digital right management bùi thành Đ ạ t 50700480 nguy ễ n hoàng nh ậ t Đông 50700542...

Download DIGITAL RIGHT MANAGEMENT Bùi Thành Đ ạ t 50700480 Nguy ễ n Hoàng Nh ậ t Đông 50700542 Nguy ễ n Duy C ườ ng 50700287 1

Post on 23-Dec-2015

218 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Slide 1
  • DIGITAL RIGHT MANAGEMENT Bi Thnh t 50700480 Nguy n Hong Nh t ng 50700542 Nguy n Duy C ng 50700287 1
  • Slide 2
  • C ONTENTS SOFTWARE REVERSE ENGINEERING (SRE) What is SRE ? Tools How to prevent Conclusion DIGITAL RIGHT MANAGEMENT (DRM) What is DRM ? Problems and solutions A real world system Some DRM system designs Conclusion 2
  • Slide 3
  • C ONTENTS SOFTWARE REVERSE ENGINEERING (SRE) What is SRE ? Tools How to prevent Conclusion DIGITAL RIGHT MANAGEMENT (DRM) What is DRM ? Problems and solutions A real world system Some DRM system designs Conclusion 3
  • Slide 4
  • W HAT IS SRE ? Software reverse engineering (reverse code engineering, or reverse). Purpose: Good: understand malware, legacy code... Not good: cheating, breaking DRM systems... 8048340: 55 pushl %ebp 8048341: 89 e5 movl %esp,%ebp 8048343: eb 02 jmp 0x8048347 8048345: 06 pushl %es............ 4
  • Slide 5
  • T OOLS FOR SRE Disassembler Debugger Hex editor DISASSEMBLYDEBUGPATCH 5
  • Slide 6
  • D ISASSEMBLER 6
  • Slide 7
  • H EX EDITOR 7
  • Slide 8
  • C ONTENTS SOFTWARE REVERSE ENGINEERING (SRE) What is SRE ? Tools How to prevent Conclusion DIGITAL RIGHT MANAGEMENT (DRM) What is DRM ? Problems and solutions A real world system Some DRM system designs Conclusion 8
  • Slide 9
  • H OW TO PREVENT SRE ? DISASSEMBLYDEBUGPATCH ANTI-DISASSEMBLY ANTI-DEBUGGING TAMPER RESISTANCE 9
  • Slide 10
  • H OW TO PREVENT SRE ? A NTI -D ISASSEMBLY Encryption: encrypt before executed. Problem: Code must be decrypted before executed -> attacker can access decryption code. 10
  • Slide 11
  • H OW TO PREVENT SRE ? A NTI -D ISASSEMBLY False assembly Make the real code different from the disassemblied one. Problem: attacker studies the technique carefully -> bypass the effects of false assembly. 11
  • Slide 12
  • H OW TO PREVENT SRE ? A NTI -D ISASSEMBLY False assembly 12 jmp antidebug1 + 2 antidebug1:.short 0xc606 call reloc reloc: popl %esi jmp antidebug2 antidebug2: addl $(data - reloc),%esi movl 0(%esi),%edi pushl %esi jmp *%edi data:.long 0 http://vxheavens.com/lib/vsc04.html#p2:
  • Slide 13
  • H OW TO PREVENT SRE ? A NTI -D ISASSEMBLY Self-modifying code: real time, effective to confuse a disassembler. Problem: Also confuse developers. Difficult to implement and error prone. 13
  • Slide 14
  • H OW TO PREVENT SRE ? A NTI -D EBUGGING Monitoring debug registers. Monitoring breakpoints. Multi threads. 14
  • Slide 15
  • H OW TO PREVENT SRE ? T AMPER R ESISTANCE Guards: Some sections of code calculate checksum of another section. From single point of failure to area of failure. Problems: All guards are the same -> easy to detect. Different classes of guards -> still able to be detected. Conclusion: Code has not been altered only if guards themselves have not been altered. 15
  • Slide 16
  • H OW TO PREVENT SRE ? T AMPER R ESISTANCE Obfuscation: make the code difficult to understand. Examples: Spaghetti code Opaque predicate 16
  • Slide 17
  • H OW TO PREVENT SRE ? T AMPER R ESISTANCE Metamorphism Normally: distribute identical copies (clones) of software to each customer. Weakness: cant prevent break-one-break- everywhere (BOBE) 17
  • Slide 18
  • H OW TO PREVENT SRE ? T AMPER R ESISTANCE Metamorphism (cont) Use metamorphic copies: same function, different internal structure. For N copies, it takes N times to break all N instances (best case) Usually use in malware. Note: same flaw still exists in all copies. 18
  • Slide 19
  • C ONCLUSION Truly secure software is impossible to achieve in practice. Solution: just provides sufficient protection Confusing. Hard to understand. Increase the time required for an attack. 19
  • Slide 20
  • C ONTENTS SOFTWARE REVERSE ENGINEERING (SRE) What is SRE ? Tools How to prevent Conclusion DIGITAL RIGHT MANAGEMENT (DRM) What is DRM ? Problems and solutions A real world example Some DRM system designs Conclusion 20
  • Slide 21
  • W HAT IS DRM ? Retain some control over digital content after it has been delivered: remote control What happen? 21 PUBLISHED For the Hack of it
  • Slide 22
  • W HAT IS DRM ? Persistent protection: the protection stays with the content after its delivered. Example: for a digital book: No copying Read once Do not open until Christmas No forwarding.... 22
  • Slide 23
  • C ONTENTS SOFTWARE REVERSE ENGINEERING (SRE) What is SRE ? Tools How to prevent Conclusion DIGITAL RIGHT MANAGEMENT (DRM) What is DRM ? Problems and solutions A real world system Some DRM system designs Conclusion 23
  • Slide 24
  • P ROBLEMS AND S OLUTIONS PROBLEMS From SRE section: cant prevent SRE -> cant hide a secret in software. Analog hole: impossible to prevent such attacks 24
  • Slide 25
  • P ROBLEMS AND S OLUTIONS SOLUTIONS Options: Honor system Assuming most people are good, honest, decent, and trustworthy Example: shareware Weak software-based DRM Example: DRM for P2P Application Strongest possible DRM system Example: A real world system 25
  • Slide 26
  • P ROBLEMS AND S OLUTIONS SOLUTIONS Cryptography: different from standard crypto scenario. Legitimate recipient is a potential attacker. A recipient can access everything in dashed box (including key). How to solve ? 26
  • Slide 27
  • P ROBLEMS AND S OLUTIONS SOLUTIONS Security by obscurity: secure when attacker doesnt understand the software completely. When obscurity gone, security gone Its preferable not rely on security by obscurity, but need to consider when there is no other option. Closed systems, secret designs 27
  • Slide 28
  • C ONTENTS SOFTWARE REVERSE ENGINEERING (SRE) What is SRE ? Tools How to prevent Conclusion DIGITAL RIGHT MANAGEMENT (DRM) What is DRM ? Problems and solutions A real world system Some DRM system designs Conclusion 28
  • Slide 29
  • S OME DRM SYSTEM DESIGNS A REALWORLD SYSTEM MediaSnap Inc. DRM system: Use with digital documents that will be distributed via e-mail. Components: Secure Document Server (SDS) Client software is a plugin to Adobe PDF reader. 29
  • Slide 30
  • S OME DRM SYSTEM DESIGNS A REALWORLD SYSTEM Deliver 30
  • Slide 31
  • S OME DRM SYSTEM DESIGNS A REALWORLD SYSTEM Access 31
  • Slide 32
  • S OME DRM SYSTEM DESIGNS A REALWORLD SYSTEM Security for system The SDS is relatively secure. The DRM client software is readily available to any attacker. Focus on the client software 32
  • Slide 33
  • S OME DRM SYSTEM DESIGNS A REALWORLD SYSTEM Tamper-resistant barrier Anti-disassembly: encryption, false assembly Anti-debugging: monitor debug registers Tamper-resistant techniques: AES, along with scrambling algorithm Anti-screen capture, digital watermarking Metamorphism for BOBE resistance 33
  • Slide 34
  • C ONTENTS SOFTWARE REVERSE ENGINEERING (SRE) What is SRE ? Tools How to prevent Conclusion DIGITAL RIGHT MANAGEMENT (DRM) What is DRM ? Problems and solutions A real world system Some DRM system designs Conclusion 34
  • Slide 35
  • S OME DRM SYSTEM DESIGNS DRM FOR STREAMING DATA Possible attacks on streaming media: Spoofing the stream Man-in-the-middle Replay attack Plaintext captured at the client The proposed design makes use of scrambling algorithms. Achieve significant degree of metamorphism Security by obscurity 35
  • Slide 36
  • S OME DRM SYSTEM DESIGNS DRM FOR STREAMING DATA Details: Server has list N scrambling algorithm s 0, s 1, s 2,..., s N-1 Each client has a subset of these algorithms LIST = {s12, s23, s45, s2, s7} This list is store as E(LIST, K server ) Client and server must negotiate a specific scrambling algorithm to be used. 36
  • Slide 37
  • S OME DRM SYSTEM DESIGNS DRM FOR STREAMING DATA 37
  • Slide 38
  • S OME DRM SYSTEM DESIGNS DRM FOR P 2 P APPLICATION Example 38
  • Slide 39
  • S OME DRM SYSTEM DESIGNS DRM FOR P 2 P APPLICATION Peer offering service (POS) Legal provider Apparent to users Significant percentage of responses Use weak DRM 39
  • Slide 40
  • S OME DRM SYSTEM DESIGNS DRM IN ENTERPRISE DRM in enterprise is different from DRM in e-commerce: Prevent losing money instead of making money The human dimension is completely different Other issues are more important than the strength of DRM system: Policy management Authentication Relatively easy to solve. 40
  • Slide 41
  • C ONCLUSION DRM clearly illustrates the limitations of doing security in software Strong software-based DRM is impossible due to SRE problems DRM is not only a technical problem, so the challenge is to develop something that works in practice. 41
  • Slide 42
  • 42