Skip to Main content Skip to Navigation
New interface

Exploring Widevine for Fun and Profit

Abstract : For years, Digital Right Management (DRM) systems have been used as the go-to solution for media content protection against piracy. With the growing consumption of content using Over-the-Top platforms, such as Netflix or Prime Video, DRMs have been deployed on numerous devices considered as potential hostile environments. In this paper, we focus on the most widespread solution, the closed-source Widevine DRM. Installed on billions of devices, Widevine relies on cryptographic operations to protect content. Our work presents a study of Widevine internals on Android, mapping its distinct components and bringing out its different cryptographic keys involved in content decryption. We provide a structural view of Widevine as a protocol with its complete key ladder. Based on our insights, we develop WideXtractor, a tool based on Frida to trace Widevine function calls and intercept messages for inspection. Using this tool, we analyze Netflix usage of Widevine as a proof-of-concept, and raised privacy concerns on user-tracking. In addition, we leverage our knowledge to bypass the obfuscation of Android Widevine software-only version, namely L3, and recover its Root-of-Trust.
Document type :
Complete list of metadata
Contributor : Gwendal Patat Connect in order to contact the contributor
Submitted on : Wednesday, April 13, 2022 - 4:30:08 PM
Last modification on : Wednesday, October 26, 2022 - 8:10:27 AM


Files produced by the author(s)


  • HAL Id : hal-03631377, version 1
  • ARXIV : 2204.09298


Gwendal Patat, Mohamed Sabt, Pierre-Alain Fouque. Exploring Widevine for Fun and Profit. 16th IEEE Workshop on Offensive Technologies, WOOT 2022, San Francisco, CA, United States. 2022. ⟨hal-03631377⟩



Record views


Files downloads