The recommendations come as opposition builds against a proposed bill that would force hardware makers to add anti-copying features to MP3 players and other devices. Although legislators and device makers both see a need for a hardware solution to securing digital content, the groups are at odds over the government's efforts to regulate such technology.
"Every single device has to be secure," said Darko Kirovski, a researcher studying watermarking and security technologies at Microsoft Research. "If one device is not secure, then this (digital content protection) doesn't work."
Kirovski's comments underscore the enormous difficulties facing the consumer electronics and entertainment industries, which have been struggling for years to agree on anti-piracy standards. Now a legislative backlash against hardware makers is gathering force that could further polarize the two sides.
On Thursday, Sen. Ernest "Fritz" Hollings, D-S.C.,the Consumer Broadband and Digital Television Promotion Act, which mandates that devices handling digital content have an industry standard means of protecting that content from piracy.
Previously known as the, the draft legislation has been widely criticized. Some technology companies say it meddles in the development of digital content distribution; civil-rights advocates contend it breaks the balance between the rights legally given to copyright holders and citizens' rights to information.
In a technical briefing earlier in the week, Kirovski wouldn't comment on such issues, but he spelled out what must be done to secure copyright holders' digital content in what he called "an idyllic world."
"In order to prevent piracy, you really cannot rely on the current hardware and software," he said. "You cannot build software which is trusted if your hardware is not trusted."
Kirovski outlined several research advances at Microsoft's March Silicon Valley Speaker Series on Wednesday. In an ideal world, where every device is secured for digital content, techniques could be used not only to protect content but also to embed digital fingerprints in a media file, helping copyright holders track the pirates who work together to break protected content.
Some manufacturers have already been pushing an industry standard for locking down content at the hardware level. The 4C Entity, made up of Intel, IBM, Toshiba and Matsushita Electric, has created technology called Content Protection for Recordable Media that would add a piracy-blocking mechanism directly into data storage drives. The National Committee on Information Technology Standardsdown the proposal last year.
Despite those efforts, the proposed anti-piracy bill has run into a wall of opposition from high-tech companies who contend it will hamper their copy-protection efforts by imposing inflexible requirements.
Bruce Schneier, chief technology officer for network protection firm Counterpane Internet Security, said the bill would essentially lock up all content in boxes controlled by copyright holders no matter what device or computer the information is on. The legislation would also have far-reaching effects on the software and computer industry, making almost all of today's software and hardware illegal and putting open-source software in a tight spot, he said.
"If the only thing you want to do in your life is protect the content of the record companies and Hollywood, then the (proposed bill) is a great thing," he said. "If you put everybody in a box and locked them all in, then you wouldn't have murder either...For the entertainment industry to put this forward just shows how much of the economy they are willing to sacrifice for their ends."
Some companies that make the current technology for protecting digital music, known as watermarking technology, also don't fully support the bill.
Matt Smith, vice president of product marketing for content-protection technology maker Liquid Audio, called Kirovski's research "interesting, but not really applicable" in a world where anyone can burn a CD into an MP3 file. He said a government-mandated solution is not desirable either.
"These things take time," he said. "It's an evolutionary process. It takes patience to allow the secure infrastructure to be built out."