lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1217050955.20020730183748@elcomsoft.com>
From: vkatalov at elcomsoft.com (vkatalov@...omsoft.com)
Subject: Vulnerability: protected Adobe eBooks can be copied between computers

-----BEGIN PGP SIGNED MESSAGE-----
Hash: MD5


                Product Vulnerability Reporting Form

SUMMARY
===============================================================================

Adobe Content Server (now in use by more than 300 online retail sites) enables
the distribution of eBooks and electronic documents from any Web site as PDF
files with complete Digital Rights Management (DRM). To prevent unauthorized
reading or copying of eBooks, the Acrobat eBook Reader (client software for
reading eBooks) does not allow to read the same eBooks from more than one
computer or to copy eBook and data files from one computer to another. However,
there are a few defects in the implementation of this protection in Acrobat
eBook Reader, so eBooks can be still copied across different computers.


CONTACT INFORMATION
===============================================================================

 Name                   : ElcomSoft Co.Ltd.
 E-mail                 : info@...omsoft.com
 Phone / fax            : +7 095 216-7937
                          +1 866 448-2703 (fax; US, toll-free)
 Affiliation and address: 2-171 generala Antonova st.
                          Moscow 117279
                          Russia


Vendor (Adobe has been notifed about this vulnerability at July 23,
2002, but have hot replied.


TECHNICAL INFO
===============================================================================

Description of the vulnerability.
- --------------------------------

  Adobe Content Server (http://www.adobe.com/products/contentserver/) makes it
  easy for you to sell electronic books (eBooks) securely online. Adobe Content
  Server packages and protects eBooks and distributes them in PDF format
  directly from any Web site. Anyone with the free Adobe Acrobat eBook Reader
  (http://www.adobe.com/products/ebookreader/) can purchase your content with
  ease. When the file is encrypted, special master voucher for its distribution
  is being created. The master voucher is a separate, XML-based file that
  contains an encrypted key to the eBook and the set of privileges that
  accompany it. When a customer purchases an Adobe PDF eBook directly from an
  e-commerce site, it's automatically downloaded into the customer's personal
  Acrobat eBook Reader library for immediate viewing. Acrobat eBook Reader
  unlocks the encrypted key that came with the eBook and its master voucher.
  Now the eBook is tied to the customer's Acrobat eBook Reader and can't be
  transmitted elsewhere (by design) -- every other copy of the Reader uses
  another (unique) encryption keys, so eBook purchased from one computer
  cannot be open on other computers.

  On January 29, Adobe representative (Mr. Thomas R. D?az, the Senior
  Engineering Manager for eBook Development Group at Adobe Systems Incorporated),
  advised that it is possible to back up collection of eBooks from one computer
  and restore them to a different machine by making use of a back up feature
  built into the Adobe eBook Reader (note: this process operates successfully on
  your entire library of Adobe eBook Reader files regardless of where you
  obtained them from and does not require you to consult with the ebookstore
  that you purchased from):

  Backing Up Adobe Acrobat eBook Reader eBooks
  http://www.planetebook.com/mainpage.asp?webpageid=279

  1. Make a copy of the 'Data' folder (including 'Vouchers' subfolder)
  2. Install Adobe eBook Reader on another machine
  3. Restore the 'Data' folder over the corresponding 'Data' folder in your
     freshly installed Adobe Acrobat eBook Reader
  4. Open Adobe Acrobat eBook Reader and attempt to open one of the eBooks.
     You will receive the following message:

     Update Reader

     Voucher Update Required (Version 2.2 Build 203)

     You will not be able to read your eBooks until you update you
     installation of Acrobat eBook Reader. Please contact Adobe Systems
     Customer Support at http://www.adobe.com/suport/[...] for assistance
     in completing this update.

     Challenge: E7P6 4K2D 7MU3 VUDT

  5. Ring Adobe, quoting the Challenge code, then receive an Activation code.
  6. eBooks can now be reopened.

  However, activation code can be easily obtained for any given Challenge
  without calling Adobe. Here is how Adobe Acrobat eBook Reader verifies the
  Activation code:

  1. The 'Challenge' is being encrypted using popular symmetric block cipher;
     the encryption key (actually, there are two keys: one in Reader 2.1 and
     older, and another in Reader 2.2) is constant and stored inside the
     Adobe eBook Reader executable.
  2. Encrypted 'Challenge' is being hashed using another popular algorithm.
  3. First 10 bytes of the hash value (converted from binary to text using
     MIME-like encoding) is the proper Activation code -- the Reader just
     compares it with the one entered to the Reader.

  The details (the names of the ciphers, and the encryption keys) are not
  provided here for security reasons.


The impact of this vulnerability.
- --------------------------------

  Even using standard method (by calling Adobe to receive proper Activation
  code), anybody can create illegal copies of "protected" Adobe eBooks. But
  even worse, any person with a basic knowledge of crypto algorithms can
  write a program to generate an Acivation code from the Challenge, so
  eliminating 'calling Adobe' step completely.


Workarounds and/or fixes.
- ------------------------

  No ones available at the moment. But to implement reliable and
  secure challenge-response scheme, it is not enough just to "use
  sophisticated, industry-standard levels of software encryption" - it
  is necessary to use them *properly*.

  The Activation code should be calculated at Adobe using asymmetric
  algorithm like RSA (with a private key, known only to Adobe), while
  the Reader should decrypt it using public key, and compare the
  result with the Challenge. So the Reader itself will not contain
  enough information needed to make proper Activation code from the
  Challenge.

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQEVAwUAPUahxYavf/iY3ldlAQHSrwf+P03PyNVgX0058T7or+YybkpSzLEva1N3
ykyV3vqad4aB1t7XNY3EnQs4OXqOL0XdZrnHPYnxCpUsZU3ztI9YOmnHc/bGy4wc
TFdK7mURtReUmbTGGP9hWcO/ELsyeYFEFFT+YAEgF1yHWTnD5gnq13LVUv+6bI0D
uf0hrv29KWx6hhuoERFFhX9a7/4Iei8Wul3iiCnhowgroZ2O4RYEnMWWrqAG+uaR
uggxqieMv/ikmLhXGsWlNvbTYNtYdLF3wjJQU4NK70N1qMgbc/BAJvc/2qnOGYaQ
y4S8/DUcWPWIMiDx3xh60vcenvd42nDMAjX4nuRUwA3PMo/8Ya1ERQ==
=o0fC
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ