New Microsoft Word Document

advertisement
Digital right management and MediaSnap’s DRM System
Everybody thinks differently about DRM(digital right management) system. DRM can be viewed as
remote control on digital contains. Control persistent after delivery also called as “persistence control”.
Digital contains are digital book, Music, cd’s, video, documents. We will take digital book as an example of
digital media. Digital books are on line and people can copy it, pass books to another and distribute to
other. DRM system control unauthorized access on digital contains. If we can limit the access on
information we can protect privacy.
Persistence control : Some restriction apply on a pieces on information even after delivery to
stop illegal distribution or use of document . Those restrictions are --no copying, no forward document,
limit to number access(3-4 times), time limit –only for four weeks ,or on weekdays(bit only open at certain
time).
Method of applies to maintain persistence control. (1) Honor System is people have moral
obligation to send money and read document. Doesn’t work vet well in practices. (2) Accept that people is
going to read and give up (3). Simple approach is software base as no copying allowed on
document(acrobat) but Simple approaches have simple solutions -- use screen capture program.(4).
Batter software based DRM system: that gives high level of security employ tamper checking techniques,
controlled rendering, like a company MediaSnap did. (5). Tamper-residence system have key and berried
key into hardware, not a very realistic approach on pc based system .
When we use crypto, attacker can get key and book as we attempt to pass them, beside cryptography
alone is not sufficient for persistent control. At a minimum, the encryption key must be protected all the time.
One can try to make it secure by obscurity –make it confusing so on one can understand what is happing.
Cryptographic system should be public so it tested on security bases.
MediaSnap DRM system was designed to protect PDF documents. Principles are same if used for other
digital media. Email method has been used and email and attachment were encrypted. The protected
document is then sent to the Secure document server (SDS). SDS put some level of persistent protection
and authentication. Then document are sent to the recipient. Client side open document in adobe and
PDF plugin.
Sender document
Key
SDS
protected Document
Recipient
There are two modes tethered system, the keys are kept on a server and keys are transited to client side for accessing document.
Keys are discarded after accessing document and client has to be online on network connection. Consider
more secure as SDS protect keys on access bases(SDS can delete key and document can be shattered)
but key can be compromised when user is online and accessing document
SDS server
Key
Recipient
Untethered Mode : The key and document are at same place at all times. Document can be access
without network connection .( This is convenient ) and client protect key. This system is less secure.
Document reader security has two layers outer layer Tamper-resistance and inner layer
Obscurity .Tamper resistance have two features first is to stop debugger to run so nobody can
copy steps and second is binary code is encrypted .Both the feature keep checking on each
other. MIM attack is still possible as a program can say to code that debugger is not running.
The feature of Obscurity are (1).Key management is hide key some ware so no one can find it
which is most difficult task as key is random bit and easy to recognized.(2) Authentication was an
combination of passwd ,fingerprint that returns value rather then a bit ( bit can be true or not and
someone can change that bit).(3).Cashing and key management : pass key securely encrypted by another
key .Key part has multiple keys. (4).Encrypting and scrambling: In MediaSnap system a proprietary
“scrambling” algorithm. This algorithm is crypto-algorithms. Gives extra protection.
Some other feature of mediaSnap is worth mentioning. Those are Module tamper
checking in module were hashed and checked. Hashes were in memory and if hash doesn’t match
document can’t be viewed. Anti-screen captures feature, Watermarking and “Unique-ification”.
Unique-ification is different scrambling algorithm for every software, so every client has different version.
In other systems we can consider Atabok’s security witch has 256-bit key, but system can be
broken because key length is just one part of DRM system. And according to Schneier (2000) “What does
breaking the encryption have to do with breaking the system? Haven’t these people learned anything from
the DeCSS story? “
Some Crypto claims were silly Example of that is secretSeal which claims “contains five radical
innovations”, which includes like hieroglyphic passwords to variable -length encrypted keys and top of
that no encryption formula present in the software .”
Adobe eBooks is an “Respect” model and a cote “It is up to the implementers of PDF viewer
applications to respect the intent of the document creator by restricting access to an encrypted PDF file
according to passwords and permissions contained in the file.
Company “InterTrust “ holds almost 24 patents along with another 80 patent applications. This
company has case against Microsoft also and that appears to be their business model.
In Microsoft-DRM has no hashing and weak proprietary block cipher (MultiSwap) used for
hashing.
An ideal successful DRM system should be in Tamper-resistant hardware. With this Hardwarebased approach does have more security advantages but can move “remote controllability” from users to
third parties.
Ideal software-based DRM Overall system survives repeated attacks. If DRM is in
software is should be unique. Problem is how and where the uniqueness is employed.
Download