10 votes

One-Time Programs

6 comments

  1. [6]
    onyxleopard
    Link
    This is a paradigm I don't want anyone to develop further. I'd prefer if this research stayed well in the realm of theory. It would allow rent-seekers to convert all commercial software into a...

    This is a paradigm I don't want anyone to develop further. I'd prefer if this research stayed well in the realm of theory. It would allow rent-seekers to convert all commercial software into a token-operated paradigm. Want to start up Photoshop? Better buy some Adobe tokens (buy 40 minutes and get a free bonus 20 minutes)!

    I don't see how the potential capitalistic exploitation of such technology could possibly not overwhelm the potential "neat" use cases.

    7 votes
    1. [4]
      Greg
      Link Parent
      Would it be meaningfully different from what we have now, though? Photoshop already operates on that model, the tokens just happen to come in month-long blocks because Adobe have decided that's...

      Would it be meaningfully different from what we have now, though? Photoshop already operates on that model, the tokens just happen to come in month-long blocks because Adobe have decided that's what will maximise profit.

      I guess if we're assuming that piracy acts as a check on the pricing of near monopoly products like Photoshop it might be an issue if this acts as a better form of DRM, but beyond that it doesn't seem too risky to me.

      5 votes
      1. [3]
        onyxleopard
        Link Parent
        The problem with making this a hardware thing is that if I want to legitimately use Adobe products, all I presumably need is a payment method that Adobe accepts. In the dystopian future where OTP...

        The problem with making this a hardware thing is that if I want to legitimately use Adobe products, all I presumably need is a payment method that Adobe accepts. In the dystopian future where OTP hardware tokens are the norm, you now need to go get a specific piece of physical hardware that Adobe accepts. If I decide I want to use Photoshop, but I don't have a physical, unspent Adobe-blessed token lying around, what do I do? Where can I get one if I don't have one? Also, if Adobe (or equivalent) goes out of business and wants to give away their software, if it's tied up with this hardware nonsense, users may not be able to use it once the supply of tokens dries up, since presumably Adobe will be the one who generates new hardware tokens. There's a parallel to two-factor authentication here, which can be problematic if the authenticator service is slow or goes down entirely.

        Also, are these things reusable? What happens when your "one time memory" stick runs out? If it is re-programmable, seems like that's a big security hole. If it's not, that seems like a bunch of unnecessary e-waste. Dedicated, reusable security hardware is something I can get behind (like an off-board Yubikey, or on-board Apple Secure Enclave etc.). I was not aware anyone was thinking about consumable hardware, though, and I'm decidedly against it, now that I'm aware of it.

        5 votes
        1. [2]
          Greg
          Link Parent
          Might be that I've missed something, but my understanding was that the last two sections ("Counter lockboxes" and "This sure seems like a lot of lockboxes") were describing a feasible method of...

          Might be that I've missed something, but my understanding was that the last two sections ("Counter lockboxes" and "This sure seems like a lot of lockboxes") were describing a feasible method of token distribution that worked over the internet using existing cloud infrastructure, no need to ship hardware around the place or create waste after it's used. It's not fully usable here and now - as the author puts it: "Well, I said this paper is appearing in the Theory of cryptography conference, didn’t I?" - but it seems as though the limitation is just the APIs that Apple and Google currently expose rather than anything explicitly missing in the technical process.

          Also, if Adobe (or equivalent) goes out of business and wants to give away their software, if it's tied up with this hardware nonsense, users may not be able to use it once the supply of tokens dries up, since presumably Adobe will be the one who generates new hardware tokens. There's a parallel to two-factor authentication here, which can be problematic if the authenticator service is slow or goes down entirely.

          That's exactly the kind of thing I was thinking of when I said this is already happening! Adobe authentication has gone down and locked out millions of users in the past. Game companies have decommissioned auth servers making it impossible to re-install parts of already purchased, single player games.

          If they explicitly wanted to give away the software they could easily release an unobfuscated binary or (again, assuming my understanding of the article is correct) publicly release both keys for every input "wire" on a given version of the obfuscated binary. And if they wanted to do so with current software they could remove the online check-in DRM or allow a third party server to be set up - but the blocker we're seeing is the will to do so rather than the technical feasibility.

          All of that said, I want to underline that I'm absolutely not in favour of this tech. It seems like a stronger, more secure form of DRM, and I'm of the opinion that DRM is practically always a bad thing. I'm just saying that pretty much every potentially bad thing about this concept is already actively happening in the marketplace even without it existing.

          7 votes
          1. onyxleopard
            Link Parent
            Yes, but that seems like exactly the situation we have now where one would be reliant on OAuth or some other authentication method where you get a bearer token. The difference here being it is a...

            Might be that I've missed something, but my understanding was that the last two sections ("Counter lockboxes" and "This sure seems like a lot of lockboxes") were describing a feasible method of token distribution that worked over the internet using existing cloud infrastructure

            Yes, but that seems like exactly the situation we have now where one would be reliant on OAuth or some other authentication method where you get a bearer token. The difference here being it is a physical token instead of some bits. I don't see how a cloud provider having a physical token is really different, from an end user perspective. I'll admit that maybe there is some sort of advantage here that went over my head (or wasn't explained thoroughly enough). I agree with your conclusion that the world doesn't need more (or more effective) DRM.

    2. Octofox
      Link Parent
      There is no incentive to do this. Companies want you to use their product as much as possible because it means you will be getting value from it. Tokens would mean every time you want to use it,...

      There is no incentive to do this. Companies want you to use their product as much as possible because it means you will be getting value from it.

      Tokens would mean every time you want to use it, there is a strong resistance “oh idk if this job really needs photoshop, will use gimp and save my tokens for the big tasks”.

      Monthly subscriptions work perfect because while you are paying, you’ll want to do absolutely everything in their tool to get your moneys worth out of it

      2 votes