[Posts in this series: 1, 2, 3, 4, 5, 6, 7.]
Let’s continue our discussion of AACS (the encryption scheme used on HD-DVD and Blu-Ray discs) and how it is starting to break down. In Monday’s post I gave some background on AACS and the newly released BackupHDDVD tool.
Recall that AACS decryption goes in two steps. First, the player device uses its device keys to decrypt the disc’s header, thereby getting a title key that is unique to the disc. Then the player uses the title key to decrypt the movie. The BackupHDDVD program does only the second step, so it is worthless unless you can somehow get the title key of the disc you want to access.
But decryption tools will evolve. Somebody will make an online database of title keys, and will modify BackupHDDVD so it automatically consults that database and gets the title keys it needs. This new decryption program will be able to decrypt any disc whose title key appears in the database. This decryption software and database don’t exist yet, but they seem inevitable.
It’s interesting to compare this system with an alternative that distributes decrypted movies. One difference is that a 16-byte title key is much smaller and easier to distribute than a huge movie file – even a dialup line will be able to download title keys in the blink of an eye. Of course, the title key is useful only if you have access to a disc (or a copy of the full encrypted contents of a disc), so some kinds of infringement will be easier with movie files than with title keys. Title keys will, however, be enough to enable in-home fair use.
But where will title keys come from? Probably they’ll be captured by reverse-engineering a player. Every player device, when decrypting a disc, must recover the title key and store it somewhere in the player’s memory, so that the title key can be used to decrypt the movie’s contents. A skilled engineer who works hard enough will be able to find and extract that stored title key. This will probably be easier to do for software players that run on PCs, and somewhat more difficult for dedicated player boxes; but in either case it will be possible. An engineer who extracts a key can upload it to the online database or share it with his friends.
There are economies of scale in key extraction. Having extracted the title keys for a few discs, the engineer will learn how and where the keys can be found and will have a much easier time extracting keys from other discs. Eventually, the extraction might be automated, so he need only insert a disc into his player and then activate a key-extractor device (or program) that he built.
Alternatively, he might try to extract the device keys from his player device. If he can do this, then he can write a software program that can do everything his player can do, including decrypting disc headers and extracting title keys from them. In other words, his program will be able to do both steps of AACS decryption.
Once he has device keys, he could in principle publish them (or equivalently publish a program containing them), thereby allowing everybody to extract title keys and decrypt discs. But if he does this, the AACS central authority will learn which device keys he is using and will blacklist those keys, which will prevent those keys from decrypting discs manufactured in the future. (The next post will discuss the blacklisting mechanism in more detail.)
So the engineer, if he is clever, won’t necessarily publish everything he knows. The more he publishes, the more he helps others freely use their discs – but the more he also helps the central authority fight back. This leads to an interesting strategic game between the engineer and the central authority, which we’ll explore in the next post.
Hey Ed,
I am a fan of you. Please help to hack these damn AACS !
It has nothing to do, wheter I can copy my HD-Discs.
It has something to do, WHO HAS GOT THE MIGHT and who ist stronger…
The Industry or the free people and coders….
AACS must be hacked, that the industrie sees, that nothing could be crypted and things that some people crypted can other decrypt
ok I got it now
This IBM research report “Renewable Traitor Tracing” explains it very well:
http://domino.watson.ibm.com/library/CyberDig.nsf/papers/7158161AA398C8CE8525722200570F64/$File/rj10394.pdf
(or Google for “sequence key block”) provides a good description.
So, omitting the keys for the variant sequences is obviously one way to remain anonymous. The sequences can’t be too long as there are 16 variations of each, so it might be annoying, but tolerable, to watch a movie with glitches.
But what would happen if the attacker got several different players together and picked selections of variant keys from each and published those with the title key. Potentially, it could point the traitor finger at some non-existent or (worse) an innocent player couldn’t it?
A neat touch is the fact that not only does the key vary for these sequences, but also the content itself. So its no good re-encrypting the sequences with the title key as the provenance can still be determined via the content variations. But the above multi-player hack could still be used in this case to confuse the tracing scheme.
Yes Gary it does nothing against someone who publishes only title keys.
But without the sequence keys, you will miss …. whole sequences of a movie DOH!
Please, Ed, gary and Alex, educate yourself about the sequence key mechanism.
As far as I can see, the sequence key mechanism does nothing against someone who just publishes title keys. Its meant to counter decryption oracles, by feeding it specially constructed Sequence Key Blocks and seeing if it can recover the title key or not. You probably need to do it about 8 times (256 columns in the SKB) to pinpoint the device.
From just the title key, you have no way of determining what player produced it, sequence keys or no sequence keys.
“Can you explain why you think the sequence key mechanism changes the basic analysis here? ”
I was gonna answer, but its late and I am pretty tired and I see that Alex Halderman wrote a whole entry in this blog about traitor tracing in AACS so the point is probably moot now.
Anyway, the whole story is a non-event at this point. BackupHDDVD is a non-event according to the Kerckhoffs’ principle (as much as releasing a BIGNUM library is relevant in claiming a crack of RSA). Muslix did not release a key and did not prove he could and still nobody proved to be able to do it. Many “hackers and journalist” reported that AACS would be over once title keys were out but missed out traitor tracing (as in sequence keys) completely.
And this blog as well as other “reputable” security researchers were in the pack of revomiting the same misinformed nonsence. I could have been disapointed if I had been the first time it happened here.
I haven’t read the spec, but I don’t remember seeing any discussion on the location and method of encoding the title key with the player key. The DeCSS system was not very good, and other than the algorithm I don’t know if the newer system as a whole is better. I know they might know how to avoid having one compromised key compromise the rest, but did they implement it right? Hubris and engineers complaining about the number of gates required to implement something often causes shortcuts. At some point enough effort might compromise a hardware based key or set of them sufficient that blacklisting them would effectively disable some model of non-upgradable player. It almost sounds like they have to go back to the old Divx (not the codec, the technology Circuit City was pushing) system where the machine would get the key over the phone. If they have to keep “updating” the player software there won’t be too much difference between the systems.
As far as copying for backup or network distribution, depending on which sectors are accessible and/or burnable, you can back up anything by just doing an image copy – encrypted keys, video, filesystem. If the HD-DVD is in a drive in another state, a virtual HD-DVD drive that pushes/pulls sectors over the network should allow it to play if there is enough bandwidth. Or a virtual drive that reads an image. Bits are Bits. There are also DRM-like mechanisms to prevent this but they are usually not as well protected.
I’d just like to point out that the blacklisting feature is only going to block legitimate users, i.e. people with a legitimate disc in their hands.
It only takes one successful decrypt of a particular title for that particular piece of film to be set free from it’s DRM restraints and distributed in a much more handy format than plastic coasters. The explosion in bandwidth avaliable to the average person hasn’t even begun yet, and downloading a 4 or 8 GB xvid or x264-compressed ripped movie is going to be just as easy and accessible as it is to get 800MB xvid/divx rips of non-hd content is today
I may have this all wrong, but it seems like HD discs must have some of their content post-burned after a glass mastering process. Wikipedia explains the Title Key is encrypted with a key derived from the device keys, the hash of the usage rules, and the media unique ID. The device keys and hash of the usages rules could be constant across every copy of a disc, but the media unique ID is unique to each copy of the disc.
The encryption process is therefore complimentary to the manufacturing process; most of the disc (the content portions) can be formed from a glass master, allowing cheap production. Each disc then has its header section containing the encrypted copies of the title key (rem: there is one copy for every set of device keys) encrypted with the unique media id included as part of the key. The burning can then be faster, and therefore cheaper. Presuming all this is correct, there is a fairly small set of title keys for each film release, as producing new glass masters would be an expensive proposition.
Of course, if the AACS groups was smart, they might’ve found a way to put all those $20 DVD profits to work and built manufacturing capability to make the title key unique on each copy of a disc, but I somehow doubt they deserve that much credit.
“Kid” titles (i.e. G-rated) rake in more cash for the studios than any other titles. Why would you expect these titles to show up last on HD? I’d expect them sooner rather than later.
For that matter, what does the current availability of these titles have to do with this debate? If the widespread adoption of HD-DVD or Blu-Ray is a question of “when” rather than “if”, the issue of legitimate backups needs to be raised now, not after legal precedent has decided that the issue doesn’t exit.
And, I think you underestimate kids. Their eyesight is better that ours; I’m sure they can tell the difference. Perhaps they just haven’t been brainwashed into thinking it’s the quality of the picture that matters rather than the content…
“Will they try to claim a copyright in a 16 byte number with no creativity in its generation? That will be tough.”
I believe that argument arose in the garage door opener case. My understanding is that the court found to the effect that the material that claims the copyright protection has to be a copyrightable creative work in its own right, and something separate from the DRM that is protecting it, and that you cannot extend copyright protection to something not entitled to it by controlling access with DRM and then claiming copyright infringement in the DRM. (or something along those lines),
Mark wrote:
Are there even any “kid” titles available on HD discs yet? Are you talking about Disney-type movies, or season sets of Blue’s Clues and Barney the purple dinosaur? SD-DVD will probably be the dominant format for this sort of content for some time to come. And most kids will hardly miss the extra definition.
Heck, forget kids: I don’t have kids and my DVDs end up getting scratches anyway, through plain lack of vigilance. And anyone who rents a DVD is familiar with the movie-ruining damage inflicted through normal use. Just one scratch is all it takes.
I wrote a blog post asking the stupifying question of whether DVDs are actually worse quality than VHS tapes. I argue they are for movie rentals at least, since a few dozen strangers watch the rental DVD before you do. This leads to skipped frames, freezing, jitters, and maybe the DVD player locking up right in the middle of the movie. That catastrophic quality loss trumps any improvement in resolution. I like the higher resolution, but I like a movie that plays from beginning to end a lot more.
Actually, this is a good example of threat management: you can prevent harm by security measures or by policy decisions that reduce the threat level. The motion picture industry could have reduced the threat level by choosing a format that isn’t so lousy and in need of backups.
Damn, John beat me to it!
The point still applies. The entire idea of what a “movie” is changes when you have kids. They want to see the same damn thing over and over and over, for weeks or months. By 2 years old, they learn how the DVD player works. (And don’t think you can put it high enough, they will learn how to combine an amazing variety of household items to build a makeshift ladder.) They will wake up at 6 AM and trash the place looking for their current favorite disc. They will put it in the DVD player every way they can until it works, and then find three other discs and scrape them against the wall and against each other while they watch the first one just because they like the sound it makes.
I make backups of every single one of my kids’ DVDs and keep the originals in a locked cabinet. Each copy tends to last about a month, maybe two. HD-DVD changes none of these facts. I won’t upgrade to HD-DVD until I can backup.
Hal wrote:
> There is not that much market for people to “back up†their HD-DVDs. These things take a very large amount of space that would have to just sit forever on a hard drive. And how often do you re-watch movies, anyway?
You obviously don’t have kids.
> This whole scenario doesn’t make much sense to me. There is not that much market for people
> to “back up†their HD-DVDs.
If you have small kids, you would want to copy the DVD to a hard drive for travel or to keep them away from little hands. I’ve wanted to take DVDs for my young son while travelling but couldn’t make copies of some of them without resorting to programs like what we are discussing.
What the attacker will likely do, however, is find a popular software aacs player which can be compromised (for example by running it in a debugger) and rather than publish its device keys (which will get them revoked) release the program which extracts the decrypted title key while the program is playing a movie. This would allow a fairly quick collection of a large database of title keys (it will be interesting to see how the attempts to get publishind title keys be ruled a DMCA violation go) and eventually they will find out which software player is instrumentable in this way.
However, they can’t revoke particular copies of the player, they would have to revoke the entire player, forcing all users of the software player to upgrade. (IIRC they can revoke both a specific unit as well as all copies of the particular model.) If it’s a popular player that will be a big step. And of course, why won’t the new version be instrumentable in a slightly different fashion.
In the end, the only defense is to have each DVD be custom burned, or at least have an important component of the DVD custom burned on each disk, so the only way to help people play it would be to publish this actual component, decrypted, which is a much clearer and more difficult copyright violation if it is large.
Will they try to claim a copyright in a 16 byte number with no creativity in its generation? That will be tough.
Steph,
Of course I have read the AACS specifications. This blog is not only for hardcore crypto/security people, so I am not explaining every aspect of how the system works, but only the basic outlines that people need to know to understand what is happening.
Can you explain why you think the sequence key mechanism changes the basic analysis here?
Just to be clear: Does each disc only have a single title key, or does it have multiple keys?
If multiple keys, then the publisher might be able to figure out which device is being cracked just by looking at which keys are being leaked.
This whole scenario doesn’t make much sense to me. There is not that much market for people to “back up” their HD-DVDs. These things take a very large amount of space that would have to just sit forever on a hard drive. And how often do you re-watch movies, anyway? I’ve got a shelf full of disks that I’ve watched only once, maybe half a dozen I’ve watched twice. I own all three LOTR trilogies for example and I’ve watched them once each. I’d hate to have them hogging tens of gigs of hard drive space when I’ll probably never use them.
The real market is for ripped and uploaded HD movie content. Yes, it takes a lot of space and a lot of bandwidth, but conditions are improving there. If we’re honest, we will admit that the main interest among users is being able to download HD movies and watch them once or twice, without paying for them.
For this to work, you have to be able to rip them. And that requires the stolen keys. But does it need a global database of title keys? I don’t think so, at least not one that is widely available to the public. Rather, the hacker underground will break software players, extract player keys, get the volume and title keys for the disks, decrypt the content, repackage it and upload it. The latter steps are much as is done today for DVDs.
In this scenario, the title key might only be used once, but the person who extracted it. He decrypts the content and then feeds it into the well documented distribution pyramid from which it will eventually make its way onto the public networks as packaged HD movies. This is where the real action and interest is. Individuals backing up their movies to magnetic disks is a very minor component at best of the whole picture.
Do hd-dvds and brdvds use glass masters like CDs and DVDs? IIRC the GM process let them stamp a whole disk at once, rather than writing the data by burning lineraly like CD/DVD burners do. Makes things much faster. But IIRC glass masters are expensive, so they are cheaper per disk than burning only if you are making a lot of copies (more than 500? 1000? 10000?).
For CDs or DVDs you would need a different glass master for each encryption & each one cuts into your profits.
Maybe they could put a different title on by leaving a small area blank on a stamped CD/DVD and burning it afterward, but encryption changes all the bits on the disk.
Would it be “game over” as soon as someone figures out a way to extract title keys from a single program or device?
Then all they have to do is keep that a secret, and start publishing title keys for every disc they can find. The MPAA will never be able to revoke the device key because they’ll have no idea which device has the vulnerability.
And so from that point forward, there will be no stopping the title key database — as soon as a movie is released, its title key will be added, and everyone in the world will be able to decrypt the disc.
The usual bullshit from this blog.
You should at least be smart enough to read the specs at AACSLA. Ever heard of sequence keys and their purpose?
>> But decryption tools will evolve.
>> Somebody will make an online database of title keys
The question is how many title keys do they use, are all disks of a title encrypted with the same title key. What is to prevent them from changing the key every day or every hour?
This would reduce the value of a database of title keys as one title could have thousands of keys.
Bill
I don’t understand paul’s post above. You can’t revoke a title key – the data on the disk is encrypted with it and if you know the title key you can decrypt that data on that disk.
You can of course issue *new* disks with a new title key, but that does nothing about the disks already out there. As Steve C says, even that does nothing for the studios, if it’s still possible to figure out the title key for the new disks – which it’s likely to be since the studios won’t know what was done to reveal the key.
There’s a good analogy that captures why it’s so close to impossible to do what the designers of AACS are trying to do. It’s as though someone is trying to keep a secret from someone who can read your thoughts. So long as the decryption is running on a general purpose computer, it is going to be possible for the engineer to tell what it is doing – and to find the place in memory it’s storing the title key.
Once the keys are extracted once and the ISO rewritten without the keys then the game is over. They can’t even tell what machine was used. They can revoke keys and piss off the public at large but it will in no way stop the theft. “Technology†simply can not be used to solve a “social” problem, but it merely exacerbates the problem. The more ‘pissed off’ people there are that can’t play their newly purchased video disk the more there are going to be people that WANT to crack the keys. Emotions will only run higher as the game progresses, and the outcome is inevitable. They can’t give everyone a key and a disk and then just ask them not to put the two together. If they give you what you need to play it then you can read it and rewrite it too. What are they thinking?
To my knowledge BackupHDDVD can work with Volume keys, as of version 1.0
Assuming that forced “push” redistribution of updated media is infeasible (and media issued in the past are relatively freely sharable), blacklisting device keys will only protect media issued in the future, and leave media issued so far exposed. So blacklisting will become increasingly ineffective.
The blacklisting defense, it seems, should apply at least partially to title keys as well as device keys. Depending on how the keyspace is laid out, manufacturers should be able to change the title key of any DVD whose name and key appear in the wild (or just change keys at regular intervals, since uniqueness of titles keys or the constancy of the title/tile key pair isn’t needed for any authorized playing of the DVD). Of course, if the keyspace is segregated in some way, wanton use of title keys could be a problem for manufacturers.
Of course, if the effect of defensive measures is mainly to make playback of DVDs sold after the creation date of any particular player more uncertain, it seems likely that the ultimate result will be some decrease in sales of DVDs and some slight uptick in the replacement rate for players (be they hardware or software).