Just when you thought it was safe to come out from under the bed, and
play your MP3's, or decode a few DVD's on your Linux box, comes...
Dee Tee Cee Pee
These guys are implementing a full blown encrypted session protocol
that goes between consumer video & audio devices, to make sure that no
more than the officially sanctioned number of copies will ever be
made. They're using a custom (groan) 56-bit block cipher and 320-bit
elliptic curve digital signatures and Diffie-Hellman (as defined by
P1363).
They're building a certificate revocation infrastructure that will put
the CRL's onto new DVD's and other videos, and have the machines keep
track of the latest CRL in NVRAM, updating it whenever they see a
later one. The CRL is used to revoke the public key for devices that
have been hacked to be able to make illicit copies. These "plug and
play" Firewire devices will refuse to send video or audio to a device
that they can't do an authenticated key exchange with.
On the one hand, these guys are nuts! They're trying to provide a
fully seamless realm in which their priceless content can float
around, occasionally fuzzily visible from the outside world by the
mere mortals who purchased it. On the other hand, they're building a
full blown (well, with short keys) easy to use public key
infrastructure for keeping communications private, which we've been
advocating for a long time.
Unfortunately their scheme only applies to Hollywood content -- you
can't apply it to your home videos. And it doesn't work across the
Internet; apparently they think if the stuff gets out on the Internet,
even in encrypted form, we'll find some way to blow their covers off.
(I suppose minor self-congratulations are in order.)
If only the entire effort wasn't so mindlessly bent on subduing
consumers to the will of major companies, I could even see it as a
good thing. Consumer devices that could squirt e.g. phone calls or
videoconferences across the Internet in full fidelity, with strong
encryption, with full control by the originator of who can see 'em,
would be great, and only about 5% different from what they've
built. But I predict consumers will hate it and it'll die an ugly
death, like DIVX.
John
