Information Security – Theory vs. Reality
0368-4474-01, Winter 2011
Lecture 13: Conditional Access and Digital Right Management Guest Lecturer: Itsik Mantin
1 CA/DRM Security
Itsik Mantin NDS
Confidential ©NDS Ltd 2011. All rights reserved. Outline
• Introduction – About NDS – Cryptography and security – Content Delivery Systems • CA/DRM Systems • On Smart Card Security • On STB Security • Content Protection Standards • Meeting Reality • Epilog
Confidential ©NDS Ltd 2011. All rights reserved. DRM and CA @ Wikipedia
Digital Rights Management • A class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale Conditional Access • The protection of content by requiring certain criteria to be met before granting access to this content. The term is commonly used in relation to digital television systems, most notably satellite television.
Confidential ©NDS Ltd 2011. All rights reserved. Conditional Access
Program Content
Satellite dish
Access ECM Generator Criteria of ECM (ECMG) the Program Traffic
Confidential ©NDS Ltd 2011. All rights reserved. Cryptography Terms
• Block cipher: AES, DES, TDES, … • Authentication protocols: Fiat-Shamir • Mode of operation: ECB, CBC, CTR, … • Padding • Stream Cipher: RC4, A51/2… • Entropy • Hash functions: SHA-1, MD5, SHA-2, … • Key management • Symmetric signatures: HMAC, CMAC • Key derivation • Digital Signatures: RSA, El-Gamal • Certificates • Key exchange protocols: Diffie- • Public-key infrastructure Hellman
Confidential ©NDS Ltd 2011. All rights reserved. Distinctions to Understand
• Cryptography – Encryption vs. Authentication – Randomness vs. pseudo-randomness – Symmetric-key encryption vs. asymmetric-key encryption – Symmetric-key authentication vs. asymmetric-key authentication • Security – Global/universal key vs. unique key – Software security vs. hardware security – “Regular mode” vs. privileged mode – What can happen vs. what is supposed to happen – Device security vs. end-to-end security
Confidential ©NDS Ltd 2011. All rights reserved. Cryptography and Security
• Cryptography: – Message confidentiality: Only the intended recipient(s) can read the message – Message integrity: Recipient can verify that sender’s message has not been altered – Message non-repudiation: Sender cannot deny generation of the message – Entity authentication: People and machines can authenticate the identity of an entity • Security = Policy Enforcement
Conditions Entity Resource
Confidential ©NDS Ltd 2011. All rights reserved. Cryptography and Security
• Security vs. cryptography is similar to … – … Restauranting vs. Cooking
• The heart of restauranting is cooking, but you need more…
Still, a good restaurant will always rely on a good chef
Confidential ©NDS Ltd 2011. All rights reserved. Audio Video Items Channels NDS Business E-Magazines E-books
Satellite Cellular Digital Closed IP Internet Terrestrial
Cables
Subscription
Pay per view/listen/read Ad-based
Confidential ©NDS Ltd 2011. All rights reserved. • Who am I? DRM Flow • What am I entitled to? • What is this piece of content? • Hmmmmm… Client Activation Service enabling • Device keys • Service keys • Device license • Service terms
Content provisioning License provisioning • Get content • Get content keys • Get content terms
Confidential ©NDS Ltd 2011. All rights reserved. Outline
• Introduction • CA/DRM Systems • On Securing Smart Cards • On Securing STBs • On Securing DRM Software • Content Protection Standards • Meeting Reality • Epilog
Confidential ©NDS Ltd 2011. All rights reserved. The CA/DRM Security Paradox
Crypto-privacy: encrypt a message between Alice and Bob. They trust each other but do not trust Eve. The DRM problem: Bob is the potential enemy!!!
Alice (sender) Bob (recipient) Client Client Cloning and Reverse Service Engineering Eve Abuse
Confidential ©NDS Ltd 2011. All rights reserved. 14 The CA/DRM Security Paradox
1. Bob’s the enemy Digital fortress for: 2. Broadcast 1. Entitlement resolution 3. One-way 2. Key management
Confidential ©NDS Ltd 2011. All rights reserved. Security Architecture Flow
Threat Analysis • Put security “goals”
Security Design • Obtaining these goals (PRIORITIZATION!!!)
Security analysis • Figure out what threats remain applicable
Security maintenance • Monitoring • Security updates • Security responses
Confidential ©NDS Ltd 2011. All rights reserved. Classes of Threats
Service attack Content attack Hardware attack
Unauthorized usage of Getting the service Content stealing hardware (e.g., STB, iPhone, without paying PS3)
Content consumption not Distribution (e.g., black Who cares? according to usage “rules” market DVDs)
Operator Content provider Device vendor
Confidential ©NDS Ltd 2011. All rights reserved. The Hacking Model
• One-time process • May take significant effort (and $$$) • Research: Reverse engineering the device and security analysis • Development: designing methods and tools for attacking a single R&D device
• Per-device effort • Invest a moderate effort in attacking a single device Production • Distribution over the Internet or technical agents
Confidential ©NDS Ltd 2011. All rights reserved. The Weakest Link
From where will the Hacker Get in?
Confidential ©NDS Ltd 2011. All rights reserved. Threats vs. Hacks
Threat Hack
• What does the attacker want to • How would the attacker achieve achieve? (land a UAV in hostile his goal? (flood frequencies for land) DoS + forge headquarters)
• Motivation (billions of dollars) • Required resources (technical skills, data, time, money) • Attacker’s profile (powerful government) • Likelihood
• Potential Damage • Easiness
Confidential ©NDS Ltd 2011. All rights reserved. The Global Hack Threat
A downloadable program that allows: 1. Unlimited view 2. Getting the content 3. For good!
Confidential ©NDS Ltd 2011. All rights reserved. General Security Principles
NO Single point of failure Layered security architecture (“Security Fences”) • Security component with minimal • Prevent cloning function (aka kernel) • But also detect cloning • “Assume” hacks for the rest Think as an attacker
Dynamics No game over • Moving target • Renewability: recovery procedures • Differentiate (anti domino effect)
Confidential ©NDS Ltd 2011. All rights reserved. Layered Security
Belt and suspenders Multiple, diversified defenses Force adversary to master several disciplines
Examples Secrets dispersed between system components Combine math tricks with engineering tricks
Confidential ©NDS Ltd 2011. All rights reserved. Security Kernel
Anti- Tamper- Security Reverse- Resistance Engineering
Performance Footprint Hardware Overhead Overhead
$$$$$
Applicable for small non-critical-path components Used for sensitive functions Key processing Business rules processing Logging Content processing
Confidential ©NDS Ltd 2011. All rights reserved. Keeping the hacker busy
• Differentiate between systems: prevent domino-effect
• Make the system a moving target: – Change algorithms – Change flows (time, memory)
• Minimize the attacker’s ROI (Return on Investment)
Confidential ©NDS Ltd 2011. All rights reserved. Never Lose
• Recovery procedures • Renewable security
Confidential ©NDS Ltd 2011. All rights reserved. Be Prepared
Confidential ©NDS Ltd 2011. All rights reserved. More Security Principles
DecryptCw(BR, ECW) DecryptCw(BR, ECW) { { If CheckBR(BR) == True If CheckBR(BR) == True { { KLoadCWEKey() KLoadCWEKey() CWDec(K, ECW) TK Hash(BR, K) } CWDec(TK, ECW) } } }
Confidential ©NDS Ltd 2011. All rights reserved. Use Whatever You've Got
Book Selling over Pay-TV over Satellite Security Mechanisms Internet: 1. Bob’s the enemy 1. Bob’s still the enemy 1. Bob’s still the enemy 2. Broadcast 2. Per-client encryption 2. Unicast 3. One-way 3. Online authentication 3. Two-way 4. Large consumable 4. Fingerprinting 4. Smaller consumable
We would not to secure ourselves out of business!
Confidential ©NDS Ltd 2011. All rights reserved. Outline
• Introduction • CA/DRM Systems • On Securing Smart Cards – Smart Card Security – Coping with Fault Analysis • On Securing STBs • On Securing DRM Software • Content Protection Standards • Meeting Reality • Epilog
Confidential ©NDS Ltd 2011. All rights reserved. Service Attacks Smart Cards
Pirate registration to • Pirate cloned cards (green cards, blue cards) the service
More time • Block service cancellation messages
More entitlements • Change entitlements to “Premium”
NDS cards CA are too Battlefield hard to is now the hack STB
Confidential ©NDS Ltd 2011. All rights reserved. Outline
• Introduction • CA/DRM Systems • On Securing Smart Cards – Smart Card Security – Coping with Fault Analysis • On Securing STBs • On Securing DRM Software • Content Protection Standards • Meeting Reality • Epilog
Confidential ©NDS Ltd 2011. All rights reserved. The Fault Model
Execution fault
• Skipping one or more instructions Limited control on the exact line (can be overcome through iterative process) • Replacing one or more instructions Limited control on which instructions are put instead • Changing some control data A status variable or the address of a JMP/ Branch
Data fault
• Change volatile/non-volatile memory (registers, RAM, EEPROM)
Confidential ©NDS Ltd 2011. All rights reserved. Attack Tree Fault Attacks
Crypto Data Exec. Exec. Faults Faults
Bypass “Better” Attack Control Crypto Security Code Crypto Data Keys Mech. Regions Algo.
Side- Break Read- Hybrid Channel Access through- FA/PA Crypto Control Write Attacks Attacks
Confidential ©NDS Ltd 2011. All rights reserved. Outline
• Introduction • CA/DRM Systems • On Securing Smart Cards • On Securing STBs • On Securing DRM Software • Content Protection Standards • Meeting Reality • Epilog
Confidential ©NDS Ltd 2011. All rights reserved. Security Hierarchy
• Closed platform (STB) or an open one (PC, tablet) Robust • Software obfuscation software • Moving target approach
Secure CPU • Secure execution environment
Fixed Secure • Applicable also to horizontal markets HW • GAME OVER avoided by revocation
• Tamper-resistance Replaceable • Rev-enge resistance Secure HW • Applicable only to vertical markets • No GAME OVER situation
Confidential ©NDS Ltd 2011. All rights reserved. Devices, devices, devices
Vertical software- only devices Secure • Mobile handsets replaceable • Digital radio hardware • Qisda • STB+SC • Legacy STBs
Secure hardware Horizontal devices • VGS • iPad • NSK • Samsung Galaxy • Smart phones • Digital TV • PC
Confidential ©NDS Ltd 2011. All rights reserved. Schematic STB Design
STB PCB Code RAM Content RAM Code
STB Chip Flash
Co-processor
Content
Confidential ©NDS Ltd 2011. All rights reserved. Outline
• Introduction • CA/DRM Systems • On Securing Smart Cards • On Securing STBs • On Securing DRM Software • Content Protection Standards • Meeting Reality • Epilog
Confidential ©NDS Ltd 2011. All rights reserved. Security Assets/Targets DRM Agent Content Key mgmt.
Business Business rules rules resolution
Content Keys Descrambling
Rendering
Confidential ©NDS Ltd 2011. All rights reserved. NDS Client in Horizontal Device
App1 App2 Bad DRM App3 App Client
Applications
Storage
Transport API OS Kernel
Confidential ©NDS Ltd 2011. All rights reserved. Outline
• Introduction • CA/DRM Systems • On Securing Smart Cards • On Securing STBs • On Securing DRM Software • Content Protection Standards • Meeting Reality • Epilog
Confidential ©NDS Ltd 2011. All rights reserved. DVD Content Scrambling Algorithm (CSS)
Confidential ©NDS Ltd 2011. All rights reserved. DVD Protection
Confidential ©NDS Ltd 2011. All rights reserved. Complete Subtree Method
Devices are leaves of a complete binary tree Collection of Subsets: S := {all complete subtrees}
k
k0
k00
k001
k0011
D1 D2 … D4………………………………………………… Dn
Confidential ©NDS Ltd 2011. All rights reserved. Broadcast Encryption for Stateless Receivers 03/11/200448 Complete Subtree Method (II)
Di gets keys of sub-trees of which it is a leaf:
D4 := {k, k0, k00, k001, k0011} In other words:
Di gets keys associated with nodes on path from root to Di
k
k0
k00
k001
k0011
D1 D2 … D4………………………………………………… Dn
Confidential ©NDS Ltd 2011. All rights reserved. Broadcast Encryption for Stateless Receivers 03/11/200449 Complete Subtree Method (III) Revoking a set of receivers R: Find a minimal cover of non-revoked devices ! Algorithm: Trees hanging off Steiner Tree of R Example: R = {D1, D2, D4}
encrypt with k1, k01, k0010
k1
ST{D1, D2, D4} k01
D D … D4………………………………………………… D 1 2 k0010 n
Confidential ©NDS Ltd 2011. All rights reserved. Broadcast Encryption for Stateless Receivers 03/11/200450 DRM Standards
• Content Protection standards • Targeted for horizontal markets
• DVD protection (CSS, AACS) • Link protection (HDCP, DTCP, CI+)
Confidential ©NDS Ltd 2011. All rights reserved. Content Protection
Content
License
Secure Channel
Policy Crypto • Content usage rules • Public key infrastructure • Device authorizations – Mutual authentication • Content consumption licenses – Device Certificates – Revocation scheme • Session key establishment • Content scrambling
Confidential ©NDS Ltd 2011. All rights reserved. The Problem of DRM Standards
• A single broken device affects the security of the entire ecosystem
• Only way to limit the damage is device revocation
Confidential ©NDS Ltd 2011. All rights reserved. DVB-CSA
• DVB (Digital Video Broadcasting) – the standardization body for broadcast
• DVB-CSA2: a 12-old cipher used in most of the European satellite broadcasting networks
• DVB-CSA3: a replacement cipher
Confidential ©NDS Ltd 2011. All rights reserved. Outline
• Introduction • CA/DRM Systems • On Securing Smart Cards • On Securing STBs • On Securing DRM Software • Content Protection Standards • Meeting Reality • Epilog
Confidential ©NDS Ltd 2011. All rights reserved. Summary
Understand the battlefield: Functions and constraints
Put security goals: threat analysis
Security design
Security maintenance
Confidential ©NDS Ltd 2011. All rights reserved. ולסיכום....
Confidential ©NDS Ltd 2011. All rights reserved. The Security Paradox
מתוך דו"ח מבקר המדינה 58א כלפי התנהלות צה"ל משנת 2000 עד מלחמת לבנון השניה
מעיון קיצוצים בפרוטוקול בתקציב, הדיון הנהגתעולה כי שיטות הפרטההמשתתפים בצהבדיון", ל, לרבות מדיניות ראש כלכלית הממשלה, גרועה, לא הביאוהגיבו על .דבריו אלה. לתוצאות כמו כן, שליליות לא נמצאשפגעו כי ביכולת הממשלה הצבא דנה בנושאוהמילואים חיוני לפעול זה כפי בעקבות שנדרשדבריו ."המהותיים של שר הביטחון וניתחה את המשמעות הנובעת מהם באותו דו"ח הוסיף המבקר, כי "בשנים 2003 עד 2005 דיווח צה"ל לדרג המדיני כי קיימת פגיעה מתמשכת באימוני מערך המילואים בכוחות היבשה עקב קיצוצים בתקציב, אך לא הציג את המשמעויות המבצעיות של פגיעה זו ואת השפעתה על כשירות מערך המילואים למלחמה, כגון: פגיעה ביכולת לממש תכניות מבצעיות, בין השאר, הכרסום מבחינת בלגיטימציהמשך של הזמן כוחות הנדרש המילואים לביצוען או והצבא הפגיעה בחברה נתן ביכולת של אותותיו החיילים באופן להפעילמובהק . אמצעי בהתנהלות לחימה מלחמת שונים. לבנון בדיון על השניה. תקציב התנהלות מערכת לקויה הביטחוןאשר לשנת שורשיה 2006 שנים קודם שהתקיים לכן באוגוסט 2005 בראשות ראש הממשלה דאז מר אריאל שרון, ציין שר הביטחון דאז, מר שאול מופז, כי מערך המילואים של צה"ל אינו כשיר עקב הפגיעה באימוניו.
Confidential ©NDS Ltd 2011. All rights reserved. The Security Paradox
• When security is OK, resources are cut – “There is no war. Why invest XXX Giga-$ in a military?”
• However, when security fails...
Confidential ©NDS Ltd 2011. All rights reserved. תוצאות מלחמת לבנון השנייה )ויקיפדיה(
Confidential ©NDS Ltd 2011. All rights reserved. Confidential ©NDS Ltd 2011. All rights reserved.