Encryption of cached media
MassiveMusic recommends that you implement some form of media caching on mobile devices to help decrease bandwidth usage for your customers and handle intermittent loss of connectivity. However, label agreements typically require you to encrypt the any audio files that are locally cached. This is a precaution to ensure that the cache of media on the device is protected from being read outside of the context of your application.
To do this, we recommend you encrypt any media content at rest using standard encryption techniques (such as AES-256). The encryption key should be generated from as many data sources as possible to reduce the accessibility of data outside of the scope of the user and/or device. For example, you may choose to combine one or more of the following attributes to form your key for a particular track:
- Track ID
- User identifiers
- Country code
- Device identifiers
- Other custom data
For additional security, you may even decide to encrypt media into blocks of content, each with a different encryption key by including a positional time/marker as part of the encryption key.
Updated 5 months ago