HOME

TheInfoList



Click Here for Items Related To - Self-Protecting Digital Content
OR:
Self-Protecting Digital Content on:   [Wikipedia]   [Google]   [Amazon]

Self Protecting Digital Content (SPDC) is a
copy protection Copy protection, also known as content protection, copy prevention and copy restriction, is any measure to enforce copyright by preventing the reproduction of software, films, music, and other media. Copy protection is most commonly found on vid ...
(
digital rights management Digital rights management (DRM) is the management of legal access to digital content. Various tools or technological protection measures, such as access control technologies, can restrict the use of proprietary hardware and copyrighted works. DRM ...
) concept designed by Cryptography Research, Inc. (CRI). CRI worked with Twentieth Century Fox, Sony, and Panasonic to implement this architecture into BD+, which was adopted by the Blu-ray Disc Association for protecting
Blu-ray Blu-ray (Blu-ray Disc or BD) is a digital optical disc data storage format designed to supersede the DVD format. It was invented and developed in 2005 and released worldwide on June 20, 2006, capable of storing several hours of high-defin ...
discs. In November 2007, the SPDC business unit and technology was acquired by Macrovision to complement its existing Analog Copy Protection (ACP) and Ripguard technology. In 2011, Irdeto acquired SPDC and BD+ from Macrovision (then known as Rovi).


Overview

SPDC executes code from encrypted content on a Blu-ray player. When releasing new discs, content providers can update the code, adding protections against previous circumvention methods. DRM systems in which keys for
encryption In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...
and
decryption In cryptography, encryption (more specifically, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plai ...
do not change can be attacked with one compromised key, allowing decoding of all content using that key. SPDC attempts to keep future content protected by allowing changes to the DRM in new releases when an existing DRM method is circumvented.


Playback method

If a method of playback used in previously released content is revealed to have a weakness, either by review or because it has already been exploited, code embedded into content released in the future will change the method, and any attackers will have to start over and attack it again.


Targeting compromised players

If a certain model of players are compromised, code specific to the model can be activated to verify that the particular player has not been compromised. The player can be "fingerprinted" if found to be compromised and the information can be used later.


Forensic marking

Code can be inserted into content ( digital watermarking) to add information to the output that specifically identifies the player, and in a large-scale distribution of the content, can be used to trace the player ( traitor tracing). This may include the fingerprint of a specific player.


Weaknesses

If an entire class of players is compromised, it is infeasible to revoke the ability to use the content on the entire class because many customers may have purchased players in the class. A
fingerprint A fingerprint is an impression left by the friction ridges of a human finger. The recovery of partial fingerprints from a crime scene is an important method of forensic science. Moisture and grease on a finger result in fingerprints on surfa ...
may be used to try to work around this limitation, but an attacker with access to multiple sources of video may "scrub" the fingerprint, removing the fingerprint entirely or rendering it useless at the very least. Because dynamic execution requires a virtual environment, it may be possible to recreate an execution environment on a general purpose
computer A computer is a machine that can be Computer programming, programmed to automatically Execution (computing), carry out sequences of arithmetic or logical operations (''computation''). Modern digital electronic computers can perform generic set ...
that feeds the executing code whatever an attacker wants the code to see in terms of digital fingerprints and
memory footprint Memory footprint refers to the amount of main memory that a program uses or references while running. The word footprint generally refers to the extent of physical dimensions that an object occupies, giving a sense of its size. In computing, t ...
s. This allows players running on general purpose computers to emulate any specific model of player, potentially by simply downloading
firmware In computing Computing is any goal-oriented activity requiring, benefiting from, or creating computer, computing machinery. It includes the study and experimentation of algorithmic processes, and the development of both computer hardware, h ...
updates for the players being emulated. Once the emulated execution environment has decrypted the content, it can then be stored in decrypted form. Because the content encryption scheme (such as BD+) is separate from the transport encryption scheme (such as HDCP), digital content is transferred inside the player between circuits in unencrypted form. It is possible to extract digital data directly from circuit traces inside a licensed player before that content has been re-encrypted for transport across the wire, allowing a modified player to be used as a decryption device for protected content. Only one such device must exist for the content to be widely distributed over digital networks such as the
Internet The Internet (or internet) is the Global network, global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a internetworking, network of networks ...
. The final weakness of all DRM schemes for noninteractive works is the ultimate decryption for display to end-users. The content can at that time be re-encoded as a digital file. The presumption is that re-encoding is lossy, but fully digital copies can be made with modified viewing devices. For example, adapters which strip HDCP and output unencrypted DVI can re-encode digital copies without modifying players. Adapters can also split an HDCP-protected stream into non-encrypted DVI and
S/PDIF S/PDIF (Sony/Philips Digital Interface) is a type of digital audio interface used in consumer audio equipment to output audio over relatively short distances. The signal is transmitted over either a coaxial cable using RCA connector, RCA or BN ...
streams, allowing for almost lossless reconstruction of digital copies with complete video and audio streams. Copies can also be made through the
analog hole The analog hole (also known as the analog loophole or analog gap) is a perceived fundamental and inevitable vulnerability in copy protection schemes for noninteractive works in digital formats which can be exploited to duplicate copy-protected ...
.


External links


About Self-Protecting Digital Content

Self-Protecting Digital Content - A Technical Report from the CRI Content Security Research Initiative


References

{{Reflist Digital rights management DVD