1

A followup to How secure will EME be?

What I don't understand is how the CDM prevents key leakage. Is it not enough to "simply"[*] inspect the browser's memory and derive keys?

In other words - given two options, which would be more secure, or are they roughly equivilent?

  1. Widevine/etc. CDM solution
  2. Some app with a bit of obfuscation on a whitebox-aes implementation

As far as I can see - both are software only and neither benefit from more robust hardware+os implementations

[*] I'm not qualified enough to come up with an example of how to do this - perhaps the answer(s) could provide specific tools/techniques of how such an attack could be carried out, and explain why CDM is any different in light of those specific attacks

davidkomer
  • 521
  • 4
  • 9
  • 2
    Note that there is a much easier way of capturing whatever content you want to protect no matter how strong the DRM is: breaking HDCP (which has already been done) and capturing the video data from the display port directly. – André Borie Nov 29 '16 at 09:50
  • True true, and there's also the "analog hole" – davidkomer Nov 29 '16 at 10:53

1 Answers1

2

Re. inspecting memory: Back in the day, that was indeed how it was done. It's often a bit more involved than that due to anti-debugging tricks or run-time encryption (on top of the inevitable obfuscation) of the DRM program code and data. If I remember correctly that was how the DeCSS key was leaked from the software-based DVD player programs of the time.

The CDM providers might take this road, which is well-known to be somewhat secure in that it buys time (it takes a skilled reverse engineer a while to figure out the decryption, then you change it in the next version and make them start over again) and isn't too controversial.

Or they might go for a hardware solution in which part of the decryption code is uploaded into some 'secure enclave' in your CPU that cannot be inspected from within the same computer itself. I think we have gotten a preview of this type of scheme with e.g. Apple's iPhone and Intel's 'Management Engine' which has been in the news recently, although I don't think the current implementations of either make much provision for multimedia decryption / playback.

So I think the plain answer to your question is:

  • The current crop of CDMs are probably as secure as a typical software DVD or blu-ray player: Good against most casual opponents, still vulnerable to skilled reverse engineers who care to put in the requisite time and effort.

  • Future CDMs have the potential to be highly secure, assuming hardware support becomes widespread, making illicit decryption of multimedia as difficult as e.g. jail-breaking an iPhone or cracking the copy protection on a modern gaming console: There is at any given time probably only a handful of people in the world with the skill, time and motivation to crack such hard schemes (reverse engineers and hackers almost always 'age out' - it's a young man's game).

linklater
  • 36
  • 2