We have met the enemy and he is us: Why current DRM is doomed from birth

nodrm
Despite the best efforts of a lot of intelligent people in the content distribution business, pirates continue to break new DRM schemes. While the debate on whether DRM is a good thing or not is both heated and has been going on for a long time, there is a more fundamental problem with basically all DRM schemes, and it is this problem that allows them to be broken: DRM is based on the principle of encrypting the content to be protected in a way that ensures that only legitimate consumers may access it.

Cryptography

Cryptography is “…the practice and study of techniques for secure communication in the presence of third parties…” (Wikipedia). In common cryptography, there are three parties: A sender, a receiver and an adversary. The two first parties want to exchange a message without the third party. But in DRM, there are only two parties: A content rights owner and a content consumer. The first can be thought of as the sender in the chryptographic world. The rights owner wants to transmit a piece of content to a consumer in a way that ensures that noone but the consumer is able to access the content. The consumer can be thought of as the receiver. They want to access the content. Incidentally, most consumers don’t really care about keeping the content secret from everyone else.

By using cryptography to ensure that the content cannot be shared, the content rights owner must also make sure that the intended receiver can access the content. This means that the consumer must be given the means to decrypt the message. In some DRM schemes, this can be achieved through dedicated hardware, such as the Kindle ebook reader from Amazon, or even early DVD players (before the DRM on DVDs were broken, that is). In other shcemes, it is merely a piece of software, such as iTunes from Apple.

But we’re missing the adversary from the chryptographic world. And the problem is that the content consumer may act as the adversary. In the perfect world, the consumer would respect the rights of the content rights owner, but in reality, the consumer might want to share the content with a close friend (or everyone on the internet). This is what DRM is intented to prevent, but it is in this scenario that the critical flaw of DRM is revealed: The adversary is now the consumer, and consequently knows how to decrypt the message. And while this is certainly a flaw in the protocol, it is there by design.

Breaking DRM

Even in situations where a direct digital copy of the content isn’t immediately available, everyone (born before 2000) would still be able to make a copy of a piece of DRM-protected music throug the use of a casette tape recorder. This copy will not have the same digital quality as the source, and some would argue that the DRM isn’t really broken, as a perfect copy hasn’t been made, but the fact remains that the content sought to be copy-protected has been copied.

But even if we only consider perfect digital copies to be a breach of DRM, there is still a giant problem. Cryptography for the sake of keeping something secret relies on a shared secret between the sender and the receiver, which should be unavailable to the adversary. The moment the adversary obtains this shared secret, the message can no longer be considered secret either. Which means that the only task left for a pirate is to extract the shared secret, write a utility that can decrypt the content and save it in decrypted form, and the DRM scheme is oficially broken.

So the battle between DRM makers and pirates is really a matter of making it hard to extract the shared secret, but since it must still be possible for legitimate consumers to access the content, the DRM makers are severely limited in this endeavor.

The battle is lost in advance for software-based DRM, as the means of decrypting is readily available to the pirate. For hardware-based DRM, it is a bit harder for the pirate, but since there are a lot of people dedicated to break DRM, it is usually only a matter of time, and the fundamental problem remains that the content must be accessible by the consumer.

Online DRM

So far, the only approach to DRM that seems to be invulnerable is schemes based on the consumer being online while accessing the content, which will allow the content rights owner to tightly control access in real time. This has been implemented for computer games, but have other flaws. The content rights owners now force the consumer to be online in order to access the content. If transferred to music, this would mean that it would be impossible to load the music on a portable music player for a hiking trip to an area without internet coverage, which most hikers would probably not like. And even worse: It means that the content will become unavailable if the server that controls access should ever become offline for any reason.

Whether this is a problem depends entirely on the terms of the agreement between the rights owner and the consumer. As we currently understand a purchase, this is entirely unacceptable, but changes to property law and new kinds of rights transfer may change that. That is a task for the future, but right now, DRM, as we know it, is broken.

Advertisements