Thursday, 24 January 2008

DRM as cryptography

I just saw a thread on Slashdot about DRM where it was described as "Alice/Bob/Eve cryptography where Bob and Eve are the same person". That's quite an enlightened statement. With Digital Rights Management, the goal is to show content to a person only one way and to keep it a secret how it got there while also preventing certain uses after it is shown. In cryptographic story-telling, it would go like this:
Alice wants to send Bob a music file but keep it a secret from Eve. She encrypts the file in a certain way that Eve can't decrypt and sends it to Bob, who opens it and listens at his leisure.

The two problems with DRM are expressed as follows:
  1. In the typical DRM scenario, replace "Eve" with "Bob" to express the fact that the content is to be protected from the end users. The statement becomes an impossible dream.
  2. The other is a condition to add at the end: "After Bob has decrypted the file, he can only do with it what Alice decides to allow him". Bob has a decrypted file now, and there's nothing Alice can do about it.
The only way to make sure a user doesn't use a decrypted file in a way you don't like is to avoid handing it over at all in the first place or to destroy the user. The closest solution DRM has on that front is to make copying annoying, not impossible.

Mokalus of Borg

PS - You could also destroy the user's equipment.
PPS - Or publish a sub-par media format and hope it catches on.

No comments: