With AACS LA calling them attacks, the hacking attempts of the Advanced Access Content System copy protection of Blu-ray and HD DVD movie discs are continuing with great intense.
Navigating across the Doom9's forums will immediately bring you in front of various posts with news about the ongoing attacks on the AACS copy protection of Blu-ray and HD DVD movie discs.
The story began last year when members of the Doom9 forum posted a workaround for both HD DVD and Blu-ray that was supposed to capture the AACS title key on a movie disc by using a PC drive and a software HD player. The "hack" reportedly worked and it was the first successful attempt to decrypt premium video content stored on Blu-Ray and HD DVD media. The first AACS title keys, which communicate with the hardware encryption keys, appeared on the Web. In addition, some companies developed a special software that simplified decrypting title keys, such as the AnyHDDVD.
Both Cyberlink (PowerDVD) and Corel (Intervideo WinDVD) where blamed for the security hole, that allowed enthusiasts to extract essential decrypting keys and use them for playback of the movies.
AACS LA, the authority responsible for the AACS technology, confirmed the attacks last February. But the official reaction came in the beginning of this month, when AACS LA revoked the existing license keys for the affected players and introduced new keys. The new keys have been included in the new versions of the PC software players from CyberLink and Corel. Corel released the update some days ago and in fact described it as an essential update. Non-updated versions of the WinDVD software will not be able to play Blu-ray and HD DVD movie content. The situation should be the same for Cyberlink's PowerDVD software, although the company is expected to release an update later. AACS LA had initially scheduled the release of key updates every 18 months, and Cyberlink seems to follow this policy, at least for now. However, replacing the "hacked" keys does not provide any solution to piracy, since information on circumventing the newly released Corel InterVideo WinDVD update has been already appeared in the Doom9 forums.
But using PC software players was just the beginning. A new workaround recently surfaced online with a Toshiba-built Xbox 360 HD DVD Player and the updated InterVideo WinDVD software.
AACS LA spokesperson Michael Ayers says that the organization is aware of this latest breach and investigating.
"There are two steps to looking at this," said Ayers in a statement with PC World. "One is the revocation, or the device key expiration. A hardware player uses what we call unique keys, and each player has its own set. You can revoke those keys without revoking the key sets for any other player. We provide a file that's incorporated on new movie discs and new devices that includes what we call revocation information. This file has information about what keys are disabled, and is what's used to disable those compromised keys in players that have been attacked.
"When the consumer buys a disc that has this revocation information on it, it will disable the keys that have been targeted. So what we're looking for--as we and InterVideo have indicated--is that consumers update their player with new keys so there's no interruption in the playback of AACS-protected content."
AACS also includes the so-called "host revocation" feature,
which addresses the ability of a PC-based software player to play even the old titles.
The goal, says Ayers, is that "the consumer will have updated the player before we get to that point, and they'll be able to play all of the new titles coming out and all of the old titles with no interruption."
AACS could possibly proceed to revoke the keys for the Xbox 360 HD DVD player and other HD DVD-ROM and Blu-ray Disc burners already on the market. But such a move could be extremely dangerous for now, since it could arise serious complains from the early adopters of the Blu-Ray and HD DVD technologies. Some others could claim that by extending this "cat and dog" game between authorities and hackers for some period with the AACS LA to patch the ongoing security holes could accelerate the adoption of the new formats.