DRM Key Revocation By David Coleman DRM Key
DRM & Key Revocation By David Coleman
DRM & Key Revocation ► Digital Rights Management – A system for controlling the use of content ► Key Revocation – The ability for content producers to “revoke” the ability of a given device/player to consume the content ► Important because… ► I’ll be discussing 3 systems: CSS (DVD-Video), Microsoft Windows Media DRM, and AACS § Digital content can be perfectly reproduced § CD Audio was a disaster from music studios’ perspective (the need for DRM) § DVD-Video wasn’t much better (the need for good DRM)
DRM & Key Revocation Content Scramble System (CSS) ► Used on DVD-Video discs ► 40 -bit keys using a secret encryption algorithm (2 LFSRs) ► Keys ► § § § Disc key – Key that allows (indirectly) decrypting the content Player key – Key that allows player to decrypt disc key 400+ player keys § § § Disc key hashed with CSS hashing algorithm Table containing disc key encrypted with all valid player keys Player would decrypt the disc key and then hash it to compare against hashed value Key block ► Revocation ► Completely broken § Removing the player key from the key block § § § Player key recovered from Xing software player Remaining player keys were poorly chosen and quickly guessed Encryption was very weak anyway (a few discrepencies allowed for an O(25) attack)
DRM & Key Revocation Microsoft Windows Media DRM ► My motivation for this topic ► Widely used in online music services (not Apple) ► Basics § Stub. Lib – Certificate that is statically linked in to player § Encrypted content file § License – Contains key to decrypt the content file. Encrypted with player’s public key (from Stub. Lib).
DRM & Key Revocation Microsoft Windows Media DRM License acquisition
DRM & Key Revocation Microsoft Windows Media DRM ► Revocation § Certificate Revocation List (CRL) § Microsoft maintains the CRL and license servers are expected to pull and keep local copy current § CRL is included in the license § Works because API to play is a black box
DRM & Key Revocation Advanced Access Control System (AACS) ► Used on next generation DVD (blue laser) ► Strong encryption based on published standards (AES-128, SHA-1, etc. ) ► Certificates § Not X. 509 § Each player & drive have a certificate ► Keys § Media key – necessary to decrypt content § Device keys ► ► Each device given a set of keys Sets overlap, but no two devices have the identical set NNL Key Management Keys actually organized in a binary tree where child keys of a node can be computed via a one-way function
DRM & Key Revocation AACS ► Revocation § Two methods § CRL ► Every disc has a player CRL and a drive CRL ► CRLs must be stored after reading § Player key revocation ► Media key is encrypted with the minimal set of keys s. t. no revoked device’s key is used but one of every valid device’s key is used ► Subset-difference ► Tree structure helps
DRM & Key Revocation Questions?
- Slides: 9