D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] BBC IPlayer - A U-Turn ?

 

Michael Mortimore wrote:
> hadn't thought of it that way. i presumed the content provider would
> provide you a key with said content. 

Now why would they want to do that???

If you order an item by post, do you send your house keys to the van
driver so that he can let himself in or do you arrange to be around when
he arrives and keep the key to yourself?

> wouldn't the source code tell you
> how te extract the key from the binary?

The source code would only show the calculation, not the values.

e.g. If I say the answer is 30, can you tell if the question was 6x5,
2x15, 3x10 or .... ?

By using very long numbers as the start of the calculation, GPG ensures
that it would take an unrealistic amount of time to work out the
question even if the answer is known.

Cryptography is not about unbreakable codes, it is about ensuring that
the codes are sufficiently difficult that an attacker has to consider a
different method of attack (usually via social engineering / spam).

> or maybe with a small mod you
> could have it look for the key in the distributed binary?

Drop the idea of "the" key - most GPG keys are in two parts, so can DRM
keys. You only need one part to verify the effects of using the key but
you need both parts to actually decrypt the contents of the block. It is
perfectly reasonable to encrypt something using free software so that
only one person can decrypt it, having access to the GPG source code
does *not* mean you could decrypt an email that I sent to Simon, say.
The relevant keys are not (must not be) identifiable from the source
code. The point is that I don't need Simon's private key to encrypt to
him, I use his public key to encrypt, he uses his private key to
decrypt. That way, he can keep his private key secure. Neither key can
be calculated from the GPG source code. If I don't also encrypt the
block using my own private key, I can't read what I just encrypted.

The weakness of DRM is that the hardware needs to ship with both keys
encoded somewhere (and all units have the same key or keypair). This
allows attackers to listen-in on the decryption process where the
software reads in the key from the store. If you could fit a keylogger
or similar to Simon's computer when he decrypts an encrypted email from
me, you would have a similar headstart on attacking the encryption but
that is true whether or not the source code handling the decryption is
open source or proprietary.

i.e. you don't need access to the source code to crack a cryptographic
method - you want access to the binary *at runtime* during the critical
phase when it retrieves the key itself.

Does a burglar need to know how a key was made in order to use it? Does
knowing how keys (or locks) are manufactured help a burglar work out how
to make a key for your specific door? Sure, it narrows the scope a bit
but it still means trying a vast range of different keys.

That is why the HD-DVD key is public knowledge - the software that
processes the key is inconsequential, the key is known, the "protection"
is meaningless.

http://blog.halon.org.uk/2007/05/02#hd-dvd-key-button

-- 


Neil Williams
=============
http://www.data-freedom.org/
http://www.nosoftwarepatents.com/
http://www.linux.codehelp.co.uk/


Attachment: signature.asc
Description: OpenPGP digital signature

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html