Cryptographers to Hollywood: prepare to fail on DRM
No universal panacea here
RSA 2005 Movie industry representatives at RSA 2005 in San Francisco today called on the IT industry for help in thwarting illegal file sharing before the problem threatened its revenues. But they were told that they must recognise the limitations of digital rights management in their fight against digital piracy.
Speaking on the RSA conference panel Hollywood's Last Chance - Getting it Right on Digital Piracy, Carter Laren, security architect at Cryptographic Research, noted that cryptography is "good at some problems, such as transmitting data so it can't be eavesdropped or even authentication, but it can't solve the content protection problem. If people have legitimate access to content, then you can't stop them misusing it.
"Anyone designing content protection should design for failure and if it fails update it," he added.
John Worrall, marketing VP at RSA Security, agreed that content protection systems should be easy to upgrade. The entertainment industry must also learn from its previous mistakes in pushing the weak CSS copy-protection system for DVDs. "If content providers open up standards to good cryptographic review they will get a better system," he said, to applause from the RSA 2005 audience.
The entertainment industry also needs to be responsive to changing market conditions and consumer preferences, according to Worrall: "Don't lock down a set of content rules that look draconian five years from now. Be flexible enough to incorporate change in rules. If rules are too restrictive people will go to other channels, including pirated material."
Andy Sentos, president of engineering and technology at Fox Entertainment Group, argued that device manufacturers need to recognise the requirements of the movie industry in the design of their products. "There's a value in both content and functionality but there has to be a balance," he said. ®
Sponsored: Becoming a Pragmatic Security Leader