November 24, 2024

Posts Comments

Why Unbreakable Codes Don't Make Unbreakable DRM

December 3, 2002 by

It’s commonly understood among independent security experts that DRM (i.e., copy prevention) technology is fundamentally insecure, at least based on today’s state of the art. Non-experts often misunderstand why this is true. They often ask, “When you say DRM is insecure, isn’t that just another way of saying that any code can be broken?” Actually, it’s not. Let me explain why.

First of all, unbreakable codes do exist. Claude Shannon proved (in the strict, mathematical sense of “proof”) in 1949 that a code called the “one time pad” cannot be broken by any method. One time pads reportedly are used on the Washington-Moscow “hot line”.

One time pads are rarely used in practice, because there are certain other codes that present other advantages and are nearly unbreakable. (By “nearly unbreakable” I mean that the odds of their being broken are so low that it is pointless to worry about that possibility.) These are the codes used in “secure” web transactions.

Yet unbreakable codes, whether theoretically impregnable or practically untouchable, do not imply that DRM is possible.

To understand why, imagine that you can build an impregnable armored truck. This truck can carry bags of money anywhere; and as long as you keep the doors closed nobody can rob the truck. The problem is that the truck is useless unless you open its doors. Suppose you want to carry the day’s sales from a WalMart store to the Bank. You have to open the doors at WalMart to put money in, and you have to open them again at the Bank to get the money out. Robbers can strike when you open the doors at WalMart or at the Bank.

The armored truck doesn’t solve your problem because it doesn’t provide end-to-end protection. The middle part of the money’s journey from customer to bank account is protected, but the first part and the last part of the journey happen outside the truck, and the money is vulnerable there.

The same is true for encryption-based DRM. End-to-end protection requires that the material be protected all the way from the performer, to the customer’s eyes and ears. If you leave the content unprotected anywhere along that path, it’s vulnerable. And encryption can’t protect the entire path, in the same way that the armored truck can’t protect the money’s entire path. You can’t seal the content inside its envelope of encryption until after it has been recorded, and you have to unseal it before you can play it for the customer.

The lack of end-to-end protection is especially serious for DRM systems, where one of the endpoints is under the control of the customer – who is the presumed adversary. It’s as if, in the armored-truck scenario, a criminal had control over the bank. If you have to open the truck’s doors at the bank, and the bank is controlled by a bad guy, then you’re sunk. It doesn’t matter how strong your armored truck is.

This is the predicament that DRM faces. The content needs to be unwrapped at the endpoint, and the system doesn’t control the endpoint. The content is vulnerable, regardless of how strong your codes are.

Filed Under: Uncategorized Tagged With: ,

Software and Export Control

December 2, 2002 by

Today’s New York Times, in an article by John Schwartz, reports on the availability of export-controlled software outside the U.S. Certain software that has defense applications is not allowed to be shipped to “pariah countries” such as North Korea and Iraq. Unauthorized copies of such software are available for sale in China, and presumably the Chinese sellers would be willing to ship them anywhere.

The article works hard to conflate export violations with copyright infringement, even using the word “piracy” in the title, and claiming that “Digital piracy … has moved into more dangerous territory” as “[a] black market has emerged for scientific and engineering software powerful enough to fall under United States export restrictions.”

The implication is that the Internet is a big part of the problem. And yet a careful reading of the article reveals no evidence that the illicit copies of the software left the U.S. via the Internet (as opposed to being mailed or hand-carried). Certainly the black market in export-controlled software was flourishing long before the Internet became popular.

The real problem is the illusion that a software package can be sold widely, even to customers outside the U.S., without its becoming available to a motivated adversary who wants it. Even if it were somehow made impossible to copy export-controlled software packages, our adversaries would still be able to buy or steal authorized copies.

This is obvious to people who have experience in the export-control wars. Stewart Baker, who was General Counsel at the National Security Agency during the crypto export control debates, points out the folly of the current approach:

To his mind, Mr. Baker said, [these] problems are part of a broader trend of mistakenly looking at national security issues as problems for law enforcement. “O.K., you can’t prosecute ’em,” he said. “Well, duh.”

Filed Under: Uncategorized Tagged With:

Report from the ACM DRM Workshop

November 19, 2002 by

Yesterday I attended the ACM “Digital Rights Management” Workshop in Washington DC. There were about 100 attendees, most of them computer scientists, with a few lawyers and Washington policy types thrown in. Papers from the workshop are available online.

My main impression was that the speakers were more openly skeptical about DRM than at past conferences. I don’t think this represents any real change in opinion. The real cause, in my view, is that industrial researchers are now starting to say in public what they would only say in private before.

The skepticism about watermarking was especially strong. One speaker described a simple attack that apparently can defeat essentially all state-of-the-art watermarking methods. Another speaker’s paper says

Proposals for systems involving mandatory watermark detection in rendering devices try to impact the effectiveness of [file sharing systems]…. In addition to severe commercial and social problems, these schemes suffer from several technical deficiencies, which, in the presence of an effective [file sharing system], lead to their complete collapse. We conclude that such schemes are doomed to failure.

Filed Under: Uncategorized Tagged With: ,

Early Release of MS Decision Just a Blunder

November 13, 2002 by

Ted Bridis at AP confirms, based on an internal investigation by court staff, that the early release to the Web of Judge Kollar-Kotelly’s rulings in the Microsoft case was just a mistake by someone on the staff.

Filed Under: Uncategorized Tagged With:

Garfinkel on Mitnick's Book

November 13, 2002 by

Simson Garfinkel has an interesting reaction to Kevin Mitnick’s recent book.

Mitnick, “the most famous computer hacker of our time,” claims to have operated mainly by social engineering, that is, by conning people into giving him restricted information. Garfinkel describes how Mitnick-type attacks can be mitigated by wisely-designed technology.

Filed Under: Uncategorized Tagged With: