Content protection systems often operate by encrypting protected content on server computers, and by using special client viewers to decrypt the encrypted content on client computers. Such a client viewer may be designed as a dynamic link library (DLL) that loads into viewer applications. Using such a DLL, application developers may design their own application interfaces for accessing encrypted content.
FIG. 1 is a simplified block diagram of a prior art content protection system. A server computer 110 includes an encoder 120 for encrypting protected content. A client computer 130 includes a decoder DLL 140 for decoding encrypted content it receives from server computer 110. A content viewer application 150 loads and runs decoder DLL 140 within a user interface for viewing the protected content.
Content viewer application 150 is intended to be a trusted application, having access permission to the protected content. However, although decoder DLL 140 is not published, it is nevertheless possible for a hacker to reverse engineer the application programming interface (API) for decoder DLL 140, and to program his own rogue viewer application to load and run decoder DLL 140.
The ability to develop a rogue application running decoder DLL 140 defeats the purpose of a content protection system.