On Fri, Oct 19, 2001 at 10:24:55AM -0400, Roop Mukherjee wrote: > The analogy was intended towards publicy know provably strong means > of copy protection.
But no such schemes exist, and as I was arguing earlier, I don't think they will be found either because there are fundamental problems with the framework before one even gets to implementation details. > Most security measures these days would be foolish to choose > otherwise. My impression of the DRM work that was being undertaken > is that most of it aiming towards "open specifications" that are > provably secure. For instance the SDMI charter says, "...to develop > open technology specifications that protect the playing, storing, > and distributing of digital music ...". Measures like this would > indeed raise the bar in much the same way as some other security > measures like SSL did. Well Kerchoff's principle (strength lies only in the key, assuming open specifications) is a very good thing, but I don't think in the case of copy protection schemes, abiding by it would raise the bar significantly. It would tend to remove the stupid things like the broken proprietary algorithms, simply because someone would look at the specs and guffaw before they'd shipped it. But schemes meeting the RIAA and MPAA's objectives are not buildable whether one uses good crypto or broken proprietary crypto, and whether one publishes what one designs or not. For example Microsoft's DRM v2 was cracked recently [1], and if you read the technical description, there is some sound crypto (SHA1, DES (small keys, but sound), ECC key exchanges) in the design as well as one proprietary block cipher used to build a MAC, but the attacker didn't even have to try to break the proprietary MAC, because the DRM v2 system, and _all such schemes generically_ are systemically flawed. (In this case the attacker simply read the keys from memory, and in fact with far less effort than anticipated by the implementors simply side-stepped their not that thorough attempts at obfuscation.) You can't "hide" things in the open in software on a PC. You can't even hide things in hardware if the attackers are determined. And as DeCSS shows a few million linux users and hackers counts as a very determined and incredibly technically able group of people. Adam [1] http://www.theregister.co.uk/content/4/22354.html --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
