This is some pretty big news in the realm of consumer media. A hacker going by the name of Arnezami has retrieved keys critical to unlocking HD content. Using a USB sniffer, HD-DVD playback software WinDVD, an XBox 360 HD-DVD drive and a Mac he was able to find the Processing Key for the Advanced Access Content System or AACS.
AACS is the standard system used to protect both HD DVD and Blu-ray Discs. It was developed by a variety of entertainment and technology giants including Intel, Microsoft, Warner Brothers, and Sony.
The most effective attack on the system prior to the retrieval of the AACS Processing Key was performed by a hacker named Muslix64 who created a software utility that allowed anyone to decrypt AACS content and thereby copy select movies where the Title Key was known. A large number of Title Keys are known and are available on the website AACSKeys.com.
This past weekend’s new attack by Arnezami published the Processing Key for AACS on February 11th, 2007. The key can be used to decrypt any HD-DVD or BluRay disc that has been published through today. The hack requires the Volume ID for each release to be known. Interestingly, Volume Keys can be easily guessed at this point. The publishing companies have been using simple information such as the date and time of the release or text from the title of the film.
If publishing companies begin to randomize the Volume IDs for new HD-DVD and BluRay movies, it is believed that a brute-force attack against the memory of HD media playback software like WinDVD will allow all future HD media releases to be decrypted and copied with little effort.
This represents a striking blow against HD DRM, and has not been publicly commented on by the AACS Asssociation Management. The last public statement from the group was on January 24th, 2007 in response to Musilix64’s hack which stated:
AACS LA has confirmed that AACS Title Keys have appeared on public web sites without authorization. Such unauthorized disclosures indicate an attack on one or more players sold by AACS licensees. This development is limited to the compromise of specific implementations, and does not represent an attack on the AACS system itself, nor is it exclusive to any particular format. Instead it illustrates the need for all AACS licensees to follow the Compliance and Robustness Rules set forth in the AACS license agreements to help ensure that product implementations are not compromised. AACS LA employs both technical and legal measures to deal with attacks such as this one, and AACS LA is using all appropriate remedies at its disposal to address the attack.
It is important to point out that the AACS system has not been cracked, only bypassed because the keys were found. In my co-authored 2003 paper “An Analysis of DVD Encryption” I stated:
Hackers did not break the encryption scheme through conventional attacks–the player decryption keys were mishandled. If one were to lose their house keys with the address on the key chain, they could reasonably expect a rogue try and gain entry.
I suppose that history was doomed to repeat itself.
For some follow-up on this I’ve contacted the AACS press representative for comment on this most recent attack but have not heard back yet. In addition I’ve contacted Dan Wallach of Rice University, who wrote a paper I referenced in college. Dan’s paper was published in IEEE Computer in 2001 and is titled: “Copy Protection Technology is Doomed” and is worth a read for anyone interested in the protection of consumer media. I asked Dan’s thoughts on the retrieval of the AACS protection key, if I get some good commentary back I’ll post it up.
Update 2/15/07:
I heard back from Dan, he suggests that AACS is not exactly defeated yet, and that it should be looked into an additional content protection scheme known as SPDC. Here’s one of the questions I posed to him:
I wanted to see what your evaluation is of what appears to be the defeat of this protection system and also whether you think the implications of the protection defeat of another major media type means that media will be going DRM free in the future.
Dan’s response:
It’s a little early to declare it “defeated”. In particular, the AACS system has mechanisms to “revoke” specific players, which they may start using in an attempt to defeat these guys. Furthermore, if that fails, there’s a whole other mechanism called SPDC. You can read more about how SPDC and AACS work here:
http://securityevaluators.com/eval/spdc_aacs_2005.pdfLong term, I still stand by my original “doomed” paper. The question is how long it’s going to take to get there from here.
(On a side note, it’s not at all clear that the market cares. There are almost no titles available in either Blu-Ray or HD-DVD. Remember DVD-Audio and SACD? Both of those standards went nowhere and are now relegated to obscure things. It’s just not clear that people are willing to pay the premium cost of HD relative to the already quite good quality of regular DVDs.)
Dan
It is great that he stands by his doomed paper and his additional commentary about the state of HD media. Will consumers care about this new format? I’ll leave discussion of the infiltration of HD capable devices into consumer homes via XBOX 360 and Playstation 3 console’s to other blogs for now.
I looked at the SPDC paper and wonder myself whether once an existing ripped copy of HD video such as the infamous “serenity” has been re-burned to a blu-ray or hd-dvd disc without any provisions for copyright, how a player could refuse to play it. It seems that these devices must be made to comply with playing unprotected HD media, otherwise how will consumers store and playback video taken with HD camcorders in the future?
If the playback device can’t tell the difference between a HD video of a toddler’s birthday party and a ripped and stripped copy of King Kong, what can be done to stop it? It appears to me that at best media companies will be able to trace pirated content back to the device that actually ripped the media. This is a far cry from preventing illegal playback once the conent has found wide distribution on the internet.
Finally, It is worth noting that the CSS protection for DVDs was released around 1996 and not broken until October 1999–well after DVDs were prolific in the marketplace.
AACS protection for HD media began appearing in 2006 and has already had a severe attack in the first quarter of 2007. To me, this suggests that as consumers adopt the new format they will be walking into a situation where there are already