|The Open Rights Group : Blog Archive » links for 2007-02-13 : DRM systems are broken so quickly because they are grounded on some thing that is scientifically bankrupt, the idea that you can keep a secret from some one from whom you have told the secret.|
I'm not sure I should suggest this to anyone but I can't be the first to see this. There is a way for DRM to work and to be effectively unbreakable. Use PKI. But it relies on the customer having a unique key pair. The provider encrypts the content using the customer's unique public key. The content is then decrypted with the customer's secret key. This could be encapsulated in the player software (iTunes say) and made pretty much transparent. On installation the player software would report it's newly generated public key back to the provider who would then use it when the provider created the file for download. In addition the encoded file could be signed by the provider and the signature checked against the Provider's public key.
This could all be open sourced and the algorithms published. Just as with SSL, the same scheme could be used by multiple providers and with player software from multiple sources.
The downside of course is that the provider has to uniquely encrypt each file for a specific customer.
There's a catch though. There's always a catch. Once the software has done it's job, and created the plain text version, this now sits on the customer's PC waiting to be captured and turned into a DRM-free version.
So what we've done is to prevent the customer from stealing a file meant for somebody else. Or distributing the encrypted file because it won't work for anyone else. But we've failed to stop the plain text version from being captured and distributed. And there lies the rub. it's not so much that you can't keep a secret from someone who you've told the secret as that you can't dictate what a customer does with the decrypted file once it's decrypted.
[ << Seen on Slashdot about being British ] [ Big Music - no plan, no direction >> ]
[ 17-Mar-07 5:15pm ] [ DRM ]