Microsoft PlayReady

General info

In a result of its research investigation efforts, Security Explorations, a research lab of AG Security Research company, conducted analysis of Microsoft PlayReady content protection technology in the environment of CANAL+ SAT TV operator.

This section of our website presents initial information regarding the project.

Microsoft PlayReady description (and vendor's claims)

"Microsoft PlayReady content access and protection technology is a set of technologies that can be used to distribute audio/video content more securely over a network, and help prevent the unauthorized use of this content."

"It is the Widest Deployed Content Protection Technology in the World."

"The development of Microsoft PlayReady is the culmination of over 14 years of research and development, with significant patent portfolio and a large R&D investment in content protection technology" (source)

"Since 1999, Microsoft PlayReady Content Protection has been the most trusted DRM technology by studios and content owners" (source)

Demonstration movies

  • "License acqusition, movie download and decryption (allowed access to kids movie)", MP4 movie file, 30MB

  • "License acqusition, movie download and decryption (unauthorized access to HBO asset)", MP4 movie file, 18MB

  • "Complete CANAL+ STB compromise and Microsoft PlayReady secrets theft (box patch from Mar 2022, OTA FW from Jan 2022, vulnerabilities from 2019)", MP4 movie file, 31MB

  • "Automatic license server crawling (unauthorized access to HBO and PREMIERY VOD+ assets)", MP4 movie file, 11MB

Notes

    Microsoft Security Response Center (MSRC) has been notified and provided with full access to research material for evaluation purposes (communication from Jul 20, 2022 till 11 Aug, 2022). MSRC closed the case on the basis that "this is not a server-side compromise".

    Microsoft PlayReady team initiated contact on Oct 07, 2022. Team representative explained that PlayReady does not supply authentication technology to ensure that a given client has access to the PlayReady License Server, it is the responsibility of the service provider to implement this. In that context, the overall attack exposes both a significant PlayReady limitation and a fault at CANAL+ end (no server side auth checks, no watermarking in place, no license server syncing with CDN, etc.).

    By using the research material as a reference, PlayReady team was able to confirm that a security incident below its robustness bar appeared to be present (violation of PlayReady Compliance and/or Robustness Rules).

    Microsoft agreed that PlayReady group certificate used by CANAL+ STB should be considered as compromised (see APPENDIX C of 2019 reseach report for further information). The company decided not to revoke it immediately as a response to the breach. This will be likely done when the STB manufacturer (Advanced Digital Broadcast) fixes the compromise. Company's rationale for this is no implication that a large amount of real-world piracy is occurring and/or no strong pressure from content owners/providers. It is not clear on what basis "little piracy" is concluded as the breach has been available / not fixed for 4+ years and there has not been any watermarking in place (a possibility that content from CANAL+ VOD library has been silently acquired over time cannot be excluded).

    We hope this research:

  • triggers further work at Microsoft and others in order to make PlayReady compromise more challenging, especially that we haven't explored all of the ideas we had on the topic
  • helps PlayReady licensees get a better understanding of Microsoft DRM technology operation and its limitations
  • provides potentially valuable contribution to the field of PayTV security and content protection

Disclosure

    Over the course of a communication with Microsoft on the topic of disclosure, the company agreed that disclosure of this vulnerability is right and proper and helps others avoid it. According to the company, it should be disclosed after resolution.

    We truly appreciate Microsoft stance on the topic - it goes along our initial plan, it also clears some doubts at our end (to disclose or not, to what extent, with whom, etc.).

    Partial disclosure (without the release of source codes for MSPR toolkit, reverse engineering helpers and logs for MSPR operation and PlayReady / STB SSL / device root key secrets in particular) took place on Dec 10, 2022. Non-functional (without any secrets / credentials) source codes were released on May 06, 2024.

PlayReady client certifications / evaluations

    According to Canal+ security referential, DRM [Content Protection System] Client software security testing must be certified by the Agence Nationale pour la Securite des Systemes d'Information (ANSSI), using the methodology of the Certification Securite de Premier Niveau (CSPN).

    Microsoft does not seem to conduct security evaluations / certifications of PlayReady licensees' client environments. The company stated that it is simply infeasible for Microsoft to track and handle the complexities of authentication with several hundred service provider licensees.

Affected platforms and fixing status

    According to Microsoft, the PlayReady Server SDK has several hundred service provider licensees. While Microsoft claims the issue is not a bug, PlayReady licensees might be at risk to the demonstrated content theft whenever PlayReady client compromise occurs. This is due the nature of the attack.

    CANAL+, both in France and Poland were notified of the research. CANAL+ France stated that it analyzed the videos, understands the issues and will work on it (Aug 18, 2022).

    It is not clear whether the company has a full understanding of the issues affecting their platform (MS PlayReady, STBs, CDN, license server and user's security) as the company hasn't asked for access to the research material (offered for free and completely unconditionally), nor provided an e-mail address along PGP key where it could be sent (see last message sent to CANAL+ CSO and the paragraph below about CANAL+ buying pirates' mechanisms in that context).

    As of Aug 13, 2024, CANAL+ in Poland is affected (piracy of assets from CANAL+ VOD library consisting of 18k+ movies is possible - tests conducted for PREMIERY VOD+, CANAL+ Premium and HBO movies).

    Sample automatically generated test result conducted 2 years following Microsoft and CANAL+ notification for several randomly selected movies from "not allowed" collections and a fake STB identity can be checked below.

    Starting from Aug 17, 2024, the automatic test makes use of a Windows PlayReady client certificate issued for / associated in Windows CDM with arbitrary VOD service such as Amazon Prime Video (Amazon Prime identity used for CANAL+ VOD content access, additional illustration of attack #5).

    Per information received from Microsoft (Nov 18, 2022), the STB manufacturer commited to mitigate the incident.

    Regardless of "no bug" at PlayReady end claim, Microsoft could be involved in the development of the mitigation for CANAL+ and other PlayReady licensees ("we expect to be finished with the mitigation in March of 2023" line received on Dec 1, 2022 from the company).

CANAL+ buying pirates' mechanisms

    In a webinar discussing CANAL+ Group and NAGRA's fight with piracy, CANAL+ CSO revealed that in some cases her company "could buy the pirates' mechanisms in order to understand the technology...behind pirates' services" (28min:20sec of this YouTube video, original available at IBC website).

    It's worth to note that CANAL+ has never been interested to listen to or talk to us over our findings affecting security of content, company devices or services. It looks the company doesn't mind to "reward" pirates' work though.

A fix (sort of)

    In Oct 2023, some media outlets reported that CANAL+ VOD service has been already permanently shut down (turned off) for some of its STB devices (ADB ITI-2851S, Sagemcom DSI83 / DSI87) and that it will also affect Sagemcom DSIW74 device in Nov 2023. Similar shutdown of CANAL+ VOD service was apparently planned in the future for ADB ITI-5720SX, ADB ITI-3740SX and ADB NCP-4740SF STBs.

    According to the news reports, the basis for the permanent VOD service shutdown across CANAL+ STB devices was "the work at CANAL+ end aimed at the improvement of the security of content on its devices".

    It looks CANAL+ decided to implement the "fix" for insecure content at its end through a complete shut down of the insecure VOD service and change of STB devices. It is worth to note that it took place 1.5 year for CANAL+ to "figure out" / "deploy" the fix, which is still not complete as of Aug 13, 2024 and according to the content security check above.

    On Aug 12, 2024, license acquisition with the use of a compromised device certificate stopped working in the environment of CANAL+. A check conducted around 6:36 PM on that day indicated (by the means of a license server error message) that the compromised device certificate has been finally revoked. This was observed for both original and fake certificate chains (device identities).

    Compromised device certificate revocation hasn't addressed the core of the issue though (no client auth at PlayReady license server end). It took us less than an hour to change the code of our POC (PlayReady Toolkit) in order to make it work again, successfully obtain licenses for content and download arbitrary movies from CANAL+ VOD. We exploited the architectural / design issue of PlayReady (attack #5) for that purpose.

    It's worth to note that we received information from an external 3rd party indicating that "every content provider that bought the playready license server code and deployed it can just bypass the official list and even revoke certs that are valid in the official list like the major vod".

    If the above is true, compromised STB certificate could have been revoked by CANAL+ at any time over the recent 2 years (the power to do so wasn't solely at Microsoft end).

    On Sep 14 and 15, 2024, we observed that CDN in use by CANAL+ VOD service stopped serving ISM Manifest files (HTTP Error 503). Additionally, the proxy license server associated with CANAL+ VOD library for STB devices stopped responding (Sep 19, 2024). It is not clear though if this behaviour is a manifestation of an outage or fix implementation (through service shutdown) at CANAL+ end.

PlayReady on Windows

    More information about security of PlayReady implementation on Windows platform can be found at our project page dedicated to Microsoft Warbird and PMP.

Potential impact of PlayReady license agreements

    Taking into account sample content of Microsoft PlayReady Server agreement, CANAL+ or any other PlayReady licensee might not be able to:

  • discuss any PlayReady related matters with a 3rd party (no response from CANAL+ might have its origin in legal agreements / NDAs signed, not necessarrily company's ignorance to security matters)
  • develop a fix / mitigation for PlayReady vulnerabilities (Microsoft responsibility)
  • conduct an in-depth investigation of PlayReady security (no reverse engineering allowed, etc.)
  • improve PlayReady security (no custom changes to PlayReady protocol, licensing mechanism allowed, etc.). Sample ideas illustrating such possible PlayReady security improvements are described in a document available on the project details page.
  • The licensing implicates Microsoft's ownership and responsibility for any changes to PlayReady. That alone may prohibit any customizations / developments by licensees aimed at improving security of content (such as the use of HW security features present in a target environment, but not supported by PlayReady).

    The licensing also implicates that any updates to PlayReady are at the sole discretion of Microsoft (it is up to Microsoft to fix issues, improve security or implement support for various HW security features present in target STB environments such as SCK key of STMicroelectronics chipsets).

Azure Media Services (AMS) retirement

    In Oct 2022, in an e-mail exchange with Microsoft, the company indicated that Azure Media Services as an E2E solution is free of the exposed PlayReady limitation:

    "if customers want a full end-to-end secure system provided by Microsoft, they can use Microsoft Azure Media Services (AMS), which is built on top of PlayReady. It does provide an E2E solution, including authorization, authentication, CDN support, etc. However, the several hundred content providers who are licensees of the PlayReady Server SDK choose to implement their own E2E solution using the PlayReady Server SDK without taking advantage of AMS, i.e. they’ve chosen not to use Microsoft-provided authentication. For such customers, you are correct – if they fail to correctly implement authentication themselves, then a client-side secret theft is game over."

    As part of our response, we pointed out to Microsoft that the E2E advantage of AMS over PlayReady didn't matter:

    "the research was about PlayReady, not AMS...several hundred content providers who are licensees of the PlayReady Server SDK choose to implement their own E2E solution using PlayReady Server SDK without taking advantage of AMS."

    It is worth to note that in July 2023, Microsoft announced that Azure Media Services is being retired and will not be supported after 30 June 2024. As a result, the core services will disappear with AMS such as content protection workflows.

    AMS retirement makes its security features (and Microsoft argument emphasizing AMS advantages over PlayReady) not relevant for the demonstrated attack.

Questions pending answer from Microsoft

    We wanted to learn from Microsoft whether the company considers PlayReady to be providing any security of content in the context of a demonstrated STB compromise, if the company can still support the claim that PlayReady can be used to "help prevent the unauthorized use of content", if there are any legal obstacles that prohibit CANAL+ to discuss any PlayReady related matters with 3rd parties and whether Microsoft took any action aimed at making PlayReady hacking more challenging.

    We haven't received a response to these and some other questions.

Sygnal Organization and AAPA inquiries

    Below, a copy of an inquiry note sent to Sygnal Organization (fighting illegal distribution of a TV signal, audio, music and video content among others) is provided asking for an official statement of the organization in the context of CANAL+ (its core member) serving premium PayTV content with the use of insecure technological means (likely known to CANAL+ since 2019 or at the time of STB / PlayReady technology choice and ignored / not addressed since then).

  • Sygnal Organization inquiry from Nov 02, 2022 (download)
  • As of Dec 08, 2022, Sygnal hasn't provided any statement (the only response received referred us to CANAL+ regarding any topics concerning the offer or technologies implementing security of content).

    An inquiry of a similar nature was also sent to AudioVisual Anti-Piracy Alliance (AAPA) representing companies involved in the provision of protected audiovisual services, security technology for such services, and the manufacturing of products which facilitate the delivery of such services. AAPA's mission is to lead fight with audiovisual piracy across Europe and the Middle East.

  • AAPA inquiry from Jan 14, 2023 (download)
  • As a response to the inquiry note, AAPA informed that AAPA doesn't discuss any matter relating to its member with a third party (Jan 16, 2023).

Details

The following technical materials are available with respect to the security analysis conducted for Microsoft PlayReady content protection technology in the environment of CANAL+ SAT TV operator.

DISCLAIMER

Proof of Concept Codes below are provided purely for educational purposes only. It is expressly forbidden to use them for any purposes that would violate any domestic or international laws. If you do not agree with this policy, please leave this page.

Materials

  • "Microsoft PlayReady toolkit" - ZIP file, 407KB (download), accompanying README.md
    standalone toolkit working independently of the compromised STB device, making it possible to generate fake client device identity, acquire license and content keys for encrypted A/V asset fragments from PlayReady license server, download and decrypt these assets, inspect their content if needed and combine them into single, ready to play or distribute, plaintext MPEG-4 files. The toolkit comes with a brief technical document describing results of the analysis along the reverse engineering approach taken to Microsoft PlayReady compromise, some reverse engineering logs and a code verifying crypto params used by compromised devices.
  • "CANAL+ STB exploit" - 1180KB source code
    improved version of the 2019 code with Microsoft PlayReady support (secrets theft, reverse engineering capabilities and root device key access), Multiroom and CANAL+ VOD bypass.

Additional materials

As in the case of our original idea from 2017 for a rougue subscriber detection / deactivation at content distribution level (public sources such as [1] and [2] indicate that it might be used by some companies / vendors for commercial purposes*), below several security improvement ideas mentioned in a document accompanying our PlayReady research are described in a more detail:

  • "Ideas for Microsoft PlayReady security improvements", PDF file, 1143KB (download)

(*) we inquired Nagra / Kudelski (PayTV / CAS security provider), Telefonica (the owner of Movistar [1]) and Cyfrowy Polsat (the owner of Polsat [2]) about it, but none of the companies responded (none clearly denied the use of our know-how / IP for commercial purposes)

References: