Security of Digital Rights Management Systems Hugo Jonker hjonker
26
Security of Security of Digital Rights Management Digital Rights Management Systems Systems Hugo Jonker http://www.win.tue.nl/~hjonker/
Transcript of Security of Digital Rights Management Systems Hugo Jonker hjonker
Security ofSecurity of
Digital Rights Management SystemsDigital Rights Management Systems
Hugo Jonker
http://www.win.tue.nl/~hjonker/
Outline
• Introduction
• Supporting techniques
• Modelling DRM systems
• Security
• Closing remarks
Copyright in the digital era
Early content protection systems (e.g. cable tv, CSS):– Either full access or no access, no possibility to update access rights
– Content supplier also grants access rights
Current situation:– Digital versions of music/films/books (content) are being exchanged in various
(digital) manners
– Existing copy-protection measures (e.g. CSS) are not sufficient
New possibilities:– Desire to offer digitised content (e.g. over the Internet) whilst ensuring copy
protections after delivery
– Interest in offering tailor-made access to content
Legal situation Netherlands (2004): uploading bad, downloading not bad
Introduction
• copyright
• purpose
• description
• constraints
• state
Techniques
Model
Security
Closing remarks
Purpose of DRM systems
• A new content protection mechanism– As desired by those offering content
• Access control– Not just copy prevention
• Practical security– In absense of perfect security, settle for practical security (e.g. prevent “break
once, run everywhere”, updatable security measures)
Introduction
• copyright
• purpose
• description
• constraints
• state
Techniques
Model
Security
Closing remarks
General description of DRM systems
• Govern the distribution and protective measures of content– video, audio, tekst, graphics, software
• Content can only be accessed with a license– More precise: in adherence to a valid license, issued by a bona fide license
issuer
– License specifies the access rights
– License is typically bound to a device
– Unlicensed access to protected content should be impossible
• Network oriented technique– Internet, cable television, cellular phone, CD / DVD
Introduction
• copyright
• purpose
• description
• constraints
• state
Techniques
Model
Security
Closing remarks
Constraints
DRM systems (as we consider them) offer:
• No protection of analogue content– DRM protection ends when content has been rendered
• No payment mechanisms– As this can be considered a seperate problem
Introduction
• copyright
• purpose
• description
• constraints
• state
Techniques
Model
Security
Closing remarks
State of DRM development
Existing systems:– Apple: iTunes (music)
– Microsoft: MS Media DRM (music, audio/video), MS Reader (text)
– Adobe: eBooks (text)
Standards:– XrML, ODRL (right expression languages)
– <Indecs> (metadata)
– OMA (cellphones)
Developments by:– Open Mobile Alliance (cellphones)
– MPEG, OpenIPMP, SDMI, SMPTE, ISMA, OeBF, CRF, OASIS (IT industry)
Note: there is not one standard DRM system, nor a DRM system
which is market leader on all markets
Introduction
• copyright
• purpose
• description
• constraints
• state
Techniques
Model
Security
Closing remarks
Supporting techniques
Supporting techniques
General goals:– Updatability
– Interoperability
Specialised techniques– Content identification: DOI, watermarking, fingerprinting
– Stating rights: Right Expression Language, Rights Data Dictionary (REL, RDD)
– Cryptography: secure container
– Security enabling: hard/software Trusted Computing Base (TCB)
– Traitor tracing
Introduction
Techniques
• supporting techniques
• content identification
• rights expression
• cryptography
• TCB
Model
Security
Closing remarks
Content identification
Digital Object Identifier (DOI)– Lookup system using codes, similar to bar codes
– DOI number identifies content, but must be supplied with content
Watermarking– Embedding information in content without disturbing perception of content
– Embedded information can be used to identify content (e.g. a DOI)
Fingerprinting– Identifying content based on perceptual equivalence
Introduction
Techniques
• supporting techniques
• content identification
• rights expression
• cryptography
• TCB
Model
Security
Closing remarks
Rights expression
• Rights Expression Language (REL): syntax of the license
• Rights Data Dictionary (RDD): semantics of the REL
Two main contenders:
• Open Data Rights Language (ODRL)– open standard, supported by OMA
• eXtensible rights Markup Language (XrML)– proprietary standard from Contentguard, supported by MPEG, Microsoft
• Both are XML-based
Introduction
Techniques
• supporting techniques
• content identification
• rights expression
• cryptography
• TCB
Model
Security
Closing remarks
Cryptography
Various uses of cryptography
• In communications– Authentication, secure channel
• For a secure container– (possibly conceptual) container consisting of the encrypted content, metadata
describing content, and possibly access rights for the content
– Seperate encryption from key management
– Secure container can be exchanged unlimited
Introduction
Techniques
• supporting techniques
• content identification
• rights expression
• cryptography
• TCB
Model
Security
Closing remarks
Trusted Computing Base
Trusted computing base
• A component that provides a trusted platform on which
computations are performed
• Computations cannot be inspected nor disturbed
• Traditionally implemented in hardware (e.g. smartcards)
Software TCB
• conceptually impossible, but practically feasible
• Requirements:– code tamper resistance
– data tamper resistance (secure storage)
– key hiding
Introduction
Techniques
• supporting techniques
• content identification
• rights expression
• cryptography
• TCB
Model
Security
Closing remarks
Modelling DRM systems
Possible components
• Content packaging
• Media server
• License server
• Content registration server
• Authentication server
• Payment gateway
• DRM tools server
• User interface
Introduction
Techniques
Model
• possible components
• MOSES / OpenSDRM
• derived model
• process model
Security
Closing remarks
MOSES / OpenSDRM
ContentPackaging
server
Registrationserver
Authenticationserver
Licenseserver
e-Commerceserver
Media deliveryserver
DRM Toolsserver
Paymentgateway
connection
storage
player
video driver
audio driver
video card
display hardware
analogue out
sound card
audio hardware
analogue out
Server side User side
Introduction
Techniques
Model
• possible components
• MOSES / OpenSDRM
• derived model
• process model
Security
Closing remarks
Derived model (old)
packagerlicense
secure container
networkinterface
storage
playervideo driver
audio driver
video card
videooutput device
sound card
audiooutput device
network
trustedcomputing
base
distributor’s side
contentprovider
analogueoutput
user’s side
Introduction
Techniques
Model
• possible components
• MOSES / OpenSDRM
• derived model
• process model
Security
Closing remarks
Process modelIntroduction
Techniques
Model
• possible components
• MOSES / OpenSDRM
• derived model
• process model
Security
Closing remarks
Security
Security
• Intruder model– Typical intruder threat for entire DRM systems stronger than Dolev / Yao
– Dolev / Yao seems adequate for protocols
• Security goals– Theory focuses on complete(?) security
– Practice: not per se so strict• E.g. iTunes allows creating CD’s which could then be “ripped”
• Security requirements
Method
1. Stakeholder analysis• Establish core roles and incentives
2. Establish (high level) properties• Use concepts of DRM systems (see process model) to translate the incentives
into properties
3. Derive (low level) security requirements• Use process model
Introduction
Techniques
Model
Security
• method
• stakeholder analysis
• high-level properties
• security requirements
Closing remarks
Stakeholder analysis
• Parties: media company, developer, user, reseller,...
• A party can play more than one role
• Three core roles: user, license creator, content creator
• Incentives of the content creator– support new business models (e.g. bundling of content)
– Offer revenue-generating alternative to downloading (opens new market)
• Incentives of the license creator– Offering tailor-made access (new market)
– Low overhead compared to physical devices (CD / DVD)
• Incentives of the user– Legitimate and known-quality content (compared to downloading)
– Ease of use
– Pricing can be more fine-grained
Introduction
Techniques
Model
Security
• method
• stakeholder analysis
• high-level properties
• security requirements
Closing remarks
High-level properties
• Content creator1. Content is only accessible under the conditions of a valid license issued by a
bona fide license creator (includes binding of license to device)
• License creator1. The above
2. The impact of breaking the system must be constrained
• User1. Ordering licenses / content requires user participation
2. Content nor licenses can be linked to the user
Introduction
Techniques
Model
Security
• method
• stakeholder analysis
• high-level properties
• security requirements
Closing remarks
Security requirements
• Content cannot be eavesdropped
• Secure communications
• Content will only be rendered– if a valid license for the content and the renderer is available
– if all conditions of such a license have been met
• The manager / renderer ‘s inner workings cannot be influenced
• Secrets stay secrets– E.g. cryptographic keys used by manager / renderer
• Prevent “break once, run everywhere”
• Updatability
• ...
Introduction
Techniques
Model
Security
• method
• stakeholder analysis
• high-level properties
• security requirements
Closing remarks
Closing remarks
Further research
• Application of security requirements
• Formal verification of the correctness of used protocols– Secrecy, authentication
• Formal verification of other security properties of protocols– E.g. privacy
• Formal specifications pertaining to TCB
• Questions?
