[Matroska-devel] Re: Encryption

Paul Bryson paul at msn.com
Tue Dec 20 07:07:57 CET 2005

"Joseph Ashwood" wrote...
> I was thinking that this should actually be a wrapper around a block. 
> Since it will only add a few bytes the overhead is minimal, and it will 
> prevent a lot of mistakes that are very easy and very subtle. In fact I 
> had hoped to make this a generic wrapper, so that each level and each 
> track can be encrypted seperately if desired. The reason for this is that 
> in some instances the various taggings/tracks/etc will leak information, 
> and the encryption should be able to prevent this.

The current system was designed to have the encryption only encrypt the data 
portion of the Block, not the entire thing.  I'm guessing that any extra 
data that needed to be passed to the decrypter could be stored in that same 
Block, aware only to the decrypter itself.

One reason for doing this is it allows the file to be manipulated, without 
requiring any sort of decryption to occur.  For instance, the file could be 
remuxed if it were damaged.

Note that while I helped on the design of this particular portion, I was 
focused on allowing the ContentCompression and ContentEncryption to operate 
through the same layer so they could be interchangeable, and allow for 
stacking.  I know nothing about encryption methodologies, nor what would 
result in a weakness.

I'm not particularly attached to the current system, especially as it hasn't 
been implemented by anyone, but there are certain technical benefits (not 
related to encryption) that it offers.  So if it were possible to use some 
method that resulted in the same benefits, that would be wonderful.


More information about the Matroska-devel mailing list