Self-Protecting Digital Content
Encyclopedia
Self Protecting Digital Content (SPDC), is a copy protection
(Digital Rights Management
) architecture which allows restriction of access to, and copying of, the next generation of optical discs and streaming/downloadable content.
, enabling the content providers to change DRM systems in case an existing system is compromised. It adds functionality to make the system "dynamic", as opposed to "static" systems in which the system and keys for encryption
and decryption do not change, thus enabling one compromised key to decode all content released using that encryption system. "Dynamic" systems attempt to make future content released immune to existing methods of circumvention.
may be used to try to work around this limitation, but an attacker with access to multiple sources of video may "scrub" the fingerprint, removing the fingerprint entirely or rendering it useless at the very least.
Because dynamic execution requires a virtual environment, it may be possible to recreate an execution environment on a general purpose computer that feeds the executing code whatever an attacker wants the code to see in terms of digital fingerprints and memory footprints. This allows players running on general purpose computers to emulate any specific model of player, potentially by simply downloading firmware updates for the players being emulated. Once the emulated execution environment has decrypted the content, it can then be stored in decrypted form.
Because the content encryption scheme (such as BD+) is separate from the transport encryption scheme (such as HDCP), digital content is transferred inside the player between circuits in unencrypted form. It is possible to extract digital data directly from circuit traces inside a licensed and legal player before that content has been re-encrypted for transport across the wire, allowing a modified player to be used as a decryption device for protected content. Only one such device must exist for the content to be widely distributed over digital networks such as the Internet.
The final weakness of all DRM schemes is the ultimate decryption for display to end-users. The content can at that time be re-encoded as a digital file. The presumption is that re-encoding is lossy, but fully digital copies can be made with modified viewing devices. For example, HDCP to unencrypted DVI adapters exist on the market and can be used by content pirates to re-encode digital copies without modifying players. Further, modern HD televisions are merely 2 megapixels in resolution and the HD specification will be static for at least two decades, as high-expense consumer product cycles are necessarily long and higher resolution provides decreasing benefit to the consumer. By the time the specification is mid-life, cameras with 20 megapixel resolution will be available and able to record full-motion video, allowing for full two-axis oversampling and software reconstruction of the original stream pixel-by-pixel, with the only analog losses being encoded as slight variations in pixel color--and even this loss can be compensated for with color profile adjustment after the re-encode has completed. It would not be possible to compensate for possible compression of the color space dynamic, however, leading to a slight posterizing effect. This effect is already apparent in compressed video and does not seem to bother most consumers.
Copy protection
Copy protection, also known as content protection, copy obstruction, copy prevention and copy restriction, refer to techniques used for preventing the reproduction of software, films, music, and other media, usually for copyright reasons.- Terminology :Media corporations have always used the term...
(Digital Rights Management
Digital rights management
Digital rights management is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that...
) architecture which allows restriction of access to, and copying of, the next generation of optical discs and streaming/downloadable content.
Overview
Designed by Cryptography Research, Inc. of San Francisco, SPDC executes code from the encrypted content on the DVD playerDVD player
A DVD player is a device that plays discs produced under both the DVD-Video and DVD-Audio technical standards, two different and incompatible standards. These devices were invented in 1997 and continue to thrive...
, enabling the content providers to change DRM systems in case an existing system is compromised. It adds functionality to make the system "dynamic", as opposed to "static" systems in which the system and keys for encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
and decryption do not change, thus enabling one compromised key to decode all content released using that encryption system. "Dynamic" systems attempt to make future content released immune to existing methods of circumvention.
Playback method
If a method of playback used in previously released content is revealed to have a weakness, either by review or because it has already been exploited, code embedded into content released in the future will change the method, and any attackers will have to start over and attack it again.Targeting compromised players
If a certain model of players are compromised, code specific to the model can be activated to verify that the particular player has not been compromised. The player can be "fingerprinted" if found to be compromised and the information can be used later.Forensic marking
Code inserted into content can add information to the output that specifically identifies the player, and in a large-scale distribution of the content, can be used to trace the player. This may include the fingerprint of a specific player.Weaknesses
If an entire class of players is compromised, it is infeasible to revoke the ability to use the content on the entire class because many customers may have purchased players in the class. A fingerprintFingerprint (computing)
In computer science, a fingerprinting algorithm is a procedure that maps an arbitrarily large data item to a much shorter bit string, its fingerprint, that uniquely identifies the original data for all practical purposes just as human fingerprints uniquely identify people for practical purposes...
may be used to try to work around this limitation, but an attacker with access to multiple sources of video may "scrub" the fingerprint, removing the fingerprint entirely or rendering it useless at the very least.
Because dynamic execution requires a virtual environment, it may be possible to recreate an execution environment on a general purpose computer that feeds the executing code whatever an attacker wants the code to see in terms of digital fingerprints and memory footprints. This allows players running on general purpose computers to emulate any specific model of player, potentially by simply downloading firmware updates for the players being emulated. Once the emulated execution environment has decrypted the content, it can then be stored in decrypted form.
Because the content encryption scheme (such as BD+) is separate from the transport encryption scheme (such as HDCP), digital content is transferred inside the player between circuits in unencrypted form. It is possible to extract digital data directly from circuit traces inside a licensed and legal player before that content has been re-encrypted for transport across the wire, allowing a modified player to be used as a decryption device for protected content. Only one such device must exist for the content to be widely distributed over digital networks such as the Internet.
The final weakness of all DRM schemes is the ultimate decryption for display to end-users. The content can at that time be re-encoded as a digital file. The presumption is that re-encoding is lossy, but fully digital copies can be made with modified viewing devices. For example, HDCP to unencrypted DVI adapters exist on the market and can be used by content pirates to re-encode digital copies without modifying players. Further, modern HD televisions are merely 2 megapixels in resolution and the HD specification will be static for at least two decades, as high-expense consumer product cycles are necessarily long and higher resolution provides decreasing benefit to the consumer. By the time the specification is mid-life, cameras with 20 megapixel resolution will be available and able to record full-motion video, allowing for full two-axis oversampling and software reconstruction of the original stream pixel-by-pixel, with the only analog losses being encoded as slight variations in pixel color--and even this loss can be compensated for with color profile adjustment after the re-encode has completed. It would not be possible to compensate for possible compression of the color space dynamic, however, leading to a slight posterizing effect. This effect is already apparent in compressed video and does not seem to bother most consumers.