Full Disclosure
mailing list archives
From: Security Explorations
Date: Wed, 1 May 2024 14:00:52 +0200
Hello All, There is yet another attack possible against Protected Media Path process beyond the one involving two global XOR keys (1). The new attack may also result in the extraction of a plaintext content key value. The attack has its origin in a white-box crypto (2) implementation. More specifically, one can devise plaintext content key from white-box crypto data structures of which goal is to make such a reconstruction difficult / not possible. This alone breaks one of the main security objective of white-box cryptography which is to protect the secret key (unbreakability) (3). Contrary to the initial (XOR key) attack, the white-box crypto attack is not limited to the given narrow time window (white-box data structures need to be present for the time of a movie decryption / playback). Fixing it might require a completely new approach / implementation (current one is obviously flawed). In that context, white-box crypto attack seems to be more severe than the XOR key one. Additionally, a cryptographic check proving that extracted key values correspond to real keys has been conducted for Canal+ Online, Netflix, HBO Max, Amazon Prime Video and Sky Showtime. The check relies on a digital cryptographic signature verification. Such a signature is appended at the end of each license issued by PlayReady license server. The crypto check works as following: - plaintext value of a digital signature key encrypted through ECC is extracted from a Protected Media Path process - the extracted signature key is used to calculate the AES-CMAC value of a binary licence XMR blob - the calculated signature value is checked against the signature appended at the end of the issued license - correct AES-CMAC value implicates correct signature key (and correct content key) The above mechanism is also used by Microsoft to verify the correctness of decrypted content keys received from a license server. It relies on the fact that signature key is part of the same encrypted license blob as content key. Thus, successful extraction of a signature key implicates successful extraction of a content key. In the context of no confirmation / denial (4) from the platforms indicated above as being affected, the crypto check should constitute sufficient proof to support that claim alone. Thank you. Best Regards, Adam Gowdiak ---------------------------------- Security Explorations - AG Security Research Lab https://security-explorations.com ---------------------------------- References: (1) Microsoft Warbird and PMP security research https://security-explorations.com/microsoft-warbird-pmp.html (2) White-box cryptography, Wikipedia https://en.wikipedia.org/wiki/White-box_cryptography (3) White-Box Security Notions for Symmetric Encryption Schemes https://eprint.iacr.org/2013/523.pdf (4) Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services https://www.securityweek.com/microsoft-drm-hacking-could-allow-movie-downloads-from-popular-streaming-services/ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- Microsoft PlayReady white-box cryptography weakness Security Explorations (May 01)
GIPHY App Key not set. Please check settings