Windows Media DRM
From Wikipedia, the free encyclopedia
Windows Media DRM is a Digital Rights Management service for the Windows Media platform. It is designed to provide secure delivery of audio and/or video content over an IP network to a PC or other playback device in such a way that the distributor can control how that content is used.
WMDRM includes the following components:
- Windows Media Rights Manager (WMRM) SDK for packaging content and issuing licenses
- Windows Media Format SDK (WMF SDK) for building Windows applications which support DRM and the Windows Media format
- Windows Media DRM for Portable Devices (WMDRM-PD) for supporting offline playback on portable devices (Janus)
- Windows Media DRM for Network Devices (WMDRM-ND) for streaming protected content to devices attached to a home network (Cardea)
Contents |
[edit] How it works
In May 2007 Microsoft published the network protocol behind its license acquisition mechanism.[1] According to the specification, the client software obtains a 7 byte plain-text content key Kcontent from the license server. The server encrypts the key before transferring it to the client with a globally predefined 160-bit ECC key, ECC1. The server also sends a content key ID, unencrypted. The client then uses the Kcontent as an RC4 key to decrypt the licensed media stream.
As an anti-spoofing measure, additional fields such as playback rights and a random number are encrypted with 3 more predefined ECC key pairs either by the client or server software:
- client software ECC key pair KC,
- client machine ECC key pair KM,
- server software ECC key pair KS.
An analysis of version 2 of the DRM scheme in Windows Media Audio revealed that it was using a combination of elliptic curve cryptography key exchange, the DES block cipher, a custom block cipher dubbed MultiSwap (for MACs only), the RC4 stream cipher, and the SHA-1 hashing function.[citation needed]
Windows Media DRM is designed to be renewable, that is, it is designed on the assumption that it will be cracked and must be constantly updated by Microsoft. The result is that while the scheme has been cracked several times, it has usually not remained cracked for long.[citation needed]
Version 1 was released in April 1999 and supported basic business rules such as expiration dates. Version 2 was released in January 2003 and is also known as version 7.x and 9, to keep in sync with the equivalent versions of Windows Media Player. Version 3, better known as DRM v10, was released in 2004. Earlier versions of the system have cracks available, meaning content restricted with these versions can have the protections stripped. Version 10 was cracked in early 2005, but a software update was shortly pushed which sealed the relevant hole.
Generally, these sorts of cracks have all worked in the same way to a certain extent. Rather than break the encryption itself, which is infeasible, they hook or interfere with the "black box" component as it runs to dump out the content keys or the unencrypted content from memory. These sorts of techniques are countered by Microsoft via automated Windows Updates,[citation needed] which in turn the user may choose to avoid or cancel. Since all Software DRMs ultimately rely on obfuscation rather than true security, as crackers sharpen their tools, they will also improve the speed and quality of their attacks.
[edit] Interoperability
The content delivered with the WMDRM encryption is not universally accessible but limited to those users running Microsoft Windows. Microsoft has not reached other markets yet.
The open network protocol for digital rights management, [MS-DRM] from the MCPP collection, stipulates that software developers have a right to implement the protocol outside the Microsoft's development tools and environment.
[edit] Removal
Tools have been created to strip files of Windows Media DRM, enabling them to be played on non-Janus platforms. It was claimed that one particular tool FairUse4WM (Released on 19 August 2006)[2] written by Viodentia had the ability to strip DRM from files protected with WMDRM.[3]
Microsoft responded in several ways. First, on August 28, 2006 Microsoft released a new version of the individualized blackbox component (IBX) to prevent this particular tool from working. Microsoft also informed partners that they are working to further resolve this issue, given that the fix was also alleged to have been circumvented within days.[4] Microsoft also issued takedown notices to web site owners.[5] Finally, on 22 September 2006, Microsoft filed a federal lawsuit against John Does 1-10 a/k/a "viodentia", hoping to identify the person or persons responsible.[6] However, the operator of the highest-ranked mirror of the utility, James Holden,[7] denies having received any such notices or threats. Unable to find the identity of Viodentia, Microsoft dropped the civil suits they had filed in April 2007.[8]
By 16 October 2006, distributors using the Windows Media DRM protection, such as Sky Anytime, were using a patched codec. On 6 September 2007, Microsoft updated IBX to version 11.0.6000.7000, in an attempt to thwart circumvention efforts by variants of the original program. And, as of 28 November 2007, DRM Removal under Windows XP on new installs or updated computers (i.e. those that already contain IBX version 11.0.6000.7000), is not possible without rolling back to Windows Media Player 10. Recently, a patched version of FairUse4WM was released, allowing it to work with Windows Vista, and IBX versions lower than 11.0.6000.6324.[citation needed]
[edit] References
- ^ [MS-DRM]: Digital Rights Management License Acquisition Data Structure, Microsoft Development Network Library, rev. 2.0, March 14, 2008.
- ^ Hachman, Mark (2006-08-26). "Microsoft To Issue Fix For DRM Stripper App". PC Magazine Online (Ziff Davis Publishing Holdings Inc.). http://www.pcmag.com/article2/0,2817,2009515,00.asp.
- ^ "Engadget FairUse4WM strips Windows Media DRM!". http://www.engadget.com/2006/08/25/fairuse4wm-strips-windows-media-drm. Retrieved on 2006-08-25.
- ^ "Sky movies paused by DRM security flaw". http://www.theregister.co.uk/2006/09/13/microsoft_drm_bskyb1/. Retrieved on 2006-09-13.
- ^ "Microsoft tells web site owners to take down FairUse4WM". http://arstechnica.com/news.ars/post/20060917-7761.html. Retrieved on 2006-09-17.
- ^ "Microsoft sues Viodentia for copyright infringement". http://www.engadget.com/2006/09/26/microsoft-sues-viodenta-for-copyright-infringement/. Retrieved on 2006-09-26.
- ^ "Microsoft Didn’t Issue Takedown Notices For FairUse4WM". http://jamesholden.net/2007/04/25/microsoft-didnt-issue-takedown-notices-for-fairuse4wm/.
- ^ "Microsoft drops case against FairUse4WM creator Viodentia". http://www.engadget.com/2007/04/06/microsoft-drops-case-against-fairuse4wm-creator-viodentia/. Retrieved on 2007-04-23.