Techly NewsGet the app

Get the latest tech news

Microsoft PlayReady – Complete Client Identity Compromise


Full Disclosure mailing list archives Microsoft PlayReady - complete client identity compromise From: Security Explorations <contact () security-explorations com> Date: Thu, 9 May 2024 10:02:26 +0200 Hello All, We have come up with two attack scenarios that make it possible to extract private ECC keys used by a PlayReady client (Windows SW DRM scenario) for the communication with a license server and identity purposes. More specifically, we successfully demonstrated the extraction of the following keys: - private signing key used to digitally sign license requests issued by PlayReady client, - private encryption key used to decrypt license responses received by the client (decrypt license blobs carrying encrypted content keys).

From: Security Explorations <contact () security-explorations com> Date: Thu, 9 May 2024 10:02:26 +0200 By Date Microsoft PlayReady - complete client identity compromise Security Explorations (May 09)

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Microsoft

Microsoft

Photo of microsoft playready

microsoft playready

Related news:

News photo

Microsoft Buys More Carbon Credits in Brazil Reforestation Push

News photo

Microsoft says it needs games like Hi-Fi Rush the day after killing its studio

News photo

Microsoft's Perfect Dark reboot reportedly in "a very rough state" and a "big, protracted mess"

« Yellow raises $5M from A16z for Gen AI-powered 3D modeling tool
New AI Tools Predict How Life's Building Blocks Assemble »