10

As a follow-up to Cipher for Product Registration, are there secure yet usable cryptographic standards/protocols for protecting software and data used by software? I'm interested in hardware and software techniques for:

  • Software registration
  • Anti-reverse engineering
  • Piracy prevention
  • Intellectual property protection (both of source code and data)

Though related areas would be of interest too.

Personally I have seen hardware methods which use a USB or Serial device for piracy prevention, encryption of machine code (everything from a simple XOR with a constant pad to more advanced methods) for anti-reverse engineering and IP protection. Are there any standardized methods? Are there any good comprehensive/authoritative sources on the topic?

mikeazo
  • 2,827
  • 13
  • 29
  • 2
    I wonder if this might be covered by [Are there DRM techniques to effectively prevent pirating?](http://security.stackexchange.com/questions/4637/are-there-drm-techniques-to-effectively-prevent-pirating) –  Nov 15 '11 at 15:44
  • One role is encrypting the game before it goes out. The game will be pirated and cracked but at least when dvds or digitals downloads go out the game cant be cracked or looked at before the official release date. This is what starcraft2 did. However i dont believe crypto can stop anti piracy –  Sep 02 '12 at 21:49

1 Answers1

11

One possible model for preventing software piracy is Trusted Computing. The hardware platform is "trusted" in that it should be tamper resistant and will refuse to run non-authorized code, or divulge the contents of the RAM. This is the model employed by game consoles, e.g. the PS3. This relies quite heavily on symmetric encryption (so that important code and data is protected against prying eyes) and digital signatures (the hardware will refuse to execute code which is not properly signed). Sony goofed it up by reimplementing ECDSA improperly (and doing a few other stupid things, e.g. their disk encryption system is pathetic) but the model still holds.

Of course, tamper resistance is expensive, and the contents of a PS3 can be extracted with relatively little cost -- but still not immediately. Sony, with its complex assembly of encryption and signatures, and by enforcing mandatory firmware upgrades (by rejecting access to the PlayStation Network for people who did not upgrade), succeeds in keeping piracy at low levels, and, more importantly, concentrating piracy into the hands of not-that-many actors, at which point regular police operations are effective. Cryptography is only part of the mechanism, and the real core of the anti-piracy system is the long arm of the Law.

HDCP is a standard for encrypting audio and video data while in transit over wires; this is meant to allow for, e.g., a movie to go from a Blu-ray player to a compliant TV without being copied by any device placed in-between. There again, this relies on symmetric encryption, asymmetric key exchange, and signatures.

A cryptographic mechanism related to Trusted Computing is Broadcast Encryption. This is specifically used in Blu-ray. This is a way to symmetrically encrypt data such that:

  • every Blu-ray player in the world has its own decryption key;
  • players refuse to play unencrypted data;
  • a given disk "includes" the encryption of the movie for every single player key.

A lot of science goes into the details, so that a single disk may indirectly contain the encrypted keys for billions of potential players. The scheme is based on nested binary trees and a "revocation" system: a disk cannot really contain one encrypted key per target player, but it can cryptographically revoke a few hundreds of "bad keys" known to have been hacked. There again, this is a cryptographic system which does not ensure that movie data will not be extracted, but at least enforces the need of an hardware-based hack on a given player, that attackers must do again on a regular basis because widespread leakage of data can be counteracted through revocation. It is unclear whether the Blu-ray protection scheme (called AACS) will stand the test of time, but it surely is much stronger than that of the plain DVD.

A companion technology for DRM is watermarking. Whether watermarking is part of cryptography or not is debatable (and debated). Some cryptographic algorithms, in particular symmetric encryption, are used within watermarking techniques for "randomization" (encryption turns structured data into what looks like random noise, and, as such, is more easily inserted into a given medium without altering much how humans perceive it).


Summary: there is no magic cryptographic algorithm which prevents piracy. If only because encrypted data can be copied as is. But DRM is a wide subject which encompasses many areas, and a few well-designed cryptographic algorithms can be an essential part of a DRM system -- usually to "raise the bar" so that successful attackers will be fewer, and more easily targeted by conventional law enforcement agencies.

Thomas Pornin
  • 322,884
  • 58
  • 787
  • 955