Soooo, after a few evenings of work, I've 100% broken Widevine L3 DRM. Their Whitebox AES-128 implementation is vulnerable to the well-studied DFA attack, which can be used to recover the original key. Then you can decrypt the MPEG-CENC streams with plain old ffmpeg...
I agree that rapidly changing the nature of the DRM would be a good solution though - but how do you get changes out fast enough to *all* clients?
-
-
It's a difficult problem to address indeed... Application security is tough especially when the environment is attacker-controlled. There's always trade-off between more layers of obfuscation or usability....
-
Yes, changing LUT fast would be nice. But they would be better off, by improving WBC design. This can be done. Examples: By increasing error diffusion (e.g better internal encodings). Or carrying redundant data (e.g checksums), along the computation in the transformed domain.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.