![Page 1: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/1.jpg)
The Effect of Anti-Circumvention Provisions on Security
Jon Callas & Bruce Schneier
![Page 2: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/2.jpg)
The Effect of Anti-Circumvention Provisions on Security
Jon Callas & Bruce Schneier
![Page 3: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/3.jpg)
Introduction
• The Digital Millennium Copyright Act (DMCA)
• Anti-Circumvention
• Exception Provisions and Defenses
• These exceptions still leave a large problem
![Page 4: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/4.jpg)
Models of Security Design
• Two basic models– The “Closed” Model– The “Open” Model
![Page 5: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/5.jpg)
“Closed” Security Design
• The traditional way to do security
• Design done in a closed group
• Often has external review
• Reputable people claim it is the only way to get good security
![Page 6: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/6.jpg)
“Closed” Security Design
• Advantages– No Committee-itis– It’s harder to break a closed design– Targeted designs– Security through obscurity
![Page 7: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/7.jpg)
“Closed” Security Design
• Disadvantages– Team blindness– It’s easier to yield to temptation– Easier to design the wrong thing– Security through obscurity
![Page 8: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/8.jpg)
“Open” Security Design
• The newer way to do security, perhaps 30 years old
• Design done in public journals, mailing lists, or simply through available specs and designs
• Actually a principle of minimal secrets
![Page 9: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/9.jpg)
“Open” Security Design
• Advantages– More eyes find problems faster– There are fewer surprises
![Page 10: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/10.jpg)
“Open” Security Design
• Disadvantages– Some problems can’t be solved without
obscurity– How do you keep openness from being
design-by-committee– You have fewer advantages over your
opponent
![Page 11: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/11.jpg)
“Open” Security Design
• Open design is not open source
• Historically, all OSes were open-design
• Source-available, listing available, etc. are other options.
![Page 12: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/12.jpg)
It’s Not Either/Or
• Mixing open and closed elements of a design can give you better security than either alone.
• Open designs give armor
• Closed designs give camouflage
![Page 13: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/13.jpg)
Modern Civilian Cryptology
• Perhaps the greatest success of open design
• Question: Can secure systems be built if only keys are secret?
• Answer: Yes.
![Page 14: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/14.jpg)
Protecting Intellectual Property
• Protecting IP with technology is hard
• It may be impossible– An irony here is that the cryptographers
are the ones who are unhappy, the customers seem to like it just fine.
• If it’s impossible, then legal protections are the only available
![Page 15: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/15.jpg)
Backing up -- How Did We Get Here?
• IP exists to benefit society
• The goal of IP laws is that societal benefit
• It’s understandable that IP owners want more protection
• It’s understandable that “society” is skeptical of their desires and claims
![Page 16: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/16.jpg)
IP Threats
• “Digital technology is the universal solvent of intellectual property rights”– Tom Parmenter
• Digital copies are easy to make and easy to distribute, bandwidth willing
• How do the artists get paid?– technological fixes don’t exist, and aren’t
proven
![Page 17: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/17.jpg)
IP Skepticism
• IP owners have a history of wanting much, giving little, and being benefited by changes they claimed would crush them.– Videotapes– Audio Recordings– Clone computer peripherals– Parodies
![Page 18: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/18.jpg)
Anti-Circumvention
• The DMCA makes it a felony to circumvent “a technological measure that effectively controls access to a work protected under this title”
• Note that this does not affect things that can’t be copyrighted
• Penalties include fines and prison
![Page 19: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/19.jpg)
Anti-Circumvention Exceptions
• Encryption Research
• Computer Repair
• Reverse-engineering
• Security Testing
![Page 20: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/20.jpg)
So What’s the Problem?
• Exemptions are defenses, not limitations– You can still end up in court
• Exemptions are torturous– They require notification, asking
permission, etc.
![Page 21: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/21.jpg)
The Larger Issue
• An imbalance between the rights and and responsibilities of makers and breakers– There penalties for bad research– There is protection for bad security
• A lack of definition– “Effective” is never defined
![Page 22: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/22.jpg)
Does This Protect Snake-Oil?
• Case in point: the DVD break– Reverse-Engineered by a minor– Cryptanalytic break of 18 mins compute
time
• Why is this “effective”?– Sure, kids are smart– If it can be broken by a minor, it’s not
effective
![Page 23: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/23.jpg)
One Possible Fix
• Liabilities for bad security– Punish creating systems that can be
broken– Damages are probably enough– Few of us really want this, though
![Page 24: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/24.jpg)
The Larger Issue
• Making and breaking is a dance
• If breaking is punished, makers are lax
• If breaking is punished there is no incentive for quality
![Page 25: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/25.jpg)
Gresham’s Law of Security?
• There are advantages for a customer to use the least effective security– The real crooks may break the strong stuff– The weak stuff is cheaper– Extra opportunities for policing– More cases means more publicity
![Page 26: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/26.jpg)
Fixing the Problem
• It’s actually easy– Tie circumvention to infringement– Circumventing and infringing is an
aggravated form of infringement– Leave the research alone
• This restores the balance– Permits IP holders to have extra penalties– Creates an incentive for good security
![Page 27: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/27.jpg)
Questions?
![Page 28: The Effect of Anti-Circumvention Provisions on Security Jon Callas & Bruce Schneier](https://reader034.vdocuments.net/reader034/viewer/2022051316/5697bfd11a28abf838cab684/html5/thumbnails/28.jpg)