Presentation on theme: "1 Windows Media Rights Manager and FairPlay Seminar Digital Rights Management Clara Fernández de Castro."— Presentation transcript:
1 Windows Media Rights Manager and FairPlay Seminar Digital Rights Management Clara Fernández de Castro
2 Introduction Piracy of copyrighted entertainment is not new -> cassette tapes. Digital multimedia files can be easily copied and distributed without loosing quality. The efficient implementation of a DRM system grants a maximum and wide distribution of audio and video to consumers.
3 Windows Media Rights Manager Windows Media Rights Manager Flow –Encrypting Content –Sharing Business Rules –Challenge and Response –License Delivery Attacks against WMRM
5 Enables content owners to protect digital media (Encrypt content). User must have the corresponding license to play the content (Request License). License is issued by a third-party license provider (Create license). License "unlocks" the content and determines how the content can be used (Unlock content). Key points of the process
6 Encrypting Content Hardware requirements: Windows 2000 server and WMRM SDK. Account set up with the license provider. Content Packager uses web-based interface to handle the encrypting process
7 Packaged Windows Media File The seed along with the key ID are used to generate the key: Seed + Key ID = Key
8 Steps to complete the package Generate or specify a key using the key ID and the license key seed. Generate and sign the content header using private signing key. Encrypt the file using this information.
9 Key benefit from WMRM: flexibility in supporting different business models, such us: –Purchase –Pay-per-view –Free trial version –Limited play Content owner and license issuer share some “secrets” Secrets: –Seed –Public key –Business rules Sharing Business Rules
10 The content owner defines two different schemes: Audio File -> available on a subscription basis Video File -> “try before you buy” promotional version License issuer must update database. Example: sharing secrets
11 Redirecting user to a purchase site
12 License issuer database Content owner is able to define multiple business rules for the same piece of content. License issuer uses the key ID and an attribute containing the corresponding business model to maintain his database.
13 Challenge and Response Process starts when a consumer attempts to play a protected piece of content. For playing the content, he or she must acquire a valid license.
14 Example - Encrypted key used to encrypt the content. - Specific rights. - Information about Bob’s computer. - The certificate of the license issuer.
15 License Delivery Four examples of how consumers acquire licenses: 1) non-silently 2) silently 3) non-pre-delivered 4) pre-delivered
16 Non-silent License The consumer is prompted to perform some tasks before receiving a license Bob visits an online Music Store that he is subscribed to. The site contains the newest song he has been looking for. The site offers a free promotion of this song in exchange of some information about Bob, such us his address, name, age and nationality. If Bob agrees to share that demographic information about him, he would be able to receive and play the song.
17 Silent License There is not user interaction required. Bob once again visits the Music Store, but this time he clicks a song which is included in his subscription service. The song is downloaded in his computer and the license is acquired without extra task to play the song.
18 Non-pre-delivered license The license is acquired separately and after the content is acquired. Bob sends his friend Alice the first song he downloaded. Alice receives the file by , but the license that will allow her to play the song it is not included in the content. When Alice clicks on the song to play it, she is asked to enter some demographic information about herself before she is able to play the song.
19 Pre-delivered license The license is delivered before or at the same time as the content. Bob wants to rent a movie on the Web. In this case, Bob must purchase the movie before a valid license is delivered in order to play the content. After entering his credit card number and more information to pay the license, he is able to play the movie. This procedure allows content owners to promote and monitorize their content.
20 Attacks against WMRM 1)Remove DRM from.wmv files. - Freeme.exe 2) Ads and adware Not properly cracked, but attacked in two different ways:
21 Freeme.exe October 2001, Microsoft confirmed the software “freeme.exe” could strip off the protections that prevent a song from being copied an unlimited amount of times. The software from "Beale Screamer" essentially used information found in this license to fool the DRM software, stripping off the protective technology entirely.
22 Freeme.exe Microsoft quickly reacted delivering new versions of the Windows Media Rights Manager and giving instructions to both content owners and license issuers to increase the security of the whole process.
23 Ads and adware
24 What it is FairPlay? Restrictions Brief Technical Description Is FairPlay “fair”? ITunes bussines model Harmony technology (RealNetworks) Reverse-Engineering against Apple Jon Johansen, PyMusique FairPlay
25 FairPlay Key terms: iTunes Music Store: online music service. iTunes: digital media player. iPod: portable media player. FairPlay: Apple’s DRM technique
26 Restrictions A protected track: may be copied to any number of iPod players. may be played on up to five authorized computers simultaneously. may be copied to a standard CD audio track any number of times. A particular playlist within iTunes containing a protected track can be copied to a CD only up to seven times.
27 Brief Technical Description FairPlay’s protected files are regular mp4 container files with an encrypted AAC (Advanced Audio Coding) audio stream. User key and Master key
28 Purchase Process
29 Authorize / Deauthorize
31 Is FairPlay “fair”? No portable player aside from the iPod supports FairPlay. iPod only supports the AAC and MP3 standard, no WMV. Expecting profits in iPod sales, allows Apple to drop prices in the iTunes Music Store. Key strategy from Apple’s business model: Using software to drive hardware sales.
32 Harmony Introduced by RealNetworks in July Harmony allows RealPlayer Music Store to play their songs on the iPod. RealNetworks uses a different protection scheme incompatible with FairPlay. How? Harmony transparently converts a RealNetworks protected file to a FairPlay-compatible protected file.
33 Harmony RealNetworks argued they freed consumers “from the limitation of being locked into a specific portable device when they buy digital music”. A cat and mouse game started between Apple and Harmony. RealNetworks was criticized for: –Keeping its own intellectual property and products closed, while asking Apple to open up the iPod. –Attempting to force Apple into a partnership that would only benefit RealNetworks. Finally, afraid of a lawsuit from Apple, RealNetworks gave up trying to break Apple’s technology.
34 Reverse-Engineering Many efforts have been made to circumvent the encryption of FairPlay-protected files. Most of attacks consisted on removing the encryption from FairPlay- protected files. So far, all applications have two things in common: –They use the user keys from the key repository, which ensures they can decrypt only files that are legally bought. –They keep the metadata inside the MP4 container intact, so is possible to identify the user who originally bought the file after it is decrypted.
35 Reverse-Engineering Jon Johansen –The DRM anti-hero or the anti-DRM hero. –In March 2005, he released via his own website PyMusique, for the purpose of allowing downloads from the iTunes Music Store.
36 PyMusique Works as a front-end to iTunes Music Store, emulating iTunes' connection to the online music store. Allows the download of purchased files from the iTunes Music Store without DRM encryption. This was possible because iTunes software adds the DRM to the music file after the music file is downloaded.
38 PyMusique Legal aspects: –Accessing iTunes Music Store through a third-party application is a violation of the Terms of Service. –Users who purchase music through PyMusique are doing so in a manner not consistent. On March 22, Apple released a patch for the iTunes Music Store blocking the use of the PyMusique program. In September 2005, Jon Johansen released SharpMusique, which took over where PyMusique left off.
39 Conclusions It could be argued that Microsoft's WMA now looks stronger than iTunes. WMA will also be cracked. People against DRM will support reverse- engineering.