Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Microsoft / Windows

Windows

White-Box Cryptography - the Key to Bulletproof Windows Vista DRM

In scenarios where the attacker has full control over the execution environment

By Marius Oiaga, Technology News Editor

26th of June 2007, 15:57 GMT

Adjust text size:


Windows Vista
Enlarge picture
White-box cryptography is the key to bulletproofing Windows Vista digital rights management technology. DRM designates a content protection scheme designed to restrict the usage of digital media. The Windows Media DRM is the term associated with the Windows Vista Content Protection Infrastructure. Microsoft revealed that the decision of including DRM into their latest operating system is a direct result of the necessity to ensure that
commercial audiovisual content can be played inside the operating system.

In the context of the evolution of the software implementation of DRM, the inherent cryptography associated with content protection has moved from black-box attack models to white-box attack models. "The traditional threat models used for cryptographic applications are all black-box attack models. In this type of model, an attacker is assumed to have control over almost everything to do with the encryption; only the secret key and the details of the code's execution are unknown. With software implementations of DRM, this is not the most appropriate threat model," revealed Nick Sullivan, Symantec Security Response Researcher.

DRM cryptography automatically implies a decryption key. Compromising a DRM scheme is equivalent to gaining access to the decryption key. Content protection systems such as CSS and AACS (a platform also included in Vista) have been already breached. And with full access to Vista along with a plethora of disassembly and debugging programs, DRM is no longer an impassible limitation. This type of scenario justifies a white-box attack model.

"In this model, the attacker has full visibility into the software implementation and control over the execution environment. Under such conditions, storing the private key in memory is not a secure option because the attacker has access to the entire system during execution. The most common approach is to integrate the key into the encryption algorithm so that the algorithm performs the encryption properly but the key is never made explicit. None of the new techniques have been proven to be secure; however, their initial successes indicate that it may be possible to achieve the seemingly impossible feat of performing an encryption in full view of an attacker without ever revealing the key," Sullivan added.

TAGS:

 Windows Vista | DRM | Microsoft
Read by 1,980 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
Fair (2.7/5) 7 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


The Downsides of 64-bit Windows Vista

Windows Vista Multilingual User Interface

Windows Vista Hardware Assessment Tool Available

Windows XP Blind to Windows Vista on a Network

Microsoft's Windows Vista Propaganda, Sí Señor!

Windows Vista Service Pack 1 - So What?

Mac OS X 10.5 Leopard = Windows Vista

Restore the Windows Vista "Show Desktop" Icon

Microsoft in Danger of Losing Vista

User opinions:


Comment #1 by: Sc on 04 Dec 2007, 19:41 GMT reply to this comment

CSS, AACS, BD

All were considered "Uncrackable" at one time or another.

I have more faith in the hacking/Cracking coummunity than I do in the makers of DRM.

BTW, Windows xp/Vista WGA?
Cracked.

Take the hint, DRM can and will always be broken.

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive