DRM a pipe dream (Part 2)

As I mentioned in the previous post, it didn’t took a lot of time to hack the BluRay/HDDVD encryption.

To break the HD DVD encryption, the hacker Muslix64 read the process image in memory and searched, using a know plain-text attack, for the 128-bit AES encryption key. Simple but effective.


The main weakness this kind of Digital Rights Management system have, are a consequence of Prof. Lomonaco’s[1] Catch 22 of Cryptography:

“In order to communicate in secret one must first communicate in secret”.

A DRM system for wide public distribution must include the encryption keys together with the content. Despite programmers most optimistic estimates, this is something akin to send, in the same shipment, a locked box and the keys to open the lock. It is only a matter of time until an attacker finds the keys.

Once it is understood that there is no way to protect content unless the elements of a strong cryptographic system, namely strong encryption and proper authentication, are in place, all hope is lost. Such a system (if possible) is going to be very awkward for public deployment using readers that share public keys operating over digital copies of the encrypted content.

To keep a secret that has to be so widely deployed across a variety of trusted and non-trusted entities, as the DVD encryption system showed, is very, very difficult.

Moreover, even if the secret is succesfully transmitted to the end user, every component in its reproduction chain must preserve the encoding, otherwise, an attacker can easily read the content at an intermediate link in the chain. Assuming the current computer security architecture, good luck with that.

 

[1] S. Lomonaco, A Quick Glance at Quantum Cryptography, American Mathematical Society Lecture,1998.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: