2025-06-27 –, Grand Salon
DRM systems for content protection are ubiquitous nowadays. Neraly all subscription-based streaming providers mandate their use, and implementations can be found in both software (such as browsers and operating systems) and firmware (for devices like TVs, PC motherboards and graphics cards).
DRM implementations can be an intimidating target for reverse engineering. They tend to be well-protected by making use of obfuscation and whitebox cryptography, making it hard to understand the internal workings of the system, and harder yet to get hold of its cryptographic secrets. But is everything truly as it seems? In this talk, we'll explore how a series of operational security failures over the years have exposed detailed insights into systems like PlayReady and Widevine. We'll also uncover how, under the right conditions, obtaining hardware DRM keys may be easier than one might expect.
In specific, the talk will cover vulnerabilities and screw-ups in the following devices/platforms:
* DRM libraries on an ancient Android version
* An Android app embedding a vendor-customized DRM SDK
* A Smart TV platform utilizing ARM TrustZone
* Windows 10/11 software DRM implementation
* Intel Management Engine PAVP (Protected Audio Video Path)
The goal of the talk is not to convey in-depth details about any one system/exploit, but to present some ideas of approaching the topic of reversing DRM systems and to show that it is possible to get a handle on them even without an advanced background in cryptanalysis or exploitation.
By day, Hendi is a Senior Security Engineer at a German security vendor, focusing on malware analysis and dissecting binary data of all kinds.
By night, Hendi has taken an interest in reversing commercial software packers and uncovering DRM secrets.