The "client" whose "identity" is abused here is not an end user. A "client" in this context is a program or library that talks to the license servers and receives the content decryption keys. On my Windows machine I see a "Windows.Media.Protection.PlayReady.dll", which I guess is the client that they cracked. Maybe there are also other clients that are widely accepted by license servers.
The attack essentially means that they could write a program themselves that acts as "Windows.Media.Protection.PlayReady.dll" to get decryption keys from a server. What will happen now is that Microsoft will deprecate the client and release a new one with new obfuscation and new keys. The license servers will start rejecting the old cracked client. And then people will crack the new client. And the cycle continues.
> The "client" whose "identity" is abused here is not an end user. A
"client" in this context is a program or library that talks to the
license servers and receives
Thanks for the clarification.
Otherwise people would be worried about being targeted and having
"personal" keys tied to a financial account or online identity getting
sold and used by others to access arbitary content.
This seems kinda good news for concerned users, but even worse news
for Microsoft.
Does PlayReady now require a secure enclave/TPM on your PC? Otherwise as you say, the only thing protecting the keys is obfuscation. This has been the same way all the way back to the first Microsoft DRMv1 in 1998 (?).
The decryption keys have to be stored on your device so you can play your media or your game. So, the level of encryption is totally moot. The level of obfuscation is all that really protects the content.
With PlayReady, as with any other DRM scheme really, there are different tiers. There is SL2000, which is done completely in software (whitebox crypto), and there is SL3000, which does require a TEE. Which tier is requried for which type of content is driven by streaming provider or studio requirements. I think it is pretty common to allow content up to 1080p to be used with whitebox crypto, whereas 4k+ content will require hardware DRM.
The attack essentially means that they could write a program themselves that acts as "Windows.Media.Protection.PlayReady.dll" to get decryption keys from a server. What will happen now is that Microsoft will deprecate the client and release a new one with new obfuscation and new keys. The license servers will start rejecting the old cracked client. And then people will crack the new client. And the cycle continues.