Security
Both title keys and one of the keys used to decrypt them (known as Processing Keys in the AACS specifications) have been found by using debuggers to inspect the memory space of running HD DVD and Blu-ray player programs. Hackers also claim to have found Device Keys (used to calculate the Processing Key) and a Host Private Key (a key signed by the AACS LA used for hand-shaking between host and HD drive; required for reading the Volume ID). The first unprotected HD movies were available soon afterwards. The processing key was widely published on the Internet after it was found and the AACS LA sent multiple DMCA takedown notices in the aim of censoring it. Some sites that rely on user-submitted content, like Digg and Wikipedia, tried to remove any mentions of the key. The Digg administrators eventually gave up trying to censor submissions that contained the key.
The AACS key extractions highlight the inherent weakness in any DRM system that permit software players for PCs to be used for playback of content. No matter how many layers of encryption are employed, it does not offer any true protection, since the keys needed to obtain the unencrypted content stream must be available somewhere in memory for playback to be possible. The PC platform offers no way to prevent memory snooping attacks on such keys, since a PC configuration can always be emulated by a virtual machine, in theory without any running program or external system being able to detect the virtualization. The only way to wholly prevent attacks like this would require changes to the PC platform (see Trusted Computing) which could provide protection against such attacks. This would require that content distributors do not permit their content to be played on PCs without trusted computing technology, by not providing the companies making software players for non-trusted PCs with the needed encryption keys.
On 16 April 2007, the AACS consortium announced that it had expired certain encryption keys used by PC-based applications. Patches were available for WinDVD and PowerDVD which used new and uncompromised encryption keys. The old, compromised keys can still be used to decrypt old titles, but not newer releases as they will be encrypted with these new keys. All users of the affected players (even those considered "legitimate" by the AACS LA) are forced to upgrade or replace their player software in order to view new titles.
Despite all revocations, current titles can be decrypted using new MKB v7, v9 or v10 keys widely available in the Internet.
Besides spreading processing keys on the Internet, there have also been efforts to spread title keys on various sites. The AACS LA has sent DMCA takedown notices to such sites on at least one occasion. There is also commercial software (AnyDVD HD) that can circumvent the AACS protection. Apparently this program works even with movies released after the AACS LA expired the first batch of keys.
While great care has been taken with AACS to ensure that contents are encrypted right up to the display device, on the first versions of some Blu-ray and HD DVD software players a perfect copy of any still frame from a film could be made simply by utilizing the Print Screen function of the Windows operating system. This was broken in later versions.
Read more about this topic: Advanced Access Content System
Famous quotes containing the word security:
“... most Southerners of my parents era were raised to feel that it wasnt respectable to be rich. We felt that all patriotic Southerners had lost everything in defense of the South, and sufficient time hadnt elapsed for respectable rebuilding of financial security in a war- impoverished region.”
—Sarah Patton Boyle, U.S. civil rights activist and author. The Desegregated Heart, part 1, ch. 1 (1962)
“Happiness is peace after strife, the overcoming of difficulties, the feeling of security and well-being. The only really happy folk are married women and single men.”
—H.L. (Henry Lewis)
“We now in the United States have more security guards for the rich than we have police services for the poor districts. If youre looking for personal security, far better to move to the suburbs than to pay taxes in New York.”
—John Kenneth Galbraith (b. 1908)