250 likes | 440 Views
DRM: Technology overview. Keunwoo Lee CSE 590 SO 19 April 2005. Outline. Trends in technology of copying Goals of DRM Security basics Three DRM technologies Questions. Trends in technology of copying. Kucher et al., Self-Protecting Digital Content. Goals of DRM.
E N D
DRM: Technology overview Keunwoo Lee CSE 590 SO 19 April 2005
Outline • Trends in technology of copying • Goals of DRM • Security basics • Three DRM technologies • Questions
Trends in technology of copying Kucher et al., Self-Protecting Digital Content
Goals of DRM • Problem: Anything that can be done to bits, can be done by a general-purpose computer • Some people want to give you bits, but want to prevent you from doing certain things with them: • Redistribution • Public performance • Derivative works • Permanent storage • … (Call these restrictions the policy.) • The DRM Dream: make it “hard enough” for users to violate policy without permission
Security basics • DRM is a security measure (it protects the confidentiality and integrity of certain data) • “Security” is not a binary property; it can only be measured in terms of tradeoffs and costs in a particular context: Q1. What is the the resource being protected, and how much is it worth? Q2. What are the expected attacks? Q3. How well do the available security measures stand up against these attacks? Q4. What is the cost of these measures?
A short detour into cryptography • Encryption • Digital signatures • Watermarks
Encryption Symmetric: Public-key: + ) + ) encryption decryption + ) + ) Public key Private key encryption decryption
Digital signatures a a OK ) + a ) + Public key Private key signing a ) X + b ) X + verification
Watermarks 9 ) 9 15 ) 15 + ID ) ID 9 ) 9 watermarking 7 ) 7 detection
DRM as a security problem Q1: What is the resource being protected, and how much is it worth?
DRM as a security problem Q2: What are the expected attacks? • Brute-force decryption • Analog capture • Software: • Key recovery • Plaintext memory read • Hardware: • Key recovery or plaintext capture
Attacks in detail • Brute-force decryption • Attack cryptographic algorithm directly to recover plaintext • Infeasible for well-designed cryptosystems • Analog capture • Render into human-consumable form using provided mechanisms, and capture using other equipment • Always feasible • May be inconvenient, and result in minor loss of quality, metadata, or features
Attacks in detail (2) • Software: key recovery or plaintext memory read • Systems usually require that unencrypted keys and/or plaintext be transmitted and/or reside in memory • Cory Doctorow: “Alice has to provide Bob --- the attacker --- with the key, the cipher, and the ciphertext. Hilarity ensues.” • In most computers, always possible to inspect any location in memory • Hence, user can, in principle, always circumvent software-only DRM solutions by this attack
Attacks in detail (3) • Hardware attacks: • To defeat software attacks, some functions can be “locked up” in hardware • Hardware is harder for user to inspect/modify than software • If hardware is designed naively, user can probe hardware to extract keys or plaintext, or “trick” hardware into doing things it should not
Constructing DRM systems Q3. How well do the available security measures stand up against these attacks? Consider 3 example systems: • FairPlay • Content Scrambling System • Self-Protecting Digital Content
iTunes client software + ) + ) FairPlay (Apple iTunes) Policy: user may • Copy tracks to any iPod or burn to any CD • Play tracks on 5 computers • Burn playlist to CD up to 7 times without changing the playlist Client machine + ) Track master key Plaintext music file iTunes server Encrypted track + ) user OS sound driver User key Track master key Sound card Encrypted master key Speakers
Content Scrambling System (DVDs) DVD producer DVD Policy: user may decrypt content on licensed device Architecture: • DVD data divided into “titles” • Each title encrypted with a title key • Each title key encrypted with a disc key, and placed on disc • Disc key copied 409 times, each encrypted with a different one of the 409 player keys, and all encrypted copies placed on disc • One or more player keys distributed to each licensed device manufacturer + ) … Title keys Titles + ) Disc key Title keys + + + ) … … + Player keys Disc key copies DVD drive
Attacks on CSS Key recovery attack: • Can compromise one player, get the key, and decrypt all DVDs • “Break Once, Break Everywhere” (BOBE) Memory attack: • DVD-ROMs are attached to general-purpose computers; can read video out of memory buffer during playback Analog attack • With appropriate adapters, can plug video out into VCR. Note: CSS doesn’t really prevent copying anyway; DVD ciphertext can be copied without ever decrypting contents.
SPDC: Attacks • Safe from software key recovery and memory read attacks: • key and plaintext never leave secure environment on chip, and so never appear in memory accessible to general-purpose computer • Hardware attacks: • Can build (imperfectly) tamper-resistant hardware • Even if attack succeeds, may compromise existing content only; future content uses different encryption schemes • Can add more features for extra security • e.g., require content to “phone home” over net to authenticate that hardware/software environment has not been compromised • Analog attack: can put a camcorder in front of the monitor
Aside: a note on watermarks • Watermarking can be applied to content independently of other DRM schemes • Watermarks can usually be erased by clever users or clever software • Still, some users are too dumb to use clever software, so watermarks may yield some forensic benefits
DRM as a security problem Q4: What are the costs of these security measures? …for content producers? …for device manufacturers? …for technical innovators? …for honest consumers?
Questions • Given the prerequisites for a SPDC system, is there a path to probable market acceptance of strong DRM? • What is the real effect/value of weak DRM? • Are there restriction policies that users of e-books might consider “reasonable”? • Consumers? • Scholarly users? • Public libraries? • Users with accessibility needs? • Hackers?