Handout 5 Summary of This Handout: Stream Ciphers — RC4 — Linear Feedback Shift Registers — CSS — A5/1

Total Page:16

File Type:pdf, Size:1020Kb

Handout 5 Summary of This Handout: Stream Ciphers — RC4 — Linear Feedback Shift Registers — CSS — A5/1 06-20008 Cryptography The University of Birmingham Autumn Semester 2009 School of Computer Science Volker Sorge 30 October, 2009 Handout 5 Summary of this handout: Stream Ciphers — RC4 — Linear Feedback Shift Registers — CSS — A5/1 II.2 Stream Ciphers A stream cipher is a symmetric cipher that encrypts the plaintext units one at a time and that varies the transformation of successive units during the encryption. In practise, the units are typically single bits or bytes. In contrast to a block cipher, which encrypts one block and then starts over again, a stream cipher encrypts plaintext streams continuously and therefore needs to maintain an internal state in order to avoid obvious duplication of encryptions. The main difference between stream ciphers and block ciphers is that stream ciphers have to maintain an internal state, while block ciphers do not. Recall that we have already seen how block ciphers avoid duplication and can also be transformed into stream ciphers via modes of operation. Basic stream ciphers are similar to the OFB and CTR modes for block ciphers in that they produce a continuous keystream, which is used to encipher the plaintext. However, modern stream ciphers are computationally far more efficient and easier to implement in both hard- and software than block ciphers and are therefore preferred in applications where speed really matters, such as in real-time audio and video encryption. Before we look at the technical details how stream ciphers work, we recall the One Time Pad, which we have briefly discussed in Handout 1. The One Time Pad is essentially an unbreakable cipher that depends on the fact that the key 1. is as long as the message, and 2. is a truly random sequence of letters that cannot be guessed. Both points are reasons, why the One Time Pad is unpractical, since one has to constantly exchange new keys and getting true randomness in practise is difficult to achieve. 39. Pseudo-random Generators One idea to overcome this problem is to not use keys that are fully random but keys that only look random. A relatively short string which is truly random is used to compute a larger string which, while of course not being truly random, is as good as being random. This large string is called a pseudo-random string, and it can be used to replace the random key in the One Time Pad. Algorithms that produce pseudo-random strings are called pseudo-random generators (PRG). The short string that initialises a pseudo-random generator is called a seed and takes the place of the secret key for stream ciphers. In overview a stream cipher works like this: Plaintext ⊕ Ciphertext Key/Seed Pseudo-random Generator Keystream 40. Getting True Randomness The seed for a pseudo-random generator, and keys for symmetric encryption schemes in general, should be as random as possible. One uses for example physical random number generators to get good random- ness. There are some physical sources that are supposed to produce good randomness, but the resulting bits may have a certain bias or some correlation. One usually circumvents this by taking the xor of bits obtained from different such sources. Typical physical sources of randomness include: • Thermal noise in various electric circuits, 37 • Radioactive decay, • Atmospheric noise. In practise more easily available are events in computer hardware such as • measurement of times between user key-strokes, and • time needed to access different sectors on the hard-disk drive (the air turbulence caused by the spinning disk is supposed to be random). 41. Properties of Pseudo-random Generators One of the most important improper usages of stream ciphers is to re-use the seed and therefore the keystream twice, i.e., to encrypt several messages with the same key. Assume Eve intercepts two en- cryptions C1 = K⊕M1 and C2 = K⊕M2 for two messages M1, M2 with the same key K then she can simply compute the xor of C1 and C2 yielding: C1⊕C2 = (M1⊕K)⊕(M2⊕K)= M1⊕M2 Thus re-using the key leaks the xor of the actual plaintexts. Assuming that both messages contain ordi- nary text, Eve can use frequency analysis to recover the plaintexts M1 and M2 from M1⊕M2. Thus one has to be careful not to re-use a key when using stream ciphers. There are mainly two methods to realise this: • One might use successive parts of the output stream to encrypt successive messages. This requires synchronisation of the senders and the receivers streams by some means, usually by transmitting its position along with the encrypted message. This has disadvantages if the order of messages is changed in the transmission line or by the protocol. • One might create a new seed for each message that needs to be encrypted. Then one additionally transmits the seed along with the message. Of course, the seed has to be transmitted secretly somehow. This can be done by combining the stream cipher with a block cipher and to transmit the seed enciphered with the block cipher before the actual ciphertext encrypted with the stream cipher. As a consequence it is important that stream ciphers appear random — which can be checked with sta- tistical methods — and have a long period, i.e. can produce a large number of bits before the same keystream is produced again. Generally determining more of the sequence from a part should be compu- tationally infeasible. Ideally, even if one knows the first one billion bits of the keystream sequence, the probability of guessing the next bit correctly should be no better than one half. We now have a look at several pseudo-random generators. II.2.1 RC4 RC4 is a stream-cipher invented by Ron Rivest in 1987 for RSA Security, which also holds the trademark for it. The source code was originally not released to the public because it was a trade secret, but was posted to a newsgroup some time ago; thus people referred to this version as alleged RC4. Today it is known that alleged RC4 indeed equals RC4. While RC4 does not hold up to most randomness tests, it is considered secure from a practical point of view if one takes certain precautions. It works on bytes instead of bits and can therefore be very efficiently implemented. It is used in many protocols such as SSL/TLS and 802.11b WEP. RC4 consists of two phases: an initialisation phase, which can also be understood as a key schedule, and a keystream generation phase. Its main data structure is an array S of 256 bytes. The array is initialised to the identity before any output is generated, i.e., the first cell is initialised with 0, the second with 1 and so on. Then the cells are permuted using a swap operation that depends on the current state and the chosen key K. The key K can be of variable size between 5 and 16 bytes. This keylength is a constant that is exploited during the initialisation algorithm. In pseudo code, the RC4 initialisation phase works as follows: 38 for i := 0 to 255 do S[i] := i end j := 0 for i := 0 to 255 do j := (j + S[i]+K[i mod keylength]) mod 256 swap(S[i],S[j]) end After initialisation has been completed, the following procedure computes the pseudo-random sequence. For each output byte, new values of the variables i, j are calculated, the corresponding cells are swapped, and the content of a third cell is output. The algorithm looks as follows: i := 0 j := 0 while GeneratingOutput: i := (i + 1) mod 256 j := (j + S[i]) mod 256 swap(S[i],S[j]) output S[(S[i]+S[j]) mod 256] end In the while loop the first line makes sure every array element is used once after 256 iterations; the second line makes the output depend non-linearly on the array; the third line makes sure the array is evolved and modified as the iteration continues; and the fourth line makes sure the output sequence reveals little about the internal state of the array. The generated keystream is then xor-ed with the plaintext byte by byte. Here is a graphical depiction of RC4. Observe that the K here stands for the generated keystream byte and not for the initial key. Source: Wikipedia Nevertheless we can see that the first output byte depends on the content of 3 cells, only. This property can be used to launch attacks against the cipher, so one usually discards the first 256 bytes of output generated by this algorithm to prevent these attacks. II.2.2 LFSR Linear Feedback Shift Registers (LFSR) is a pseudo-random generator that is used as a building block for many modern stream ciphers. They can be very efficiently implemented in both hardware and software and constitute a very fast way to produce keystreams. They consist of a shift register, which is a group of single bit cells that shift by one cell at every clock cycle together with a linear function f, called the feedback function, that determines the new incoming bit for the shift register. The function f generally uses some of the bits in the shift register to determine the new input bit. For instance below we have a 4 bit shift register, and the feedback function uses bit 1 and 4 to compute the new input. 39 The process of taking certain bits, but not all bits from a shift register is referred to as tapping. Thus the feedback function f above taps the bits 1 and 4.
Recommended publications
  • The Digital Millennium Copyright Act Implicates the First Amendment in Universal City Studios, Inc. V. Reimerdes
    The Freedom to Link?: The Digital Millennium Copyright Act Implicates the First Amendment in Universal City Studios, Inc. v. Reimerdes David A. Petteys* TABLE OF CONTENTS I. IN TRO D U CTIO N .............................................................. 288 II. THE WEB, FREE EXPRESSION, COPYRIGHT, AND THE D M C A .............................................................................. 290 III. THE CASE: UNIVERSAL CITY STUDIOS, INC. V. R EIMERD ES ...................................................................... 293 A . Factual Background ................................................... 294 B . Findings of F act ......................................................... 297 C. The Court's Statutory and Constitutional Analysis ..... 298 1. Statutory A nalysis ................................................ 299 a. Section 1201(a)(1) ............................................ 299 b. Linking to Other Sites with DeCSS .................. 302 2. First Amendment Challenges ................................ 304 a. DMCA Prohibition Against Posting DeCSS .... 305 b. Prior R estraint ................................................ 307 c. The Prohibition on Linking ............................. 309 3. T he R em edy ........................................................ 312 IV . A N A LYSIS ......................................................................... 314 A. The Prohibition Against Posting DeCSS ..................... 314 1. F air U se ............................................................... 314 2. First Amendment
    [Show full text]
  • Digital Rights Management and the Process of Fair Use Timothy K
    University of Cincinnati College of Law University of Cincinnati College of Law Scholarship and Publications Faculty Articles and Other Publications Faculty Scholarship 1-1-2006 Digital Rights Management and the Process of Fair Use Timothy K. Armstrong University of Cincinnati College of Law Follow this and additional works at: http://scholarship.law.uc.edu/fac_pubs Part of the Intellectual Property Commons Recommended Citation Armstrong, Timothy K., "Digital Rights Management and the Process of Fair Use" (2006). Faculty Articles and Other Publications. Paper 146. http://scholarship.law.uc.edu/fac_pubs/146 This Article is brought to you for free and open access by the Faculty Scholarship at University of Cincinnati College of Law Scholarship and Publications. It has been accepted for inclusion in Faculty Articles and Other Publications by an authorized administrator of University of Cincinnati College of Law Scholarship and Publications. For more information, please contact [email protected]. Harvard Journal ofLaw & Technology Volume 20, Number 1 Fall 2006 DIGITAL RIGHTS MANAGEMENT AND THE PROCESS OF FAIR USE Timothy K. Armstrong* TABLE OF CONTENTS I. INTRODUCTION: LEGAL AND TECHNOLOGICAL PROTECTIONS FOR FAIR USE OF COPYRIGHTED WORKS ........................................ 50 II. COPYRIGHT LAW AND/OR DIGITAL RIGHTS MANAGEMENT .......... 56 A. Traditional Copyright: The Normative Baseline ........................ 56 B. Contemporary Copyright: DRM as a "Speedbump" to Slow Mass Infringement ..........................................................
    [Show full text]
  • United States District Court Southern District of New York Universal City Studios, Inc.; Paramount Pictures Corporation; Metro-G
    UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK UNIVERSAL CITY STUDIOS, INC.; PARAMOUNT ) 00 Civ. _____________ PICTURES CORPORATION; METRO-GOLDWYN- ) MAYER STUDIOS INC.; TRISTAR PICTURES, INC.; ) COLUMBIA PICTURES INDUSTRIES, INC.; TIME ) DECLARATION OF FRITZ ATTAWAY WARNER ENTERTAINMENT CO., L.P.; DISNEY ) IN SUPPORT OF PLAINTIFFS’ ENTERPRISES, INC.; AND TWENTIETH ) APPLICATION FOR A PRELIMINARY CENTURY FOX FILM CORPORATION; ) INJUNCTION ) Plaintiffs, ) ) v. ) ) SHAWN C. REIMERDES, ERIC CORLEY A/K/A ) “EMMANUEL GOLDSTEIN” AND ROMAN KAZAN, ) ) Defendants. ) ) ) ) ) ) ) ) 5169/53185-005 NYLIB1/1143931 v3 01/14/00 12:35 AM (10372) Fritz Attaway declares, under penalty of perjury, as follows: I make this declaration based upon my own personal knowledge and my familiarity with the matters recited herein and could and would testify under oath to same, should I be called as a witness before the Court. 1. I am a Senior Vice President for Government Relations and Washington General Counsel of the Motion Picture Association of America (“MPAA”), a not-for-profit trade association, incorporated in New York, representing the motion picture companies that are plaintiffs in this action. The MPAA, among other functions, combats motion picture piracy, an illegal underground industry that steals billions of dollars annually from the creative talents, tradespeople, producers, and copyright owners in the motion picture industry. The MPAA runs a comprehensive anti-piracy program that includes investigative, educational, legislative, and technical efforts in the United States and over 70 other countries. I was personally involved in the process that led to the passage of the Digital Millennium Copyright Act (“DMCA”) and in the negotiations that let to the adoption of the Contents Scramble System (“CSS”) as an industry- wide standard.
    [Show full text]
  • Dcryptology DVD Copy Protection
    Group 4 dCryptology DVD Copy Protection dCryptology DVD Copy Protection By Kasper Kristensen, 20072316 Asger Eriksen, 20073117 Mads Paulsen, 20072890 Page 1 of 22 Group 4 dCryptology DVD Copy Protection Content Scrambling System.................................................................................................................3 The keys............................................................................................................................................4 How it works....................................................................................................................................4 The decryption..................................................................................................................................4 LFSR.................................................................................................................................................5 How is the output used:....................................................................................................................5 Key decryption.................................................................................................................................7 Mutual Authentication:.....................................................................................................................8 CSS ATTACKS:..................................................................................................................................9 Mangling Process.............................................................................................................................9
    [Show full text]
  • UNITED STATES DISTRICT COURT SOUTHERN DISTRICT of NEW YORK ------X UNIVERSAL CITY STUDIOS, INC, Et Al
    UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - x UNIVERSAL CITY STUDIOS, INC, et al., Plaintiffs, -against- 00 Civ. 0277 (LAK) SHAWN C. REIMERDES, et al., Defendants. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - x OPINION Appearances: Leon P. Gold Jon A. Baumgarten Charles S. Sims Scott P. Cooper William M. Hart Michael M. Mervis Carla M. Miller PROSKAUER ROSE LLP Attorneys for Plaintiffs Martin Garbus George E. Singleton David Y. Atlas Edward Hernstadt FRANKFURT, GARBUS, KLEIN & SELZ, P.C. Attorneys for Defendants Contents I. The Genesis of the Controversy ..........................................3 A. The Vocabulary of this Case ........................................4 1. Computers and Operating Systems .............................4 2. Computer Code ...........................................5 3. The Internet and the World Wide Web ..........................7 4. Portable Storage Media ......................................9 5. The Technology Here at Issue ................................10 B. Parties .......................................................11 C. The Development of DVD and CSS .................................13 D. The Appearance of DeCSS ........................................17 E. The Distribution of DeCSS ........................................19 F. The Preliminary Injunction and Defendants’ Response ...................20 G. Effects on Plaintiffs ..............................................22 II. The
    [Show full text]
  • Avast Ye, Hollywood! Digital Motion Picture Piracy Comes of Age Christian John Pantages University of the Pacific, Mcgeorge School of Law
    Masthead Logo Global Business & Development Law Journal Volume 15 Issue 1 Symposium: Transnational Business Law in the Article 13 Twenty-First Century 1-1-2002 Avast Ye, Hollywood! Digital Motion Picture Piracy Comes of Age Christian John Pantages University of the Pacific, McGeorge School of Law Follow this and additional works at: https://scholarlycommons.pacific.edu/globe Part of the Law Commons Recommended Citation Christian J. Pantages, Avast Ye, Hollywood! Digital Motion Picture Piracy Comes of Age, 15 Transnat'l Law. 155 (2002). Available at: https://scholarlycommons.pacific.edu/globe/vol15/iss1/13 This Comments is brought to you for free and open access by the Journals and Law Reviews at Scholarly Commons. It has been accepted for inclusion in Global Business & Development Law Journal by an authorized editor of Scholarly Commons. For more information, please contact [email protected]. Avast Ye, Hollywood! Digital Motion Picture Piracy Comes of Age ChristianJohn Pantages* TABLE OF CONTENTS I. INTRODUCTION ............................................... 156 II. ARG! THE MOTION PICTURE INDUSTRY WALKS THE PLANK ............ 157 A. The History of the Internet ................................. 157 B. The Basics of DigitalPiracy ................................ 159 C. Movie PiracyBecomes Possible ............................. 162 1. DeCSS Cracks DVD Code .............................. 163 2. DivX Marks the Spot ................................... 164 Ill. AVAST! THE CROWN PATROLS THESE WATERS ...................... 168 A. United States
    [Show full text]
  • Is the Idea of Fair Digital Rights Management an Oxymoron? The
    Royal Holloway Series Fair Digital Rights Management Fair digital rights management HOME THE BIRTH OF DIGITAL RIGHTS Is the idea of fair digital rights management an oxymoron? The MANAGEMENT music industry has been turned upside down by the Internet, and UNFAIR DIGITAL RIGHTS has tried various methods to protect its profits. But many of its MANAGEMENT actions have been either futile or heavy-handed. Christian Bonnici A DIGITAL RIGHTS and Keith Martin examine various approaches to see which would DILEMMA be most effective and fair to all parties. A COMPROMISE SOLUTION CONCLUSION REFERENCES 1 Royal Holloway Series Fair Digital Rights Management HERE ARE FEW issues more provocative than that THE BIRTH OF DIGITAL of the management of rights to digital content. RIGHTS MANAGEMENT For some consumers the internet is seen as an We will frame our discussion around music HOME Tagent of digital freedom, facilitating free and media, which is one of the most high profile types THE BIRTH OF easy access to digital content such as music and of digital content. FIGURE 1 (page 3) shows a sim - DIGITAL RIGHTS films. For some digital content providers the ple timeline indicating some of the milestones in MANAGEMENT internet has been seen as a technology that has the development of music media. The publication UNFAIR damaged their ability to earn money from selling of the MP3 music compression algorithm in 1991 DIGITAL RIGHTS their products. represents the most significant development with MANAGEMENT The solution to providers’ fears has been vari - respect to digital rights to music media, and this A DIGITAL ous attempts to control access to digital content event is pivotal to our discussion.
    [Show full text]
  • Cryptography 2006 the Rise and Fall of Dvd Encryption
    CRYPTOGRAPHY 2006 THE RISE AND FALL OF DVD ENCRYPTION by Kim Rauff Schurmann, 20033033 ([email protected]) Claus Andersen, 20030583 ([email protected]) Jacob Styrup Bang 20030585 ([email protected]) Jakob Løvstad Funder 20033047 ([email protected]) Department of Computer Science - Daimi University of Aarhus December 15, 2006 Abstract The motivation for this project is to understand the failures made in the past in order to avoid repeating them. There were two main reasons for the fall of DVD encryption. One is a very insecure cryptosystem and the other is poor key management. Our focus will be on the former and we will spend a great deal of time describing and analyzing CSS, and the attacks on it. To fully understand and demonstrate those attacks, we will implement two of the attacks.. These are not the only two, but should be enough to understand the weaknesses in CSS This paper is for a large part based on information retrieved by reverse engineering CSS. This is because the DVD encryption was supposed to be a closed source encryption scheme. As a closure we will take a short look on the succeeding encryption schemes for HD-DVD and Blu-ray and what have been learned from the failures of CSS. Contents 1 About DVD 1 1.1 Securing the DVD .............................. 1 1.2 The hidden sector .............................. 2 2 Mutual authentication 3 3 Description of CSS 5 3.1 Keys ..................................... 5 3.2 Linear Feedback Shift Registers ...................... 7 3.2.1 LFSR-17 .............................. 7 3.2.2 LFSR-25 .............................
    [Show full text]
  • CALA 9.03.Qxd
    SEPTEMBER 12, 2003 CALIFORNIA LITIGATION ALERT The Litigation Practice of Sidley California Supreme Court Resolves Austin Brown & Wood Apparent Conflict Between Trade Secret Sidley Austin Brown & Wood's litigation Law And Free Speech Rights attorneys regularly defend and prosecute all types of litigation matters in trial and appel- In a recent case of first impression, the California Supreme Court unanimously held late courts, federal and state agencies, arbitra- a trial court's preliminary injunction preventing publication of a computer program tions, and mediations throughout the for descrambling digital video disks ("DVDs") did not violate the defendant's free country. The firm's litigation experience speech rights, assuming the trial court properly issued the injunction under includes representation of clients in a wide California's trade secret law. In its August 25, 2003 decision in DVD Copy Control variety of traditional and emerging industries Assoc., Inc.v.Andrew Bunner, No. S102588, the Court resolved an apparent conflict in virtually all subject areas. Our litigation between the free speech clauses of the United States and California Constitutions attorneys also have extensive experience and California's trade secret laws. This decision is significant because it is one of the with jury trials, including the effective and first in the country to deal with the interplay between the free speech rights of par- economical use of jury consultants, and with ties who wish to publish technical information on the Internet and the property the latest document imaging and computer rights of parties who claim trade secret ownership in such information. graphics technology,enabling them to handle efficiently and successfully even the largest Plaintiff DVD Copy Control Association is an entity formed by various motion pic- and most complex cases.
    [Show full text]
  • Reply Comments on Exemption to Prohibition on Circumvention
    Mister David O. Carson Office of the General Counsel Copyright Office GC/I&R Post Office Box 70400 Southwest Station Washington, DC 20024 SENT VIA E-MAIL: [email protected] RE: Section 1201(a)(1) of the Digital Millennium Copyright Act Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies Mister Carson: I am submitting these comments in response to the Notice of Inquiry announced in the Federal Register Volume 64, No. 102. My comments are, in part, a reply to the comments of Bernard Sporkin, representing TIME-WARNER, dated February 7, 2000, and available for download as file 043.pdf. I am a patent attorney. I use LINUX on my computers as a hobby. I own a TOSHIBA SD-M1201 SCSI-2 internal DVD-ROM Drive for my computer, in addition to a SONY DVD Player and several DVDs. I am submitting these comments on my own behalf as a LINUX user. Although my comments deal with LINUX, they also apply to other open source software such as FreeBSD, NetBSD, OpenBSD, etc. My primary concern is the way the Digital Video Disc ("DVD") Industry has used Section 1201 (a)(1) of the Digital Millennium Copyright Act ("DMCA") to discriminate against LINUX users such as myself. I am also concerned that the DVD Industry will continue this pattern of discrimination against LINUX users after Section 1201 (a)(1) of the DMCA goes into effect. Since the DVD Industry has discriminated, and continues to discriminate, against LINUX users such as myself, I feel that DVDs as a class of works should be exempt from the prohibition against circumvention of copyright protection systems for access control technologies.
    [Show full text]
  • The Motion Picture Association of America's Patrolling of Internet Piracy in America, 1996-2008 by Matthew A
    Content Control: The Motion Picture Association of America’s Patrolling of Internet Piracy in America, 1996-2008 By Matthew A. Cohen Submitted to the graduate degree program in Film and Media Studies and the Graduate Faculty of the University of Kansas in partial fulfillment of the requirements for the degree of Doctor of Philosophy. Chairperson: Tamara Falicov Catherine Preston Chuck Berg Robert Hurst Nancy Baym Kembrew McLeod Date Defended: August 25, 2011 Copyright 2011 Matthew A. Cohen ACCEPTANCE PAGE The Dissertation Committee for Matthew A. Cohen certifies that this is the approved version of the following dissertation: Content Control: The Motion Picture Association of America’s Patrolling of Internet Piracy in America, 1996-2008 Chairperson: Tamara Falicov Date approved: Abstract This historical and political economic investigation aims to illustrate the ways in which the Motion Picture Association of America radically revised their methods of patrolling and fighting film piracy from 1996-2008. Overall, entertainment companies discovered the World Wide Web to be a powerful distribution outlet for cultural works, but were suspicious that the Internet was a Wild West frontier requiring regulation. The entertainment industry’s guiding belief in regulation and strong protection were prompted by convictions that once the copyright industries lose control, companies quickly submerge like floundering ships. Guided by fears regarding film piracy, the MPAA instituted a sophisticated and seemingly impenetrable “trusted system” to secure its cultural products online by crafting relationships and interlinking the technological, legal, institutional, and rhetorical in order to carefully direct consumer activity according to particular agendas. The system created a scenario in which legislators and courts of law consented to play a supportive role with privately organized arrangements professing to serve the public interest, but the arrangements were not designed for those ends.
    [Show full text]
  • In the Marches, Candlelight Vigils, Street Protests, and Artistic Protests
    CODE IS SPEECH in the marches, candlelight vigils, street protests, and artistic protests (many of them articulated in legal terms), among a group of people who tend to shy away from such overt forms of traditional political action (Coleman 2004; Galloway 2004; Riemens 2003), led me to seriously reevaluate the deceptively simple claim: that code is speech. In other words, what existed tacitly became explicit after a set of exceptional arrests and lawsuits.5 POETICALLY PROTESTING THE DIGITAL MILLENNIUM COPYRIGHT ACT On October 6, 1999, a 16-year-old Norwegian programmer, Jon Johansen, used a mailing list to release a short, simple software program, DeCSS. Written by Johansen and two anonymous developers, DeCSS unlocks the Digital Rights Man- agement (DRM) on DVDs. Before DeCSS, only computers using either Microsoft’s Windows or Apple’s operating system could play DVDs; Johansen’s program al- lowed Linux users to unlock a DVD’s DRM to play movies on their computers. Released under a Free Software license, DeCSS soon was being downloaded from hundreds, possibly thousands, of Web sites. In the hacker public, the circulation of DeCSS would transform Johansen from an unknown geek into a famous “freedom fighter”; entertainment industry executives, however, would soon seek out his arrest. Although many geeks were gleefully using this technology to bypass a form of Digital Rights Management so they could watch DVDs on their Linux machines, various trade associations sought to ban the software because it made it easier to copy and thus pirate DVDs.6 In November 1999, soon after its initial spread, the DVD Copy Control Association and the Motion Picture Association of America (MPAA) sent cease-and-desist letters to more than fifty Web site owners and Internet service providers, requiring them to remove links to the DeCSS code for its alleged violation of trade secret and copyright law and, in the United States, the Digital Millennium Copyright Act (DMCA).
    [Show full text]