Digital rights management Introduction about Digital rights management, Software reverse engineering, Software tamper resistance, Digital rights management, Software reverse engineering, DRM for a P2P Application, DRM in the Enterprise.
DIGITAL RIGHTS MANAGEMENT Lam Trieu Hoang Viet Tran Quoc OUTLINE Introduction Software reverse engineering Software tamper resistance Digital rights management SOFTWARE REVERSE ENGINEERING Reverse engineering is the process of analyzing a subject system to identify the system's components and their interrelationships, and to create representations of the system in another form at higher levels of abstraction(Chikofsky and Cross1990) SRE can be used for good or not so good purposes SOFTWARE REVERSE ENGINEERING(CONT) The essential tools for SRE include a disassembler, a debugger and a hex editor A disassembler converts an executable into assembly code(IDA Pro, Hackman) A debugger is used to set break points, which allows Trudy to step through the code as it executes(SoftICE, OllyDbg) SOFTWARE REVERSE ENGINEERING(CONT) A hex editor is also a necessary SRE tool.The hex editor is the tool Trudy will use to directly modify, or patch, the exe file(UltraEdit, HIEW) Other tools that might sometimes prove useful include( Regmonmonitors all accesses of the Windows registry; Filemonmonitors all accesses of files) VMWarewhich allows a user to set up virtual machines SOFTWARE REVERSE ENGINEERING(CONT) Why do we need a disassembler and a debugger? For SRE work, boundless patience and optimism are also needed since SRE is extremely tedious and labor intensive. SRE is essentially a manual process The necessary technical skills for SRE include a working knowledge of the target assembly language and experience with the necessary tools SOFTWARE REVERSE ENGINEERING(CONT) For our SRE example, we’ll consider code that requires a serial number SOFTWARE REVERSE ENGINEERING(CONT) Trudy disassembled serial.exe using IDA Pro tool SOFTWARE REVERSE ENGINEERING(CONT) 10 A REALWORLD DRM SYSTEM MediaSnap DRM systems MediaSnap DRM systems Secure Document Server(SDS) Client software 31 A REALWORLD DRM SYSTEM 32 A REALWORLD DRM SYSTEM 33 A REALWORLD DRM SYSTEM There are security issues both on the server and on the client side The SDS must protect keys and authenticate users, and it must apply the required persistent protection to the document. The SDS resides at corporate headquarters and is relatively secure The client must protect keys, authenticate users, and enforce the persistent protection. The DRM client software, on the other hand, is readily available to any attacker 34 A REALWORLD DRM SYSTEM 35 A REALWORLD DRM SYSTEM To prevent disassembly, the executable code is encrypted, and false disassembly is used to protect the part of the code that performs the decryption. In addition, the executable code is only decrypted in small slices so that it’s more difficult for an attacker to obtain the entire code in decrypted form The antidebugging technique. 36 A REALWORLD DRM SYSTEM The antidebugging technique. The basic approach is to monitor for the use of the debug registers. One obvious attack on such a scheme is a maninthemiddle, where the attacker debugs the code but responds to the antidebugging software in such a way that it appears no debugger is running. The antidebugging technique includes defenses against such an attack on its monitoring mechanism 37 A REALWORLD DRM SYSTEM The obfuscation is applied to the security critical operations, including key management, authentication, and cryptography Advanced Encryption Standard(AES) Scrambling algorithm Can be obfuscated The keys are also obfuscated by splitting them into multiple parts and hiding some parts in data and other parts in code 38 A REALWORLD DRM SYSTEM 39 DRM FOR STREAMING MEDIA Attacks on streaming media include spoofing the stream between the endpoints, maninthe middle, replay, or redistribution of the data, and the capture of the plaintext at the client Scrambling algorithms Each instance of the client software comes equipped with a large number of distinct scrambling included Each client has a distinct subset of scrambling algorithms chosen from a master set of all scrambling algorithms, and the server knows this master set of algorithms 40 DRM FOR STREAMING MEDIA Scrambling algorithms Suppose the server knows the N different scrambling algorithm, s0,s1,…,sN1 . Each client is equipped with a subset of these algorithms, example: LIST = {s12, s45, s2, s37, s23, s31} 41 DRM FOR A P2P APPLICATION Peertopeer networks 42 DRM FOR A P2P APPLICATION Peer offering service(POS) 43 DRM IN THE ENTERPRISE Protect certain types of private information Example The Health Insurance Portability and Accountability Act(HIPAA) requires that companies protect personal medical records The SarbanesOxley Act(SOA) requires that companies must preserve certain documents, such as information that might be relevant to “insider trading” stock violations 44 45 ...OUTLINE Introduction Software reverse engineering Software tamper resistance Digital rights management SOFTWARE REVERSE ENGINEERING Reverse engineering is the process of analyzing a ... Metamorphism is one possible way to achieve a reasonable level of BOBE resistance 23 DIGITAL RIGHTS MANAGEMENT •What is DRM? •Describe an actual DRM system designed to protect PDF documents... within an enterprise WHAT IS DRM? Trudy wants to sell her new book in digital form on the internet Alice buys Trudy’s digital book and then redistributes it for free online => What happens?