Posted by Security Explorations on May 09
Hello All,
We have come up with two attack scenarios that make it possible to
extract private ECC keys used by a PlayReady client (Windows SW DRM
scenario) for the communication with a license server and identity
purposes.
More specifically, we successfully demonstrated the extraction of the
following keys:
- private signing key used to digitally sign license requests issued
by PlayReady client,
- private encryption key used to decrypt license...