Slashdot Mirror
HDCP Break Proven
zavyman writes: "I just noticed at Cryptome that the flaws in HDCP posted to Slashdot earlier this year, which one person refused to disclose due to possible threats from the DMCA, have been made public by different authors. Scott Crosby of Carnegie Mellon University, Ian Goldberg of Zero Knowledge Systems, and Robert Johnson, Dawn Song, and David Wagner of UC Berkeley have published a formal cryptanalysis of the High-bandwidth Digital Content Protection System that proves its fatal flaws. Interesting reading for those with some background with cryptanalysis."
There are some goals that technology can solve, without anyone doing any enforcement. If I can choose my cryptosystem and key length, I can, with very high confidence, hide the content of my private communications, no matter who is trying to break it, no matter how hard.
It's just that "content protection" is not one of those goals. If I have enough information to show a movie, I also have enough to re-show or rebroadcast it. No matter what the technology involved (assuming I have enough computing power).
Policy makers need to understand this distinction, let technology do its thing where possible, and don't expect it to do much of anything where it's not.
IMHO.
I Can't Believe It's A Law Firm, LLP does not necessarily endorse the contents of this message.
From a part-time mathematician's perspective (ok, actually a physicist) this was the line that just made my jaw drop. What were they thinking?! If this text is correct, this algorithm may as well have been designed by a high-school student.
As several people have pointed out already, this is really one of the big threats of the DMCA -- that companies will go around using incredibly poor standards like this, and be immune to any pressure to improve their quality because their customers are legally forbidden to ask what they are receiving. It says a great deal about the present legal climate that anyone could get away with a mess like this cryptosystem in a commercial product.
*sigh*
No longer can we redicule the Russian people for "letting" Communism happen, or citizens of 1930s Gernany for accepting Nazi rule.
We are as blind and "foolish" as they were.
Rather humbling, I think.
You could've hired me.
Your post is slightly off topic, but what the hell. Here we go.
Sorry to say it, but you'd have to have an awful lot of resources to break even a 128-bit encrypted message. As in, more resources than most corporations are prepared to devote to such a task, and more resources than the gov would dedicate without a fairly damned good reason (well, at least a "good reason" in *their* view).
Second, you'd have to have INSANE computing resources to break a 1024-bit or 4096-bit PKI encrypted message. As in, more resources than are practical to assemble in reality these days. Your argument just doesn't hold water. Yes, people who *claim* to use cryptography (when in fact their systems are fundamentally broken/flawed) are setting themselves up for a nasty fall, but folks who use encryption properly are far more immune.
Until, of course, the government decides to arrest folks for using crypto to begin with
Web hosting by geeks, for geeks. Now starting at $4/month (USD)!
Yes, this is my protest to the sig char limit
No US scientists have been locked up for publishing their research. Many are at risk for such criminal action, and face the prospect that they could go to jail under the current law, if they publish their research.
To make the possibility excruciatingly clear, the US gov't has locked up a Skylarov, a Russian programmer/researcher under these laws. Some have attempted to argue that his case is "different" because he sold his information (outside of the US, incidentally), or because he's not a US citizen. This does not change the fact that under US law he would be equally vulnerable were he a respected US academic doing legitimate encryption research for no financial gain.
Given all of this, it seems somewhat mindless to demand that a few US scientists get themselves tossed in jail-- or sued out of existence-- before we start taking the problem seriously. Most researchers have no desire to run the risk, and have instead chosen to withdraw their findings and keep their heads down. I'm not sure why this is a position you would defend.
Being someone with a bit of formal training myself, I agree with you that this crypto-system bites as well...after seeing the proof.
;^)
But I have to say as well, the designer(s) probably took a few shortcuts to generate a working specification...like -
They used a ring that's WAY too small...56-bit keys can be brute-forced within months.
Then again, the proof doesn't attack this...only the modulus size (40-elt vectors), and that it can be cracked with a heuristic that takes at most 1600 operations.
They could add more keys to the modulus, but I suspect that it would have made an implementation unworkable...remember that DVD players don't have THAT much computing horsepower.
Sure it's bad...cause it's been shown to have a polynomial solution...the designer probably knew this already (and if he didn't, you're right...HE IS stupid! ); but he had to produce something...and that is what market-driven SW engineering is all about...it certainly is not comp. sci.
"Days" is a better estimate, with hardware designed for the task. This was demonstrated in the second DES contest. The EFF's custom built machine found the key in 56 hours, after searching 25% of the keyspace.
Read here for details.
Who has been locked up for this? Oh wait, no one has. Yeah, someone else was locked up because their company was selling a product based on breaking a US law, but no one has been arrested for this.
You can say "CORPORATE POLICE STATE!" all you want, but the fact is, this particular law is awful, one guy has been sent to jail, and there's been at least one court case so far which has affirmed that corporate interests do not outweigh free speech. Like every other horrible anti-speech law that has been passed in the last few years, it will die a slow death. People will be prosecuted under it, sure, but that's the only way to start the chain of events that leads to the Supreme Court striking the ugly thing down.
This isn't goverment thugs defending their interests. This is government employees doing their jobs, and scientists taking a moral stance, and the American legal system taking it's slow, painful path to justice, same as it ever was.
Yeah, democracy is the worst form of government, except for all those other forms which have been tried from time to time. Support the EFF, dammit!
It isn't so much the actual current lockups (1 to be precise) that matter the most. It's the fact that countless researchers are probably wondering if they should ever publish their research again given the specter of arrest and lengthy imprisonment. I find it hard to believe you consider Dmitry to be nothing more than a "salesman pitching his product". In truth, his presentation in the States was more to do with findings of fact concerning his research into the system than anything else. The documents are all online, please check your sources.
No, I'm not screaming "Corporate polic state!". I'm actually screaming "Screwed up crap in the legal code!" which is quite different. The fact that you find it acceptable for innocent people to get their lives ruined in the "short term" (explain that to their families) over this is somewhat galling.
As for government employees doing their jobs, do we really have to go into the nasty details of other government employees "just doing their jobs"? Harsh example here, but I'm fairly sure a number terrorists groups (meaning their individuals actually doing the dirty work) are confident that they are (1) just doing their jobs, and (2) morally correct for doing so. It doesn't make it RIGHT.
As for supporting the EFF, according my bank statement I do that on a routine basis. Have you contributed recently?
Web hosting by geeks, for geeks. Now starting at $4/month (USD)!
Yes, this is my protest to the sig char limit
This is not a "bad" or "stupid" encryption system; it's just an example of a company using the laws which protect them to cut a cost corner.
I wasn't aware of it being the government's job to help business cut corners and increase profits.
After all, if one could trust people to pay for what they watched, they wouldn't need to encrypt the signal at all.
If you're going to send a signal into my home, be it over television airwaves or satellite broadcast, I should be able to do what I like to the signal. I didn't ask for your signal to enter my home. I don't have a contract with you promising to leave your signal alone. By attempting to decrypt your signal, I am not depriving you of use of the signal.
What ethical right do you have to demand that I don't examine that signal? Sure, there are laws against it, but laws and ethics are different matters.
By accessing your signal without paying, I am receiving benefit without reimbursing you. Boohoo. Not my problem. My local television stations seem to survive. Adapt to the problem, don't take rights from people to protect existing business practice.
Perhaps you'll claim that your right to not have your signal decrypted is similar to my right to not have my cell phone calls decrypted. Great argument, except I assume my cell phone calls are being decrypted for exactly the reasons above. I hope that cell phone technology developers are working on better encryption, but ultimately if my cell phone signal is available, I encourage you to go wild.
Fair use, my ass. Any legitimate fair use of these signals could be satisfied by a simple VCR. The idea that there is some "first sale" doctrine for television signals is ludicrous, as is the idea that the fair use doctrine requires every copyright holder to do as much as possible to help you carry out whatever work you wish to produce using their content. Creators of material have more rights and consumers fewer than you think.
-- the most controversial site on the Web