Digital Rights Management (DRM) technology is used to control access to copyrighted digital content. Apple employs a DRM system known as Fairplay in its iTunes online music store. Users communicate with the centralized iTunes server to download, purchase, play, and preview digital content. The iTunes music store has the potential disadvantage of a bandwidth bottleneck at the centralized server. Furthermore, this bandwidth bottleneck problem will escalate with increasing popularity of online music and other digital media, such as video. In this chapter, we analyze the Fairplay DRM system. We then consider a modified architecture that can be employed over existing peer-to-peer (P2P) networks. Our new system, P2PTunes, is designed to provide the benefits of a decentralized P2P network while providing DRM content protection that is at least as strong as that found in Fairplay.
The success of the Apple iPod and associated iTunes music store has made Apple, Inc., a dominant company in both the online media distribution business and the digital media player market (Chandak 2005). The iPod is a portable digital media player which supports the Advanced Audio Coding (AAC), the Moving Pictures Experts Group (MPEG-1) Audio Layer-3 (MP3), Waveform Audio (WAV), and Audible formats (Apple 2006). The iTunes online store allows users to purchase digital media content. A proprietary software application—also known as iTunes—is used to connect to the iTunes online store to download digital content. The iTunes software is used to manage play lists among computers and iPods, and to play digital content on Windows computers, Macintosh computers, and the iPod.
Fairplay is a digital right management (DRM) technology used to protect digital content purchased from the iTunes online store. As with most DRM systems, the purpose of Fairplay is to place restrictions on the uses of copyrighted content.
For DRM, the required level of protection is much different than in most typical security applications. Many security applications simply require that data be securely transmitted from point-to-point, and for such applications, standard techniques from the fields of cryptography and security protocols suffice (Stamp 2006). However, in DRM the situation is much different, since the protection (e.g., usage restrictions) must stay with the content after it has been successfully delivered to the legitimate recipient. This additional level of security required in DRM is often known as persistent protection (Stamp 2006), since some level of protection must persist after successful delivery of the bits.
In the DRM context, the legitimate recipient is a potential attacker and, consequently, achieving any meaningful level of persistent protection is not a trivial task. In fact, it is impossible to ensure persistent protection if the content is accessible on an open platform (such as a modern PC) where the recipient has full administrative privilege. Therefore, we cannot expect a level of security comparable to, say, cryptography from a DRM system such as Fairplay. Instead, the test for such a system is whether a successful business model can be built on top of the inherently weak DRM protection (Stamp 2003). By this criteria, Fairplay is a highly successful DRM system, in spite of the known attacks that we discuss in Section 3.
The iTunes online store and Fairplay DRM employ a centralized server to distribute content and enforce the persistent protection on downloaded media. Any content distribution system based on a centralized server model has the potential disadvantage of a bandwidth bottleneck. Furthermore, as the number of users accessing the online store grows and the size of digital content increases (video requires much more bandwidth than music) additional strain will be placed on the central server (Kalker, et. al., 2004).
We believe that the centralized iTunes online music service may be improved by redesigning it to operate within a peer-to-peer (P2P) network. Such a system would make more effective use of available storage and bandwidth, since a P2P system can harness idle storage and network resources from client machines that voluntarily join the network (Rodrigues, Liskov, and Shrira 2002).