The Internet provides users with convenient and ubiquitous access to digital content. Because of the potential of the Internet as a powerful distribution channel, many consumer electronics (CE) products strive to directly access the Internet or to interoperate with the PC platform—the predominant portal to the Internet. The CE products include, but are not limited to, digital set top boxes, digital TVs, game consoles, PCs and, increasingly, hand-held devices such as PDAs, mobile phones, and mobile storage and rendering devices, such as Apple's iPod. The use of the Internet as a distribution medium for copyrighted content creates the compelling challenge to secure the interests of the content provider. In particular it is required to warrant the copyrights and business models of the content providers. Increasingly, CE platforms are operated using a processor loaded with suitable software. Such software may include the main part of functionality for rendering (playback) of digital content, such as audio and/or video. Control of the playback software is one way to enforce the interests of the content owner including the terms and conditions under which the content may be used. Where traditionally many CE platforms (with the exception of a PC and PDA) used to be closed, nowadays more and more platforms at least partially are open. In particular for the PC platform, some users may be assumed to have complete control over the hardware and software that provides access to the content and a large amount of time and resources to attack and bypass any content protection mechanisms. As a consequence, content providers must deliver content to legitimate users across a hostile network to a community where not all users or devices can be trusted.
Typically, digital rights management systems use an encryption technique based on block ciphers that process the data stream in blocks using a sequence of encryption/decryption steps, referred to as rounds. During each round, a round-specific function is performed. The round-specific function may be based on a same round function that is executed under control of a round-specific sub-key. For many encryption systems, the round function can be specified using mapping tables or look-up tables. Even if the specification of the round function does explicitly comprise the use of tables, nevertheless, tables are frequently used in implementation for different parts of the function for efficient execution in software of encryption/decryption functions. The computer code accesses or combines table values into the range value of the function. Instead of distributing keys that may be user-specific, it becomes more interesting to distribute user specific algorithms instead of keys for encryption or decryption algorithms. These algorithms, most often functions (mappings), have to be obfuscated (hidden) in order to prevent redesign or prohibit the re-computation of elements that are key-like. On computers, tables accompanied with some computer code often represent these functions.
Content providers must deliver content to legitimate users across a hostile network to a community where not all users or devices can be trusted. In particular for the PC platform, the user must be assumed to have complete control of the hardware and software that provides access to the content, and an unlimited amount of time and resources to attack and bypass any content protection mechanisms. The software code that enforces the terms and conditions under which the content may be used must not be tampered with. The general approach in digital rights management for protected content distributed to PCs is to encrypt the digital content, for instance DES (Data Encryption Standard), AES (Advanced Encryption Standard), or using the method disclosed in WO9967918, and to use decryption keys.
The two main areas of vulnerability of digital rights management relying on encryption are the software plug-ins which enforce the terms and conditions under which the content may be used, and the key distribution and handling.
Typically, the plug-in enforces the teams and conditions under which the content is to be used. An attacker aiming to remove these terms and conditions may attempt to achieve this through tampering of the program code comprised in the software plug-in.
In relation to key handling, for playback a media player has to retrieve a decryption key from a license database. It then has to store this decryption key somewhere in memory for the decryption of the encrypted content. This leaves an attacker two options for an attack on the key. Firstly, reverse engineering of the license database access function could result in black box software (i.e., the attacker does not have to understand the internal workings of the software function), allowing the attacker to retrieve asset keys from all license databases. Secondly, by observation of the accesses to memory during content decryption, it is possible to retrieve the asset key. In both cases the key is considered to be compromised. In the following, a description of how in general software may be made tamper-resistant is provided.
Tamper-resistant software is so called because goal-directed tampering with the software is complicated. Various techniques for increasing the tamper resistance of software applications exist. Most of these techniques are based on hiding the embedded knowledge of the application by adding a veil of randomness and complexity in both the control and the data path of the software application. The idea behind this is that it becomes more difficult to extract information merely by code inspection. It is therefore more difficult to find the code that, for example, handles access and permission control of the application, and consequently to change it.
“White-Box Cryptography and an AES Implementation”, by Stanley Chow, Philip Eisen, Harold Johnson, and Paul C. Van Oorschot, in Selected Areas in Cryptography: 9th Annual International Workshop, SAC 2002, St. John's, Newfoundland, Canada, Aug. 15-16, 2002, referred to hereinafter as “Chow 1”, and “A White-Box DES Implementation for DRM Applications”, by Stanley Chow, Phil Eisen, Harold Johnson, and Paul C. van Oorschot, in Digital Rights Management: ACM CCS-9 Workshop, DRM 2002, Washington, D.C., USA, Nov. 18, 2002, referred to hereinafter as “Chow 2”, disclose methods with the intend to hide the key by a combination of encoding its tables with random bijections, and extending the cryptographic boundary by pushing it out further into the containing application.