OBFUSCATION AND WBC : ENDEAVOUR FOR SECURING ENCRYPTION IN THE DRM CONTEXT
Antonius Cahya Prihandoko, Hossein Ghodosi, Bruce Litow
Abstract—Under Digital Rights Management (DRM) protection, digital content is usually delivered in an encrypted form so that only authorized users can access it. Most DRM applications use secure symmetric algorithms, such as DES and AES, to protect content. However, executing these algorithms in an insecure environment may allow adversaries to compromise the system and obtain the key. To withstand such attack, algorithm implementation is modified in such a way to make the implementation unintelligible. The two most considered modification mechanisms are code obfuscation and white-box cryptography. In this paper we study the nations of code obfuscation and white-box implementation with regard to the DRM context. We then propose an implementation of white-box cryptography to advantage DRM which is required to provide a balanced protection for content provider and users.
Index Terms—Digital Rights Management, Code Obfuscation, White-box Cryptography, Software Protection, Security, Privacy.
This paper was presented at the International Conference on Computer Science and Information Technology (CSIT) 2013, Yogyakarta, Indonesia on 16-18 June 2013. Appeared in the CSIT Proceedings pp. 150-155. ISBN 978-979-3812-20-5