Monday, May 07, 2007

HOWTO own a 128-bit number!

Would you like to be the exclusive owner of a number, with the right to sue other people for knowing your number or telling other people what it is? Now you can.

Last week, the AACS consortium made history by issuing legal threats against the 1.8 million web-pages (and counting) that mentioned its secret code for preventing HD-DVD discs from being copied.

In effect, AACS-LA (the AACS Licensing Authority) claimed that it owned a randomly chosen 128-bit number, and that anyone who possessed or transmitted that number was breaking the law. Moreover, it claimed to own millions more random numbers -- claimed that the US Digital Millennium Copyright Act, which criminalises telling people how to break anti-copying software, gave it exclusive dominion over its many keys.

Why should the AACS get all the fun? Princeton prof Ed Felten has come up with a great way of giving out legally protected 128-bit numbers to anyone who wants them. If he gives out 2^128 of these, then all 128-bit numbers will be owned and no one will ever be able to use a 128-bit key without breaking the law. Good times.

Here’s how we do it. First, we generate a fresh pseudorandom integer, just for you. Then we use your integer to encrypt a copyrighted haiku, thereby transforming your integer into a circumvention device capable of decrypting the haiku without your permission. We then give you all of our rights to decrypt the haiku using your integer. The DMCA does the rest.

The haiku is copyright 2007 by Edward W. Felten:

We own integers, Says AACS LA. You can own one too.

My number is AF BC 9C 5D DA 6B 7A A8 7C 33 A1 2B E7 D3 EA 11. You aren't allowed to know this number. I also reloaded the page and generated a few more numbers. I'm not telling you what they are, but I'll be setting up a Google alert for them and if I catch you using them, I'm gonna take your house away. Link

See also: AACS vows to fight people who publish the key AACS DRM body censors Cory's class blog Digg users revolt over AACS key Secret AACS numbers, the photoshopped edition Side effect of AACS turmoil: MSM turns on Web 2.0? UPDATED Blu-Ray AND HD-DVD broken - processing keys extracted EFF explains the law on AACS keys More AACS spoofs: WOW protest, and PSA vid: Think Before You Post HD-DVD/Blu-Ray cracker muslix64 interviewed Web-page aggregates links to "forbidden numbers" used to break HD-DVD