On Cypherpunks, Joseph Ashwood <[EMAIL PROTECTED]> wrote:
> I can't believe someone is stupid enough to believe that this
> might actually even slow someone down. just grab the output of the
> program (aka the input to the sound card), and pipe it into a wav
> file. Gee, that put's us exactly where one would desire to be to
> create a redistributable compressed file. And they were granted a
> patent on this useless shit?
Yo, Joey! Check out the forest behind the tree! ;-)
All this bombast about how NTRU might be used, could be used, will be
used, to protect music and other multimedia is only a reflection of the
NYT's current obsession (albeit, widely shared) with music and film
"copyright," and crypto-enhanced intellectual property protection.
A couple of months ago, I saw another article which described NTRU
wholly in terms of its "broad potential" for enhancing wireless devices
and applications.
One does not preclude the other, obviously -- but it is unwise for
tech-savvy observers to let a NYT columnist define too narrow a
perspective for what is basically an intriguing new public-key
cryptosystem.
EduPage's paraphrase of the NYT column on NTRU put the newly patented
cryptosystem in context a lot better than either the Times, or the most
of the hundred-odd geeks who have commented on the NTRU column on
Slashdot, C'punks, sci.crypt, and other online forums.
Expanding on the NYT's narrow focus, EduPage noted the obvious:
>> [NTRU's] "public key" encryption...
>>works for virtually all data transmissions between computers,
>>cell phones, digital music players, or any consumer electronic
>>device that has Web access.
What the NTRU patent describes may be the smallest, and perhaps by far
the fastest, of the 70-odd second-generation public-key crypto algorithms
that have been published or patented. See:
<http://www.patents.ibm.com/details?&pn=US06081597__>
NTRU claims as much as a two order of magnitude relative increase in
speed over alternative PKC systems, as well as the advantage of a tiny
code footprint. See the FAQ by Joe Silverman, one of the three NTRU
inventors and a prominent ECC scholar:
<http://www.ntru.com/tech.learning.faq.htm#Why is NTRU fast>.
I've done some consulting for NTRU, so my opinion should be taken with a
grain of salt, but I've been intrigued by what new applications might be
possible with PKC keys that can be generated so quickly and so cheaply
that they can be considered "throw-aways."
I'll leave debate about the relative security of NTRU to mathematicians,
but suffice to say that NTRU has, for the past couple of years, been the
subject of extensive study by those who specialize in cracking this type
of structure. Current results seem to be positive. (Where potential
vulnerabilities have been identified, they have been addressable them
with some reconfig of the internal parameters: a fairly standard process
for shaking down a new cryptosystem.)
RSA has a twenty-year head start in building trust thru endurance, of
course; but few cryptographers are gonna dismiss NTRU as a paper tiger
today. There are market niches that will go to a PKC with the greatest
speed, smallest size, and lowest power requirements; there are markets
that will go to the most trusted PKC; and others that will go to some PKC
which balances betwixt. (I expect we will also see more application
environments that will harness multiple PKCs, to take advantage of their
relative strengths.)
While NTRU will doubtless be used to secure (probably several different)
multimedia IP formats -- eventually it will be the consumer market, the
Congress (at least in the US), and the Courts, which will determine how
far the owners of copyrighted media will be allowed to extend their
control, post-sale, over the users' daily use of CDs, DVDs, memory
sticks, etc.
Today's trends often spur tomorrow's reactions.
While discussing the potential for NTRU for media content control,
<[EMAIL PROTECTED]> pointed out:
> [1] Consider if Sony (which owns a lot of content producers) were
> to only release future content on players of their manufacture.
> Ignore the antitrust (fnord) issues for the moment.
I don't know how the anti-trust issues play out, but one of the things
that the NYT article didn't mention is that Sony -- perhaps the largest
owner of copyrighted content -- is also a major equity shareholder in
NTRU Cryptosystems. See "NTRU Announces $11M Funding," at <www.ntru.com>
Sony stepped in with financial support for NTRU's initial development a
couple of years ago, shortly after the inventors -- three Brown
University mathematicians -- first published the NTRU cryptosystem and
filed for a patent. A couple of months ago, Sony greatly expanded it's
equity position when NTRU went out for VC funds.
The prospect for expanded corporate (or creator) control of copyrighted
content and media is really a political issue, not a technical issue. I
think, however, that it would be rash to presume that just because an
absolute barrier to "unorthodox" use is unlikely -- given that content
must eventually hit the analogue speaker or screen -- that there will not
be a variety of more or less burdensome options for PKC-enabled
restrictions on access to copyrighted content and the reuse of media.
Not all controls on consumer praxis seem to be especially irksome,
especially if they are intended to block commercial contenders rather
than hassle unorthodox users. One of the earliest RSApkc licensees was
Atari, which encrypted and digitally signed all Atari game cartridges.
Users required an Atari console (with an embedded RSA key) to unlock the
cartridge for play.
Seemed to be very successful, although I can't recall Atari ever
bragging about it. Actually, it seemed to be a competitive detail that
the vendor didn't think mere users need be bothered with;-)
Suerte,
_Vin
"Cryptography is like literacy in the Dark Ages. Infinitely potent, for
good and ill... yet basically an intellectual construct, an
idea, which by its nature will resist efforts to restrict it to
bureaucrats and others who deem only themselves worthy of such
Privilege."
_A Thinking Man's Creed for Crypto _vbm
* Vin McLellan + The Privacy Guild + <[EMAIL PROTECTED]> *
