Microsoft DRM2 cracked, source code released

Robert Harley robert.harley@inria.fr
Sat, 27 Oct 2001 21:12:33 +0200 (MET DST)


Of course the DRM scheme isn't encryption, just obfuscation which just
happens to use some crypto bits and bobs.  Kind of like building a
chain by tying steel links together with bits of thread.  So it got
reverse-engineered, rather than actually having the crypto broken.

However one of the things found is a new Microsoft block cipher (used
for a MAC) dubbed MultiSwap.  Ten days later, and...

http://www.cs.berkeley.edu/~rtjohnso/multiswap/
==============================================================================
Cryptanalysis of Multiswap

Nikita Borisov, Monica Chew, Rob Johnson, and David Wagner
UC Berkeley

[...]

Conclusion

We have seen that MultiSwap can be broken with a 2^14 chosen-plaintext
attack or a 2^22.5 known-plaintext attack, requiring 2^25 work.  We
believe this shows that MultiSwap is not safe for any use.
==============================================================================


Seems like these big companies need laws like DMCA to "protect" their
content, because they're so fricking incompetent that they can't do it
properly by technical means.  Of course a contributory factor in some
cases is that they try to do impossible things like reliable watermarks etc.

Feh.

R
    .-.                                                               .-.
   /   \           .-.                                 .-.           /   \
  /     \         /   \       .-.     _     .-.       /   \         /     \
 /       \       /     \     /   \   / \   /   \     /     \       /       \
/         \     /       \   /     `-'   `-'     \   /       \     /         \
           \   /         `-'                     `-'         \   /
            `-'                                               `-'