[p2p-research] DRM standards

Henrik Ingo henrik.ingo at avoinelama.fi
Tue Dec 25 19:31:55 CET 2007 

On Dec 24, 2007 8:11 AM, Michel Bauwens <michelsub2004 at gmail.com> wrote:
> any commentary on this:
>
> http://www.xrml.org/about.asp
> http://p2pfoundation.net/Open_Digital_Rights_Language
>
> just wondering how drm related 'open standards' should be judged?

I think the following short rule of thumb is a good start: For various
"ethics related" reasons one may be opposed to all DRM on principle.
On the other hand, if someone is going to use DRM, it is clearly
better that they'd use an open standard - then at least there is a
chance that the DRM is not a reason to make the content locked into a
proprietary one-vendor/one-platform solution. (Richard Stallman would
disagree with this opinion, saying that DRM is always a form of
oppression and producing a good system of oppression is actually worse
than a bad system.)


In practice even open standards DRM will always have to rely on
something being kept secret from the end user / consumer and therefore
the opennes is of questionable value to the end user, who's role is
restricted to being just a consumer.

Typically an open source content player is not a possibility, or at
least some library file providing the particular decryption functions
would have to be closed source. This because even if the DRM system
would be based on an open standard, at least some cryptographic keys
have to be hidden from the user. Other alternatives are to hide the
decryption component in some hardware, like a smartcard or the
infamous TPM chip on a motherboard. Even so, something is restricted
from the end user, this is just another place to hide it. In addition
to hiding the decryption function, a proper DRM also wants to protect
the path from decryption to output device (so that you couldn't copy
the content anywhere within that path). This is why DVDs will play
with lower resolution on Windows Vista unless you have a new monitor
that will give the proper responses in this game.

>From this discussion it is possible to argue that by traditional
cryptographical standards "good" DRM is actually an impossible problem
to solve. While good cryptography always relies on the protocol being
public and only a key being secret, the problem DRM tries to solve
necessarily leads to solutions that by cryptographical standards would
be considered ugly hacks. Hardware based solutions are slightly better
in this regard, since extracting the secret from a hardware chip
really would be practically impossible. Nevertheless from a
cryptographical point of view DRM is like eating the cake (giving user
content) and trying to keep it too (not giving user content).

So in practice an open DRM system will always be like "doing the wrong
thing the right way".

henrik

-- 
email: henrik.ingo at avoinelama.fi
tel:   +358-40-5697354
www:   www.avoinelama.fi/~hingo
book:  www.openlife.cc

More information about the p2presearch mailing list