MaximumPC 2008 04

(Dariusz) #1

Hollywood math:


HDCP + AACS = PITA


2


r & d BREAKING DOWN TECH —PRESENT AND FUTURE


W


e’re philosophically opposed to any
technology that impairs our fair-use
rights, but the Hollywood studios insist on
infesting their products with annoyances
such as HDCP (High-bandwidth Digital
Content Protection) and AACS (Advanced
Access Content System) which do just that.
Since we also believe knowledge is power,
here’s a primer on how those systems work.
But before we dive into the details,
allow us to point out the absurdity of digi-
tal rights management—in all its many
forms. DRM treats those of us who pur-
chase movies and music, and then make
backup copies or transfer that content
to our PCs and digital media players,
as criminals. We are not pirates; we are
Hollywood’s best customers. And we
understand that purchasing content is a
prerequisite to claiming fair-use rights.
HDCP and AACS add to the complexi-
ty and the cost of every PC, every HD DVD
and Blu-ray drive and disc, every monitor,
every commercial operating system, most
every A/V receiver, and every HD television
on the market—and all it takes to defeat
this supposedly invincible technology
is an easily obtained program: SlySoft’s
AnyDVD HD ( http://www.slysoft.com ).

THE CRYPTONOMICON
AACS is a cryptographic system designed
to limit the output and recording of pro-
tected content to methods the content
owner approves of. Unlike the simpler CCS
(Content Scramble System) used to encrypt
commercial DVDs, AACS uses a set of keys
that can be tied to a specifi c player—much
like a serial number.
The AACS process results in a “play”
or “don’t play” validation. A Blu-ray or HD
DVD disc includes a Media Key Block that is
combined with a playback device’s unique
set of keys to generate a Media Key, which is
then combined with another piece from the
disc—the Volume ID key. (Only a commercial
burner can reach the hidden section of that
disc to write the Volume ID key, a technique

designed to thwart disc-to-disc copies on
consumer-grade equipment.) The combina-
tion of aforementioned keys culminates in
the Volume Unique Key. This key is used
to decrypt the disc’s title keys and then—
fi nally—the movie itself. At this point, the
content moves into the HDCP chain, where
it is re-encrypted until it reaches the display
(we’ll explain HDCP in more detail shortly).
If an AACS device is compromised,
newly pressed content can be published
with an updated Media Key Block that is
incompatible with the compromised device’s
keys. This, in essence, revokes the known
cracked keys and disables the associated
players. The new Media Key Block, however,
will continue to function with any older keys
that remain secure.

SECRET HANDSHAKES
HDCP is an interconnect system that works
hand-in-glove with AACS. Designed to
protect the transmission of high-bandwidth
audiovisual streams—at rates up to 5GB/s—
HDCP has been deployed in all three of the

major digital display interfaces: DVI, HDMI,
and DisplayPort. It is also supported in the
less-common UDI (Unifi ed Display Interface)
and GVIF (Gigabit Video Interface). Since
it must be everywhere in the display chain,
you’ll also fi nd HDCP in videocards, Blu-ray
and HDVD DVD drives, HDTVs, A/V receiv-
ers, and CableCARD digital CATV tuners.
The technology can also be incorporated
into repeaters (which can be essential for
long cable runs) and switches (crucial for
connecting more than one player to a dis-
play with a single digital-video input).
The HDCP authentication process is the
same for every content player: Software on
the PC or set-top box generates a playback
signal, which initiates a handshake process.
Using a temporary random number, unique
keys built into each HDCP transmit device
(e.g., a videocard) and receive device (e.g.,
an HDTV) are used to generate a checksum.
If the checksums are identical at each stage,
the content is green-lit for playback.
This process is repeated every few
seconds, and the signal is reauthenticated

BY ZACK STERN

68 MAXIMUMPC | APR 08 | http://www.maximumpc.com


White Paper: HD Video Encryption


A replicator encrypts content on a Blu-ray or HD DVD disc using a Media Key and Media Key Block provided by the AACS
Licensing Authority (AACS LA). The AACS LA provides the media player (either a stand-alone device or a PC application)
with a corresponding Device Key. The media player combines its Device Key with the Media Key Block to calculate the
Media Key. If the calculated Media Key matches the Media Key on the disc, the content can be decrypted.

HOW IT WORKS


PRERECORDED VIDEO

CONTENT OWNER

LICENSING ENTITY

LICENSED REPLICATOR

TITLE(S)

ENCRYPTED
TITLE(S) TITLE(S)
TITLE KEY(S) (AUTHORIZED
USE)
ENCRYPTED
TITLE KEY(S)

MEDIA KEY

MEDIA KEY

DEVICE KEY

DEVICE KEY

USAGE
RULES

USAGE
RULES

VOLUME
IDENTIFIER
VOLUME
IDENTIFIER

MKB MKB

MKB

USAGE
RULES

ENCRYPT DECRYPT

ENCRYPT DECRYPT

HASH

HASH

MEDIA KEY

HASH

HASH

PROCESS
MKB

TITLE(S)

TITLE KEY(S)

LICENSED PLAYER

Copy protecting a Blu-ray or HD DVD movie

Free download pdf