The protection of digital content transferred between computers over a network and transferred from a computer to an associated playback device is important for many organizations. The DRM process often involves encrypting the pieces of content (e.g., encr the binary form of the content) to restrict usage to those who have been granted a right to the content, which is typically pieces of music or video programs.
Cryptography is the traditional protection method, but for many digital file transfer situations, a party that legitimately receives the content might try to break the DRM protection scheme, so as to give illicit access to third parties. An identified weak leak in the DRM security is in the overall process, rather than the encryption scheme. For instance, one of the more successful DRM systems distributes music and video content via the Internet. The DRM system distributes to a user's computer content that has been encrypted. The user's computer then decrypts the received content, generates local keys for encrypting the content, and uses these local keys to re-encrypt the content. Typically the content in encrypted form may also be downloaded, via a local connection, to an associated playback-only device such as an audio or video media player, which similarly decrypts and re-encrypts the content before playing same.
The present inventors have identified a potential security issue with this approach. As indicated above, during the playback process (which can also occur in the user's computer) the decrypted data is resident for a time in memory in the host computer and/or other playback device. One such memory location is a buffer memory which temporarily stores one or more packets or frames of the decrypted content bitstream. For audio content, the usual encoded format of the data is referred to as AAC (Advanced Audio Coding ISO 13818-7) which is a compression standard with associated codecs (coder-decoder) commercially available in hardware and software. For video, the usual encoded format is H.264, a similar standard with compression, also with commercially available codecs.
During the playback process, portions of the decrypted content (packets for audio, frames for video), are temporarily stored in a buffer prior to being supplied to the AAC or H.264 or other decoder. Hackers (illicit copiers) may be able to access the decrypted data in this buffer using a standard software tool known as a debugger attachment. The hacker can then copy the accessed data out of the buffer, store it, and as the content is played thereby have a decrypted copy of the entire content, without having to break the actual encryption.
This process is illustrated in FIG. 1, where a conventional video and/or audio player 10 is shown in a block diagram, with only relevant portions shown for simplicity. Note that player 10 may be part of a conventional computer, or a media player only, or part of a cell phone, PDA, or other electronic device. The encrypted content is stored in the non-volatile or other memory 12, which is for instance flash memory, a disk drive, etc. or DRAM (dynamic random access memory). When the user selects content (such as a song) for play, the song is transferred portion by portion (such as packet by packet) to decryptor 16, which applies a decryption key thereto and decrypts the portion. The decrypted data is then stored in a buffer (memory location) 18, designated here as a parser buffer. The parser buffer assembles the data into suitable packets for transfer to the AAC (or other standard type) decoder 20, which is part of a conventional codec.
The hacker's attack uses a debugger attachment 22 to access the data in buffer 18, and transfer it to another memory, such as in a computer (not shown), where he can effectively copy the entire content free of any encryption as it is played for later illicit distribution or use (it is assumed the content is copyrighted so the use is illicit, but that is not relevant technically).