2

Lets say somebody downloads multiple segments of my widevine DRM stream :

  • Segment01.m4s

  • Segment02.m4s

  • Segment...n.m4s

And he somehow got a hold of the decoded initialization header data for that particular stream, what is he able to do with it? Can he use it to decode the segments he downloaded? If not, what are possible ways he could do it, and how do i prevent such thing from happening.

DarkMental
  • 482
  • 7
  • 26
  • KIDs are public by design. What do you mean by Init data? Do you mean the pssh? Because that’s publicish also. – szatmary Dec 22 '17 at 01:29
  • the PSSH is just a base64 serialized protocol buffer message which contains the KID among others – aergistal Dec 22 '17 at 08:33
  • Got it thank you. By the init data, i meant the `initialization header` I'm still getting my head around the whole process, and the steps it takes to decode the segments on the client side. – DarkMental Dec 22 '17 at 13:04

1 Answers1

2

Your question title and your question text ask slightly different things - in the question text you just mention the attacker having the initialisation data, but in the title you also mention the attacker getting hold of the license key itself.

As others have mentioned the initialisation data, which will include the key-id, the initialisation vector etc, is already available in the stream itself.

They key itself is not available - the player must pass the key-id to the DRM system or to the application and it will then request the license key associated with that key-id from the license server. They key which is returned will itself be encrypted so only the DRM system can decrypt it and access it.

If your attacker did have the unencrypted key itself, then they would effectively have bypassed the entire DRM system and they would indeed be able to decode the stream.

Mick
  • 24,231
  • 1
  • 54
  • 120
  • How would the un-encrypted key be used then to decrypt the files? Does it just decrypt the initialization header and use that to decode the segments, or is each segment encrypted itself, if so what is the purpose of the initialization header, thanks for taking the time :) – DarkMental Dec 28 '17 at 13:06
  • Assuming it is an MP4 file there will be header information in the file to indicate which parts of the file are encrypted - typically files use sub-sample encryptions so only part of the file is actually encrypted. You simply pass the file along with the key to the decrypter function on your platform - this is of trent combined with the decoder and player. You could use the information to do it manually but it would be a laborious process. – Mick Dec 28 '17 at 13:26
  • Initialization header is used to identify which DRM services are supported, and what keys to request from those services. You give initialization header to Widevine CDM to prepare you the request which you will send to Widevine license server. – Ladislav Mrnka Jan 09 '18 at 11:28