He who holds the digital keys to music today controls the music industry tomorrow. Record labels and music publishers are enabling a new class of competitors by allowing online music services to contr

Andrew Donoho is a Web Theorist for a major IT vendor. In his day job, he creates and evaluates strategic directions for software development. He has spent the last four years creating networking and security standards for the consumer electronics industry. In an earlier life, he was both a Macintosh software and hardware developer and won MacUser "Editor's Choice" awards for both his hardware and software product designs. He lives in Austin, Texas, is married and has one step-daugher. He can be reached at AugustCommentary@DDG.com.


He who holds the digital keys to music today controls the music industry tomorrow.

Record labels and music publishers are enabling a new class of competitors by allowing online music services to control the digital keys that unlock music files. These new competitors, with their customer relationships "locked in" via digital key management, are erecting substantial barriers to competition from other online services and their source of digital content, the music industry. Because these competitors now have, via the Internet, a unique relationship with music consumers, they have a very good chance to become "super distributors," verging on full-service labels/publishers.

Let's look at how key-based digital rights management (DRM) works, and then we can consider the consequences.

Digital rights management is just security, in digital form, with software programmed to enforce a rights management policy. Anything that controls the flow of information is digital security; it's used for private networks, passwords, firewalls, e-mail and other purposes. The rights management policy is a set of encryption rules set to achieve a goal, such as tracking users and enforcing how someone uses the software.

Key-based DRM uses digital keys, which are cryptographic codes, that unlock the security. A digital key is to encryption software what a door key is to the lock in a door.

In the case of DVDs, for example, the Content Scrambling System (CSS) is key-based DRM consisting of code, carved into silicon that's installed in DVD players, and digital keys encoded in authorized DVDs. The CSS DRM policy, programmed in the encryption software, allows only those DVDs containing the digital key of licensed companies to use the player. Everyone who holds a license must be able to keep the digital key secret forever in order to maintain control over the DVD content.

The policy also calls for "static authorization" so that tens of millions of DVD players could authorize hundreds of millions of DVDs to play without individual user authorization for each use. In other words, it's unlike "dynamic authorization" software used for credit card authorization or e-mail password verification where each user's key is authorized before use.

Security is all about minimizing the number of people who share a secret, the secret in this case being the digital key. Unfortunately for the DVD industry, one company didn't properly encrypt a digital game. A Norwegian teenager nicknamed DVD Jon figured out how to get the key and then developed the software to use that key on Linux. CSS was then broken -- not by cracking the encryption, but by compromising the keys.

When the CSS system fell to an accidentally-revealed key, one of the system's security weaknesses was revealed: the inability of many vendors to each hold its key secret forever. This is called a single point of failure; compromising a single secret key put the whole industry at risk for digital piracy.

A second weakness of the CSS DRM system is apparent when one realizes that it can be attacked in the privacy of a teenager's bedroom. Because the system included static authorization where no one was watching each use, the DVD industry did not notice DVD Jon's attempts to break the CSS with all of the computer industry's debugging and hacking tools. With his talents, ability to work in private and a compromised key, it was only a matter of time before CSS fell.

The DVD industry is not alone in succumbing to the false belief in "secure" encrypted systems. The GSM cell phone system has also suffered from similar attacks. In fact, almost every system that has deployed a key-based system that allows unaudited attacks has been broken, including ones with supposedly tamper-proof hardware.

Digital keys also control access to online music. After the DVD catastrophe, one wonders, "Is Apple's iTunes Music Store system safe from these kinds of system-wide failures?" Probably, yes.

First, unlike the DVD CSS, a single vendor (Apple) manages the key repository. Second, each track is encoded with the user's key that Apple holds. If there is a key compromise, it only affects that single customer's library of tracks. In other words, the harm due to a security failure is limited in scope and, hence, has a small financial consequence. Third, each track has user-specific information encoded in it. It's not watermarking, it's just simple tagging.

In other words, Apple practices, like any good security vendor, defense in depth. This is why Apple has not tried to change its encryption as a result of DVD Jon's latest two decryption successes. The cracks just do not have the industry-wide ramifications that cracking DVD CSS had. With dynamic authorization and a better DRM policy, the system is pragmatically secure against unaudited (private) hacking attempts.

Unlike the inability to respond to hacking a static authorization system in private that's carved into silicon already embedded in millions of machines and DVDs, Apple can see any attempts to hack into its dynamic authorization system and modify its security or policy within its system as it occurs or shut the system down, thus protecting copyrighted works.

What are the consequences of distributing music through key-based DRM controlled by companies such as Apple, Real Networks, Microsoft and MusicMatch? It changes the music industry business model by shifting control of the industry. Although their services simply look like music juke boxes, Apple and others are actually building systems for managing keys. Holding the keys that unlock the music and the players, Apple has parlayed its iTunes Music Store into a force that provides its iPod music players -- and the consumers who love them -- with a competitive advantage.

While this strategy is business-as-usual within the consumer electronics industry, Apple is also promoting its digital distribution channel directly to music creators. When you combine this with effective promotions focusing on building customer relationships, such as Apple's free track a week, Apple is in a strong position to become a music label/publisher/promoter. Because of Steve Jobs' history as CEO of Pixar, he also understands the exact relationship between content producers and distributors.

The labels and publishers of the industry need to understand what they have given away to the digital distribution channels -- the keys to their music kingdom.

Is there anything the music industry can do to reverse this error after taking a bite of the apple? Maybe. The industry can stop its DRM bickering and pick an industry-standard DRM that is made secure with multi-company, key-management protocols and active key-management systems owned and run by labels and publishers. If they don't, the owners of the key-management systems can control both sides of the gate.