eWeek: Cryptography Guru Paul Kocher Speaks Out

Ian Grigg iang at systemics.com
Fri May 2 09:46:26 EDT 2003 

"Ronald L. Rivest" wrote:
> 
> There is a _very_ relevant paper to this
> discussion by Boneh and Shaw:
>      http://crypto.stanford.edu/~dabo/abstracts/finger.html

Within the narrow domain of crypto, Boneh and
Shaw provide a framework for the fingerprinting
and collusion detection similar to that which
Paul Kocher claims.  (Whether he uses this method
was not clear to me.)

In practice, this paper raises - in my mind - more
questions than answers.  For example,

* the simplistic statement that an identified
  sharer is 'guilty' hides a wealth of detail.

* it seems way to complex to have any merit in
  court.  That is, I can't quite see how it would
  be possible to prove the results, given the
  math, to the satisfaction of a jury or judge.

  (E.g., Find an expert who will disagree, and
  battle it out.)

* it requires identity tracking.  Conceivably,
  that might work in a cooperative arrangement,
  such as commercial software, where companies
  hold still, but is unlikely to make much
  headway in retail movie sales.

* indeed, its complexity and its statistical
  approach raise weaknesses that could lead to
  ultimate downfall, by, for example, poisoning
  the market with false leads.

* Anonymous suggests (for his assumptions) that
  the system has practical limits in the order
  of 6 conspirers.  For a big budget movie, this
  won't be much of a barrier.  Indeed, one could
  imagine a future backup program (a la DeCSS)
  that would provide sharing facilities (a la
  Napster) that coordinates to improve the
  quality of the backup the more people join in
  the backup group.


I suppose coupled with DRM / Kocher's machine-
fingerprint, it could present a "plausible"
scenario for defendable sales of movies.  But,
I still can't see the final step assumed by
both these proposals as actually workable:

  identify the guilty machine and/or
  party, and then punish it/him.

What about theft?  What about borders?  What
about resale?  Cash?  Sharing and libraries?

-- 
iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list