From: info@elcomsoft.com Sent: Tuesday, July 30, 2002 10:25 AM To: bugtraq@securityfocus.com; vuln-dev@securityfocus.com Subject: Vulnerability: protected Adobe eBooks can be copied between computers -----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 Product Vulnerability Reporting Form SUMMARY =============================================================================== Adobe Content Server (now in use by more than 300 online retail sites) enables the distribution of eBooks and electronic documents from any Web site as PDF files with complete Digital Rights Management (DRM). To prevent unauthorized reading or copying of eBooks, the Acrobat eBook Reader (client software for reading eBooks) does not allow to read the same eBooks from more than one computer or to copy eBook and data files from one computer to another. However, there are a few defects in the implementation of this protection in Acrobat eBook Reader, so eBooks can be still copied across different computers. CONTACT INFORMATION =============================================================================== Name : ElcomSoft Co.Ltd. E-mail : info@elcomsoft.com Phone / fax : +7 095 216-7937 +1 866 448-2703 (fax; US, toll-free) Affiliation and address: 2-171 generala Antonova st. Moscow 117279 Russia Vendor (Adobe has been notifed about this vulnerability at July 23, 2002, but have hot replied. TECHNICAL INFO =============================================================================== Description of the vulnerability. - -------------------------------- Adobe Content Server (http://www.adobe.com/products/contentserver/) makes it easy for you to sell electronic books (eBooks) securely online. Adobe Content Server packages and protects eBooks and distributes them in PDF format directly from any Web site. Anyone with the free Adobe Acrobat eBook Reader (http://www.adobe.com/products/ebookreader/) can purchase your content with ease. When the file is encrypted, special master voucher for its distribution is being created. The master voucher is a separate, XML-based file that contains an encrypted key to the eBook and the set of privileges that accompany it. When a customer purchases an Adobe PDF eBook directly from an e-commerce site, it's automatically downloaded into the customer's personal Acrobat eBook Reader library for immediate viewing. Acrobat eBook Reader unlocks the encrypted key that came with the eBook and its master voucher. Now the eBook is tied to the customer's Acrobat eBook Reader and can't be transmitted elsewhere (by design) -- every other copy of the Reader uses another (unique) encryption keys, so eBook purchased from one computer cannot be open on other computers. On January 29, Adobe representative (Mr. Thomas R. Dıaz, the Senior Engineering Manager for eBook Development Group at Adobe Systems Incorporated), advised that it is possible to back up collection of eBooks from one computer and restore them to a different machine by making use of a back up feature built into the Adobe eBook Reader (note: this process operates successfully on your entire library of Adobe eBook Reader files regardless of where you obtained them from and does not require you to consult with the ebookstore that you purchased from): Backing Up Adobe Acrobat eBook Reader eBooks http://www.planetebook.com/mainpage.asp?webpageid=279 1. Make a copy of the 'Data' folder (including 'Vouchers' subfolder) 2. Install Adobe eBook Reader on another machine 3. Restore the 'Data' folder over the corresponding 'Data' folder in your freshly installed Adobe Acrobat eBook Reader 4. Open Adobe Acrobat eBook Reader and attempt to open one of the eBooks. You will receive the following message: Update Reader Voucher Update Required (Version 2.2 Build 203) You will not be able to read your eBooks until you update you installation of Acrobat eBook Reader. Please contact Adobe Systems Customer Support at http://www.adobe.com/suport/[...] for assistance in completing this update. Challenge: E7P6 4K2D 7MU3 VUDT 5. Ring Adobe, quoting the Challenge code, then receive an Activation code. 6. eBooks can now be reopened. However, activation code can be easily obtained for any given Challenge without calling Adobe. Here is how Adobe Acrobat eBook Reader verifies the Activation code: 1. The 'Challenge' is being encrypted using popular symmetric block cipher; the encryption key (actually, there are two keys: one in Reader 2.1 and older, and another in Reader 2.2) is constant and stored inside the Adobe eBook Reader executable. 2. Encrypted 'Challenge' is being hashed using another popular algorithm. 3. First 10 bytes of the hash value (converted from binary to text using MIME-like encoding) is the proper Activation code -- the Reader just compares it with the one entered to the Reader. The details (the names of the ciphers, and the encryption keys) are not provided here for security reasons. The impact of this vulnerability. - -------------------------------- Even using standard method (by calling Adobe to receive proper Activation code), anybody can create illegal copies of "protected" Adobe eBooks. But even worse, any person with a basic knowledge of crypto algorithms can write a program to generate an Acivation code from the Challenge, so eliminating 'calling Adobe' step completely. Workarounds and/or fixes. - ------------------------ No ones available at the moment. But to implement reliable and secure challenge-response scheme, it is not enough just to "use sophisticated, industry-standard levels of software encryption" - it is necessary to use them *properly*. The Activation code should be calculated at Adobe using asymmetric algorithm like RSA (with a private key, known only to Adobe), while the Reader should decrypt it using public key, and compare the result with the Challenge. So the Reader itself will not contain enough information needed to make proper Activation code from the Challenge. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQEVAwUAPUahxYavf/iY3ldlAQHSrwf+P03PyNVgX0058T7or+YybkpSzLEva1N3 ykyV3vqad4aB1t7XNY3EnQs4OXqOL0XdZrnHPYnxCpUsZU3ztI9YOmnHc/bGy4wc TFdK7mURtReUmbTGGP9hWcO/ELsyeYFEFFT+YAEgF1yHWTnD5gnq13LVUv+6bI0D uf0hrv29KWx6hhuoERFFhX9a7/4Iei8Wul3iiCnhowgroZ2O4RYEnMWWrqAG+uaR uggxqieMv/ikmLhXGsWlNvbTYNtYdLF3wjJQU4NK70N1qMgbc/BAJvc/2qnOGYaQ y4S8/DUcWPWIMiDx3xh60vcenvd42nDMAjX4nuRUwA3PMo/8Ya1ERQ== =o0fC -----END PGP SIGNATURE-----