1 / 45

DIGITAL RIGHTS MANAGEMENT

DIGITAL RIGHTS MANAGEMENT. Hoang Viet Lam Tran Quoc Trieu. Outline. Introduction Software reverse engineering Software tamper resistance Digital rights management. Software reverse engineering.

amal
Télécharger la présentation

DIGITAL RIGHTS MANAGEMENT

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DIGITAL RIGHTS MANAGEMENT Hoang Viet Lam Tran Quoc Trieu

  2. Outline • Introduction • Software reverse engineering • Software tamper resistance • Digital rights management

  3. Software reverse engineering • Reverse engineering is the process of analyzing a subject system to identify the system's components and their inter-relationships, and to create representations of the system in another form at higher levels of abstraction(Chikofsky and Cross1990) • SRE can be used for good or not so good purposes.

  4. Software reverse engineering(cont) • The essential tools for SRE include a disassembler, a debugger and a hex editor. • A disassembler converts an executable into assembly code(IDA Pro, Hackman). • A debugger is used to set break points, which allows Trudy to step through the code as it executes(SoftICE, OllyDbg).

  5. Software reverse engineering(cont) • A hex editor is also a necessary SRE tool.The hex editor is the tool Trudy will use to directly modify, or patch, the exe file(UltraEdit, HIEW). • Other tools that might sometimes prove useful include( Regmon-monitors all accesses of the Windows registry; Filemon-monitors all accesses of files) • VMWare-which allows a user to set up virtual machines

  6. Software reverse engineering(cont) • Why do we need a disassembler and a debugger? • For SRE work, boundless patience and optimism are also needed since SRE is extremely tedious and labor intensive. SRE is essentially a manual process • The necessary technical skills for SRE include a working knowledge of the target assembly language and experience with the necessary tools

  7. Software reverse engineering(cont) • For our SRE example, we’ll consider code that requires a serial number.

  8. Software reverse engineering(cont) • Trudy disassembled serial.exe using IDA Pro tool

  9. Software reverse engineering(cont)

  10. Software reverse engineering(cont)

  11. Software reverse engineering(cont) • The instruction test eax,eax computes a binary AND of register eax with itself. This causes the flag bit—which is tested in the jump instruction at address 0x401032—to be zero only if the eax register contains 0 • Replace instruction “test eax,eax” at address 0x401030 with “xor eax,eax” then the flag bit that is tested in line 0x401032 will always be zero

  12. Software reverse engineering(cont) • Trudy examines the bits at address 0x401030 0x33C0

  13. Anti-Disassembly Techniques • Encrypt executable file and when the exe file is in encrypted form, it can’t be disassembled correctly. • False disassembly

  14. Anti-Disassembly Techniques(CONT) • Another sophisticated anti-disassembly trick that has been used is self-modifying code. • Self-modifying code modifies its own executable in real time. • This is an effective way to confuse a disassembler, but it may also confuse the developers, since it’s difficult to implement and is error prone

  15. Anti-Debugging Techniques • Since a debugger uses certain debug registers, a program can monitor the use of these registers and stop (or crash) if these registers are in use. • A program can also monitor for inserted breakpoints, which is another telltale sign of a debugger

  16. Anti-Debugging Techniques(CONT) • A simple anti-debugging technique

  17. Software Tamper Resistance Guards: • It’s possible to have the code hash sections of itself as it executes and compare the computed hash values with the known hash values of the original code. • If tampering occurs, a hash check will fail and the program can take evasive action.

  18. Software Tamper Resistance(cont) Obfuscation: • Another popular form of tamper resistance is code obfuscation. Here, the goal is to make the code difficult to understand • “Spaghetti code” • “Opaque predicate”

  19. Software Tamper Resistance(cont) • Code obfuscation has sometimes been promoted as a powerful security technique.In fact, Diffie and Hellman’s original conception of public key cryptography suggested obfuscation as a likelyway to develop a such a cryptosystem. • Recently it has been argued that obfuscation cannot possibly provide strong security in, say, the same sense as cryptography

  20. Metamorphism Revisited • The usual practice in software development is to distribute identical copies, or clones, of a particular piece of software to each customer • Break once, break everywhere or BOBE • Suppose we distribute metamorphic copies. That is, each copy of our software differs internally, but all copies are functionally identical.

  21. Metamorphism Revisited(CONT) • Thanks to open platforms and SRE, we cannot prevent attacks on software. Arguably, the best we can hope for is increased BOBE resistance. • Metamorphism is one possible way to achieve a reasonable level of BOBE resistance.

  22. DIGITAL RIGHTS MANAGEMENT What is DRM? Describe an actual DRM system designed to protect PDF documents. DRM system designed to protect streaming media Particular peer-to-peer application Use DRM to protect documents distributed within an enterprise

  23. What is DRM? • Trudy wants to sell her new book in digital form on the internet. • Alice buys Trudy’s digital book and then redistributes it for free online => What happens? • Persistent protection is the buzzword for the required level of DRM protection. Examples of the kinds of persistent protection on a digital book: No copying, read once, do not open until Christmas, …

  24. What is DRM? • What can be done to enforce persistent protection? • One option is to rely on the honor system, whereby we do not actually force users to obey the rules but instead simply expect that they will. Example: horror novel writer Stephen King with a book The Plant.

  25. What is DRM? • Give up on enforcing DRM on an open platform such as a PC. • Enforce persistent protection through software in a PC => failure • Example: DRM system for protecting digital documents might be defeated by user who is knowledgeable enough to operate a screen capture program.

  26. What is DRM? • Another option would be to develop the strongest possible DRM system in software. • A reasonably high level of DRM protection can be achieved. • Example: Closed systems(game systems)

  27. What is DRM? • Cryptography is the solution to the DRM problem.

  28. What is DRM? • There is a fundamental limit on the effectiveness of any DRM system, since the so called analog hole is present in any DRM. When the content is rendered, it can be captured in analog form.

  29. A Real-World DRM System • MediaSnap DRM systems MediaSnap DRM systems Secure Document Server(SDS) Client software

  30. A Real-World DRM System

  31. A Real-World DRM System

  32. A Real-World DRM System • There are security issues both on the server and on the client side. • The SDS must protect keys and authenticate users, and it must apply the required persistent protection to the document. The SDS resides at corporate headquarters and is relatively secure. • The client must protect keys, authenticate users, and enforce the persistent protection. The DRM client software, on the other hand, is readily available to any attacker.

  33. A Real-World DRM System

  34. A Real-World DRM System • To prevent disassembly, the executable code is encrypted, and false disassembly is used to protect the part of the code that performs the decryption. In addition, the executable code is only decrypted in small slices so that it’s more difficult for an attacker to obtain the entire code in decrypted form. • The anti-debugging technique.

  35. A Real-World DRM System • The anti-debugging technique. • The basic approach is to monitor for the use of the debug registers. One obvious attack on such a scheme is a man-in-the-middle, where the attacker debugs the code but responds to the anti-debugging software in such a way that it appears no debugger is running. The anti-debugging technique includes defenses against such an attack on its monitoring mechanism.

  36. A Real-World DRM System • The obfuscation is applied to the security critical operations, including key management, authentication, and cryptography. • Advanced Encryption Standard(AES). • Scrambling algorithm. • Can be obfuscated. • The keys are also obfuscated by splitting them into multiple parts and hiding some parts in data and other parts in code.

  37. A Real-World DRM System • Another security feature implemented by the system is anti-screen capture technique • Somewhat analogous to the anti-debugging technique. • Digital water marking is also employed. It is designed to provide the ability to trace stolen content.

  38. DRM for Streaming Media • Attacks on streaming media include spoofing the stream between the end-points, man-in-the-middle, replay, or redistribution of the data, and the capture of the plaintext at the client. • Scrambling algorithms. • Each instance of the client software comes equipped with a large number of distinct scrambling included. • Each client has a distinct subset of scrambling algorithms chosen from a master set of all scrambling algorithms, and the server knows this master set of algorithms.

  39. DRM for Streaming Media • Scrambling algorithms. • Suppose the server knows the N different scrambling algorithm, s0,s1,…,sN-1 . Each client is equipped with a subset of these algorithms, example: LIST = {s12, s45, s2, s37, s23, s31}

  40. DRM for a P2P Application • Peer-to-peer networks

  41. DRM for a P2P Application • Peer offering service(POS)

  42. DRM in the Enterprise • Protect certain types of private information. • Example • The Health Insurance Portability and Accountability Act(HIPAA) requires that companies protect personal medical records. • The Sarbanes-Oxley Act(SOA) requires that companies must preserve certain documents, such as information that might be relevant to “insider trading” stock violations.

  43. Thanks for listening

More Related