AES player-side plus. server side protection
It is possible to mange the player with a "constant global admin defined parameter" for AES decrypt?
Our idea is that, when the player has to play AES protected m3u8 stream, and has to request a key from our wowza server, we send the half AES decryrpt key, and the player has to combine the "global admin defined parameter" for decrypt the video.
Why better this solution? Because somebody try to download with ffmpeg or something else, he/she don't know the "constant global admin defined parameter".
Like: H1 + H2 = KEY, wherre H1 constant and hide (secret), and H2 send by server to the player.
E.g.: ABCDEF1234-RANDOMKEY1, ABCDEF1234-RANDOMKEY2, ABCDEF1234-RANDOMKEY3,
We define the "ABCDEF1234-" on the player dashboard side, as a global admin parameter, and the player request a key from our wowza server, and get RANDOMKEY1, or RANDOMKEY2, or RANDOMKEY3, and combine this RANDOM part with the global parameter.
We woudn't like to define with JS, as a AES TOKEN, because that is readable for everybody.
What do you think? It is poosible?