fyi: Content Protection for Recordable Media -- Jeffrey B. Lotspiech

Jeff.Hodges at Jeff.Hodges at
Tue Apr 3 20:00:10 EDT 2001

This talk is perhaps of interest. Note the second paragraph of the 
announcement below. The talk should be available live and archived for a while 


------- Forwarded Message

Date: Tue, 3 Apr 2001 15:15:39 -0700 (PDT)
Message-Id: <200104032215.PAA05459 at Sunburn.Stanford.EDU>
From: ee380 <ee380 at shasta.Stanford.EDU>
Reply-To: ee380 <ee380 at shasta.Stanford.EDU>
To: colloq at
Subject: Jeff Lotspiech, IBM * Content Protection * W4:15 Gates B03

	Computer Systems Laboratory Colloquium
           4:15PM, Wednesday, April 4, 2001
     NEC Auditorium, Gates Computer Science Building B03

Title:		Content Protection for Recordable Media

Speaker:	Jeffrey B. Lotspiech
		IBM Almaden Research Center

About the talk:

Content Protection for Recordable Media, or CPRM, is a technology
developed by IBM, Intel, Matsushita, and Toshiba to provide copy
protection on portable media. The technology allows a recorder to
record encrypted content, and a player to play it back, without
having any keys in common. The media acts as a passive oracle to
allow the different boxes to come to the same cryptographic key.
In contrast, previous copy protection technologies like the one
used for DVD video, depended on shared keys between the mastering
studio and the players, with predictable results. As soon as a
16-year-old in Norway found one shared key, the system was
effectively broken: there was no way to exclude the broken key
from the system without hurting too many innocent consumers. In
contrast, CPRM can survive thousands of independent attacks, and
exclude millions of circumvention devices, without any chance of
innocent consumers being affected.

Recently, articles have appeared in the press that CPRM will be
standardized on all PC hard drives. This has fueled Orwellian
mages of a Big Brother chip on your PC that will decide whether
your files are worthy of being copied. This is complete nonsense.
CPRM would never be standardized, nor have we ever proposed such
a thing. CPRM strength is portability and interchangeability and
it is mismatch for fixed hard drive. It is completely passive,
requires no hardware, and can only be exploited by newly-designed
applications. It cannot possibly affect existing files or
applications. How these myths came about, and persist, was an
object lesson for a media-naive researcher.

About the speaker:

Jeff Lotspiech is the manager of the Content Protection
Technology Group at the IBM Almaden Research Center. He has a BS
and MS in Computer Science from MIT, 1972. He has been working on
content protection technologies, both the Internet and media, for
the last six years.

Contact information:

Jeffrey B. Lotspiech
IBM Almaden Research Center DPEM/B3
650 Harry Road
San Jose, CA 95120
lotspiech at

| This message was sent via the Stanford Computer Science Department         |
| colloquium mailing list.  To be added to this list send an arbitrary       |
| message to colloq-subscribe at  To be removed from this list,|
| send a message to colloq-unsubscribe at For more information,|
| send an arbitrary message to colloq-request at For directions|
| to Stanford, check out                       |

------- End of Forwarded Message

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list