Revocation List

from Wikipedia, the free encyclopedia

The hallmark of modern DRM systems is not only that they encrypt the actual data as well as the authorizations for what can be done with the data, but also that they can subsequently block devices suitable for playback using so-called revocation lists .

The reason for this lies in the fact that

  • any encryption system can be cracked and
  • When introducing a DRM system, it is often the case that not all points are considered from which the protected content can be used and the system can be circumvented.

The aim of a revocation list is to counter a hacker who tries to compromise a DRM system by breaking the authentication or encryption and thus gain unauthorized access to protected content by locking the compromised systems individually.

For example, a revocation list can be used to block entire device series if it turns out that a certain product revision is susceptible to manipulation.

In such cases, questions of liability are often unresolved, since blocking a device practically devalues ​​it.

realization

A revocation list only works effectively if it is part of the DRM. This means: Either an older version of the DRM has to be replaced by a newer one (the rights holder can do this by, for example, providing pieces of music or videos that require a certain, more advanced version of the DRM), or it has to already be done as with AACS should be planned from the start.

It also makes sense (but not absolutely necessary) if the DRM can identify the devices not just by type, but individually by means of a serial number; this prevents uninvolved persons from being hit by the lock, who were just unlucky enough to have a device of the same construction as the hacker.

If device IDs appear on the revocation list that are blocked, the DRM system checks before playback begins whether the playback chain contains one of the indexed devices. If this is the case, it depends on the measures within the DRM that are defined for such a case. Here z. For example, the user is informed that the protected content cannot be played, or it is possible that playback with limited quality is possible.

Examples

The DVD DRM system is based on the fact that the contents of protected DVDs are encrypted with the so-called CSS content scrambling system . In order to be able to play CSS DVDs, the DVD player must meet certain criteria. B. so-called User Operation Prohibitions are observed and if the content of the DVD so requires, interference signals must block a recording of the video signal by a VHS recorder. A revocation list was not provided here, but there is a so-called key block on every CSS-encrypted DVD, which contains a large number of media keys. One of these keys now fits every licensed player, and the idea to implement a revocation was to simply omit the keys of compromised players on new DVD releases in order to exclude them from playing at least the newer DVDs.

However, this was not realized with the DVD even after the so-called CSS hack, because this ultimately led to both the encryption method and the key calculation being made public: CSS was completely compromised and only a complete replacement of the encryption method would still have that Can ensure copy protection, but then newer DVDs would not have been able to run on old, basically uncompromised devices.

With HD-DVD, on the other hand, a revocation list should be stored on each disc, which the player must read out before playback. If he finds components from this list in the playback chain, playback may presumably only take place in SD quality. It is also uncertain whether the player has to save this list and thus it will apply to all further playbacks of older HD DVDs, but it is very likely.

The HDCP specified for securing high-resolution video signals provides for the decision of an American court in the state of Washington (the seat of HDCP co-inventor Intel is the city of Seattle in the state of Washington) as the basis for blocking a device via a revocation list.