Ray Dillinger wrote: > And it turns out that she is an executive in a small company which is > now considering the development of a DRM product.
> Does anyone feel that I have said anything untrue? You should be able to confirm all these details with sources, and it sounded like a plausible story. However, it also sounds like they are shifting the burden of proof. Shouldn't they convince "you" (whoever they make the DRM for) that their system is working? Have we really reached a situation where non-experts believe that DRM works until proven otherwise? That seems an extraordinary marketing success of the sellers of DRM technology, because it stands against a mountain of evidence in the history of computing. Maybe also introduce the logic Cory Doctorow gave in his Microsoft talk (not sure who first came up with this "proof"). It's not a decisive argument from a business perspective, as it ignores simple economics (see John Gilmore's remark). But it reverses the logic of DRM and puts burden of proof firmly where it belongs. >From http://craphound.com/msftdrm.txt > In DRM, the attacker is *also the recipient*. It's not Alice and > Bob and Carol, it's just Alice and Bob. Alice sells Bob a DVD. > She sells Bob a DVD player. The DVD has a movie on it -- say, > Pirates of the Caribbean -- and it's enciphered with an algorithm > called CSS -- Content Scrambling System. The DVD player has a CSS > un-scrambler. > > Now, let's take stock of what's a secret here: the cipher is > well-known. The ciphertext is most assuredly in enemy hands, arrr. > So what? As long as the key is secret from the attacker, we're > golden. > > But there's the rub. Alice wants Bob to buy Pirates of the > Caribbean from her. Bob will only buy Pirates of the Caribbean if > he can descramble the CSS-encrypted VOB -- video object -- on his > DVD player. Otherwise, the disc is only useful to Bob as a > drinks-coaster. So Alice has to provide Bob -- the attacker -- > with the key, the cipher and the ciphertext. > > Hilarity ensues. > > DRM systems are usually broken in minutes, sometimes days. Rarely, > months. It's not because the people who think them up are stupid. > It's not because the people who break them are smart. It's not > because there's a flaw in the algorithms. At the end of the day, > all DRM systems share a common vulnerability: they provide their > attackers with ciphertext, the cipher and the key. At this point, > the secret isn't a secret anymore. > --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com