Tweet
DEC. 28 | LIKE SCROOGE SHOWING up at a holiday party, reports surfaced over the Christmas break that AACS—the supposedly unbreakable encryption used on HD DVD and Blu-ray discs—had in fact been broken, by a hacker calling himself Muslix64.
According to the thread he or she started on the Doom9 Forum, Muslix was able to write a Java-based command-line utility for Windows called BackupHDDVD that allowed him to move unencrypted files containing Full Metal Jacket, Van Helsing, Tomb Raider and a handful of other movies to his hard drive.
Muslix even posted a video on YouTube, tauntingly titled “AACS is Unbreakable,” purportedly showing the utility in action.
He/She then released the source code for others to try, complete with FAQ.
The postings set off an orgy of gloating and wild speculation over how the studios might respond to the purported crack on hacker forums, including a prediction that HD DVD studios would now defect to Blu-ray, since the latter format includes the extra BD+ layer of copy-protection.
Yet like Dickens’ story of redemption, the studios have reason for cheer amid the grim holiday tidings.
For one thing, AACS wasn’t really cracked, as that term is commonly understood. Claims to the contrary are based on limited understanding of how AACS was designed to work.
For another, the compromise of a handful of titles now, while the number of discs and players in the market is still insignificant, provides a low-cost, low-risk opportunity to test how well AACS can respond to being compromised.
ACCORDING TO THE DOOM9 postings, Muslix64 was using the USB-enabled HD DVD add-on for his Xbox 360 to view HD DVD discs on his PC, using Cyberlink’s PowerDVD player software.
Using BackupHDDVD, he/she was apparently able to retrieve the title-specific decryption keys from the player memory during playback and then feed them into his/her own decryption procedure as outlined in the public documents available on the AACS Licensing Authority Web site.
The keys themselves apparently remain encrypted, however.
The basic approach with BackupHDDVD is not all that different from DeCSS, the first widely distributed crack of the CSS-encryption used on standard DVDs.
Like BackupHDDVD, DeCSS works by uncovering the decryption keys and using them to create unencrypted files on a hard drive.
In other important ways, however, there is a world of difference between the two scenarios, related to the designs of the respective encryption systems themselves.
CSS relied on a single set of keys that were used to encrypt every DVD and were provided to every DVD player, both hardware and software.
Once those keys were uncovered the first time, the system was fatally compromised. The same utility can be used to rip any DVD for all time.
AACS, on the other hand, was designed specifically to cope with the challenge presented by BackupHDDVD.
Both the PowerDVD player software and the titles themselves carry unique keys, which, if hacked, can be revoked. In principle, the damage can be limited to only those copies of Full Metal Jacket and the others currently in the market and to the PowerDVD player.
THE CHALLENGING PART will be getting the system to work as designed. And here, BackupHDDVD could be a blessing in disguise, giving the studios and software makers a chance to uncover potential bugs in the system while the numbers—and the potential damage—remain small.
First, additional forensic work will have to be done to determine exactly what BackupHDDVD does, to determine exactly where the compromise occurred.
If the player’s keys were indeed compromised, those keys could be “revoked,” meaning all discs pressed from that point forward would be unplayable in the cracked players.
That would have the effect of revoking the players of many people who had done nothing wrong, however, and would actually shield the guilty party or parties from having their players “updated” with new keys.
A more likely scenario is that the player’s existing keys would be revoked at the disc level. New copies of those titles would be replicated using new keys, so that the new discs would not play in the compromised players.
Updated keys for the PowerDVD player could then be distributed via new discs so that innocent owners of PowerDVD can continue to use their players.
How quickly that can all be made to happen, however, and with what degree of due-process for Cyberlink remain unclear. What procedures exist, exist only on paper and have never been tried in the real world.
But the studios might as well find out now, when the damage affects only a few catalog titles and a handful of players.
Comment