If implemented properly, the hardware-based approach is the toughest to crack.
It's become the norm for digital rights management (DRM) designs to be cracked shortly after they're introduced. Among the reasons are poor software designs that leave keys exposed, interception of unencrypted content at a vulnerable point in the system, or the use of new and untested ciphers that are compromised.
ABI Research Analyst Steve Wilson believes that this cycle of developing then breaking DRM designs will be overcome through hardware security engines embedded in system-on-chips (SoCs) aimed at consumer electronics. “In today's consumer electronics products, hardware IC features play little role in protecting copyrighted content,” observed Wilson. “Popular DRM schemes that depend on secure software implementations such as Windows DRM, Fairplay, and AACS are routinely targeted and hacked. However, processor vendors are enhancing their architectures and embracing security features that will simplify secure software implementations and make it more difficult to copy and share protected content.”
A hardware-based method for protecting digital content must include a number of key features, including:
- a secure encryption engine that allows access to the content but protects the encryption keys and critical secrets.
- non-volatile memory (NVM) for the encryption keys and secure boot functions. The NVM block should be field reprogrammable to allow for the keys and secrets to be updated should a vulnerability be discovered.
- proven security algorithms. The time it takes to prove out new and proprietary algorithms is measured in years. Anytime an unproven algorithm is put into the field, the protected content is at risk. Fortunately, organizations such as RSA and NIST have spent years and millions of dollars vetting and approving standard algorithms for encryption and authentication such as AES, SHA, and Diffie-Hellman.
- lower total cost of ownership than the current solution. Added security will come at a cost, but is more than offset by the reduced theft and piracy created by weak protection.
- a governing body to regulate interoperability and fairness. Proprietary systems won't bring the entire industry together. It will take an organization such as the Motion Picture Engineering Group (MPEG) to take up the cause and manage the transition to a robust industry security standard.
Although all the technology and expertise exists today to implement a hardware-based content protection scheme, it's been slow to gain adoption. We believe there are two key obstacles that are hindering the adoption of more robust security.
1. Obfuscation of the cost benefit. Currently, all the cost associated with content theft and piracy is borne by the content owners. But the cost of implementing a hardware-based security algorithm is borne by the silicon providers. As long as the content providers continue to tolerate weak security, the silicon providers will continue to maximize their business interests by selecting the cheapest security method that will win them the business. Today that means a software-based security algorithm.
2. Distribution of the expertise. To implement a hardware-based system, the chip designer must integrate IP blocks from at least two suppliers (the encryption engine and the NVM). To solve this issue, IP providers must collaborate to provide a proven, interoperable solution that reduces the risk to the IC vendor.
All the capabilities are currently in place to implement an industrywide security architecture that should largely put the threat of content theft and piracy behind us. All it will take is for the content providers to mandate tighter security from their IC vendors and the IC vendors to drive IP suppliers to work together and provide a low-risk solution. With digital content theft and piracy costing the content providers an estimated $18 billion per year in 2005 (according to the MPAA), the stakes are high.