This feature allows the user to protect content from unauthorized access.
The encryption mechanism works at a very low level in the decoding processing hierarchy. This means that it has no influence on the way the data is represented and is therefore independent of video formats, container types, etc.
Content encryption is accessible via right-click on a resource in the Compositing/Resources tree.
A dialog then opens with the encryption options.
The password will be necessary to play back the encrypted file.
The checkboxes provide options to automatically remove original data from the source system.
NOTE
Please note, that these options apply only to the source system. When the encrypted file is distributed to clients, it is always treated as a complete replacement. This means that any originals present on the clients will be deleted when the encrypted version of the resource is available.
While the encryption task is running, a circle/arrow icon appears next to the resource.
To use the encrypted content, right-click on the resource and choose “Set Encryption Password”. The content can then be used as a normal resource for rendering purposes.
Encryption Framework and Performance Implications
To ensure data integrity and confidentiality, the system employs AES-128 encryption in Counter (CTR) mode as its underlying cryptographic standard. AES-128 in CTR mode combines strong security properties with efficient parallelization, making it a reliable choice for both real-time and large-scale processing environments.
Where supported, the render engine leverages the AES-NI (Advanced Encryption Standard New Instructions) extension set provided by modern CPUs. AES-NI enables hardware-accelerated encryption and decryption, significantly reducing computational overhead and improving throughput for real-time rendering operations.
In environments where AES-NI is not available, the system automatically falls back to the tiny-AES library (https://github.com/kokke/tiny-AES-c). This implementation serves as a functional, standards-compliant reference but is not optimized for high-performance workloads. Consequently, users may experience reduced performance compared to systems utilizing hardware acceleration.
For optimal performance, it is recommended to deploy the software on platforms supporting AES-NI. Most modern Intel® and AMD® processors include this capability. If hardware support is uncertain, tools such as CPU-Z or comparable system diagnostic utilities can be used to verify AES-NI availability.
While AES-NI greatly enhances encryption efficiency, a modest performance overhead remains inherent to cryptographic operations. This trade-off is considered acceptable given the substantial benefits in data protection and system integrity it provides.
Known issues and current limitations
- The link which is shown in the bottom right corner, which shows the running tasks, links to the resource distribution tasks instead of to the preview tasks
- An API command is currently not available for this feature
Pixera 25.1 RC 22 | 10. June 2025 | FE