Jean-Baptiste Bédrune (Sogeti / ESEC)

Presentation Title Cracking DRM (Digital Rights Management / Digital Content Protection)
Presentation Abstract

This talks deals with audio and video content protection, focusing on VoD and protected files on PCs. The first part presents the modules needed for a DRM solution, the general architecture of such systems, and the main constraints it has to face. It then shows some common mistakes made by vendors, and how to fix them.

Developing secure DRM modules is hard: they have to be compatible with a vast range of material, and a lot of computers do not have a hardware security module. Hence, DRM solutions mainly rely on security through obscurity. The protocols used are sometimes partially documented, but the secrets, such are encryption keys, must be kept private, while readable by the client player.

Like many solutions relying on obscurity, DRM modules massively use code protection. It is interesting to note than one main protector is used by all major companies to protect their DRM modules. So, defeating this protection helps to defeat most of the DRM currently in use.

When attacking a DRM module, several steps are needed to succeed:
1. Defeat the anti-debugs.
2. Understand and remove the obfuscated code.
3. Defeat the encryption.

DRMs are, in a certain extent, different from the protections used for other purposes (video games, dongles, shareware, …) For instance, anti-debugs must work on all systems and must never raise false positives. They cannot be intrusive and are generally easily defeated. Protection is really oriented towards algorithm obfuscation and data protection. Code flattening and arithmetic obfuscation mechanisms will be detailed on small examples, to show the basic principles generally observed and various angles of attacks. Only a very restrained part of the modules are very well protected, due to trade-off considerations between security, memory usage and speed.

Once these two steps are done, a first attack is possible, very simple but surprisingly working quite often. Its purpose is to study the DRM module to find the proper function in charge of unprotecting the content. Once the attacker gets it, he just has to hook it and retrieve every piece of unprotected content, then rebuild the full cleartext file. Other simple examples will focus on file format analysis, code rip and injection, to demistify attacks on DRM.

The next level of attack will try to get rid of the player: the goal is to retrieve secrets embedded in the module. Secrets, such as encryption keys or tables index, must be hidden, and never appear plaintext into memory. That is why data-flow obfuscation is a prerequisite. An attacker who has a full control of the hardware running the DRM module must not be able to retrieve these secrets. These secrets must never appear plaintext into memory. This is where white-box cryptography comes. Real-life examples of white-box cryptography will be presented, and general methods to extract keys in a small amount of time will be detailed (the academic literature presents only fixed-key implementations of white-box cryptography, while dynamic-keys are commonly used in DRM implementations), focusing on white-box AES / white-box RSA.

About Jean-Baptiste Bédrune

I am currently working in the R&D lab at SOGETI/ESEC in reverse engineering, embedded devices and applied cryptography.