Copyright enforcement through crypto
I'd like to explore the technical problems of enforcing copyright restrictions through encryption and custom viewing software. What I have in mind is a viewer, say a spin off of Mosaic, that has a general purpose decryption engine that could be programmed with an algorythm as part of the document download process. The goal I have in mind is to make possible one time, or limited time viewing of a downloaded document The document would be encrypted with the selected method and keyed with a timestamp. The client would need access to a timeserver and a session key, etc. to decrypt as close as possible to the display hardware. This could be prototyped as a user process, but securely implemented as an extension to X, MS-Windows, etc. I haven't worked out all the problems, but see quite a few already. Obviously, the goal would be to get really good copyright material on the net, like first run movies, when we have the bandwidth. Just wondering what minimum collection of hardware, software, and infrastructure would be needed. Of course, this is related to the pay-per-use software paradigm (vs. current unlimited license). sdw -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 510 503-9227APager LIG dev./sales Internet: sdw@lig.net In Bay Area Aug94-Feb95!!! OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Internet Consulting ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Newbie Notice: I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru.
In article <m0qmnoZ-0009tFC@sdwsys>, Stephen D. Williams <sdw@lig.net> wrote:
I'd like to explore the technical problems of enforcing copyright restrictions through encryption and custom viewing software.
What I have in mind is a viewer, say a spin off of Mosaic, that has a general purpose decryption engine that could be programmed with an algorythm as part of the document download process. The goal I have in mind is to make possible one time, or limited time viewing of a downloaded document The document would be encrypted with the selected method and keyed with a timestamp. The client would need access to a timeserver and a session key, etc. to decrypt as close as possible to the display hardware.
[Disclaimer: this is what I gather, from looking at a competitor's setup.] A subset of what you want exists: the Internet Bookstore (I believe it's called) has a viewer/dongle combination for customers that they ship to customers for (I think) $30. I have no idea whether they've sold any, but I'd bet not (given the low level of sales Bibliobytes has seen without requiring $30 up front). Their design presumably puts the user's key in the dongle; each book shipped is encrypted with it, so the books are (I think) tied to the dongle. However, AFAIK there's no time-binding invovled, and I'm skeptical as to how easy that would be: once you've displayed information once, it's out. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus@bb.com | change the world with a plastic platter." - Todd Rundgren
I'd like to explore the technical problems of enforcing copyright restrictions through encryption and custom viewing software.
This job is pretty much unsolvable in the long run, because you have to give all your secrets (algorithms and keys) to your "enemy". You can slow him down a bit, but eventually he'll reverse engineer the system -- especially if it runs on general purpose computer hardware. It may be difficult, but it only needs to be done once because the results can be quickly and widely disseminated in the underground. Even without breaking the system per se, legitimate users will figure out ways to copy its decrypted output and give it to their friends.
Obviously, the goal would be to get really good copyright material on the net, like first run movies, when we have the bandwidth.
Why is this necessary? Many cable TV systems already carry considerable amounts of copyright material despite having very weak scrambling systems. Even a strong system such as Videocipher II+, which is based on the physical security of custom hardware, can still have its output recorded and duplicated. Many cable companies openly welcome VCR users -- they know it increases the appeal of the service. What the photocopy machine started and the VCR moved into high gear, the computer and the network will probably finish. As John Perry Barlow puts it, "Copyright is dead". It's not a matter of whether copyright is morally right or wrong. It is simply going to become utterly unenforceable -- like it or not. Instead of trying to patch it we should find workable alternatives to replace its role in compensating authors for their efforts. Phil
Yesyes, you're preaching to the choir. I want information to be free too, etc. It just occurred to me that by tying the decryption to a time server and sending both the timebased key and a complete algorithm to a general purpose engine that you might get something somewhat effective. To give an example: 12 years ago I worked in a computer store that sold Atari computers. I learned to program on my Atari 400, cassete, Basic, assembly, etc. I used to have fun 'breaking' the copy protection on game floppies. There were some sophisticated methods that a number of companies used, but I could eventually disassemble and follow the code and patch it. (Blue Max was the hardest I cracked: 5 stage load, several multi-sector-with-same-number-same-track protections, and executing code merged from two such sectors). The one disk that I couldn't crack (and I still have it) was the ABC Basic compiler. The compiler was compiled with itself. Since the assembly was just a general purpose engine, I had to follow the p-code/tokenized Basic all over the place. I could never keep track of it long enough to solve it. If an algorithm is only good for a perticular copy of a document and only for a short time, the theoretical possibility of cracking it becomes harder. I want to explore what aspects can be solved and what can't. Obviously you can always take a picture of the screen, possibly capture data in the window/operating system, etc. But, with a modifed X, unmodified OS, etc., how close can you get.
I'd like to explore the technical problems of enforcing copyright restrictions through encryption and custom viewing software.
This job is pretty much unsolvable in the long run, because you have to give all your secrets (algorithms and keys) to your "enemy". You can slow him down a bit, but eventually he'll reverse engineer the system -- especially if it runs on general purpose computer hardware.
Unless each document uses it's own key and randomly selected algorithm(s) and needs online access.
It may be difficult, but it only needs to be done once because the results can be quickly and widely disseminated in the underground. Even without breaking the system per se, legitimate users will figure out ways to copy its decrypted output and give it to their friends.
Of course, that's always a problem, unless things are priced per use so that it's more attractive to pay.
Obviously, the goal would be to get really good copyright material on the net, like first run movies, when we have the bandwidth.
Why is this necessary? Many cable TV systems already carry considerable amounts of copyright material despite having very weak scrambling systems. Even a strong system such as Videocipher II+,
Of course, I didn't say it was necessary... Just musing how effective it would be.
What the photocopy machine started and the VCR moved into high gear, the computer and the network will probably finish. As John Perry Barlow puts it, "Copyright is dead". It's not a matter of whether copyright is morally right or wrong. It is simply going to become utterly unenforceable -- like it or not. Instead of trying to patch it we should find workable alternatives to replace its role in compensating authors for their efforts.
I agree.
Phil
Come on guys, I don't post that much, but you need to crank up your Devil's Advocate detectors. Geesh, doesn't anyone like a good argument anymore? :-() sdw -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 510 503-9227APager LIG dev./sales Internet: sdw@lig.net In Bay Area Aug94-Feb95!!! OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Internet Consulting ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Newbie Notice: I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru.
sdw@lig.net (Stephen D. Williams) writes: I'd like to explore the technical problems of enforcing copyright restrictions through encryption and custom viewing software.
What I have in mind is a viewer... goal ... is ... one time... viewing of a downloaded document...
If it displays on my current screen and PC, I can capture it with some other software. William Gibson's book "Agrippa" was tried this way (sort of) and it didn't take long for it to get captured and posted. If it uses some special-purpose hardware, it'll need to compete with existing services: cable, rental laserdisks, and so on, and then I'll decide whether to trade in my current computer and buy it. I don't see the niche so far.
participants (4)
-
cactus@bb.com -
Jim Gillogly -
Phil Karn -
sdw@lig.net