Bypassing the integrity checking of rights objects in OMA DRM

A case study with the MelOn music service

Jusop Choi, William Aiken, Jungwoo Ryoo, Hyoungshick Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Commercial digital music is typically distributed in the music source market via Digital Rights Management systems (DRM). DRM systems help remotely control the music contents. The Open Mobile Alliance (OMA) DRM became the de facto standard after major market adoption because of its support for a wide variety of different business and usage models. In OMA DRM, a popular business model is a (monthly) subscription enforced by controlling the period of playback time; once the given period of time expires, the music cannot be played. In this paper, we demonstrate how to bypass the integrity checking of the rights object in the OMA DRM system through a case study of MelOn (a well-known music distribution service in South Korea) by reverse engineering its media player equipped with a DRM agent.

Original languageEnglish (US)
Title of host publicationACM IMCOM 2016
Subtitle of host publicationProceedings of the 10th International Conference on Ubiquitous Information Management and Communication
PublisherAssociation for Computing Machinery, Inc
ISBN (Electronic)9781450341424
DOIs
StatePublished - Jan 4 2016
Event10th International Conference on Ubiquitous Information Management and Communication, IMCOM 2016 - Danang, Viet Nam
Duration: Jan 4 2016Jan 6 2016

Publication series

NameACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication

Other

Other10th International Conference on Ubiquitous Information Management and Communication, IMCOM 2016
CountryViet Nam
CityDanang
Period1/4/161/6/16

Fingerprint

Reverse engineering
Industry

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems

Cite this

Choi, J., Aiken, W., Ryoo, J., & Kim, H. (2016). Bypassing the integrity checking of rights objects in OMA DRM: A case study with the MelOn music service. In ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication [a62] (ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication). Association for Computing Machinery, Inc. https://doi.org/10.1145/2857546.2857609
Choi, Jusop ; Aiken, William ; Ryoo, Jungwoo ; Kim, Hyoungshick. / Bypassing the integrity checking of rights objects in OMA DRM : A case study with the MelOn music service. ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication. Association for Computing Machinery, Inc, 2016. (ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication).
@inproceedings{2ec1b1061c844bd2813d339ef0d30bc9,
title = "Bypassing the integrity checking of rights objects in OMA DRM: A case study with the MelOn music service",
abstract = "Commercial digital music is typically distributed in the music source market via Digital Rights Management systems (DRM). DRM systems help remotely control the music contents. The Open Mobile Alliance (OMA) DRM became the de facto standard after major market adoption because of its support for a wide variety of different business and usage models. In OMA DRM, a popular business model is a (monthly) subscription enforced by controlling the period of playback time; once the given period of time expires, the music cannot be played. In this paper, we demonstrate how to bypass the integrity checking of the rights object in the OMA DRM system through a case study of MelOn (a well-known music distribution service in South Korea) by reverse engineering its media player equipped with a DRM agent.",
author = "Jusop Choi and William Aiken and Jungwoo Ryoo and Hyoungshick Kim",
year = "2016",
month = "1",
day = "4",
doi = "10.1145/2857546.2857609",
language = "English (US)",
series = "ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication",
publisher = "Association for Computing Machinery, Inc",
booktitle = "ACM IMCOM 2016",

}

Choi, J, Aiken, W, Ryoo, J & Kim, H 2016, Bypassing the integrity checking of rights objects in OMA DRM: A case study with the MelOn music service. in ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication., a62, ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication, Association for Computing Machinery, Inc, 10th International Conference on Ubiquitous Information Management and Communication, IMCOM 2016, Danang, Viet Nam, 1/4/16. https://doi.org/10.1145/2857546.2857609

Bypassing the integrity checking of rights objects in OMA DRM : A case study with the MelOn music service. / Choi, Jusop; Aiken, William; Ryoo, Jungwoo; Kim, Hyoungshick.

ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication. Association for Computing Machinery, Inc, 2016. a62 (ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Bypassing the integrity checking of rights objects in OMA DRM

T2 - A case study with the MelOn music service

AU - Choi, Jusop

AU - Aiken, William

AU - Ryoo, Jungwoo

AU - Kim, Hyoungshick

PY - 2016/1/4

Y1 - 2016/1/4

N2 - Commercial digital music is typically distributed in the music source market via Digital Rights Management systems (DRM). DRM systems help remotely control the music contents. The Open Mobile Alliance (OMA) DRM became the de facto standard after major market adoption because of its support for a wide variety of different business and usage models. In OMA DRM, a popular business model is a (monthly) subscription enforced by controlling the period of playback time; once the given period of time expires, the music cannot be played. In this paper, we demonstrate how to bypass the integrity checking of the rights object in the OMA DRM system through a case study of MelOn (a well-known music distribution service in South Korea) by reverse engineering its media player equipped with a DRM agent.

AB - Commercial digital music is typically distributed in the music source market via Digital Rights Management systems (DRM). DRM systems help remotely control the music contents. The Open Mobile Alliance (OMA) DRM became the de facto standard after major market adoption because of its support for a wide variety of different business and usage models. In OMA DRM, a popular business model is a (monthly) subscription enforced by controlling the period of playback time; once the given period of time expires, the music cannot be played. In this paper, we demonstrate how to bypass the integrity checking of the rights object in the OMA DRM system through a case study of MelOn (a well-known music distribution service in South Korea) by reverse engineering its media player equipped with a DRM agent.

UR - http://www.scopus.com/inward/record.url?scp=84965076190&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84965076190&partnerID=8YFLogxK

U2 - 10.1145/2857546.2857609

DO - 10.1145/2857546.2857609

M3 - Conference contribution

T3 - ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication

BT - ACM IMCOM 2016

PB - Association for Computing Machinery, Inc

ER -

Choi J, Aiken W, Ryoo J, Kim H. Bypassing the integrity checking of rights objects in OMA DRM: A case study with the MelOn music service. In ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication. Association for Computing Machinery, Inc. 2016. a62. (ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication). https://doi.org/10.1145/2857546.2857609