Hello All, We have come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client (Windows SW DRM scenario) for the communication with a license server and identity purposes.
More specifically, we successfully demonstrated the extraction of the following keys: - private signing key used to digitally sign license requests issued by PlayReady client, - private encryption key used to decrypt license responses received by the client (decrypt license blobs carrying encrypted content keys). A proof for the above (which Microsoft should be able to confirm) is available at this link: https://security-explorations.com/samples/wbpmp_id_compromise_proof.txt While PlayReady security is primary about security of content keys, ECC keys that make up client identity are even more important. Upon compromise, these keys can be used to mimic a PlayReady client outside of a Protected Media Path environment and regardless of the imposed security restrictions. In that context, extraction of ECC keys used as part of a PlayReady client identity constitute an ultimate compromise of a PlayReady client on Windows ("escape" of the PMP environment, ability to request licenses and decrypt content keys). Content key extraction from Protected Media Path process (through XOR key or white-box crypto data structures) in a combination with this latest identity compromise attack means that there is nothing left to break when it comes to Windows SW DRM implementation. Let this serve as a reminder that PlayReady content protection implemented in software and on a client side has little chances of a “survival” (understood as a state of not being successfully reverse engineered and compromised). In that context, this is vendor’s responsibility to constantly increase the bar and with the use of all available technological means. Thank you. Best Regards, Adam Gowdiak ---------------------------------- Security Explorations - AG Security Research Lab https://security-explorations.com ---------------------------------- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
