How Apple’s FairPlay DRM works



March 7th, 2007

Fascinating article on how Apple's FairPlay DRM (the DRM scheme they use for iTunes) works.

Prior to buying content from the iTunes Store, a user has to create an account with Apple's servers and then authorize a PC or Mac running iTunes.
 
During authorization, iTunes creates a globally unique ID number for the computer it is running on, then sends it to Apple's servers, where it is assigned to the user's iTunes account. Five different machines can be authorized.

When a user buys a song from the iTunes Store, a user key is created for the purchased file. The AAC song itself is scrambled using a separate master key, which is then included into the protected AAC song file. The master key is locked using the user key, which is both held by iTunes and also sent to Apple’s servers.

But the system has weaknesses:

When a computer is deauthorized, it deletes its local set of user keys and requests Apple to remove the authorization from its records.
 
If the keys are backed up, users can deauthorize their systems, then restore the keys and authorize a new set of computers, resulting in more than five machines that can all play the existing purchased music.
 
However, any new music purchased on the newly authorized systems will create new keys, and the previously de-authorized machines will not be able to play the new purchases because they can't obtain the new keys.

Will Steven Jobs bin FairPlay?  I don't think so.

This entry was posted on Wednesday, March 7th, 2007 at 19:23 and is filed under PC Doctor's Useful Links. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.