Windows Media DRM or WMDRM, is a Digital Rights Management service for the Windows Media platform. It is designed to provide delivery of audio or video content over an IP network to a PC or other playback device in such a way that the distributor can control how that content is used.
WMDRM includes the following components:
In May 2007 Microsoft published the network protocol behind its license acquisition mechanism. According to the specification, the client software obtains a 7 byte plain-text content key Kcontent from the license server. The server encrypts the key before transferring it to the client with a globally predefined 160-bit ECC key, ECC1. The server also sends a content key ID, unencrypted. The client then uses the Kcontent as an RC4 key to decrypt the licensed media stream.
As an anti-spoofing measure, additional fields such as playback rights and a random number are encrypted with three more predefined ECC key pairs either by the client or server software:
An analysis of version 2 of the DRM scheme in Windows Media Audio revealed that it was using a combination of elliptic curve cryptography key exchange, the DES block cipher, a custom block cipher dubbed MultiSwap (for MACs only), the RC4 stream cipher, and the SHA-1 hashing function.
Windows Media DRM is designed to be renewable, that is, it is designed on the assumption that it will be cracked and must be constantly updated by Microsoft. The result is that while the scheme has been cracked several times, it has usually not remained cracked for long.
Version 1 was released in April 1999 and supported basic business rules such as expiration dates. Version 2 was released in January 2003 and is also known as version 7.x and 9, to keep in sync with the equivalent versions of Windows Media Player. Version 3, better known as DRM v10, was released in 2004. Earlier versions of the system have cracks available, meaning content restricted with these versions can have the protections stripped. Version 10 was cracked in early 2005, but a software update was shortly pushed which sealed the relevant hole.
Generally, these sorts of cracks have all worked in the same way to a certain extent. Rather than break the encryption itself, which is infeasible, they hook or interfere with the "black box" component as it runs to dump out the content keys or the unencrypted content from memory.
Content delivered with WMDRM encryption is not universally accessible. Microsoft Windows supports playback of content protected with WMDRM encryption, and the format has become popular with consumer electronics manufacturers, many of whom have licensed the WMDRM decode component for devices like television sets, set-top boxes and Blu-ray players.
The open network protocol for digital rights management, [MS-DRM] from the MCPP collection, stipulates that software developers have a right to implement the protocol outside the Microsoft's development tools and environment.
Tools have been created to strip files of Windows Media DRM, enabling them to be played on non-Janus platforms. These tools typically were developed with one specific Individualized Blackbox Component (IBX) version in mind and rarely work on a version they were not explicitly designed for. Microsoft in addition to upgrading the IBX whenever it was cracked, also pursued legal action against those who developed and hosted these tools, driving the development and distribution even further underground and fragmenting it. These tools can be split into three categories: decrypter, key-finder, and all-in-one (finds the keys and then decrypts). Microsoft has been more successful in squashing the development and distribution of the tools capable of key finding than those that decrypt encoding, as is apparent by the continual existence of the SourceForge project FreeMe2.
Microsoft responded in several ways. First, on August 28, 2006 Microsoft released a new version of the IBX to prevent this particular tool from working. Microsoft also informed partners that they were working to further resolve this issue, given that allegedly the fix was also circumvented within days. Microsoft also issued takedown notices to Web site owners distributing FairUse4WM. Finally, on September 22, 2006, Microsoft filed a federal lawsuit against John Does 1–10 a/k/a "viodentia", hoping to identify the person or persons responsible. However, the operator of the highest-ranked mirror of the utility, James Holden, denies having received any such notices or threats. Unable to find the identity of Viodentia, in April 2007 Microsoft dropped the civil suits they had filed.
By October 16, 2006, distributors using the Windows Media DRM protection, such as Sky Anytime, were using a patched codec. On September 6, 2007, Microsoft updated IBX to version 11.0.6000.7000, in an attempt to thwart circumvention efforts by variants of the original program. And, as of November 28, 2007, DRM Removal under Windows XP on new installs or updated computers (i.e. those that already contain IBX version 11.0.6000.7000), is not possible without rolling back to Windows Media Player 10. In 2008 another patched version of FairUse4WM was released, allowing it to work with Windows Vista, and IBX versions lower than 11.0.6000.6324. In a ploy to confuse the abusers or software tools, Microsoft revisited the controversial 11.0.6000.6324 version number, releasing a new IBX version, but giving the file a deceptive older version number.
DRMDBG is a key-finder, it extracts the keys by hooking an instance of Windows Media Player that it launches. There are several version available each targeting a specific version. The version released on March 3, 2009 supports IBX versions 11.0.6000.6324 and 11.0.6001.8000.
Mirakagi was one of the first key-finders; it is no longer in development.