|
Posted by Jeff Rife on 12/23/11 11:27
Howard (stile99@email.com) wrote in alt.video.dvd:
> Yes, no, 42,
> purple...whatever this week's code was, as far as your box was concerned,
> you already had it.
This would still work if public-key encryption hadn't been invented and
large bitsize keys hadn't become "cheap" (computationally) to encrypt with.
If the answer the player needs from the Internet is a key for the disc,
and that answer is encrypted with the player's public key, it would be
very hard to do anything without knowing the public key for the player.
In this case, that key would be treated as if it were a *private* key and
only available to the real server, and never sent out anywhere else...it
wouldn't even be inside the player!
Then, even if it did get out, somehow you'd have to guess the key that
unlocks the disc. It would be possible to get this from the server if
you had gotten your player's public key and snoop the packets. That's not
very good because you'd need somebody to "crack" each disc by doing this
snooping. And, knowing one public key does nothing for a global crack.
Of course, you'd also need to know the exact twist to the algorithm that
was used for encryption of the disc key. For that, you'd have to really
do some snooping of the silicon.
It's worse if the key to unlock the disc is some combination of a unique
player-generated "one time pad" and something on the disc. Then, there is
no way to permanently crack even *one* disc without completely breaking the
encryption system. If something like Blowfish, AEC, etc., is used, then
being able to watch BluRay HD discs without connecting to the "official"
server wouldn't be the important news.
The thing that makes a system that connects to an authorization server
not "breakable" is that the "breakable" systems are one-way data flow.
The best current example of a two-way system is digital cable, and even
though it is far less sophisticated than what I described, it still hasn't
been "broken" in any way that allows unlimited, undetected, continuous
viewing of unauthorized content.
That said, if a standalone player for HD discs of any kind requires an
Internet connection, sales of it will be stillborn. Some people might say
that TiVos have sold well despite requiring such an authorization system,
but the reality is that TiVo does the authorization *days* before you
want to do anything, not when you come home with "Harry Potter 6" on
new-release Tuesday and your kids are screaming to "put it in, put it in".
--
Jeff Rife | "Only one human captain has ever survived battle
| with a Minbari fleet...he is behind me...you are
| in front of me. If you value your lives,
| be somewhere else."
| -- Ambassador Delenn, 2260
[Back to original message]
|