Protected AAC File Format - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Protected AAC File Format

Description:

name -- iTunes user name. priv -- AES private key. mdat -- encrypted media data ... Variable block and key length (iTunes uses 128 bits for both) ... – PowerPoint PPT presentation

Number of Views:183
Avg rating:3.0/5.0
Slides: 13
Provided by: tri564
Category:
Tags: aac | file | format | itunes | protected

less

Transcript and Presenter's Notes

Title: Protected AAC File Format


1
Protected AAC File Format
  • A look into the FairPlay
  • DRM scheme used by the
  • iTunes Music Store

2
Overview
  • High-level description of the MPEG-4 file format
  • Introduction to AES (Rijndael) encryption
  • A look at how Apples FairPlay DRM scheme
    works
  • References and further study
  • QA

3
MPEG-4 File Structure
  • Atom based.
  • Two main atoms moov and mdat
  • moov contains metadata about the actual media
    data
  • mdat contains the actual media data

4
MPEG-4 Atom Structure
  • Every atom has a header (size, type)
  • Atoms may be nested
  • Atom type is used to determine how to parse the
    atom data

5
Typical m4p (Protected AAC) File
  • ftyp -- file type
  • moov -- metadata information
  • drms -- DRM metadata
  • user -- iTunes user ID
  • key -- iTunes user key
  • iviv -- AES initialization vector
  • name -- iTunes user name
  • priv -- AES private key
  • mdat -- encrypted media data
  • a series of samples, each encrypted
    individually
  • free -- unused space

6
AES (Rijndael) Overview
  • Block cipher (symmetric, works on groups of
    bits)
  • Variable block and key length (iTunes uses 128
    bits for both)
  • Two common modes electronic cookbook (ECB --
    more performant) and cipher-block-chaining (CBC
    -- more secure, used by iTunes)

7
AES (Rijndael) Description
  • Components
  • Initialization vector
  • Key
  • Input Data
  • Algorithm is initialized with the initialization
    vector (provides a possible additional layer of
    security).
  • Each block of the input data is then hashed using
    the given key.

8
ECB vs. CBC mode
  • Using ECB, repeated instances of the same input
    block encrypted under the same key form the same
    cipher block. Thus, you can determine the key by
    analyzing the output data for common blocks --
    not secure!
  • CBC avoids this by chaining. Each block is
    XORed with the previous cipher block before
    encryption. Thus, there is no (efficient) way to
    determine the key by analyzing the output data.

9
Apples FairPlay DRM
  • ISCInfo key database stored on hard drive / iPod
    contains user keys for the AES encryption of the
    sound sample data. Which key was used is in the
    key and user atoms within the drms atom.
  • Each user key in the database is encrypted using
    a system key.
  • On Windows, the system key is a hash of Bios
    Version, Processor Name and Windows Version (from
    registry).
  • On an iPod, the system key is the iPod hardware
    ID.

10
Typical m4p (Protected AAC) File
  • ftyp -- file type
  • moov -- metadata information
  • drms -- DRM metadata
  • user -- iTunes user ID
  • key -- iTunes user key
  • iviv -- AES initialization vector
  • name -- iTunes user name
  • priv -- AES private key
  • mdat -- encrypted media data
  • a series of samples, each encrypted
    individually
  • free -- unused space

11
References and further study
  • MPEG-4 description (http//www.chiariglione.org/mp
    eg/standards/mpeg-4/mpeg-4.htm)
  • AES homepage (http//csrc.nist.gov/CryptoToolkit/a
    es/)
  • VideoLAN project (http//videolan.org/)
  • Hymn project (http//hymn-project.org/)

12
Questions?
  • Why is the sky blue?
  • What is the price of beans in China?
  • Will I lead a happy life?
Write a Comment
User Comments (0)
About PowerShow.com