Category Archives: Technology

IEEE P1817: a new DRM standard?

Posted on by
Reply

In February, I reported about a new concept Digital Personal Property. IEEE is launching a project to develop this DRM, so called Consumer-ownable Digital Personal Property. It is P1817.

The main goal is to mimic the features of a physical good. In other words, if you would be able to enforce the uniqueness of the instance of a digital good, then there would be no serious reason to limit drastically. In other words, you would be able to act like with a physical book. You could lend it, or sell it. In economic terminology, the challenge is to turn a digital good into an excludable good. By nature, digiatl goods are non-rival and non-excludable.

The main technical concept is that the piece of content is encrypted and can be distributed freely. But the decryption key will be

moveable but uncopiable

. Actually, the decryption key, so called playkey, will be double, one in a server repository and the other one for the user. To lend a piece of content, Alice will hand herplaykey to Bob… To return the piece of content,Bob will send back her playkey. Meanwhile, Alice should not have anymore her playkey.

I see several issues with this proposal.

  • – There must be only two instances of the playkey (one in a server, and one at the consumer). The technical challenge will be the moveable but uncopiableplaykey. One of our Holy Grails. Some enforcements are foreseen.

    Counterfeit Handling
    The playkey banking system facilitates the identification of counterfeited playkeys.
    Playkey pair synchronization occurs, during which the system checks the validity of the playkeys with the issuer and the registrar. There are at least two approaches to handling counterfeits: (1) The consumerʼs player is notified, after which the user interface always highlights the item as counterfeited, and (2) the consumerʼs playkey vault is directed to
    invalidate the device playkey, notify players of its invalid status, and refuse to provide further services for that playkey. The first approach leaves the counterfeit usable, and depends on the social stigma of owning and using forged goods to discourage its further use and encourage reporting of the forgery to vendors and publishers. The second approach prejudges intent and guarantees that the consumer victim pays the price of
    the illegal activity. Either way, there exists the opportunity for vendors or publishers to offer rewards for information leading to the identification of the counterfeiters.

  • How to handle the multi format issue? Today, many customers complain about non compatible format protected by DRM content. For instance, if you use different resolution or codec. Take as an example a Blu-Ray disc and a SD file for Windows player. This does not nicely map in the physical world. A book has no incompatibility of format with your eyes. If we would like to push the comparison, the challenge would be to be able to provide the same book but with different languages.Currently, the foreseen answer by the industry is the digital rights locker.

Will it succeed? I don’t know. In any case, I will be very interested to study the solution making a digital data structure “moveable but uncopiable”.

DPA contest V2

Posted on by
Reply

Since the seminal work of Paul KOCHER (founder of CRI), side channel attacks have challenged many cryptographers and implementers. In a nutshell, side channel attacks use side information to guess secret keys. A simplified explanation: let’s imagine that your AES implementation takes longer when processing a “1” of the secret key than a “0”, by measuring the processing time you may guess the secret keys (without any intrusion). This is called a timing attack. There are other available side channel pieces of information such as power, electro-magnetic … Side channel attacks are devastating.

There is no standard way to compare the efficiency of different side channel attacks. Under the initiative of Telecom Paris Tech, the DPA contest expects to benchmark these attacks.

The second edition, DPA contest V2, allows different teams to compare their respective Differential Power Analysis attacks (DPA) against an unprotected AES implementation. Results will be presented in one coming crypto conference.

UBISOFT re-torpedoed

Posted on by
Reply

The use of a new type of DRM for its new games “Silent Hunter 5” and “Assassin Creed II” raised a violent reaction against Ubisoft. The software was cracked in less than 24 hours.

But this time, the story did not stop there. Last week, Ubisoft was under a serious Denial Of Service (DOS) attack. Thus, the legitimate gamers were not able to play! These games require online connection for initial authentication but also to save the game! It seems that this weekend a new salvo of DOS was launched from Russia against Ubisoft’s servers. These DOS attacks make the hacked version more attractive (that’s the limit!  :Sad: )

Furthermore, some players confirmed on forums that the hacked game was complete (which initially Ubisoft denied).

Lesson: When designing a DRM, we should check what occurs if some context environments fail (such as network connection. The impact should be minimal for the legit customer.

Ubisoft’s DRM torpedoed!

Posted on by
Reply

Ubisoft recently launched its new game “Silent Hunter 5”, a simulation of submarine. The game was protected with a new generation of DRM that required constant online connection to servers. Of course, if you are online, it is easier to fight piracy. As usually, in the game arena, this new DRM generated a huge fury (remember Spore).

Unfortunately, 24 hours after the launch, a cracked version appeared on the P2P networks (see TorrentFreak). The cracked version does not require online connection!

Quickly, Ubisoft denied that the game was cracked.

“You have probably seen rumors on the web that Assassin’s Creed II and Silent Hunter 5 have been cracked. Please know that this rumor is false and while a pirated version may seem to be complete at start up, any gamer who downloads and plays a cracked version will find that their version is not complete,”

Unfortunately, when scouting the forums, I never find any person complaining that the game was not working. Nevertheless, the crack requires to avoid any connection to Ubisoft servers.

Ubisoft was expecting to deploy the same DRM for Assassin Creed II. Some delay may be foreseen.

As a citizen, I see the need of DRM. As a security expert, I “build” DRM. Piracy is bad. As a gamer, I hate DRM that requires a permanent connection for a game that does not need interaction with other entities. I often play games in train or plane. Such a DRM requirement would be deterrent for me. One of the most important requirements for DRM is that DRM should be as transparent as possible for honest user.

Software protection is one of the most complex tasks.

MyDRMSpace

Posted on by
Reply

Do you want to add a digital watermark to your personal pictures or audio records? The MyDRMspace site offers such a free service free (although in the terms of use, there is a possibility to charge).

Polish developers and entrepreneurs opened this site in 2009. Once registered, you can upload a photo or a piece of audio to the server. Then, you enter information related to the file and mydrmspace will add a watermark to it (signature in their vocabulary). Of course, you can upload a file to check if any watermark is present. If the watermark is present, then mydrmspace will point to the corresponding information.

The developers had the bright idea to offer the infrastructure as a platform for watermark designers. Any watermark designer can upload his/her embedders and detectors (so called coder and decoder on the site :Sad: ) Then the public may use this technology. In other words, when uploading to mark, you can choose the embedder (coder). I have no clue on which criteria, normal users would use one technology rather than another one. The most probable would be that normal user would choose either the first one presented or the most popular one. When checking a file, you have to select the right detector (decoder).

Unfortunately, they seem not to have tremendeous success. There is only one audio watermark technology available and two image watermark technologies (from the same author). The place holder for video watermark is empty.

I have not tested if the watermarks are robust.

Do you know any similar site that offers free watermarking service?

Thank you to TF for the pointer :Happy:

Digital Personal Property

Posted on by
Reply

Paul Sweazey believes he has found the solution that mitigates the problem of DRM. He wanted to emulate a property of physical goods: rivalry (If you want more information about rivalry, please have a look on Bomsel’s works). In a nutshell, rivalry is the fact that when consuming a good you reduce the access for others. For instance, when you play your DVD, someone else cannot play it on another player. This is not true for electronic files. By definition, electronic goods are non-rival. One of the purposes of DRM is to add a pinch of rivalry.

To do so, Sweazey created the concept of Digital Personal property. How does it work? Content has two elements: an encrypted folder containing the essence and a playkey that you preciously keep in a vault. Sounds familiar, isn’t it? In DRM vocabulary, his playkey is called a license. You may freely distribute the encrypted folder but will give your playkey only to trusted people who would not steal your license. The license must be UNIQUE in the sense that there is one unique instance at any time. Thus, if the person you gave your playkey does not return it, you lost its ownsership.

The technical trick will be to be able to create a rival license that should not be linked to a device (else you end up with the typical problem of interoperability).

He just moved the problem of DRM towards the license. He will still have to find a method to generate a license (playkey) that can exist only as one unique instance in the world and that could be played everywhere. This is the Holy Grail of DRM that we have been all looking for years. TCreating rivalry is difficult without introducing physical constraints.

It reminds me one of the concepts we built in an old system called SmartRight. The objective was to control the size of an authorized domain for a familly but without any central online authority. We used an electronic token that was passed to the newly joining device. Of course, you could add a device from your neighbour, but then your neighbour “owned” the electronic token. Would the neighbour leave or not collaborate anymore, you could not anymore add devices to your domain. It was based on the use of secure processors and on the fear of loosing the token.

Will DPP work? If Sweazy finds a robust and user friendly way to create this unicity of instance, it would work. This would also offer a lot more applications. But is it feasible? Bruce Schneier would probably say no. (Wait our next security newsletter with his interview.) And many brains are researching this topic.

For more information, read Goodbye, DRM; hello “stealable” Digital Personal Property at Ars technica.

Are watermarked screeners too expensive?

Posted on by
Reply

Screeners are copies of a movie that are sent to reviewers or members of an award jury. The favored format is DVD. Unfortunately, DVD are not protected against piracy. Thus, typical procedure is to watermark each screener with an individual invisible mark. Thus, if ever there is leakage, it should be possible to trace back to the originator.

According to /Film, Sony pictures considered this operation too expensive and thus decided not to support its movie “Moon” for the Oscars. Funnily, the movie is already available as DVD and BluRay.

Is the story finished?

Thanks to Olivier for the pointer.