Ebook Security With Adobe Adapt DRM

2050 words (8 pages) Essay

22nd Jun 2018 Computer Science Reference this

Disclaimer: This work has been submitted by a university student. This is not an example of the work produced by our Essay Writing Service. You can view samples of our professional work here.

Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UKEssays.com.

Abstract

EBooks can be secured in various ways dependant on device or format. The report focuses on the encryption method used by Adobe in their Adept DRM used to secure EPUB and PDF formats.

Get Help With Your Essay

If you need assistance with writing your essay, our professional essay writing service is here to help!

Find out more

The report describes what a DRM is and its uses and purposes within the industry, how Adobe have adapted this for their purpose, the RSA and AES encryptions used, along with any advancements and vulnerabilities with the process.

Recommendations are then given on how the process could be improved and conclusions drawn on the overall effectiveness of the system.

Table of Contents

2. Literature review

2.1 What is DRM

2.2 RSA with PKCS#1 v1.5 padding

2.2.1 PKCS #1

2.2.2 RSA

2.2.2.1 GENERATE A PUBLIC KEY AND PRIVATE KEY

2.2.3 Padding

2.3 AES in CBC mode with a random generated IV

 

4. Vulnerabilities

Security

Known attacks

Side-channel attacks

NIST/CSEC validation

Test vectors

5. Recommendations

6. Conclusion

7. References

 

2. Literature review

2.1 What is DRM?

Digital Rights Management or DRMs restrict the ability to print, modify, lend or use the extended features of purchased digital media specifically EBooks. Restriction levels are dependent on publishers, distributors, device and even time. These restrictions are also used to limit the number of E-Readers a book can be viewed on and time restrictions on features can be added. DRMs come in different forms, at present there are eight main types, excluding obscure formats or those used in non-English countries, and a large proportion of these are incompatible with each other. While there is no de-facto standard, Adobe DRM is the most prolific, although Amazon Kindle and Apple iBooks use proprietary DRMs.

The Adobe ADEPT DRM system has five key parts:

  1. Adobe Content server is responsible for the storage and management of EBooks.
  2. Adobe Activation Server is responsible for storing and tracking Adobe IDs and authorised devices.
  3. Adobe Content Server Message (ACSM) file carries the details of the book including name, synopsis and location.
  4. Adobe ID is the unique identification that is associated with the user. This is required to unlock the ACSM.

Adobe Reader Software Development Kit (SDK) is used for distributers to create their own mobile reading apps. (Jenny Ellis and Kyle Cook (2013))

The following process is used when a purchased EBook with an Adobe Adept DRM is opened with Adobe Digital Editions.

1. A unique user key is created for the user account encrypted with RSA with PKCS#1 v1.5 padding by the E-Reader software. The account information not the device is used to create the key therefore allowing an EBook with DRM to be read on various devices. This is required to open the ACSM file.

2. Once an EBook is purchased a key for decryption known as the book key or ACSM is sent to the user. This book key is encrypted by the distributor using the unique user key created in step one. The book encryption is AES with Cipher Block Chaining with an Initialization vector that is randomly generated.

3.T he E-Reader software uses the user key to decrypt the book key and subsequently the book key is used to decrypt the EBook and allow access to the device or software.

Copying is prevented by requiring the user key to decrypt the book key as it is not stored in a decrypted form on the device or software. To enable reading on another device it requires authorisation, once complete the user key is sent and the device is registered allowing EBook to be read on the newly enabled device. (Xiao Zhang 201)

DRM.jpgImage 01: The DRM Process

2.2 RSA with PKCS#1 v1.5 padding

RSA with Public Key Cryptography Standards (PKCS) #1 and padding is used to encrypt the unique user account key, below is a description of how each part works to protect the user identification and eBook.

2.2.1 PKCS #1

PKCS #1 is the first standard of mathematical recommendations and properties for the correct implementation of RSA public and private keys. The key pairs are based on a modulus of two distinct large prime numbers. (Weisstein 2015)

2.2.2 RSA

How RSA Encryption Works Image 02: How RSA Encryption Works (Page Don 2010)

In 1977 Ron Rivest, Adi Shamir and Leonard Adleman first described RSA public key or asymmetric cryptography. RSA uses two keys, one public one private that are mathematically linked. As the name suggests public keys can be shared with anyone whereas the private key must be kept secure. Either key can be used to encrypt the data and the opposite key is used to decrypt. RSA if implemented correctly can provide confidentiality, integrity and non-reputability of electronic communications and data storage. (Rouse 2014)

2.2.2.1 Generating Public and Private Keys

The first step to generating the public and private keys is two prime numbers. A prime number is a number greater 1 and is only divisible by 1 or itself. Examples of prime numbers are: 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41.

These two prime numbers p and q are multiplied together to give n and multiplied together minus one to give t.

For Example:

p = 29q= 31

n = p * q = 29 * 31 ∴ n = 899

t = ( p -1 ) * ( q – 1) = ( 29 – 1 ) * ( 31 – 1 ) ∴ t = 840

Another prime number e is required, although e needs to be a relative prime to t, therefore t cannot be divisible by e.

Since t = 840, e cannot be 2, 3, 5 or 7 ∴ e can be 11, 13, 17 etc. 11 was selected as it was the first relative prime to t. ∴ e = 11.

The last figure required for the calculations is d. The formula used to ascertain d is:

d * e = 1 mod t (d * 11) / 840 will result in the remainder of 1. To find d the inverse of e mod t is required and is often computed using the Extended Euclidean Algorithm.

( 611* 11) / 840 = 8 r 1 ∴ d = 611.

The public key is n and e ∴ 899 and 11.

The private key is n and d ∴ 899 and 611.

(Page Don 2010)

 

2.3 AES in CBC mode with a random generated IV

AES with Cipher Block Chaining with an Initialization vector that is randomly generated is used to encrypt the book key or ACSM, below is a description of how each part works to protect the eBook to prevent unauthorised use.

Find out how UKEssays.com can help you!

Our academic experts are ready and waiting to assist with any writing project you may have. From simple essay plans, through to full dissertations, you can guarantee we have a service perfectly matched to your needs.

View our services

 

3. Vulnerabilities

On paper, this encryption scheme ensures a strong DRM mechanism. However, it was soon observed that the software used to read ePubs and PDFs, Adobe Digital Editions, uses a very weak obfuscation to hide the per-user key. An attack that uses reverse-engineering on the software reveals a rather easy method of retrieving the per-user key from the software and use it to decrypt other Adept encrypted PDF or ePub file. Newer versions of the Adobe Digital Editions use more cryptic ways of hiding the per-user key, but attacks still exist to retrieve it from the registry

4. Recommendations

Adobe Digital Editions, uses a very weak obfuscation to hide the per-user key. An attack that uses reverse-engineering on the software reveals a rather easy method of retrieving the per-user key from the software and use it to decrypt other Adept encrypted PDF or ePub file. Newer versions of the Adobe Digital Editions use more cryptic ways of hiding the per-user key, but attacks still exist to retrieve it from the registry for better useable security and privacy

Write with the knowledge you have gained during the lectures and also sensible intuition about improvements that can be made to ensure better security and

privacy of all involved state holders.

 You are not asked to provide workable solutions

there should be no limit to your imagination; however with sensible intuition.

You can discuss systems, frameworks, protocols, tools, best practices, government regulations etc.

5. Conclusion

highlight important facts and findings.

6. References

http://www.inthelibrarywiththeleadpipe.org/2013/building-a-community-of-readers-social-reading-and-an-aggregated-ebook-reading-app-for-libraries/

http://www.cse.wustl.edu/~jain/cse571-11/ftp/drm/#sec2.3.1

E-Book Security and Preventing Theft and Unauthorised Editing

http://inkwelleditorial.com/prevent-ebook-theft

http://ebookforum.info/how-can-i-stop-theft-of-my-ebook/

http://www.star-force.com/press/articles/?news=2562

DRM

http://ebookarchitects.com/learn-about-ebooks/drm/

https://www.editionguard.com/

Abstract

EBooks can be secured in various ways dependant on device or format. The report focuses on the encryption method used by Adobe in their Adept DRM used to secure EPUB and PDF formats.

The report describes what a DRM is and its uses and purposes within the industry, how Adobe have adapted this for their purpose, the RSA and AES encryptions used, along with any advancements and vulnerabilities with the process.

Recommendations are then given on how the process could be improved and conclusions drawn on the overall effectiveness of the system.

Table of Contents

2. Literature review

2.1 What is DRM

2.2 RSA with PKCS#1 v1.5 padding

2.2.1 PKCS #1

2.2.2 RSA

2.2.2.1 GENERATE A PUBLIC KEY AND PRIVATE KEY

2.2.3 Padding

2.3 AES in CBC mode with a random generated IV

 

4. Vulnerabilities

Security

Known attacks

Side-channel attacks

NIST/CSEC validation

Test vectors

5. Recommendations

6. Conclusion

7. References

 

2. Literature review

2.1 What is DRM?

Digital Rights Management or DRMs restrict the ability to print, modify, lend or use the extended features of purchased digital media specifically EBooks. Restriction levels are dependent on publishers, distributors, device and even time. These restrictions are also used to limit the number of E-Readers a book can be viewed on and time restrictions on features can be added. DRMs come in different forms, at present there are eight main types, excluding obscure formats or those used in non-English countries, and a large proportion of these are incompatible with each other. While there is no de-facto standard, Adobe DRM is the most prolific, although Amazon Kindle and Apple iBooks use proprietary DRMs.

The Adobe ADEPT DRM system has five key parts:

  1. Adobe Content server is responsible for the storage and management of EBooks.
  2. Adobe Activation Server is responsible for storing and tracking Adobe IDs and authorised devices.
  3. Adobe Content Server Message (ACSM) file carries the details of the book including name, synopsis and location.
  4. Adobe ID is the unique identification that is associated with the user. This is required to unlock the ACSM.

Adobe Reader Software Development Kit (SDK) is used for distributers to create their own mobile reading apps. (Jenny Ellis and Kyle Cook (2013))

The following process is used when a purchased EBook with an Adobe Adept DRM is opened with Adobe Digital Editions.

1. A unique user key is created for the user account encrypted with RSA with PKCS#1 v1.5 padding by the E-Reader software. The account information not the device is used to create the key therefore allowing an EBook with DRM to be read on various devices. This is required to open the ACSM file.

2. Once an EBook is purchased a key for decryption known as the book key or ACSM is sent to the user. This book key is encrypted by the distributor using the unique user key created in step one. The book encryption is AES with Cipher Block Chaining with an Initialization vector that is randomly generated.

3.T he E-Reader software uses the user key to decrypt the book key and subsequently the book key is used to decrypt the EBook and allow access to the device or software.

Copying is prevented by requiring the user key to decrypt the book key as it is not stored in a decrypted form on the device or software. To enable reading on another device it requires authorisation, once complete the user key is sent and the device is registered allowing EBook to be read on the newly enabled device. (Xiao Zhang 201)

DRM.jpgImage 01: The DRM Process

2.2 RSA with PKCS#1 v1.5 padding

RSA with Public Key Cryptography Standards (PKCS) #1 and padding is used to encrypt the unique user account key, below is a description of how each part works to protect the user identification and eBook.

2.2.1 PKCS #1

PKCS #1 is the first standard of mathematical recommendations and properties for the correct implementation of RSA public and private keys. The key pairs are based on a modulus of two distinct large prime numbers. (Weisstein 2015)

2.2.2 RSA

How RSA Encryption Works Image 02: How RSA Encryption Works (Page Don 2010)

In 1977 Ron Rivest, Adi Shamir and Leonard Adleman first described RSA public key or asymmetric cryptography. RSA uses two keys, one public one private that are mathematically linked. As the name suggests public keys can be shared with anyone whereas the private key must be kept secure. Either key can be used to encrypt the data and the opposite key is used to decrypt. RSA if implemented correctly can provide confidentiality, integrity and non-reputability of electronic communications and data storage. (Rouse 2014)

2.2.2.1 Generating Public and Private Keys

The first step to generating the public and private keys is two prime numbers. A prime number is a number greater 1 and is only divisible by 1 or itself. Examples of prime numbers are: 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41.

These two prime numbers p and q are multiplied together to give n and multiplied together minus one to give t.

For Example:

p = 29q= 31

n = p * q = 29 * 31 ∴ n = 899

t = ( p -1 ) * ( q – 1) = ( 29 – 1 ) * ( 31 – 1 ) ∴ t = 840

Another prime number e is required, although e needs to be a relative prime to t, therefore t cannot be divisible by e.

Since t = 840, e cannot be 2, 3, 5 or 7 ∴ e can be 11, 13, 17 etc. 11 was selected as it was the first relative prime to t. ∴ e = 11.

The last figure required for the calculations is d. The formula used to ascertain d is:

d * e = 1 mod t (d * 11) / 840 will result in the remainder of 1. To find d the inverse of e mod t is required and is often computed using the Extended Euclidean Algorithm.

( 611* 11) / 840 = 8 r 1 ∴ d = 611.

The public key is n and e ∴ 899 and 11.

The private key is n and d ∴ 899 and 611.

(Page Don 2010)

 

2.3 AES in CBC mode with a random generated IV

AES with Cipher Block Chaining with an Initialization vector that is randomly generated is used to encrypt the book key or ACSM, below is a description of how each part works to protect the eBook to prevent unauthorised use.

 

3. Vulnerabilities

On paper, this encryption scheme ensures a strong DRM mechanism. However, it was soon observed that the software used to read ePubs and PDFs, Adobe Digital Editions, uses a very weak obfuscation to hide the per-user key. An attack that uses reverse-engineering on the software reveals a rather easy method of retrieving the per-user key from the software and use it to decrypt other Adept encrypted PDF or ePub file. Newer versions of the Adobe Digital Editions use more cryptic ways of hiding the per-user key, but attacks still exist to retrieve it from the registry

4. Recommendations

Adobe Digital Editions, uses a very weak obfuscation to hide the per-user key. An attack that uses reverse-engineering on the software reveals a rather easy method of retrieving the per-user key from the software and use it to decrypt other Adept encrypted PDF or ePub file. Newer versions of the Adobe Digital Editions use more cryptic ways of hiding the per-user key, but attacks still exist to retrieve it from the registry for better useable security and privacy

Write with the knowledge you have gained during the lectures and also sensible intuition about improvements that can be made to ensure better security and

privacy of all involved state holders.

 You are not asked to provide workable solutions

there should be no limit to your imagination; however with sensible intuition.

You can discuss systems, frameworks, protocols, tools, best practices, government regulations etc.

5. Conclusion

highlight important facts and findings.

6. References

http://www.inthelibrarywiththeleadpipe.org/2013/building-a-community-of-readers-social-reading-and-an-aggregated-ebook-reading-app-for-libraries/

http://www.cse.wustl.edu/~jain/cse571-11/ftp/drm/#sec2.3.1

E-Book Security and Preventing Theft and Unauthorised Editing

http://inkwelleditorial.com/prevent-ebook-theft

http://ebookforum.info/how-can-i-stop-theft-of-my-ebook/

http://www.star-force.com/press/articles/?news=2562

DRM

http://ebookarchitects.com/learn-about-ebooks/drm/

https://www.editionguard.com/

Cite This Work

To export a reference to this article please select a referencing stye below:

Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.

Related Services

View all

DMCA / Removal Request

If you are the original writer of this essay and no longer wish to have your work published on the UKDiss.com website then please: