FP: In a protected file, the "mp4a" atom -- part of a standard AAC file -- is replaced by a non-standard, proprietary "drms" atom. This contains the same basic information about a song as the "mp4a" atom, plus the identity of the purchaser and some of the cryptographic information needed to decrypt the music. The actual decryption key needed to decrypt the music is not stored here, however,but merely an indicator as to which key -- among many possible keys -- assigned to a particular user should be used.Link(Thanks, Steve!)
Once you have found the needed key, you apply that key, using AES decryption, to the data in the "mdat" atom, which, in an unprotected file, contains all of the raw AAC audio sample data.
Apart from this, there are various atoms added beyond what you'd find in an unprotected AAC file, such as an "apID" atom, which marks music files with the iTunes Music Store ID of the purchaser.
Cory Doctorow:FutureProof is the pseudonym of the maintainer of Jhymn, a program that breaks the DRM in Apple's iTunes, allowing you to play your iTunes music back on all your devices, not just the limited number that Apple permits. Today, OSDir has a long interview with him in which he thoroughly discusses the means by which Apple iTunes songs can be decrypted without Apple's permission.