Browse Source

introduction and preliminary structure

Trolli Schmittlauch 2 years ago
4 changed files with 86 additions and 5 deletions
  1. +4
  2. BIN
  3. +27
  4. +55

+ 4
- 0
glossary.tex View File

@ -1,3 +1,7 @@
\acro{DMCA}{Digital Millenium Copyright Act}
\acro{DRM}{Digital Rights Management}
\acro{OS}{operating system}
\acro{TPM}{Trusted Platform Module}
\acro{TEE}{Trusted Execution Environment}
\acro{UEFI}{Unified Extensible Firmware Interface}
\acro{WIPO}{World Intellectual Property Organization}

main.pdf View File

+ 27
- 5
main.tex View File

@ -105,14 +105,34 @@ Security, DRM, Trusted Execution Environments, SGX,
\IEEEPARstart{S}{ince} early on in the so-called ``information economy'', publishers have tried to limit the distribution of their digital goods to the buyers only. In his keynote ``The coming war on general computation'' at the 28th Chaos Communication Congress \cite{corydoctorowComingWarGeneral2011}, Cory Doctorow outlines the development of copy-protection mechanisms from first including uncopyable bad sectors to the floppy disks on which programs were distributed or tying the execution to dongles and license keys, to encrypted music and video files protected with dedicated \ac{DRM} schemes. \\
But these attempts were mostly based on obscuring the protection mechanism used, thus being vulnerable to circumvention through reverse-engineering, patching out the protection mechanism or retaining the supposedly-secret media decryption keys even after the usage license expired. The renowned IT security collumnist and expert Bruce Schneier commented on these attempts: ``Digital files cannot be made uncopyable, any more than water can be made not wet.'' \cite{bruceschneierCryptoGramMay152001} The underlying vulnerability of all these copy protection schemes was that they were attempting to ``[\dots] figure out how to stop computers from running certain programs and inspecting certain files and processes.'' \cite{corydoctorowComingWarGeneral2011} But as modern day computers are mostly general computation machines, they are inherently based on copying data and computing on them.
Doctorow warns that all countermeasures trying to ensure copy protection of digital content are going to result in creating ``appliances'', which are still general purpose computers, but locked down with ``some combination of rootkits, spyware, and code-signing to prevent the user from knowing which processes are running, from installing her own software, and from terminating processes that she doesn't want.'' \cite{corydoctorowComingWarGeneral2011} \\
Additionally, international agreements based on the \ac{WIPO} Copyright Treaty \cite{worldinternationalcopyrightorganizationWIPOCopyrightTreaty1996}, its most prominent implementation being the US-American \ac{DMCA}, make the circumvention of ``technical protection measures'' such as \ac{DRM} illegal.
So right now we are in a situation, where all major publishers of e.g. video\footnote{all Hollywood movie publishers require adhering to certain protec standards like \cite{movielabsinc.MovieLabsSpecificationEnhanced2018}} and audio\footnote{although legal music file purchases are mostly \ac{DRM}-free, the consumption model of streaming has brought back DRM to platforms like Spotify or Deezer} content, and video games\footnote{Valve's Steam platform integrates its own DRM into sold games; other publishers as well as gaming consoles have their own DRM systems as well}. Thus right now, all software using this content has to be proprietary and whole platforms are being locked down more and more. This development is most apparent in non-PC platforms like mobile devices, where unlocking the bootloader (if even possible) results in deletion of \ac{DRM} keys of the device. \cite{sonydeveloperworldUnlockBootloaderOpen}
But in recent years modern CPU architectures have introduced special hardware-backed \acp{TEE} to provide a secured environment for security-critical code to be executed in isolation from the main \textit{untrusted} \ac{OS}. Can these TEEs and other special hardware trust-anchors provide the possibility to present \ac{DRM}-secured content in an otherwise open and open source system, not having to lock it down completely?
Motivation: DRM means/ meant lockdown: Bruce Schneier quote, War on General Computation (Cory Doctorow), examples for bad obfuscation DRM
% % %
% Literature Survey and Background
\section{Background: Trust Anchors and Trusted Execution}
This section first gives an overview about technologies used for having a trust anchor in a running system. Though these approaches are often used for locking down whole systems, they may also provide the basis for building more open systems with a \ac{TEE}. \\
Afterwards we cover the technologies dedicated to provide a \ac{TEE} in modern processor architectures.
\subsection[SecureBoot]{UEFI Secure Boot}\label{sec:SecureBoot}
\textit{Secure Boot} is a functionality of the \ac{UEFI} boot firmware component \cite{unifiedefiforuminc.UEFISpecificationVersion2017} to allow only the launch of authenticated boot images. To achieve that, boot images can be signed with X.509 certificates. Only if the image verifies correctly against a key stored in non-volatile firmware memory or against an entry in an explicit whitelist of signatures. This first check on which bootloader or \ac{OS} image to launch can be the anchor of a trust chain, if each consecutive execution step also checks the authenticity of software to be launched.
lockdown techniques: TPM, secure boot
TEEs: SGX, TrustZone
@ -130,6 +150,8 @@ WiDevine/ Netflix ban from rooted devices
- remaining other problems: cultural heritage, inflexibility, tied to a certain technological platform
Doctorows Law: "Anytime someone puts a lock on something you own, against your wishes, and doesn't give you the key, they're not doing it for your benefit."
% % %
% Theory (probably)
@ -144,8 +166,8 @@ WiDevine/ Netflix ban from rooted devices

+ 55
- 0
mybib.bib View File

@ -203,4 +203,59 @@ This paper's contributions are a summary of the Intel-specific architectural and
file = {/home/spiollinux/Zotero/storage/A23TYJ6N/Pham et al. - 2015 - An Open Source Content Decryption Module to Improv.pdf;/home/spiollinux/Zotero/storage/4IVKLURP/7442371.html}
address = {28. Chaos Communication Congress, Berlin},
type = {Keynote},
title = {The Coming War on General Computation},
language = {English},
author = {{Cory Doctorow}},
month = dec,
year = {2011},
note = {transcript:}
title = {Crypto-{{Gram}}: {{May}} 15, 2001 - {{Schneier}} on {{Security}}},
howpublished = {\#3},
author = {{Bruce Schneier}},
month = may,
year = {2001},
file = {/home/spiollinux/Zotero/storage/VUQGAE7D/0515.html}
title = {{{WIPO Copyright Treaty}}},
lccn = {TRT/WCT/001},
language = {en},
author = {{World International Copyright Organization}},
month = dec,
year = {1996},
pages = {9},
file = {/home/spiollinux/Zotero/storage/GFD5347M/WIPO Copyright Treaty.pdf}
title = {{{MovieLabs Specification}} for {{Enhanced Content Protection}}, v1.2},
author = {{MovieLabs Inc.}},
month = aug,
year = {2018},
file = {/home/spiollinux/Zotero/storage/YH64SDLP/MovieLabs_ECP_Spec_v1.2.pdf}
title = {Unlock {{Bootloader}} - {{Open Devices}} - {{Sony Developer World}}},
howpublished = {},
author = {{Sony Developer World}},
file = {/home/spiollinux/Zotero/storage/CRIW7H7S/unlock-bootloader.html}
title = {{{UEFI Specification}} Version 2.7 Errata {{A}}},
language = {en},
author = {{Unified EFI Forum, Inc.}},
year = {2017},
pages = {2575},
file = {/home/spiollinux/Zotero/storage/HUEEIARA/2017 - UEFI Specification version 2.7 errata A.pdf}