Great Idea for Copy Control just doesnt go far enough

Voidstar is on the right track here... PKI is great and secure... the real problem is that the local private key may not be important enough to the user to ensure they dont abuse it by sharing it... my point is, if someone can share their private key in a PKI scheme then its no different to sharing serial numbers... but that got me thinking... what if?
What if private keys were registered or linked to something important like your credit card number... the idea here is that if the cards reported stolen, then the users public key is no longer used for copy control via PKI... maybe an independent authentication service would work here... but also what happens when a user copies their key onto another machine and forgets to remove it after using their software.... its a bit of a conundrum but worth a brainstorming session at the Uniloc labs I bet...
clipped from www.voidstar.com
I'm not sure I should suggest this to anyone but I can't be the first to see
this. There is a way for DRM to work and to be effectively unbreakable. Use PKI.
But it relies on the customer having a unique key pair. The provider encrypts
the content using the customer's unique public key. The content is then
decrypted with the customer's secret key. This could be encapsulated in the
player software (iTunes say) and made pretty much transparent. On installation
the player software would report it's newly generated public key back to the
provider who would then use it when the provider created the file for download.
In addition the encoded file could be signed by the provider and the signature
checked against the Provider's public key.
Copyright 2008-2014 Ric Richardson. Powered by Blogger.