Windows Media DRM
Encyclopedia
Windows Media DRM is a Digital Rights Management
service for the Windows Media
platform. It is designed to provide delivery of audio and/or video content over an IP network to a PC or other playback device in such a way that the distributor can control how that content is used.
WMDRM includes the following components:
key, ECC1. The server also sends a content key ID, unencrypted. The client then uses the Kcontent as an RC4
key to decrypt the licensed media stream.
As an anti-spoofing measure, additional fields such as playback rights and a random number are encrypted with three more predefined ECC key pairs either by the client or server software:
An analysis of version 2 of the DRM scheme in Windows Media Audio revealed that it was using a combination of elliptic curve cryptography
key exchange, the DES
block cipher
, a custom block cipher dubbed MultiSwap
(for MACs
only), the RC4 stream cipher, and the SHA-1 hashing function.
Windows Media DRM is designed to be renewable, that is, it is designed on the assumption that it will be cracked and must be constantly updated by Microsoft. The result is that while the scheme has been cracked several times, it has usually not remained cracked for long.
Version 1 was released in April 1999 and supported basic business rules such as expiration dates. Version 2 was released in January 2003 and is also known as version 7.x and 9, to keep in sync with the equivalent versions of Windows Media Player
. Version 3, better known as DRM v10, was released in 2004. Earlier versions of the system have cracks available, meaning content restricted with these versions can have the protections stripped. Version 10 was cracked in early 2005, but a software update was shortly pushed which sealed the relevant hole.
Generally, these sorts of cracks have all worked in the same way to a certain extent. Rather than break the encryption itself, which is infeasible, they hook or interfere with the "black box" component as it runs to dump out the content keys or the unencrypted content from memory. These sorts of techniques are countered by Microsoft via automated Windows Update
s, which in turn the user may choose to avoid or cancel.
. Microsoft has not reached other markets yet.
The open network protocol for digital rights management, [MS-DRM] from the MCPP collection, stipulates that software developers have a right to implement the protocol outside the Microsoft's development tools and environment.
platforms. These tools typically were developed with one specific Individualized Blackbox Component (IBX) version in mind and rarely work on a version they were not explicitly designed for. Microsoft in addition to upgrading the IBX whenever it was cracked, also pursued legal action against those who developed and hosted these tools, driving the development and distribution even further underground and fragmenting it. These tools can be split into three categories: decrypter, key-finder, and all-in-one (finds the keys and then decrypts). Microsoft has been more successful in squashing the development and distribution of the tools capable of key finding than those that decrypt encoding, as is apparent by the continual existence of the SourceForge
project FreeMe2 (though that project had not been updated since 04/09/2010).
, had the ability to strip DRM from files protected with WMDRM. This is an all-in-one tool.
Microsoft responded in several ways. First, on August 28, 2006 Microsoft released a new version of the IBX to prevent this particular tool from working. Microsoft also informed partners that they were working to further resolve this issue, given that allegedly the fix was also circumvented within days. Microsoft also issued takedown
notices to Web site owners distributing FairUse4WM. Finally, on 22 September 2006, Microsoft filed a federal lawsuit against John Doe
s 1–10 a/k/a "viodentia", hoping to identify the person or persons responsible. However, the operator of the highest-ranked mirror of the utility, James Holden, denies having received any such notices or threats. Unable to find the identity of Viodentia, in April 2007 Microsoft dropped the civil suits they had filed.
By 16 October 2006, distributors using the Windows Media DRM protection, such as Sky Anytime
, were using a patched codec
. On 6 September 2007, Microsoft updated IBX to version 11.0.6000.7000, in an attempt to thwart circumvention efforts by variants of the original program. And, as of 28 November 2007, DRM Removal under Windows XP on new installs or updated computers (i.e. those that already contain IBX version 11.0.6000.7000), is not possible without rolling back to Windows Media Player 10. In 2008 another patched version of FairUse4WM was released, allowing it to work with Windows Vista, and IBX versions lower than 11.0.6000.6324. In a ploy to confuse the abusers or software tools, Microsoft revisited the controversial 11.0.6000.6324 version number, releasing a new IBX version, but giving the file a deceptive older version number.
software released in 2007, which allows to convert iTunes, WMA, WMV and other protected video and audio formats to their unprotected analogues. It runs under Windows XP/ Windows XP x64/Windows7/Windows 7 x64/Windows Vista/Windows Vista x64 and the trial limitation is 90 seconds of audio and 180 seconds of video conversion. It allows high speed conversion (in specifications it is mentioned that it can remove DRM from up to 16 audio files simultaneously).
Digital rights management
Digital rights management is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that...
service for the Windows Media
Windows Media
Windows Media is a multimedia framework for media creation and distribution for Microsoft Windows. It consists of a software development kit with several application programming interfaces and a number of prebuilt technologies, and is the replacement of NetShow technologies.The Windows Media SDK...
platform. It is designed to provide delivery of audio and/or video content over an IP network to a PC or other playback device in such a way that the distributor can control how that content is used.
WMDRM includes the following components:
- Windows Media Rights Manager (WMRM) SDK for packaging content and issuing licenses
- Windows Media Format SDK (WMF SDK) for building Windows applications which support DRM and the Windows Media format
- Windows Media DRM for Portable DevicesJanus (DRM)Janus is the codename for portable version of Windows Media DRM for portable devices, whose marketing name is Windows Media DRM for Portable Devices introduced by Microsoft in 2004 for use on portable media devices which store and access content offline. Napster To Go was the first online music...
(WMDRM-PD) for supporting offline playback on portable devices (Janus) - Windows Media DRM for Network DevicesCardea (DRM)Cardea is the codename for portable version of Windows Media DRM for network devices, whose marketing name is Windows Media DRM for Network Devices introduced by Microsoft...
(WMDRM-ND) for streaming protected content to devices attached to a home network (Cardea)
How it works
In May 2007 Microsoft published the network protocol behind its license acquisition mechanism. According to the specification, the client software obtains a 7 byte plain-text content key Kcontent from the license server. The server encrypts the key before transferring it to the client with a globally predefined 160-bit ECCElliptic curve cryptography
Elliptic curve cryptography is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. The use of elliptic curves in cryptography was suggested independently by Neal Koblitz and Victor S...
key, ECC1. The server also sends a content key ID, unencrypted. The client then uses the Kcontent as an RC4
RC4
In cryptography, RC4 is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer and WEP...
key to decrypt the licensed media stream.
As an anti-spoofing measure, additional fields such as playback rights and a random number are encrypted with three more predefined ECC key pairs either by the client or server software:
- client software ECC key pair KC,
- client machine ECC key pair KM,
- server software ECC key pair KS.
An analysis of version 2 of the DRM scheme in Windows Media Audio revealed that it was using a combination of elliptic curve cryptography
Elliptic curve cryptography
Elliptic curve cryptography is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. The use of elliptic curves in cryptography was suggested independently by Neal Koblitz and Victor S...
key exchange, the DES
Data Encryption Standard
The Data Encryption Standard is a block cipher that uses shared secret encryption. It was selected by the National Bureau of Standards as an official Federal Information Processing Standard for the United States in 1976 and which has subsequently enjoyed widespread use internationally. It is...
block cipher
Block cipher
In cryptography, a block cipher is a symmetric key cipher operating on fixed-length groups of bits, called blocks, with an unvarying transformation. A block cipher encryption algorithm might take a 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext...
, a custom block cipher dubbed MultiSwap
MultiSwap
In cryptography, MultiSwap is a block cipher/MAC created by Microsoft in 1999 as part of its Windows Media DRM service . Microsoft's internal name for the algorithm is not publicly known; it was dubbed MultiSwap in a 2001 report on WMDRM under the pseudonym "Beale Screamer".The cipher has a block...
(for MACs
Message authentication code
In cryptography, a message authentication code is a short piece of information used to authenticate a message.A MAC algorithm, sometimes called a keyed hash function, accepts as input a secret key and an arbitrary-length message to be authenticated, and outputs a MAC...
only), the RC4 stream cipher, and the SHA-1 hashing function.
Windows Media DRM is designed to be renewable, that is, it is designed on the assumption that it will be cracked and must be constantly updated by Microsoft. The result is that while the scheme has been cracked several times, it has usually not remained cracked for long.
Version 1 was released in April 1999 and supported basic business rules such as expiration dates. Version 2 was released in January 2003 and is also known as version 7.x and 9, to keep in sync with the equivalent versions of Windows Media Player
Windows Media Player
Windows Media Player is a media player and media library application developed by Microsoft that is used for playing audio, video and viewing images on personal computers running the Microsoft Windows operating system, as well as on Pocket PC and Windows Mobile-based devices...
. Version 3, better known as DRM v10, was released in 2004. Earlier versions of the system have cracks available, meaning content restricted with these versions can have the protections stripped. Version 10 was cracked in early 2005, but a software update was shortly pushed which sealed the relevant hole.
Generally, these sorts of cracks have all worked in the same way to a certain extent. Rather than break the encryption itself, which is infeasible, they hook or interfere with the "black box" component as it runs to dump out the content keys or the unencrypted content from memory. These sorts of techniques are countered by Microsoft via automated Windows Update
Windows Update
Windows Update is a service provided by Microsoft that provides updates for the Microsoft Windows operating system and its installed components, including Internet Explorer...
s, which in turn the user may choose to avoid or cancel.
Interoperability
The content delivered with the WMDRM encryption is not universally accessible but limited to those users running Microsoft WindowsMicrosoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
. Microsoft has not reached other markets yet.
The open network protocol for digital rights management, [MS-DRM] from the MCPP collection, stipulates that software developers have a right to implement the protocol outside the Microsoft's development tools and environment.
Removal
Tools have been created to strip files of Windows Media DRM, enabling them to be played on non-JanusJanus (DRM)
Janus is the codename for portable version of Windows Media DRM for portable devices, whose marketing name is Windows Media DRM for Portable Devices introduced by Microsoft in 2004 for use on portable media devices which store and access content offline. Napster To Go was the first online music...
platforms. These tools typically were developed with one specific Individualized Blackbox Component (IBX) version in mind and rarely work on a version they were not explicitly designed for. Microsoft in addition to upgrading the IBX whenever it was cracked, also pursued legal action against those who developed and hosted these tools, driving the development and distribution even further underground and fragmenting it. These tools can be split into three categories: decrypter, key-finder, and all-in-one (finds the keys and then decrypts). Microsoft has been more successful in squashing the development and distribution of the tools capable of key finding than those that decrypt encoding, as is apparent by the continual existence of the SourceForge
SourceForge
SourceForge Enterprise Edition is a collaborative revision control and software development management system. It provides a front-end to a range of software development lifecycle services and integrates with a number of free software / open source software applications .While originally itself...
project FreeMe2 (though that project had not been updated since 04/09/2010).
FairUse4WM
It was claimed that one particular tool, FairUse4WM (released on 19 August 2006) written by ViodentiaViodentia
viodentia is a pseudonym used by the creator of FairUse4WM, a program that removes Microsoft's copy protection technology from Windows Media Video files...
, had the ability to strip DRM from files protected with WMDRM. This is an all-in-one tool.
Microsoft responded in several ways. First, on August 28, 2006 Microsoft released a new version of the IBX to prevent this particular tool from working. Microsoft also informed partners that they were working to further resolve this issue, given that allegedly the fix was also circumvented within days. Microsoft also issued takedown
Takedown
Takedown or take down may refer to:*Takedown , a book by John Markoff and Tsutomu Shimomura about the capture of Kevin Mitnick**Track Down, a 2000 film based thereon, known also as Takedown...
notices to Web site owners distributing FairUse4WM. Finally, on 22 September 2006, Microsoft filed a federal lawsuit against John Doe
John Doe
The name "John Doe" is used as a placeholder name in a legal action, case or discussion for a male party, whose true identity is unknown or must be withheld for legal reasons. The name is also used to refer to a male corpse or hospital patient whose identity is unknown...
s 1–10 a/k/a "viodentia", hoping to identify the person or persons responsible. However, the operator of the highest-ranked mirror of the utility, James Holden, denies having received any such notices or threats. Unable to find the identity of Viodentia, in April 2007 Microsoft dropped the civil suits they had filed.
By 16 October 2006, distributors using the Windows Media DRM protection, such as Sky Anytime
Sky Anytime
Sky Anytime is the brand-name of a range of services from BSkyB designed to compete with video on demand services currently offered by rival companies such as Virgin Media or Tiscali TV as well as Internet Television services such as ITV Player and Sky Go....
, were using a patched codec
Codec
A codec is a device or computer program capable of encoding or decoding a digital data stream or signal. The word codec is a portmanteau of "compressor-decompressor" or, more commonly, "coder-decoder"...
. On 6 September 2007, Microsoft updated IBX to version 11.0.6000.7000, in an attempt to thwart circumvention efforts by variants of the original program. And, as of 28 November 2007, DRM Removal under Windows XP on new installs or updated computers (i.e. those that already contain IBX version 11.0.6000.7000), is not possible without rolling back to Windows Media Player 10. In 2008 another patched version of FairUse4WM was released, allowing it to work with Windows Vista, and IBX versions lower than 11.0.6000.6324. In a ploy to confuse the abusers or software tools, Microsoft revisited the controversial 11.0.6000.6324 version number, releasing a new IBX version, but giving the file a deceptive older version number.
DRM removal
DRM Removal is a sharewareShareware
The term shareware is a proprietary software that is provided to users without payment on a trial basis and is often limited by any combination of functionality, availability, or convenience. Shareware is often offered as a download from an Internet website or as a compact disc included with a...
software released in 2007, which allows to convert iTunes, WMA, WMV and other protected video and audio formats to their unprotected analogues. It runs under Windows XP/ Windows XP x64/Windows7/Windows 7 x64/Windows Vista/Windows Vista x64 and the trial limitation is 90 seconds of audio and 180 seconds of video conversion. It allows high speed conversion (in specifications it is mentioned that it can remove DRM from up to 16 audio files simultaneously).