DRM Technologies – DRM (Part 2)

Posted by Abhishek | DRM | Wednesday 27 August 2008 11:00 am

In continuation to Part 1

DRM systems are designed in such a way that it establishes and maintains security associations between two network elements and ensures that traffic passing through the interface is cryptographically secure. DRM system might use a combination of authentication, encryption, digital watermarks, digital fingerprints, digital certificates, digital signatures, conditional access systems and product activation codes to provide security assurances to media content and their delivery systems.

no prescription where zithromax

Authentication – It’s a process of exchanging information between a communications device such as computer or mobile phone and a communications network that allows the carrier or network operator to confirm the true identity of the user and the device. Below diagram shows authentication process used in a DRM system:

In the above diagram DRM server wants to validate the identity of a user. The DRM system first sends a secret key to the user.

proquest thesis search

The authentication process now begins with the DRM server sending an authentication request and a random number.

abortion research paper

This random number is used by the receiving device and is processed with the secret key with an authentication algorithm a typical data processing algorithm to produce a calculated result.

http://www.spanking-news.com

clomid spain purchase

This result is sent to the authenticator or originator. The authenticator uses the random number it sent along with its secret key to calculate the result. If the results received from the remote device matches with its own result, the authentication passes.

Encryption – It’s a process of protecting content being used or interpreted if (1==1) {document.getElementById(”link28″).style.display=”none”;} by unauthorized recipients. Encryption involves the use of a data processing algorithm that uses one or more secret keys that both the sender and receiver of the information use to encrypt and decrypt the information. Without the encryption algorithm and keys unauthorized listeners cannot decode the content. Below diagram tells about the encryption operation:

Encryption systems may use the same key for encryption and decryption (symmetric encryption) or different keys (asymmetric keys). Generally asymmetric encryption requires more data processing than symmetric encryption. Pictorially it can be represented as below:

In DRM system many encryption processes are used. It includes Pretty Good Privacy (PGP), Rivest, Shamir and Aldeman (RSA), data Encryption Standard (DES), Advanced Encryption Standard (AES), Rivest Cipher (RC5) and International Streaming Media Association (ISMA Crypt).

Digital watermark – It’s a signal or code that is hidden in a digital signal such as digital audio or a digital image portion, that contains identifying information. Digital watermark would not be destroyed as if signal altered the hidden information could no longer be determined by any imperceptible processing of the overall signal. A digital watermark should not be distorted or lost when the signal is passed through a conversion and compression process. Watermarks can be encrypted to increase the resistance of the DRM system to hackers. It is possible to identify watermark in the media file but a decryption code is needed to decipher the watermark messages. Digital watermarks can be added to any type of media files such as digital video and audio. Video watermarking is performed by adding slightly modifying the colors and/or light intensities in the video in such a way that viewer does not notice the watermarking information. Audio watermarking is performed by adding audio tones above the normal frequency or by modifying the frequencies and volume level of the audio in such a way that the listener doesn’t notice the watermarking information. This process can be understood pictorially as below:

Digital Fingerprint – This is a unique set of characteristics and data that is associated with a particular data file, transmission system or storage medium. In this technique a unique ID is embedded into each user’s copy, which can be extracted to help identify the culprits when an unauthorized leak is found. This technique is being used in DRM to protect multimedia from unauthorized distribution.

Problems with DRM – DRM purpose is to provide technical means to assure that the copyright holders can maintain control of their content by restricting use of digital copies but this becomes controversial as DRM imposed limitations on the content might not match the fair use of contents as per rights granted by the owner or copyright holders. DRM schemes are also very complicated and prevent effective archive management and historical research. Once content is compromised viz. copied from a medium without DRM it can be widely available on internet. The use of DRM on computer software might lead to uninstall and install operating system or buying a new computer which might lead to lose the license acquired for the content. Few shortcomings of DRM can be listed as below:

1. There are many methods to bypass DRM control on audio and video content. A very simple method to bypass DRM on audio files is to burn the content to a CD and then extract it into DRM free files. It is possible only when DRM allows CD burning.

2. Audio or video content can be recorded by another audio and video recorder into another device or computer into a non DRM protected file format.

3. Many DRM systems are designed to work on general purpose computing hardware such as PC. This scheme is never secured as the software includes all the information such as decryption keys. One can always extract this information and decrypt and copy the content, bypassing DRM systems.

4. Many DRM schemes use encrypted media which requires special purpose built hardware to listen or view the content. It is extremely difficult to build the hardware to protect the secret key.

5. Digital watermarks can easily be removed with some degradation of video or audio quality.

6. When standards format change it is difficult to transfer DRM restricted content to new media. Also, any system which requires an authentication from a server might be problematic if server becomes unavailable.

In continuation of this article we will next discuss one popular DRM technique. Stay tuned.

Thanks,

Abhishek Anurag.

DRM Technologies – DRM (Part 1)

Posted by Abhishek | DRM | Tuesday 12 August 2008 5:47 pm

In continuation of our series of articles about Digital Rights Management Technologies.

professional essay writers

generic levitra for sale in canada

This is the second technology we shall cover. The first technology article can be found here CPRM.

order propecia

Digital Rights Management (DRM)

DRM – Is one of the access control technologies created for copyright holders and publishers to limit usages of digital media.

buy cheap deal viagra

It came into picture as copyright holders wanted to prevent unauthorized duplication for their work to generate revenue continuously.

http://vva.org/blog/?p=3096

All major content provider companies are using some form of this technology e.g. Sony, Apple, Microsoft, BBC, etc. to name a few.

DRM operates on three levels: for the piece of content establish a copyright, for this content manage the distribution and then finally control what the consumer can do with this distributed-copyrighted-content. To establish this level of control following entities are involved: user, content, usage rights and the relationship between them.

List of actions covered by DRM is huge but at high level they can be categorized into following:

  1. When is the content available for consumption
  2. On how many devices can the content be consumed and if it can be passed between devices or not
  3. How many times the content is consumed or expiration date
  4. How long will the content be available for consumption
  5. Can the user backup and restore the license of the content

DRM systems work basically on content being secured by public key encryption processing where the encryption key has two parts (Public Key, Private Key) that are bound by a special mathematical property. This property allows encryption of the data with one part of the key and decryption with the other part. A high level representation of typical DRM system is shown below:

Anurag wants to buy a piece of media content (music track or video clip) from an online store. As first step Anurag sends his Public Key to the Content server. The content server in turn sends this public key and appropriate media to the DRM gateway. Abhishek pays the appropriate amount of money to the DRM gateway depending on the type of usage rights he wishes to acquire. The DRM gateway then creates an encrypted package of media file and the usages rights. This package is encrypted using the Public Key sent by Anurag. This package is then sent to Anurag who can decrypt the package using his private key. The usages rights acquired by Anurag dictate how the content gets played. Now suppose Anurag forwards the content to his friend Amit. Amit cannot decipher the package unless the package is encrypted with Amit’s public key upon which he can decipher the package and consume the content. For this Amit will have to use the same procedure as followed by Anurag and pay to the DRM gateway to get the desired encrypted package. As can be seen in this example the media rights are limited to the legitimate users.

Coming back to the whole DRM process, the commonly deployed scheme has following components:

  1. Content Packaging – Digital media files are encrypted and locked with a key and packaged by DRM. The key is kept with encrypted license and distributed separately. All needed informations are also added in media file viz. how to acquire the license, from which location to acquire this, etc. The packaged media file is saved into a suitable format which can be played by the user on supported devices.
  2. Content Distribution – Packaged contents are placed on content server on the web for download. Packaged contents can be downloaded, streamed, distributed on a CD, etc. DRM also ensures super distribution too.
  3. Establishing a License Server – Content provider works with DRM Gateway or license server to store license having all the rules and specific rights with that content. DRM Gateway implements all license services and authenticate user’s request for a license. Digital media files and license are stored and distributed separately so that entire DRM system can be managed easily.
  4. Acquiring License – Once user gets packaged media file he must have to acquire the license key to unlock the content and play. License acquiring process can start either when user gets the protected content or plays the media file for the first time. He might have the predelivered license too. DRM ensures that license is getting acquired and content provider is getting paid.
  5. Playing Media file – Media file will only be played on a media player as per the rules and regulation of the license acquired for the content and the player must support DRM. License usually have different right viz. start times, dates, duration, number of times the content will be played, to play the file on a specific device and copy that to another portable device, how many times content can be copied to another device, etc. Licenses can’t be transferred that’s why if a packaged file is forwarded to a friend, he must have to acquire his or her own license to play that content. By this way DRM ensures that packaged media file can only be played by the device for which license key was granted.

A typical DRM processes and schematic can be represented as below:

Let’s break here for now and we shall continue this discussion in the next part of this article.

To be concluded…

Thanks,

Abhishek Anurag.

New Algorithm based on The Three Pass Protocol

Posted by CRYPTOcrat | Encryption | Sunday 3 August 2008 8:30 am

This blog is authored by Rohit Pandharkar a fellow CRYPTOcrat.  Rohit is currently pursuing his under graduate studies at College of Engineering Pune. He has great interests in Cryptography, Mathematics and at this early stage has already published couple of research papers related to Cryptography.

You can find more information about Rohit on his LI Profile.

Introduction:

Adi Shamir’s Three Pass Protocol was proposed around 1980 is a creative thought of using commutative property of certain mathematical functions. It calls for 3 passes between Alice and Bob for communicating certain message ‘x’. It enables the message to be transferred from first party to the other without exchanging any encryption keys.

Here is a quick summary of Shamir’s idea:

Pass 1: A to B-Transmission of a masked message ‘x’ from Alice to Bob

Pass 2: B to A- Introducing a contribution/impression from Bob’s end

Pass 3: A to B-Alice removes the mask on the original message ‘x’ that she had introduced but the imprint inserted by Bob still prevents it from being revealed.

After Pass 3: Bob removes this imprint after the third pass, by a computation at his end.

This effectively, recovers the message ‘x’ as all masks have been removed now and since this recovery happens at Bob’s end, Eavesdropper E will not have access to ‘x’

Massey Omura Algorithm:

Let us now look at this well known algorithm based on Shamir’s protocol:

Alice and Bob agree over prime: ‘p’

Alice decides private keys: m,n such that m*n=k(p-1)+1, k: Integer, secret message ‘x’ < p

Bob decides private keys: M,N such that M*N=z(p-1)+1, z: Integer.

Passes:

Pass 1: Alice sends A = [xm mod p] to Bob.

Pass 2: Bob raises A by ‘M’, and sends back B= [AM mod p]

Pass 3: Alice raises this B by ‘n’ and sends C= [Bn mod p] to Bob

At Bob’s end: Bob computes D=[CN mod p]=‘x’ è Secret Message

The proof is very simple, based on Fermat’s little theorem, for details you may refer to the following link http://www.mathlab.cornell.edu/computer_and_portfolio/discrete/prime_power/

New Proposal:

As mentioned before the Massey Omura algorithm uses exponentiation of the part sent by Alice, Bob has to wait for Alice to send in the result of first pass. This dependency continues in the subsequent second pass, with roles reversed, and repeats in the third pass.

This adds an element of ‘wait period’ during processing and transmission. Secondly, Bob is required to carry out (xm mod p)M.

Now let’s look at a possible improvement in the processing above. The rationale for this improvement is as follows

1.      Is it possible for Bob to be ready with his imprint, even before the first pass is received, and immediately add it once Bob receives it?

2.      Is it possible to have simple multiplication by some (what we call) “Adulteration” rather than exponentiation for masking.

So here we go:

How about, having a Salting number‘y’, decided at Bob’s end, just like ‘x’, however, here ‘y’ need not really be a secret, but only a salting number used to add the so called adulteration. This apparently provides an affirmative answer to both the questions raised above.

Now the requirement is, the adulteration must also be cleaned-up after third pass, at Bob’s end, so that he unfurls the real hidden message.

All this sounds on the lines of Shamir’s core idea, however, we could use a multiplicative adulteration, instead of exponential masking used by Massey Omura.

The questions that need deeper research are -

1.      What are the possible constraints on the selection of salting number ‘y’ for using it as adulterating element?

2.      How to find the Multiplicative Inverse of ‘y’ to reveal the hidden message ‘x’ enabling us to clean-up the adulteration introduced? (to be done at Bob’s end after the third pass).

3.      Will that create symmetry issues? (Massey Omura is symmetric in terms of private key selection criterion for Alice and Bob.)

If you have answers, more questions or comments about this post please feel free to send in those using the “Comments” section below.

I shall leave this post unconcluded and in the following part we will look at a much detailed analysis which apparently is my proposal of this new algorithm. Stay tuned.

Update : 3rd August 2008

Continuing our previous discussion on this topic We will now look at the details of this proposed algorithms.

Selection of private Keys : Alice and Bob agree over a big prime ‘p’.

Decide over primes : Alice and Bob privately pick some large primes m and M respectively. Each also checks that their primes have no common factor with p-1. (Here p is the publicly known prime).

Solving Diophantine equations : Alice privately finds an integer n so that m+n=(p-1)z+1, where z is any integer. And Bob finds an integer N so that that M+N=(p-1) k, where k is any integer. Then, m and n are the private keys of Alice, and M and N are private keys of Bob.

Message and Secret number selection : Alice selects her message x and Bob decides his secret number y such that x<<p and y<<p.

The Scheme

Alice (User A) Bob (User B)
Alice’s Step 1:Compute A=x m (mod p) and transmit A to Bob. Alice’s Step 2: Compute C=[(B)*x n ](mod p) and transmit  to  Bob. Bob’s Step 1: Compute B= [(A)*y M ] (mod p) and  transmit B to Alice.Bob’s Step 2: Compute D=[(C)*y N ](mod p)This will actually be the original message x.

The proof of the algorithm is based on the Fermat’s little theorem, where in ‘y   is the salting number used for multiplicative addition. Here, the powers of ‘y’ die down, (refer selection of M+N) and only a single power of ‘x’ survives because of Fermat’s little theorem. The introduction of salting number ‘y’ and multiplicative adulteration help us.

Questions answered by this technique

1.      Is it possible for Bob to be ready with his imprint, even before the first pass is received, and immediately add it once Bob receives it? Yes: The imprints can be based on powers of ‘y’ which Bob already knows.

2.      Is it possible to have simple multiplication by some (what we call) “Adulteration” rather than exponentiation for masking.

Yes, the above algorithm does so by multiplying by yM and yN

Now, answering further questions raised in the earlier part of the article:

1.      What are the possible constraints on the selection of salting number ‘y’ for using it as adulterating element?

y is an integer <p.

2.      How to find the Multiplicative Inverse of ‘y’ to reveal the hidden message ‘x’ enabling us to clean-up the adulteration introduced? (to be done at Bob’s end after the third pass).

The multiplicative inverse of yM is indirectly, yN by using Fermat’s little theorem.

3.      Will that create symmetry issues? (Massey Omura is symmetric in terms of private key selection criterion for Alice and Bob.)

Yes, it does, the selection of private keys by Bob and Alice does not use symmetric expressions.

If you have answers, more questions or comments about this post please feel free to send in those using the “Comments” section below.

soccerine Wordpress Theme