As I understand it, all DRM is doomed to fail as long as we have free access to the devices that do the decrypting.

In traditional cryptography, the sender encrypts using the receiver's public key, and the receiver uses their private key to decrypt.

An interceptor has only the encrypted message, and has very little to build on to infer the private key and decrypt the message. This is why systems like RSA and PGP encryption are considered reasonably safe.

The interceptor in the case of DRM by definition has much more. They've got the private key - although locked up on the device that decrypts, it's there in some form. They've also got the unencrypted message, making it easier to infer t...

As I understand it, all DRM is doomed to fail as long as we have free access to the devices that do the decrypting.

In traditional cryptography, the sender encrypts using the receiver's public key, and the receiver uses their private key to decrypt.

An interceptor has only the encrypted message, and has very little to build on to infer the private key and decrypt the message. This is why systems like RSA and PGP encryption are considered reasonably safe.

The interceptor in the case of DRM by definition has much more. They've got the private key - although locked up on the device that decrypts, it's there in some form. They've also got the unencrypted message, making it easier to infer the private key. So far, no DRM system has withstood a concerted effort to crack it, and I don't think one ever will.