09 January 2019
Google's Widevine is the most widely used digital rights management (DRM) platform on Android smartphones and tablets. It is available in different levels (L1, L2, and L3) and helps streaming services allow users to stream or download their favorite content while preventing piracy. And now, a security researcher David Buchanan has claimed to have cracked Widevine L3 DRM.
Buchanan made the claim via his Twitter profile where he mentioned that it took him only "a few evenings of work" to crack Widevine L3 successfully. It means he was able to get access to the L3-protected content, decrypt the same, and play it via any other media player available out there.
In his tweets, he did not go into much details regarding how he was able to get past the DRM protection. Although, he does mention that "Whitebox AES-128 implementation is vulnerable to the well-studied DFA attack, which can be used to recover the original key."
Soooo, after a few evenings of work, I've 100% broken Widevine L3 DRM. Their Whitebox AES-128 implementation is vulnerable to the well-studied DFA attack, which can be used to recover the original key. Then you can decrypt the MPEG-CENC streams with plain old ffmpeg...— Dаvіd Вucһаnаn (@David3141593) January 2, 2019
It is also unknown whether Buchanan already told Google about the exploit or not. But he did tweet that he does not see this as a bug but as a flaw in the DRM design. He suggested that even though it can be made more resistant to DFA attacks with the help of more obfuscation, it would result in slowing down of the performance.
It should be noted that even though Widevine L3 is used by almost all major streaming service providers like Netflix, Amazon Prime Video, Hulu, and Hotstar; it supports only sub-HD resolution videos. For streaming HD or higher resolution videos, these services make use of Widevine L1 DRM which is way more secure and harder to crack. Google or any of the service providers are yet to comment on the claim but we will keep you updated if they do.