If you build it, the hackers will come. And come out in droves they have, joining forces to continue assaulting the Advanced Access Content System. Doom9's forums have been abuzz with news about the ongoing attacks on the AACS copy protection of Blu-ray and HD DVD movie discs.
Hollywood is most certainly in a tizzy. After all, the first successful attack struck in less than a year. The AACS License Administrator, also known as AACS LA, carefully calls such efforts attacks, not hacks, since the security system itself hasn't been cracked. I'd posit that the current methods of attaining keys exploit one hole in the AACS ecosystem, effectively rendering AACS compromised.
Princeton computer science student Alex Halderman, who is observing the AACS situation with researcher Ed Felten, has gone so far as declaring that recent events mark "the first step in the meltdown of AACS."
The Background
To recap the short history of this saga: Back in December a hacker going by the moniker Muslix64 posted a workaround, first for HD DVD and then for Blu-ray, on a Doom9 forum. The workaround involved capturing the AACS title key on a movie disc by using a PC- or Xbox-based drive and a PC software player (the only two currently shipping: Corel's InterVideo WinDVD and CyberLink).
By late January the proverbial genie was out of the bottle: AACS title keys, which communicate with the hardware encryption key, appeared on the Web. And software that simplified decrypting title keys--AnyHDDVD and AnyBluray were the first--surfaced on the Web too.
AACS LA confirmed the attacks in February, but didn't announce its plan of action until the beginning of this month.
The organization's response was the expected one: It revoked the existing license keys for the affected players and introduced new keys. This is the process by which AACS can respond to an attack, often referred to in industry jargon as "self-healing."
The update affects only PC software players from CyberLink and Corel that can play Blu-ray and HD DVD movie content. Affected players must be updated before they can continue playing high-definition movie discs. Corel issued its update late last week, just before the AACS announcement.
No sooner had the virtual ink on the update announcement barely dried, though, when the Doom9 forum turned ablaze with information on circumventing the newly released Corel InterVideo WinDVD update.
The new workaround has been confirmed on Doom9 with a Toshiba-built Microsoft Xbox 360 HD DVD Player and the updated InterVideo WinDVD software. AACS LA spokesperson Michael Ayers says that the organization is aware of this latest breach and investigating, and that the group will take "appropriate action" based on the findings.
AACS Explained
"There are two steps to looking at this," says Ayers. "One is the revocation, or the device key expiration. A hardware player uses what we call unique keys, and each player has its own set. You can revoke those keys without revoking the key sets for any other player. We provide a file that's incorporated on new movie discs and new devices that includes what we call revocation information. This file has information about what keys are disabled, and is what's used to disable those compromised keys in players that have been attacked.
"When the consumer buys a disc that has this revocation information on it, it will disable the keys that have been targeted. So what we're looking for--as we and InterVideo have indicated--is that consumers update their player with new keys so there's no interruption in the playback of AACS-protected content."
Though the aforementioned process addresses device keys, the other component of the two-headed AACS monster is host revocation, which addresses the ability of a PC-based software player to play even the old titles.
The goal, says Ayers, is that "the consumer will have updated the player before we get to that point, and they'll be able to play all of the new titles coming out and all of the old titles with no interruption."
Hoarding copies of the older, compromised player versions won't do pirates any good, notes Ayers. "If they don't update it and they get a disc with new player revocation, that player will stop playing all AACS-protected content. Furthermore, as the two formats come out with more and more titles, the compromised titles represent a smaller and smaller part of the universe of titles. It is a silly exercise, then, to preserve your ability to access compromised titles when it comes down to a small subset of titles available," posits Ayers.
Prior to the first attacks, AACS had required software players to renew their keys annually. But in effect, the update procedure is actually an 18-month period. "The manufacturer is supposed to replace that key within a year, and then within 18 months, we'll expire that key," says Ayers of the process that gives manufacturers six months to complete the update.
Ad Choices