Zibbp
commented
4 years ago Groundwork for Radium Protect server can be found at https://github.com/Zibbp/Radium-Protect
It's pretty basic in functionality right now. It supports either the normal RTMP to HLS or the encrypted version at https://github.com/Zibbp/Nginx-RTMP-HLS-Encrypted
Currently the RTMP to HLS setup offers no security meaning anyone is able to download the stream as well. Recently I pushed a new version of the container, RTMP to HLS Encrypted which encrypts the stream (each .ts file) with an AES 128 key, that key is rotated out every 30 seconds. This new container improves on the old one as the stream is encrypted and anyone trying to view the individual .ts files wouldn't be able to play them. However if they got a hold of the .m3u8 playlist they would be able to decrypt the files as the playlist points to where the keys are.
To further harden the security of the HLS stream I'm working on a server that sits on top of the RTMP to HLS Encrypted container. This server would authorize users to be able to access the HLS stream files. Details on how users would be authenticated and authorized are still to come. This would harden access to the HLS stream as unauthenticated users wouldn't be able to access the HLS stream.