AACS Hacker Replies to Controversial Press Comments
Responding to the various comments on his ambitious work, the
person behind the first software claimed to be capable of "defeating" the AACS content protection system of the HD DVD video discs strikes again.
Muslix64 posted last week on the Internet details of how he
unlocked the encryption, known as the Advanced Access Content
System, which prevents high-definition discs from illegal copying
by restricting which devices can play them. The hacker released a
software called "BackupHDDVD", which was reportedly capable of
retrieving the encryption keys used by AACS and thus, allowing
the decryption of the HD DVD movies. The program uses valid keys that have been extracted by an official HD DVD player.
The hacker added that the "BackupHDDVD" circumvention tool will work as long as insecure players exist. Muslix64 claims that these kind of players will always exist, allowing the extraction of valid volume (decryption) keys.
The first reactions from the various press sources indicated that the software would be useless unless it could bypass the key revocation system used in HD players. Of course this claim sounds reasonable, but Muslix64 has a different opinion.
"I did not break AACS, but I found a way to decrypt movies and I have bypassed all the revocation system," said Muslix64.
But what if those keys are revoked? Muslix64 said that "..volume key revocation" cannot be done. "If someone publishes only volume keys, there is no way to know from which player these keys where extracted, making the revocation system useless. They can do content revocation, but to revoke what? All movies before 2007?" Muslix64 added. "They can do player revocation, so I will just change the player I'm using," he added.
Muslix64 has currently managed to gain the attention of the online community. But he has also forced the companies behind the AACS encryption system to look into his hacking claim.
However, the AACS LA, the authority behind the HD DVD and Blu-ray system is expected to eventually get their hands on this program, look at the device keys and revoke them. "This would make that player unable to play new titles," said Muslix64. "But the author of this program can pre-extract a bunch of device keys from different players and release them, one at a time, when the previous one have been blacklisted," he added.
So according to Muslix64 the extraction of the volume key is enough to decrypt a protected movie. If this claim is correct, such keys could be massively extracted and circulated over the internet. Accessing the keys and making use of the decryption software that does online key recovery, would make disc backup an easy task for everyone.
But still, the hack can be blocked by adding different keys on every disk. Currently, the mastering houses use different keys for each movie title (title-specific security code). The Blu-Ray Association could partially have an answer to this, at least by preventing the replication of the Blu-Ray content on blank BD media. They have included the so-called "ROM-Mark" as an extra security feature on blank Blu-Ray discs. The ROM-Mark was designed to prevent the casual copying from BD-ROM to recordable media. It is an analog level mechanism for bit-by-bit copy protection. The ROM-Mark requires special machinery in the disc mastering process in order to be inserted on disc and thus, it could prevent malicious replications.
Reading these thoughts, someone might claim that the Blu-Ray camp could have some benefits over the rival HD DVD. We await the official response to these claims from Toshiba and Sony with great interest.
The hacker added that the "BackupHDDVD" circumvention tool will work as long as insecure players exist. Muslix64 claims that these kind of players will always exist, allowing the extraction of valid volume (decryption) keys.
The first reactions from the various press sources indicated that the software would be useless unless it could bypass the key revocation system used in HD players. Of course this claim sounds reasonable, but Muslix64 has a different opinion.
"I did not break AACS, but I found a way to decrypt movies and I have bypassed all the revocation system," said Muslix64.
But what if those keys are revoked? Muslix64 said that "..volume key revocation" cannot be done. "If someone publishes only volume keys, there is no way to know from which player these keys where extracted, making the revocation system useless. They can do content revocation, but to revoke what? All movies before 2007?" Muslix64 added. "They can do player revocation, so I will just change the player I'm using," he added.
Muslix64 has currently managed to gain the attention of the online community. But he has also forced the companies behind the AACS encryption system to look into his hacking claim.
However, the AACS LA, the authority behind the HD DVD and Blu-ray system is expected to eventually get their hands on this program, look at the device keys and revoke them. "This would make that player unable to play new titles," said Muslix64. "But the author of this program can pre-extract a bunch of device keys from different players and release them, one at a time, when the previous one have been blacklisted," he added.
So according to Muslix64 the extraction of the volume key is enough to decrypt a protected movie. If this claim is correct, such keys could be massively extracted and circulated over the internet. Accessing the keys and making use of the decryption software that does online key recovery, would make disc backup an easy task for everyone.
But still, the hack can be blocked by adding different keys on every disk. Currently, the mastering houses use different keys for each movie title (title-specific security code). The Blu-Ray Association could partially have an answer to this, at least by preventing the replication of the Blu-Ray content on blank BD media. They have included the so-called "ROM-Mark" as an extra security feature on blank Blu-Ray discs. The ROM-Mark was designed to prevent the casual copying from BD-ROM to recordable media. It is an analog level mechanism for bit-by-bit copy protection. The ROM-Mark requires special machinery in the disc mastering process in order to be inserted on disc and thus, it could prevent malicious replications.
Reading these thoughts, someone might claim that the Blu-Ray camp could have some benefits over the rival HD DVD. We await the official response to these claims from Toshiba and Sony with great interest.
