1

C r y p t o g r a p h y R e s e a r c h , I n c : L e a d e r I n A d v a n c e d C r y p t o s y s t e m s ™ 1

Objectives for Securing Next-Generation Optical Discs

Cryptography Research, Inc.carter@cryptography.com

2

C r y p t o g r a p h y R e s e a r c h , I n c : L e a d e r I n A d v a n c e d C r y p t o s y s t e m s ™ 2

Guiding Principles

• Free market economics- Technical systems should enable market-

based solutions to security problems.

• Risk management- Piracy is a problem like credit card fraud,

and is neither feasible nor necessary to eliminate completely.

• Best practices- Systems need to provide the best range

of security features with the best possible assurances of security.

3

C r y p t o g r a p h y R e s e a r c h , I n c : L e a d e r I n A d v a n c e d C r y p t o s y s t e m s ™ 3

Principle: Free Market Economics• Studios and CE/IT companies should

maximize their profits by meeting customer demand while working to control piracy.

• Vendors that provide tools should compete to offer studios the best systems and security features.

• Security decisions should be based on cost/benefit analysis.

4

C r y p t o g r a p h y R e s e a r c h , I n c : L e a d e r I n A d v a n c e d C r y p t o s y s t e m s ™ 4

Principle: Risk Management

• Content owners should gain as much knowledge as possible about piracy events when they occur.

• For every attack, including unexpected attacks, content owners should have the broadest possible range of responses.

• Parties that incur risk should have the ability and responsibility for controlling it.

5

C r y p t o g r a p h y R e s e a r c h , I n c : L e a d e r I n A d v a n c e d C r y p t o s y s t e m s ™ 5

Principle: Best Practices

• Security should be based on strong cryptography and other well-understood primitives and techniques.

• Designs should be produced by experienced experts whose objective is to mitigate piracy.

• Parties that rely on the security should be able to evaluate and understand it.