▶ 7.5 Digital Rights Management
When a company publishes in digital form, whether it is a computer program, music, video, or a book, they face the piracy problem: Some people may make and sell copies without paying royalties to the copyright owner. In general, the problem of sharing digital data involves Transitive Trust, because anyone can make a copy of raw bits to share with others. This problem led to DRM techniques, which seek to prevent easy duplication of digital data.
In the early days of personal computing, most computer owners were hobbyists who spent money on relatively costly hardware. Back then, the cheapest diskette drive or hard drive cost more than an entire computer system costs today. Because software was relatively easy to copy, hobbyists were often inclined to “borrow” copies from friends instead of buying a copy.
Software vendors developed copy protection schemes (an early DRM technique) to reduce the piracy risk. Some built in authentication mechanisms tied to hard-to-copy information. Others distributed software on specially formatted diskettes that resisted conventional attempts to copy them. By the time computers had become a fixture in company offices, most vendors had stopped using copy protection, simply because it made matters too difficult for nontechnical users.
Video productions were first published and sold to the public in the 1970s, with the introduction of video casettes. Some video publishers worried about people making and selling their own copies of video productions. However, it proved difficult to make high-quality copies from the analog recordings. Many video publishers used a mechanism called “Macrovision” to make copying difficult. Macrovision interferes with video timing signals to prevent reliable recording without preventing playback.
The introduction of DVDs in the mid-1990s led to more sophisticated DRM techniques. Film distributors feared that digital video would make piracy rampant. The industry standard for DVD production incorporated a custom-designed DRM mechanism called the DVD Content Scrambling System (DVD-CSS). Every DVD player manufacturer and DVD publisher agreed to incorporate DVD-CSS. When Blu-ray disks were introduced, they incorporated a similar but much more sophisticated DRM technique.
Policy Dilemmas
DRM poses a dilemma because it must balance opposing interests of vendors and users. On the one hand, vendors want to preserve and enhance the income they receive from their investment in a software or media product. On the other hand, buyers want a reliable, long-lived copy of that product.
Under U.S. copyright law, there is the notion of fair use; the buyer has the right to use and copy a purchased, copyrighted product in certain ways. For example, the buyer can make copies to protect against losing the original. It is also legal to make limited quotations. For example, if Alice publishes an article about Dan Brown in the school paper, she can include quotations from the author’s copyrighted novels as long as the quotations aren’t excessive.
There is also a technical aspect to the balance between vendor and buyer: the amount of technology required to implement protections. If the vendor places too much protection on the product, nontechnical users won’t be able to use the product. When Apple first started selling digitized music through their iTunes store, the music carried copy protection. The protection was removed in early 2009 to simplify downloading for music buyers.
DVD copy protection was more successful. It appeared in a broad range of DVD-related products with limited impact on end users. Overall, DVD players have worked reliably since their introduction. While the DRM technique itself has not stood the test of time, it has not prevented customers from playing DVDs on commercial DVD players. The system has worked less reliably when running on PCs.
The DVD Content Scrambling System
The DVD-CSS remains an integral part of the manufacturing and distribution of DVDs and DVD players. The design allows approved DVD players to play back the encrypted content of a commercial DVD. Every player contains a secret key to decrypt the DVD’s contents. The player protects the key from disclosure, as shown in FIGURE 7.16.
FIGURE 7.16 DVD content protection.
When creating a DVD for sale, the publisher encrypts the disk’s program material with randomly selected encryption keys. Those keys are themselves encrypted and written to the DVD with the program material. Every DVD player has a built-in decryption key that allows it to decrypt the keys, and then decrypt the program. We will look at DVD-CSS key handling in Section 8.2.4.
The typical consumer buys the DVD player, plugs it into the TV, and plays DVDs. The player handles all keys automatically. The player does not have to contact a third party for managing or updating its keys or algorithms.
The DVD-CSS arrangement has three points of vulnerability:
The DVD itself. It must be difficult to make a complete copy of a commercial DVD.
The playback signal. It must be impractical to redigitize the playback signal with acceptably high quality or to copy it onto other storage media.
The DVD player and its internal keys. It must be impractical to extract the keys from a player or to extract the decoded digital data stream. It also should be impractical to recover keys through brute force guessing attacks.
To prevent DVD copying, the DVD itself is formatted with an extra “invisible” track that contains a set of decryption keys used by different brands of DVD players. The track is preset to 0 in typical writable DVDs. If a computer user tries to copy a commercial DVD, typical copying techniques will not copy the invisible track.
To protect the DVD playback signal, many DVDs use the Macrovision copy protection described earlier. As video components migrated to digital outputs, the video equipment community avoided marketing consumer-grade video capture equipment that might intercept digital output from a DVD player.
Internally, the DVD encases sensitive components in a hard-to-penetrate package. In many cases, DVD keys are manufactured inside integrated circuits in a way that makes them impractical to extract.
Unfortunately, the DVD technology was developed while the U.S. government enforced strong export restrictions on encryption technology. Encryption using 40 bits or less and a proprietary encryption algorithm was generally eligible for export, so DVDs adopted a 40-bit proprietary encryption algorithm. By 1999, researchers had reverse-engineered the encryption algorithm and developed practical techniques to crack DVD-CSS encryption keys.
When Blu-ray disks were introduced, they incorporated a similar but much more sophisticated DRM technique. Blu-ray encryption uses AES with 128-bit keys, making a direct trial-and-error attack impractical. The content protection is also structured so that encrypted content may be either transmitted over a network (i.e., satellite TV) or stored on a disk. Blu-ray players carry vendor-specific encryption keys but, unlike DVD players, a Blu-ray player’s content protection software can be upgraded. Additional security measures encrypt data sent between a Blu-ray player and approved high-definition displays.