1994-09-20 - Re: Copyright enforcement through crypto

Header Data

From: sdw@lig.net (Stephen D. Williams)
To: karn@qualcomm.com (Phil Karn)
Message Hash: 094f051610a18c01fbf75d480c7cfd5309673bb5f5d1d90818c3a0a26f3bc5af
Message ID: <m0qn6xe-0009z6C@sdwsys>
Reply To: <199409200545.WAA00256@servo.qualcomm.com>
UTC Datetime: 1994-09-20 19:07:54 UTC
Raw Date: Tue, 20 Sep 94 12:07:54 PDT

Raw message

From: sdw@lig.net (Stephen D. Williams)
Date: Tue, 20 Sep 94 12:07:54 PDT
To: karn@qualcomm.com (Phil Karn)
Subject: Re: Copyright enforcement through crypto
In-Reply-To: <199409200545.WAA00256@servo.qualcomm.com>
Message-ID: <m0qn6xe-0009z6C@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain

Yesyes, you're preaching to the choir.  I want information to be free
too, etc.

It just occurred to me that by tying the decryption to a time server
and sending both the timebased key and a complete algorithm to 
a general purpose engine that you might get something somewhat effective.

To give an example:

12 years ago I worked in a computer store that sold Atari computers.
I learned to program on my Atari 400, cassete, Basic, assembly, etc.

I used to have fun 'breaking' the copy protection on game floppies.
There were some sophisticated methods that a number of companies used,
but I could eventually disassemble and follow the code and patch it.
(Blue Max was the hardest I cracked: 5 stage load, several
multi-sector-with-same-number-same-track protections, and executing
code merged from two such sectors).

The one disk that I couldn't crack (and I still have it) was the ABC
Basic compiler.  The compiler was compiled with itself.  Since the
assembly was just a general purpose engine, I had to follow the
p-code/tokenized Basic all over the place.  I could never keep track
of it long enough to solve it.

If an algorithm is only good for a perticular copy of a document and
only for a short time, the theoretical possibility of cracking it
becomes harder.

I want to explore what aspects can be solved and what can't.

Obviously you can always take a picture of the screen, possibly
capture data in the window/operating system, etc.  But, with
a modifed X, unmodified OS, etc., how close can you get.

> >I'd like to explore the technical problems of enforcing copyright 
> >restrictions through encryption and custom viewing software.
> This job is pretty much unsolvable in the long run, because you have
> to give all your secrets (algorithms and keys) to your "enemy". You
> can slow him down a bit, but eventually he'll reverse engineer the
> system -- especially if it runs on general purpose computer hardware.

Unless each document uses it's own key and randomly selected
algorithm(s) and needs online access.

> It may be difficult, but it only needs to be done once because the
> results can be quickly and widely disseminated in the underground.
> Even without breaking the system per se, legitimate users will figure
> out ways to copy its decrypted output and give it to their friends.

Of course, that's always a problem, unless things are priced per use
so that it's more attractive to pay.

> >Obviously, the goal would be to get really good copyright material on
> >the net, like first run movies, when we have the bandwidth.
> Why is this necessary? Many cable TV systems already carry
> considerable amounts of copyright material despite having very weak
> scrambling systems.  Even a strong system such as Videocipher II+,

Of course, I didn't say it was necessary...  Just musing how effective
it would be.

> What the photocopy machine started and the VCR moved into high gear,
> the computer and the network will probably finish.  As John Perry
> Barlow puts it, "Copyright is dead". It's not a matter of whether
> copyright is morally right or wrong. It is simply going to become
> utterly unenforceable -- like it or not. Instead of trying to patch it
> we should find workable alternatives to replace its role in
> compensating authors for their efforts.

I agree.

> Phil

Come on guys, I don't post that much, but you need to crank up your
Devil's Advocate detectors.  Geesh, doesn't anyone like a good
argument anymore?  :-()

Stephen D. Williams  Local Internet Gateway Co.; SDW Systems 510 503-9227APager
LIG dev./sales       Internet: sdw@lig.net  In Bay Area Aug94-Feb95!!!
OO R&D Source Dist.  By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Internet Consulting  ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work
Newbie Notice:       
     I speak for LIGCo., CCI, myself, and no one else, regardless of
     where it is convenient to post from or thru.