Broadcasters need to need to dynamically secure premium content so they can offer their customers the best programming possible.
Commercial video and other digital content distributed over the Internet is often protected with DRM or other protection systems, where encrypted content files are sent from a content server to a client device or software. Thus, the DRM itself is often a target for attack, where hackers attempt to reverse-engineer code on the client device in order to discover keys and use them to decrypt the content.
Once the DRM is circumvented, the digital content is free for unauthorized copying and use. Even when implemented using modern device-specific hardware security, DRM solutions are not able to withstand and recover from the attacks currently faced on today's increasingly open platforms.
Hacker Threat Models
Hackers intent on pirating content typically use one of two approaches to circumvent software-based protection mechanisms: they either attempt to reverse engineer the code to discover sensitive data such as cryptographic keys, certificates or resource files that will allow them to unlock the content, or they try to tamper with the code in order to modify its behavior to allow them access to the content.
The secret to defeating them is to make the task of breaking the security so difficult that it is no longer worth their effort to do so; in other words, to break the hacker business model.
Multiple Layers of Defense
The core technology behind Irdeto ActiveCloak for Media has long been considered by Hollywood studios and consumer electronics makers as the “gold standard” for software protection. Competing solutions often employ post-build, binary insertion techniques (e.g. guards), which by their very mechanics, can easily be removed by an adversary.
What sets the Irdeto solution above and beyond other competing solutions is the compilation support for program transformations and obfuscation where the source code itself is transformed to hide control flow, data flow, usage, storage, etc. This provides a layered solution where binary and source-level protection techniques are combined to counter the widest variety of attack vectors. This multi-layered defense strategy is further extended with software diversity and renewability to create an overall security lifecycle framework that focuses on the three pillars of dynamic security: attack prevention; threat reduction; and security recovery.
Strong Initial Attack Resistance
The key to helping prevent attacks is to provide the strongest possible initial attack resistance. Using a technology layering approach, various software protection techniques are applied to the code in order to defeat or impede the progress of software pirates. Each of these techniques are designed to address different vulnerabilities with the application or code, and when used in combination, significantly increase the difficulty and skill level required in order to successfully reverse engineer or tamper with an application.
Reducing Threat through Software Diversity
While strong initial attack resistance is critical to help delay attacks, ActiveCloak for Media takes security to the next level by limiting the impact of an eventual breach. Through software diversity, ActiveCloak ensures that only a small portion of the installed base will be affected by an attack.
ActiveCloak automatically generates security “agents” that reside on client devices. By applying functionally equivalent but structurally diverse instances of these agents, ActiveCloak limits the impact of automated attacks, reducing both the financial exposure caused by the breach as well as the scope of deploying a corrective update. The flexibility of ActiveCloak allows diversity to be applied by device type, by software release, or even by individual subscriber. In contrast, hardware-based security solutions typically expose applications running on an entire device class, allowing hackers to package the attack as a tool to be shared and easily propagated.
Renewable Security
Should an attack eventually be successful, renewing security to re-establish a secure environment is critical to limit prolonged exposure to content piracy. ActiveCloak allows operators to quickly renew the software agents already installed on client devices. This ability to renew its protection mechanisms is an important advantage of ActiveCloak for Media and Irdeto Cloaked CA.
ActiveCloak core technology enables Irdeto’s dynamic security model, the only security solution in the industry that combines the most advanced binary-level and source-level code protections, software diversity and security renewability to dramatically decrease the probability and ease of an attack while limiting the overall potential exposure during a specific attack. ActiveCloak dynamic security is the key to effective content protection.
|
ActiveCloak protection technique
|
How it fights piracy
|
|
Anti-Debug
|
- Detects and prevents analysis of the application from a debugger
|
|
Branch Protection
|
- Protects conditional code branches from reverse engineering, tampering and exploitation
- Prevents an attacker from forcing or “jamming” the condition in a certain direction
|
|
Control Flow Flattening
|
- Provides multiple control flow level settings and techniques
- Allows programmers to strike a balance between security and right level of performance
|
|
Control Flow Transforms
|
- Hides original high-level control flow and highly structured control flow elements
- Forces attacker to dynamically trace control flow
|
|
Data Flow Transforms
|
- Mathematical transformations that increase program complexity but retain original functionality
- Makes reverse engineering, tampering, and exploitation more difficult
|
|
Function Signature Transforms
|
- Modifies function interfaces within a program to make all function calls identical in appearance
- Makes it more difficult to identify the number, types, ordering, and values of the parameters and the return value of a protected function
|
|
Integrity Verification
|
- Verifies integrity of image and data files on disk and in memory
|
|
Node-locking
|
- Binds an application to an ActiveCloak agent running on a particular end-user device
- Helps prevent host ID spoofing
|
|
Secure Loading
|
- Prevents static code analysis and tampering before module is loaded into memory
|
|
Security In-lining
|
- Extracts the body from a called function and combines it with the body from the “call site”
- Removes the function call as an attack point
|
|
String Transforms
|
- Mathematical formulae applied to string literals
- Conceal strings within final executable or dynamic library making human comprehension much more difficult
|
|
White-box Cryptography
(Irdeto patented)
|
- Ensures that keys are not revealed while cryptographic computations are being observed in complete detail
- Increases the difficulty of key extraction
- Supports AES, RSA and ECC algorithms
|
Innovation 
