[Matroska-devel] Re: Compromise Encryption Proposal
ashwood at msn.com
Fri Jan 27 01:46:05 CET 2006
Before I begin I'm going to start to use the more precise auth^2 and auth^3
terminology. these refer to User Authentication and User Authorization in
the case of auth^2, and User Authentication, User Authorization and File
Authentication in the case of auth^3. As we are getting deeper into the
design more precision is becoming necessary.
----- Original Message -----
From: "Paul Bryson" <paul at msn.com>
Subject: [Matroska-devel] Re: Compromise Encryption Proposal
> I would strongly resist the temptation to change the basic structure of
> the how the format works right now. I'm guessing this would require a lot
> of rewrite of current parsers to support instead of possibly adding
> another layer for data to pass through.
I've agonized over this myself for quite some time, here's the conclusion I
reached. The current generation of parsers will still work with my proposal,
they just won't be able to play DRMd files, which is kind of the point of
DRM, so it doesn't really cange anything since everything I've requested is
optional, with implied values that make no difference (e.g. NullTransform).
Additionally, it is entirely possible that VLC and Haali's Splitter (as far
as I can tell the most popular splitters) will never support DRM, for any
number of reasons outside of technology. For this reason, it is my opinion
that it does not actually change anything for the current parsers, unless
they choose to support the auth^3 design.
> It sounds like the primary reason you want to add this is to prevent
> "hints" from being given away by context of the container.
Actually, most of this is to push from auth^2 required for DRM, to auth^3
required for auditing. This move is useful in only limited context, and is
why I implied, but did not state openly as I am now, that only very high end
splitters/decoders would need to be able to handle the reinterpretation
portion. Such splitters would only be necesary for audit viewing purposes,
and the ability to use a standard format with public analysis of the
security makes this far more usable. As a major side benefit, the auth^3
model can actually prevent attacks on the splitter, as the splitter can be
written to only process authenticated files.
More information about the Matroska-devel