1 / 24

DRM: Technology overview

DRM: Technology overview. Keunwoo Lee CSE 590 SO 19 April 2005. Outline. Trends in technology of copying Goals of DRM Security basics Three DRM technologies Questions. Trends in technology of copying. Kucher et al., Self-Protecting Digital Content. Goals of DRM.

dani
Download Presentation

DRM: Technology overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DRM: Technology overview Keunwoo Lee CSE 590 SO 19 April 2005

  2. Outline • Trends in technology of copying • Goals of DRM • Security basics • Three DRM technologies • Questions

  3. Trends in technology of copying Kucher et al., Self-Protecting Digital Content

  4. Goals of DRM • Problem: Anything that can be done to bits, can be done by a general-purpose computer • Some people want to give you bits, but want to prevent you from doing certain things with them: • Redistribution • Public performance • Derivative works • Permanent storage • … (Call these restrictions the policy.) • The DRM Dream: make it “hard enough” for users to violate policy without permission

  5. Security basics • DRM is a security measure (it protects the confidentiality and integrity of certain data) • “Security” is not a binary property; it can only be measured in terms of tradeoffs and costs in a particular context: Q1. What is the the resource being protected, and how much is it worth? Q2. What are the expected attacks? Q3. How well do the available security measures stand up against these attacks? Q4. What is the cost of these measures?

  6. A short detour into cryptography • Encryption • Digital signatures • Watermarks

  7. Encryption Symmetric: Public-key: + ) + ) encryption decryption + ) + ) Public key Private key encryption decryption

  8. Digital signatures a a OK ) + a ) + Public key Private key signing a ) X + b ) X + verification

  9. Watermarks 9 ) 9 15 ) 15 + ID ) ID 9 ) 9 watermarking 7 ) 7 detection

  10. DRM as a security problem Q1: What is the resource being protected, and how much is it worth?

  11. DRM as a security problem Q2: What are the expected attacks? • Brute-force decryption • Analog capture • Software: • Key recovery • Plaintext memory read • Hardware: • Key recovery or plaintext capture

  12. Attacks in detail • Brute-force decryption • Attack cryptographic algorithm directly to recover plaintext • Infeasible for well-designed cryptosystems • Analog capture • Render into human-consumable form using provided mechanisms, and capture using other equipment • Always feasible • May be inconvenient, and result in minor loss of quality, metadata, or features

  13. Attacks in detail (2) • Software: key recovery or plaintext memory read • Systems usually require that unencrypted keys and/or plaintext be transmitted and/or reside in memory • Cory Doctorow: “Alice has to provide Bob --- the attacker --- with the key, the cipher, and the ciphertext. Hilarity ensues.” • In most computers, always possible to inspect any location in memory • Hence, user can, in principle, always circumvent software-only DRM solutions by this attack

  14. Attacks in detail (3) • Hardware attacks: • To defeat software attacks, some functions can be “locked up” in hardware • Hardware is harder for user to inspect/modify than software • If hardware is designed naively, user can probe hardware to extract keys or plaintext, or “trick” hardware into doing things it should not

  15. Constructing DRM systems Q3. How well do the available security measures stand up against these attacks? Consider 3 example systems: • FairPlay • Content Scrambling System • Self-Protecting Digital Content

  16. iTunes client software + ) + ) FairPlay (Apple iTunes) Policy: user may • Copy tracks to any iPod or burn to any CD • Play tracks on 5 computers • Burn playlist to CD up to 7 times without changing the playlist Client machine + ) Track master key Plaintext music file iTunes server Encrypted track + ) user OS sound driver User key Track master key Sound card Encrypted master key Speakers

  17. Content Scrambling System (DVDs) DVD producer DVD Policy: user may decrypt content on licensed device Architecture: • DVD data divided into “titles” • Each title encrypted with a title key • Each title key encrypted with a disc key, and placed on disc • Disc key copied 409 times, each encrypted with a different one of the 409 player keys, and all encrypted copies placed on disc • One or more player keys distributed to each licensed device manufacturer + ) … Title keys Titles + ) Disc key Title keys + + + ) … … + Player keys Disc key copies DVD drive

  18. Attacks on CSS Key recovery attack: • Can compromise one player, get the key, and decrypt all DVDs • “Break Once, Break Everywhere” (BOBE) Memory attack: • DVD-ROMs are attached to general-purpose computers; can read video out of memory buffer during playback Analog attack • With appropriate adapters, can plug video out into VCR. Note: CSS doesn’t really prevent copying anyway; DVD ciphertext can be copied without ever decrypting contents.

  19. Self-Protecting Digital Content [Kucher et al.]

  20. SPDC: End-to-end security

  21. SPDC: Attacks • Safe from software key recovery and memory read attacks: • key and plaintext never leave secure environment on chip, and so never appear in memory accessible to general-purpose computer • Hardware attacks: • Can build (imperfectly) tamper-resistant hardware • Even if attack succeeds, may compromise existing content only; future content uses different encryption schemes • Can add more features for extra security • e.g., require content to “phone home” over net to authenticate that hardware/software environment has not been compromised • Analog attack: can put a camcorder in front of the monitor

  22. Aside: a note on watermarks • Watermarking can be applied to content independently of other DRM schemes • Watermarks can usually be erased by clever users or clever software • Still, some users are too dumb to use clever software, so watermarks may yield some forensic benefits

  23. DRM as a security problem Q4: What are the costs of these security measures? …for content producers? …for device manufacturers? …for technical innovators? …for honest consumers?

  24. Questions • Given the prerequisites for a SPDC system, is there a path to probable market acceptance of strong DRM? • What is the real effect/value of weak DRM? • Are there restriction policies that users of e-books might consider “reasonable”? • Consumers? • Scholarly users? • Public libraries? • Users with accessibility needs? • Hackers?

More Related