Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.

Similar presentations


Presentation on theme: "Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation."— Presentation transcript:

1 Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation to W3C Workshop on DRM January 22-23, 2001 Sophia-Antipolis, France

2 Cloakware Corporation2 Outline The DRM security model Cryptography’s role The need for trusted agents Hardware Solutions Trusted Software Agents Tamper-resistant software Summary

3 Cloakware Corporation3 DRM Security Model Trusting the Untrustworthy Past and present R&D focused on hostile S/W u Anti-virus S/W & Java sandbox protects users against dangerous S/W and hostile hosts u Trust only occurs with S/W from well known sources DRM users are assumed to be hostile u All you need is one untrusted user/attacker n Attacker have legitimate access to protected content n Attacker have infinite time and resources n Attacker has complete access to S/W and H/W

4 Cloakware Corporation4 Cryptography is part of the solution Store/stream data in encrypted form to prevent direct access Use a “key” to access content u Where do you store the key? u What if Alice can’t trust Bob with the key? u Who/what checks the integrity checker? u How do you protect the executable? DeCSS and Steven King’s ebook crack were made possible by cryptographic solutions implemented in unprotected software Tamper-resistant S/W complements cryptography in hostile environment n Provides a “Trusted Agent” on client/player to protect decryption key and enforce access control

5 Cloakware Corporation5 Hardware Solutions Hardware solutions are used for key hiding & tamper resistance Hardware has several drawbacks u Incompatible with installed base of PCs, players u Time and expense to build installed base u Long lifecycle means devices must remain secure for years u Field Upgrades – difficult & costly to replace hardware when it is compromised

6 Cloakware Corporation6 Trusted Software Agents Reduced manufacturing and distribution costs Compatible with installed base Faster time-to-market Renewable and flexible u Attacks continue to improve/evolve u Replaceable tamper resistant components are essential Easy to manufacture unique agents u Prevents a single crack from compromising a DRM system The Chain of Trust u Content providers may want trusted components on distributors’ servers u Distributors may want trusted components on commerce service providers servers

7 Cloakware Corporation7 Tamper Resistant Software Tamper resistant libraries & current code obfuscators are inadequate u Offer weak obfuscation and little protection against tampering Portability is key for trusted software agents u Heterogeneous environments are here to stay u Binary-based tamper-resistant software solutions are not portable u Source level tamper resistant solutions are desirable to support multiple platforms and O/S’s

8 Cloakware Corporation8 Summary DRM Trust model very different u Broad distribution means some users will be malicious Cryptography is part of the solution Trusted Software Agents are required fo u Key hiding u Protecting the rights enforcement engine against tampering u Should be renewable and flexible Cloakware’s TRS technology u Portable source level technology u Protects against tampering and reverse engineering u Enables the manufacture of unique trusted software agents


Download ppt "Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation."

Similar presentations


Ads by Google