How It Works
In May 2007 Microsoft published the network protocol behind its license acquisition mechanism. According to the specification, the client software obtains a 7 byte plain-text content key Kcontent from the license server. The server encrypts the key before transferring it to the client with a globally predefined 160-bit ECC key, ECC1. The server also sends a content key ID, unencrypted. The client then uses the Kcontent as an RC4 key to decrypt the licensed media stream.
As an anti-spoofing measure, additional fields such as playback rights and a random number are encrypted with three more predefined ECC key pairs either by the client or server software:
- client software ECC key pair KC,
- client machine ECC key pair KM,
- server software ECC key pair KS.
An analysis of version 2 of the DRM scheme in Windows Media Audio revealed that it was using a combination of elliptic curve cryptography key exchange, the DES block cipher, a custom block cipher dubbed MultiSwap (for MACs only), the RC4 stream cipher, and the SHA-1 hashing function.
Windows Media DRM is designed to be renewable, that is, it is designed on the assumption that it will be cracked and must be constantly updated by Microsoft. The result is that while the scheme has been cracked several times, it has usually not remained cracked for long.
Version 1 was released in April 1999 and supported basic business rules such as expiration dates. Version 2 was released in January 2003 and is also known as version 7.x and 9, to keep in sync with the equivalent versions of Windows Media Player. Version 3, better known as DRM v10, was released in 2004. Earlier versions of the system have cracks available, meaning content restricted with these versions can have the protections stripped. Version 10 was cracked in early 2005, but a software update was shortly pushed which sealed the relevant hole.
Generally, these sorts of cracks have all worked in the same way to a certain extent. Rather than break the encryption itself, which is infeasible, they hook or interfere with the "black box" component as it runs to dump out the content keys or the unencrypted content from memory. These sorts of techniques are countered by Microsoft via automated Windows Updates, which in turn the user may choose to avoid or cancel.
Read more about this topic: Windows Media DRM
Famous quotes containing the word works:
“When life has been well spent, age is a loss of what it can well spare,muscular strength, organic instincts, gross bulk, and works that belong to these. But the central wisdom, which was old in infancy, is young in fourscore years, and dropping off obstructions, leaves in happy subjects the mind purified and wise.”
—Ralph Waldo Emerson (18031882)