In the HLS protocol[1], there is the option of serving encrypted data protected by a simple symmetrical key and AES-128. The symmetrical key is served to the client over a secure connection, and the data is then retrieved separately over a probably-insecure-but-cacheable connection and unlocked with the key.
I would like to strengthen the key by using the URL of the content as a salt, and would like to verify the most cryptographically sound way to do this. Would it make sense to create an HMAC out of the key and the salt (inserting them into HMAC’s “message" and “key"), and then using the result as the key that is used to protect the content?
The end goal would be that the holder of a valid HMAC-used-as-key for one URL would find it sufficiently hard to derive the HMAC-used-as-key for the other URLs that might be hosted alongside. In both cases the client will know the URLs and specific HMAC-used-as-keys that here revealed to the client, but won’t know the underlying key that started it all.
Does this make sense?
[1] http://tools.ietf.org/html/draft-pantos-http-live-streaming-13
Regards,
Graham
—
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org