Home Up Security Talk Authentication Multiple Levels Distributed Access Truth As Risk Security Errors Security Competence Security & Privacy Hard Security Problems Cryptographic Memory Concepts of T&V

 

 

The Problem With Traditional Content Security Techniques

A Critical Discussion of Current Requirements of Content Control

 

By Roy D. Follendore III

Copyright © 2000  ALL RIGHTS RESERVED

July 18, 2000

 

"I am enthusiastic over humanity's extraordinary and sometimes very timely ingenuities. If you are in a shipwreck and all the lifeboats are gone, a piano top buoyant enough to keep you afloat may come along and make a fortuitous life preserver. That is not to say, though, that the best way to design a life preserver is in the form of a piano top. I think we are clinging to a great many piano tops in accepting yesterday's fortuitous contrivings as constituting the only means for solving a given problem." -- R. Buckminister Fuller  

 

Sometimes even what seems to be good decisions within a journey have a way of biting you in the butt.  A journey would seem impossible and the myriad of decisions necessary to go get a cold beverage from the couch in the living room to the refrigerator is loaded with potential decision points of error.  We do not think about all of these decisions because we set our minds on our objective and let our learned automatic responses handle the decision-making.  We decide most things in our lives this way.  We observe and make automatic decisions without comprehending the complexity of the process.  In fact it is most likely that the reason why we do this is to minimize complexity so that our minds can act on other things that are more important.  We simply grasp the fruit we desire ignoring the level of effort required to reach.  This certainly is easy and quite appropriate in picking fruit but most inappropriate when risk is involved.  

 

Introduction

 

As executives we have often found out the hard way that in order to make fully informed decisions that reduce the potential risk of error, it is not enough to know the answer; you must also know why something is so.  Academic and politically expedient explanations that simply pontificate answers without true technical solutions do an awful lot of harm and few people any good.  On the other hand, there are times when Academic and Political views align with what are possible. 

 

I found this to be particularly true of a 2000 report on “Intellectual Property in the Information Age” by the Computer Science and Telecommunications Board, of the Commission on Physical, Sciences, Mathematics and Applications, National Research Council.  In this author’s personal opinion much of this paper laid out the problems and requirement that are hand.  On the other hand, while I fully concur with most of their arguments, I take particular exception with the approach and the way the paper is crafted.  But this paper is not so much a literary criticism as much as a practical one.  It is as though one were given a map of a city without the concept of streets. 

 

Such boards do not wish to risk their credibility in speculation while not being beyond the act of pontification and this is the crux of the contradiction.  Progress does not occur until human beings take responsibility for success and failure.  Late coming strategists see the potential for immediate solutions and risk little, scientific visionaries see far away and risk much.  The resulting effect is that for political reasons board strategists usurp the flavor of a true solution for immediate gratification without ever really providing true comprehensive solutions.  They expect to simply engineer answers without exploring or inventing technical solutions and the problem is that nature and technology simply does not work that way. 

 

Within our society the discipline of academic engineering much about taking what is known and applying it in ways that are useful and practical.  On the other hand, academic science is about an exploration of knowledge within the Universe for understanding the interconnected reasons why things are the way that they are.  This is a classic case of practicality vs. understanding.      

 

I personally believe that scientists should not solely rely upon potential outcome and leave the means to outcome to academic engineers.  Such an approach eventually becomes magic because it leaves knowledge precisely in the same place it began before the journey of application.  Ideas can’t progress because functionality is process.  To understand only the outcome and not the process is to not really understand the outcome at all.  From 20,000 feet this is the reason I began this paper.  The subject is about the importance of understanding process in content control, but the issues are much more about why the Holy Grail of content control is part of the process analysis of understanding context.  The heart of the problem we now face is much like the concern Ernest Hemmingway once had when he said we must "Never confuse motion with action."

 

Approaching the Problem     

 

We had already been stalking the buck for two hours through a glade in the hills of Tennessee.  The morning fall air was crisp and our whispers produced small contrails of steam. I gently pulled back a small branch and there he was.  There was our ten-point trophy, ears alert, contently chewing; an easy kill shot.  John stepped forward with an arrow already in his bow and slightly leaned back to draw the bow.  The sharp snap of a twig broke the moment.  A flash of whit fur and our prey and it was as though our objective had never been there. That is the ultimate lesson of considering the goal as separate from environment.  Instantly what had seemed instinctively easy process only a moment ago was now an impossibly complex activity to comprehend.         

 

As you first begin to ponder on the process, the whole idea of producing a robust secure solution to protecting content and distributing it throughout the dissemination cycle may seem to be a contradiction in terms.  To distribute the ability to use is equivalent to relinquishing the right to control.  It would seem for instance, music must be heard with some degree of quality to be of value to the consumer just as information must be understood to be useful.  On the other hand, the owner ship of knowledge and familiarity is not the ownership of control.  The truth is that while some may venture to say that ownership of an idea is preposterous, the law essentially states that the right to own and control intellectual property is independent and entirely separate from the physical object being mass-produced and sold.  The technical ability to protect, control, and manage intellectual property has been limited by the complexity of the issue.

 

Legal Issues, Reduction, Complexity and Degrees of Freedom

 

In one respect, the idea of something that is to be intellectual property is that of a single thing.  In another it is many things.  The act of reducing the essence of something to an item of intellectual property would at first seem to reduce the complexity of technically protecting it but it actually increases the complexity because it increases the number of classed opportunities that are required for protection.  A song is one thing when it is sung but quite another when it is stored on analog cassette tape, another when it is stored digitally on a master, another when it is played on a radio station and another when it is used as background for a movie.  The content and distribution protection within each of these situations need to take into account in context and classic point to point security mechanisms do not have the degrees of freedom to do it.  Even when the content is protected, the environmental context changes.  For this reason: “No TPS (Technical Protection System) can protect perfectly. Technology changes rapidly, making previously secure systems progressively less secure.” [1]

 

 

Context Affects Meaning

 

The problem with the protection of content is also evident within the nature and context of the human organization.  “ Social environments also change, with the defeat of security systems attracting more (or less) interest in the population. Just as in physical security systems, there are inherent trade-offs between the engineering design and implementation quality of a system on the one hand and the cost of building and deploying it on the other.” [2]  Because traditional security systems are by their nature static; “The best that can be hoped for is steady improvement in TPS quality and affordability and keeping a step ahead of those bent on defeating the systems.”[3]  Traditional systems fail because they expect to only have to deal with the exterior of the content along a specified path.  The simple truth is that the content and the path are one in the same because it is the context of the path that changes the meaning of the content. 

 

The initial failure to understand that technical protection is a part of and should be influenced by contextual changes in the meaning of the content is a failure to understand that the media as well as the process being protected are both dynamic and interact.  The paradigm for content protection is wrong.  “While technical protection for intellectual property is often construed as protecting the rights of rights holders to collect revenue, this viewpoint is too narrow. Technical protection offers additional important services, including verifying the authenticity of information (i.e., indicating whether it comes from the source claimed and whether it has been altered--either inadvertently or fraudulently). Information consumers will find this capability useful for obvious reasons; publishers as well need authenticity controls to protect their brand quality.” [4]

 

 

Concerning Strength and Degrees of Freedom

 

An oak tree fails to survive strong storms that a willow easily weathers because the oak does not have the degrees of freedom to adapt to the changing environment that the willow possesses internally.  Static single dimensional approaches fail to recognize the fragile nature of their operational consistency.   If content protection is viewed as a single thing then it fails because it in another context it cannot be something.  “Again, as with any security system, there are different degrees of protection. Some TPSs are designed to keep honest people honest and provide only a modest level of enforcement; more ambitious uses seek to provide robust security against professional pirates.” [5]  Because context changes the meaning of content, the value of content also changes.  The operational engineering of content protection must keep in step with that value by being able to operate on content at multiple simultaneous levels. 

 

 

Traditional Static Failures

 

The static traditional approach insists that; “Whatever the approach, the intended result is the same--the content can be decrypted only on the machine for which the decryption has been authorized.”[6]  This clearly retains the sentiment of reducing the engineering the security of the content to that of the path.  Once said, the complaint then falls to the process;  “But even this protection alone is not sufficient, because it is not persistent. The consumer may legally purchase content and legally decrypt it on her machine, then (perhaps illegally) pass that on to others who may be able to use the information on their machines.”[7]  Albert Einstein has been quoted as saying "The problems that exist in the world today cannot be solved by the level of thinking that created them" 

 

 

Understanding Requirements and Delays

 

The existing static traditional approach to content control is not working.  Once again a heroic conclusion is made without understanding the process.   The fact is that from a scientific perspective multi-level security requires the use of both fine granularity, and compartmental cryptography.  Hundreds of millions of Federal Tax dollars have been dumped down the holes of research and development because this simple fact has not been recognized.  Problems with the recognition of the proper solution path to technical issues of complexity within bureaucratic organizations are not new. 

 

In the 1760s a Mr. John Harrison, an inventive carpenter by trade solved the longitude navigation problem by inventing and developing a new kind of marine clock that was accurate and adjusted itself for temperature and the pitch and roll of the ocean.  It took him years to build the clock by hand. The problem is that it then took 40 years, intervention by the King of England and an act of Parliament for his solution to be officially recognized.  During all this period of time, while the Longitude Board was ignoring John’s solution that was before them, the British Navy dumped vast amounts of resourced in money, the replacement of ships and seamen because ships and their cargo were constantly getting lost at sea.  The problem was not that the problem of longitude was not solved.  The problem was that the social interaction of decision-making was not.  Just as the longitude solvers of Harrison’s day were astrologers recognized and supported by the Longitude Board, cryptographers have primarily been mathematicians.  As Japanese philosopher Shigeo Shingo is quoted as saying "Unless you change direction, you will end up where you are headed."

 

Today’s Developmental Requirements for Content Control

 

Just as then, academics have some idea of the requirements for the solution because they understand the operational goal but are totally ignorant and unprepared to understand the means to achieve the goals.  “The final technological step is to reduce the potential opportunities for this to happen.  Two basic elements are required, (1) just-in-time and on-site encrypting and (2) close control of the input/output properties of the machine that will display the content.” [8]  [9]  At least this is for once a clear requirements statement that is useful, even though it came over eight years after the solution was discovered.  “Just-in-time and on-site encrypting” simply means “on the fly.”  “Close control of the input/output properties of the machine that will display the content” means multilevel cryptographic control of the environmental changes in context of use. 

 

What is particularly interesting is that the rest of the document in this section is essentially involved in further specifying the intention and requirements that already exist.  “Decrypting just in time and on site means that the content is not decrypted until just before it is used, no temporary copies are ever stored, and the information is decrypted as physically close to the usage site as possible. An encrypted file containing a music album, for instance, would not be entirely decrypted and then played, because a sophisticated programmer might find a way to capture the temporary decrypted file. Instead, the file is decrypted "on the fly" (i.e., as each digital sample is decrypted, it is sent to the sound-generation hardware), reducing the ease with which the decrypted sample can be captured. On-site decryption involves placing the decryption hardware and the sound-generation hardware as physically close as possible, minimizing the opportunity to capture the decrypted content as it passes from one place to another inside (or outside) the computer.” [10] This is a requirement that I have personally been advocating for years.

 

 “Some playback devices are difficult to place physically near the computer's decryption hardware. For example, digital camcorders, digital VCRs, digital video disk (DVD) movie players, and so on all require cables to connect them to the computer, which means wires for interconnection, and wires offer the possibility for wiretapping the signal. “[11] This particular difficulty is eliminated with true multilevel compartmented cryptographic control and the specific requirement is stated below.

 

“One approach to maintaining on-site decryption for peripheral devices is illustrated by the Digital Transmission Content Protection (DTCP) standard, an evolving standard developed through a collaboration of Hitachi, Intel, Matsushita, Sony, and Toshiba.  The computer and the peripheral need to communicate to establish that each is a device authorized to receive a decryption key. The key is then exchanged in a form that makes it difficult to intercept, and the content is transmitted over the wire in encrypted form. The peripheral device then does its own on-site decryption. This allows the computer and peripheral to share content yet provides a strong degree of protection while the information is in transit to the decryption site. “[12]

 

Conclusions and Answers

 

It is becoming obvious that the political academic community is finally beginning to reach the same conclusions that I developed within CryptoCommunications.  Washington, D.C. is a small town and the numbers of cryptographers are even smaller.  While this author maintains a certain pride in original authorship, I acknowledge the fact that because we live within a society; none of us operate within a vacuum.  Even if the National Research Council does not appreciate the fact that the means currently exists to solve the requirements they have set forth, it does not necessarily mean that they would be amenable to the solution if it were to be presented to them.  What has become obvious through the paper is that while they now appear to understand something of the problem they cannot proscribe the solution because they do not fully understand the means to the solution.  On the other side of the coin, it is possible that the National Research Council can be useful to successful implementation and integration because their requirements can be called upon as references with manufacturers.  Unfortunately there is an ocean of difference between recognition of a problem and recognition of practical success.           

 



[1] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council. Unless other stated, where quotes are made, I am specifically referring to this document.

[2] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[2]

[3] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[3]

[4] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[4]

[5] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[5]

[6] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[6]

[7] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[7]

[8] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[8]

[9] This author personally originated the concept of “just-in-time cryptography” about eight years from the date of this paper by applying the famous W Edwards Deming’s approach to marketing, manufacturing and warehousing to the application of cryptography.  Deming’s work was in turn based on the statistical work of Walter Shewhart.  At the time in the early 1990’s, this idea of productivity was completely alien to the cryptographic world.

[10] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[10]

[11] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[11]

[12] From Intellectual Property in the Information Age, by the Computer Science and Telecommunications Board, Commission on Physical, Sciences, Mathematics and Applications, National Research Council.[12]

 

 

.

Copyright (c) 2001-2007 RDFollendoreIII All Rights Reserved