Advanced Access Content System: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 12:47, 14 June 2017 edit Bender the Bot (talk \| contribs) Bots 1,064,377 edits m HTTP→HTTPS for Ars Technica, per BRFA 8 using AWB ← Previous edit		Latest revision as of 02:29, 17 August 2025 edit undo VulcanSphere (talk \| contribs) Extended confirmed users 22,178 edits Rescuing 10 sources and tagging 0 as dead.) #IABot (v2.0.9.5 Tag: IABotManagementConsole [1.3]
(47 intermediate revisions by 29 users not shown)
Line 1: {{short description\|Standard for content distribution and digital rights management}} ~~{{Use dmy dates\|date=April 2012}}~~ {{Update\|date=August 2017}} {{Use dmy dates\|date=February 2020}} [[Image:AACS dataflow.svg\|right\|thumb\|AACS decryption process]] ~~{{For\|other AACS uses\|AACS (disambiguation){{!}}AACS}}~~ The '''Advanced Access Content System''' ('''AACS''') is a [[standardization\|standard]] for [[content distribution]] and [[digital rights management]], intended to restrict access to and copying of the post-[[DVD]] generation of optical discs. The specification was publicly released in April 2005. ~~and the~~The standard has been adopted as the access restriction scheme for [[HD DVD]] and [[Blu-ray Disc]] (BD). It is developed by [[AACS LA\|AACS Licensing Administrator, LLC]] (AACS LA), a [[consortium]] that includes [[The Walt Disney Company\|Disney]], [[Intel]], [[Microsoft]], [[Panasonic Corporation\|Panasonic]], [[Warner Bros.]], [[IBM]], [[Toshiba]] and [[Sony]]. AACS has been operating under an "interim agreement" since the final specification (including provisions for [[#Managed Copy\|Managed Copy]]) has not yet been finalized. Since appearing in devices in 2006, several AACS decryption keys have been extracted from software players and published on the Internet, allowing decryption by unlicensed software. Line 8 ⟶ 10: ==System overview== ===Encryption=== AACS uses [[cryptography]] to control and restrict the use of digital media. It encrypts content under one or more ''title keys'' using the [[Advanced Encryption Standard]] (AES). Title keys are decrypted using ~~a combination of~~ a ''media key'' (encoded in a [[Media Key Block]]) and the ''Volume ID'' of the media (e.g., a physical serial number embedded on a pre-recorded disc). The principal difference between AACS and [[Content Scramble System\|CSS]], (the DRM system used on DVDs ~~and CDs,~~) lies in how the device decryption keys and codes are organized. Under CSS, all players of a given model group are provisioned with the same shared activated decryption key. Content is encrypted ~~under~~using ~~the~~a title-specific key, which is itself encrypted under each model's key. Thus, each disc contains a collection of several hundred encrypted keys, one for each licensed player model. In principle, this approach allows licensors to "revoke" a given player model (prevent it from playing back future content) by omitting to encrypt future title keys with the player model's key. In practice, however, revoking all players of a particular model is costly, as it causes many users to lose playback capability. Furthermore, the inclusion of a shared key across many players makes key compromise significantly more likely, as was demonstrated by a number of compromises in the mid-1990s. The approach of AACS provisions each individual player with a unique set of decryption keys which are used in a [[broadcast encryption]] scheme. This approach allows licensors to "revoke" individual players, or more specifically, the decryption keys associated with the player. Thus, if a given player's keys are compromised and published, the AACS LA can simply revoke those keys in future content, ~~making~~rendering the keys/ and the player useless for decrypting new titles. AACS also incorporates [[traitor tracing]] techniques. The standard allows for multiple versions of short sections of a movie to be encrypted with different keys, while a given player will only be able to decrypt one version of each section. The manufacturer embeds varying [[Digital watermarking\|digital watermarks]] (such as [[Cinavia]]) in these sections, and upon subsequent analysis of the pirated release the compromised keys can be identified and revoked (this feature is called ''Sequence keys'' in the AACS specifications).<ref>{{cite web \|author=Hongxia Jin \|author2=Jeffery Lotspiech \|author3-link=Nimrod Megiddo \|author3=Nimrod Megiddo \|title=Efficient Traitor Tracing \|date=4 October 2006 \|url=http://domino.watson.ibm.com/library/cyberdig.nsf/papers/AF8C220CB33D5A98852571FF00570458/$File/rj10390.pdf \|access-date=2 May 2007 \|archive-date=5 February 2012 \|archive-url=https://web.archive.org/web/20120205202528/http://domino.watson.ibm.com/library/cyberdig.nsf/papers/AF8C220CB33D5A98852571FF00570458/$File/rj10390.pdf \|url-status=live }}</ref><ref>{{cite web \|title = AACS Reference: Pre-recorded Video Book ~~\| author = Hongxia Jin \|author2=Jeffery Lotspiech \|author3=[[Nimrod Megiddo]]~~ \|url = http://www.aacsla.com/specifications/specs091/AACS_Spec_Prerecorded_0.91.pdf ~~\| title = Efficient Traitor Tracing~~ \|access-date =4 ~~October~~2 May ~~2006~~2007 \|archive-url = https://web.archive.org/web/20120206054929/http://www.aacsla.com/specifications/specs091/AACS_Spec_Prerecorded_0.91.pdf ~~\| url = http://domino.watson.ibm.com/library/cyberdig.nsf/papers/AF8C220CB33D5A98852571FF00570458/$File/rj10390.pdf~~ \|archive-date = 6 February 2012 ~~\| accessdate = 2007-05-02}}</ref>~~ \|url-status = dead ~~<ref>{{cite web~~ \|df = dmy-all ~~\| title = AACS Reference: Pre-recorded Video Book~~ }}</ref> ~~\| url = http://www.aacsla.com/specifications/specs091/AACS_Spec_Prerecorded_0.91.pdf~~ ~~\| accessdate = 2007-05-02 }}</ref>~~ === Volume IDs === Volume IDs are unique identifiers or [[serial ~~numbers~~number]]s that are stored on pre-recorded discs with special hardware. They cannot be duplicated on consumers' [[Blu-ray Disc recordable\|recordable media]]. The point of this is to prevent simple bit-by-bit copies, since the Volume ID is required (though not sufficient) for decoding content. On Blu-ray discs, the Volume ID is stored in the [[ROM-Mark\|BD-ROM Mark]].<ref>{{cite web \|url=http://www.aacsla.com/specifications/AACS_Spec_BD_Prerecorded_0.912.pdf \|title=Blu-ray Disc Pre-recorded Book \|~~accessdate~~access-date=1 November 2007~~-11-01~~ \|date=27 July 2006 \|publisher=AACS LA \|page=15\| ~~archiveurl~~\|archive-url= https://web.archive.org/web/20071106065659/http://www.aacsla.com/specifications/AACS_Spec_BD_Prerecorded_0.912.pdf \| ~~archivedate~~archive-date= 6 November 2007 <!\|url-~~-DASHBot-->\| deadurl~~status= nodead}}</ref> To read the Volume ID, a cryptographic [[Public key certificate\|certificate]] (the ''Private Host Key'') signed by the AACS LA is required. However, this has been circumvented by modifying the firmware of some HD DVD and Blu-ray drives.<ref name=arstechnica-aacs>{{cite web \|url = https://arstechnica.com/news.ars/post/20070415-aacs-cracks-cannot-be-revoked-says-hacker.html \|title = New AACS cracks cannot be revoked, says hacker. \|~~accessdate~~ access-date=4 May 2007~~-05-04~~ \|first =Jeremy ~~Jeremy~~ \|last =Reimer ~~Reimer~~ \|date=15 April 2007 \|work=Ars Technica \|work=Ars Technica\| archiveurl= https://web.archive.org/web/20070504171556/http://arstechnica.com/news.ars/post/20070415-aacs-cracks-cannot-be-revoked-says-hacker.html?\| archivedate= 4 May 2007 <!--DASHBot-->\| deadurl= no}}</ref><ref>{{cite web \|archive-url=https://web.archive.org/web/20070504171556/http://arstechnica.com/news.ars/post/20070415-aacs-cracks-cannot-be-revoked-says-hacker.html \|archive-date=4 May 2007 \|url-status=live }}</ref><ref>{{cite web \|url = http://forum.doom9.org/showthread.php?t=124294 \|title = Got VolumeID without AACS authentication :) \|~~accessdate~~access-date = 4 May 2007~~-05-04~~ \|author = Geremia \|date=4 April 2007 \|work=Doom9.net forums\| ~~archiveurl~~archive-url= https://web.archive.org/web/20070510023247/http://forum.doom9.org/showthread.php?t=124294\| ~~archivedate~~archive-date= 10 May 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref> === Decryption process === To view the movie, the player must first decrypt the content on the disc. The decryption process is somewhat convoluted. The disc contains 4 items—the Media Key Block (MKB), the Volume ID, the [[Encrypted Title Key\|Encrypted Title Keys]], and the Encrypted Content. The MKB is encrypted in a subset difference tree approach. Essentially, a set of keys are arranged in a tree such that any given key can be used to find every other key except its parent keys. This way, to revoke a given [[Device Keys\|device key]], the MKB needs only be encrypted with that device key's parent key. Once the MKB is decrypted, it provides the Media Key, or the ''km''. The ''km'' is combined with the Volume ID (which the program can only get by presenting a cryptographic certificate to the drive, as described above) in a one-way encryption scheme (AES-G) to produce the Volume Unique Key (''Kvu''). The ''Kvu'' is used to decrypt the encrypted title keys, and that is used to decrypt the encrypted content.<ref name=arstechnica-aacs /><ref>{{cite web \|url = http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf \|title = Advanced Access Content System (AACS): Introduction and Common Cryptographic Elements \|~~accessdate~~access-date = 5 June 2007~~-06-05~~ \|date = 17 February 2007 \|work = AACS Licensing Administrator~~}}</ref>~~ \|archive-url = https://web.archive.org/web/20070302130221/http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf \|archive-date = 2 March 2007 \|url-status = dead \|df = dmy-all }}</ref> === Analog Outputs === Line 61 ⟶ 71: {{main\|Image Constraint Token}} AACS-compliant players must follow guidelines pertaining to outputs over analog connections. This is set by a flag called the Image Constraint Token (ICT), which restricts the resolution for analog outputs to 960×540. Full 1920×1080 resolution is restricted to HDMI or DVI outputs that support [[High-bandwidth Digital Content Protection\|HDCP]]. The decision to set the flag to restrict output ("down-convert") is left to the content provider. Warner Pictures is a proponent of ICT, and it is expected that Paramount and Universal will implement down-conversion as well.<ref>{{cite web\|url=http://www.videobusiness.com/article/CA6300812.html \|title=High-def ~~‘down~~'down-~~converting’~~converting' forced \|~~accessdate~~access-date=4 May 2007~~-05-04~~ \|date=19 January 2006 \|last=Sweeting \|first=Paul \|work=Video Business \|~~deadurl~~url-status=~~yes~~dead \|~~archiveurl~~archive-url=https://web.archive.org/web/20060415091053/http://www.videobusiness.com/article/CA6300812.html \|~~archivedate~~archive-date=15 April 2006 }}</ref> AACS guidelines require that any title which implements the ICT must clearly state so on the packaging. The German magazine "Der Spiegel" has reported about an unofficial agreement between film studios and electronics manufacturers to not use ICT until 2010 – 2012.<ref>{{cite web \|url=https://arstechnica.com/news.ars/post/20060521-6880.html \|title=Hollywood reportedly in agreement to delay forced quality downgrades for Blu-ray, HD DVD \|~~accessdate~~access-date=2 November 2007~~-11-02~~ \|author =Ken Fisher \|date=21 May 2006 \|work=arstechnica.com\| ~~archiveurl~~archive-url= https://web.archive.org/web/20071105063630/http://arstechnica.com/news.ars/post/20060521-6880.html\| ~~archivedate~~archive-date= 5 November 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref> However, some titles have already been released that apply ICT.<ref>{{cite web \|url=http://www.areadvd.de/news/2007/200710/29102007001_RE_HD_DVD.shtml \|title=HD DVD: "Resident Evil" nur in Standard-Auflösung via YUV \|~~accessdate~~access-date=2 November 2007~~-11-02~~ \|date=29 October 2007 \|work=areadvd.de \|language=~~German~~de \|url-status=dead \|archive-url=https://web.archive.org/web/20080111071532/http://www.areadvd.de/news/2007/200710/29102007001_RE_HD_DVD.shtml \|archive-date=11 January 2008 }}</ref> === Audio watermarking === On 5 June 2009, the licensing agreements for AACS were finalized, which were updated to make [[Cinavia]] [[audio watermark]] detection on commercial Blu-ray disc players a requirement.<ref>{{Cite press release \| title = AACS Issues Final Agreements, Enabling Commercial Deployment of Cinavia in Blu-ray Disc Players \| publisher = Verance \| date = 5 June 2009 \| url = http://www.verance.com/AdminSavR/news/news_item.php?news_id=42 \| ~~accessdate~~access-date = 11 October 2010 \| archive-url = https://web.archive.org/web/20091009025320/http://www.verance.com/AdminSavR/news/news_item.php?news_id=42 \| archive-date = 9 October 2009 \| url-status = dead \| df = dmy-all }}</ref> ===Managed Copy=== Line 72 ⟶ 82: \| url = http://www.hp.com/hpinfo/newsroom/press/2005/051216a.html \| title =HP to Support HD-DVD High-definition DVD Format and Join HD-DVD Promotions Group \| ~~accessdate~~access-date = 3 May 2007~~-05-03~~ \| ~~archiveurl~~archive-url= https://web.archive.org/web/20070504142655/http://www.hp.com/hpinfo/newsroom/press/2005/051216a.html\| ~~archivedate~~archive-date= 4 May 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref> Possible scenarios for Managed Copy include (but are not limited to): Line 86 ⟶ 96: \| first = Melissa J. \| last = Perenson \| date = 21 March 2006 \| work = PC World}} \| access-date = 5 May 2007 ~~</ref> It was expected to be a part of the final AACS specification.<ref>{{Cite web~~ \| archive-date = 9 October 2007 \| archive-url = https://web.archive.org/web/20071009194043/http://www.pcworld.com/article/id,124961-page,1/article.html \| url-status = dead }}</ref> It was expected to be a part of the final AACS specification.<ref>{{Cite web \|url= https://arstechnica.com/gadgets/news/2007/05/hd-dvd-blu-ray-managed-copy-coming-later-this-year.ars \|title=HD DVD, Blu-ray "Managed Copy" coming later this year \|work=arstechnica.com \|date=24 May 2007 ~~\|accessdate=29 June 2010~~ \|access-date=29 June 2010 \| archiveurl= https://web.archive.org/web/20100526040122/http://arstechnica.com/gadgets/news/2007/05/hd-dvd-blu-ray-managed-copy-coming-later-this-year.ars\| archivedate= 26 May 2010 <!--DASHBot-->\| deadurl= no}}</ref> \| archive-url= https://web.archive.org/web/20100526040122/http://arstechnica.com/gadgets/news/2007/05/hd-dvd-blu-ray-managed-copy-coming-later-this-year.ars\| archive-date= 26 May 2010 \| url-status= live}}</ref> In June 2009, the final AACS agreements were ratified and posted online, and include information on the Managed Copy aspects of AACS. Line 99 ⟶ 114: == History == On 24 February 2001, Dalit Naor, Moni Naor and Jeff Lotspiech published a paper entitled "Revocation and Tracing Schemes for Stateless Receivers", where they described a [[broadcast encryption]] scheme using a construct called Naor-Naor-Lotspiech subset-difference trees. That paper laid the theoretical foundations of AACS.<ref>{{cite web \|url=http://www.playfuls.com/news_05648_HD_DVDs_AACS_Protection_Bypassed_In_Only_8_Days.html \|title=HD DVD's AACS Protection Bypassed. In Only 8 Days?! \|~~accessdate=2007-10~~access-date=25 October 2007 \|author =Dan Nicolae Alexa \|date=28 December 2006 \|work=playfuls.com \|url-status=dead \|archive-url=https://web.archive.org/web/20080210005229/http://www.playfuls.com/news_05648_HD_DVDs_AACS_Protection_Bypassed_In_Only_8_Days.html \|archive-date=10 February 2008 }}</ref> The AACS LA consortium was founded in 2004.<ref>{{cite ~~news~~magazine \|url=http://archive.wired.com/entertainment/music/news/2004/07/64212 \|title=Can Odd Alliance Beat Pirates? \|~~accessdate=2015-01~~access-date=20 January 2015 \|author =Katie Dean \|date=15 July 2004 \|~~work~~magazine=Wired \|archive-date=20 January 2015 \|archive-url=https://web.archive.org/web/20150120183638/http://archive.wired.com/entertainment/music/news/2004/07/64212 \|url-status=live }}</ref> With [[DeCSS]] in hindsight, the ''[[IEEE Spectrum]]'' magazine's readers voted AACS to be one of the technologies most likely to fail in the January 2005 issue.<ref>{{cite web \| url = http://www.spectrum.ieee.org/jan05/2703 \| title = Loser: DVD Copy Protection, Take 2 \|access-date ~~accessdate~~ = 4 May 2007~~-05-04~~ \| author = Tekla S. Perry \|date = January 2007 \|work = Spectrum Online ~~\| work = Spectrum Online\| archiveurl= https://web.archive.org/web/20070608074811/http://spectrum.ieee.org/jan05/2703\| archivedate= 8 June 2007 <!--DASHBot-->\| deadurl= no}}</ref>~~ \|archive-url = https://web.archive.org/web/20070608074811/http://spectrum.ieee.org/jan05/2703 The final AACS standard was delayed,<ref>{{cite web \|url=http://www.pcworld.com/article/id,123924-page,1/article.html \|title=Toshiba Hints at HD-DVD Delay \|accessdate=2007-10-19 \|author =Martyn Williams \|date=14 December 2005 \|work=pcworld.com\| archiveurl= https://web.archive.org/web/20071005171717/http://www.pcworld.com/article/id,123924-page,1/article.html\| archivedate= 5 October 2007 <!--DASHBot-->\| deadurl= no}}</ref> and then delayed again when an important member of the Blu-ray group voiced concerns.<ref>{{cite web \|url=http://www.heise.de/english/newsticker/news/69559 \|title=AACS copy protection for Blu-ray disc and HD DVD delayed again \|accessdate=2007-10-19 \|author =Craig Morris \|date=14 February 2006 \|work=heise.de \| archiveurl= https://web.archive.org/web/20071102222432/http://www.heise.de/english/newsticker/news/69559\| archivedate= 2 November 2007 <!--DASHBot-->\| deadurl= no}}</ref> At the request of Toshiba, an interim standard was published which did not include some features, like managed copy.<ref name=pcworld-burning-questions /> As of 15 October 2007, the final AACS standard had not yet been released.<ref>{{cite web \|url=http://www.contentagenda.com/article/CA6491476.html \|title=AACS still trying to manage copying \|accessdate=2007-10-25 \|author =Paul Sweeting \|date=15 October 2007 \|work=contentagenda.com}}</ref> \|archive-date = 8 June 2007 \|url-status = dead }}</ref> The final AACS standard was delayed,<ref>{{cite web\|url=http://www.pcworld.com/article/id,123924-page,1/article.html \|title=Toshiba Hints at HD-DVD Delay \|access-date=19 October 2007 \|author=Martyn Williams \|date=14 December 2005 \|work=pcworld.com \|archive-url=https://web.archive.org/web/20071005171717/http://www.pcworld.com/article/id%2C123924-page%2C1/article.html \|archive-date=5 October 2007 \|url-status=live }}</ref> and then delayed again when an important member of the Blu-ray group voiced concerns.<ref>{{cite web \|url=http://www.heise.de/english/newsticker/news/69559 \|title=AACS copy protection for Blu-ray disc and HD DVD delayed again \|access-date=19 October 2007 \|author =Craig Morris \|date=14 February 2006 \|work=heise.de \| archive-url= https://web.archive.org/web/20071102222432/http://www.heise.de/english/newsticker/news/69559\| archive-date= 2 November 2007 \| url-status= live}}</ref> At the request of Toshiba, an interim standard was published which did not include some features, like managed copy.<ref name=pcworld-burning-questions /> On July 5, 2009 the license of AACS1 went online.<ref>{{Cite web \|last=Calonge \|first=Juan \|date=8 June 2009 \|title=AACS Final License Goes Online \|url=https://www.blu-ray.com/news/?id=2849 \|access-date=11 March 2023 \|website=blu-ray.com \|archive-date=11 March 2023 \|archive-url=https://web.archive.org/web/20230311133556/https://www.blu-ray.com/news/?id=2849 \|url-status=live }}</ref> ==Unlicensed decryption== On 26 December 2006, a person using the [[pseudonym\|alias]] "muslix64" published a working, open-sourced AACS decrypting utility named [[BackupHDDVD]], looking at the publicly available AACS specifications. Given the correct keys, it can be used to decrypt AACS-encrypted content. A corresponding BackupBluRay program was soon developed.<ref>{{cite web \| url = ~~http~~https://www.engadget.com/2007/01/24/backupbluray-available-now-too/ \| first = Ben \| last = Drawbaugh \| title = BackupBluray available now too \| ~~accessdate~~access-date = 3 May 2007~~-05-03~~ \|date=24 January 2007 \| work = Engadget\| ~~archiveurl~~archive-url= https://web.archive.org/web/20070516060453/http://www.engadget.com/2007/01/24/backupbluray-available-now-too/\| ~~archivedate~~archive-date= 16 May 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref> Blu-ray Copy is a program capable of copying Blu-rays to the [[hard drive]] or to blank BD-R discs.<ref>{{cite news\|title=Get Blu-ray Copy (Win) for free\|url=http://reviews.cnet.com/8301-33153_7-57468788-10391733/get-blu-ray-copy-win-for-free/\|first=Rick\|last=Broida\|date=~~July~~ 9, July 2012\|work=[[CNET]]\|~~accessdate~~access-date=18 July 2013\|archive-07date=26 July 2013\|archive-18url=https://web.archive.org/web/20130726081316/http://reviews.cnet.com/8301-33153_7-57468788-10391733/get-blu-ray-copy-win-for-free/\|url-status=live}}</ref> ==Security== Line 127 ⟶ 145: \| title = HD-DVD Content Protection already hacked? \| work = TechAmok \| date = 28 December 2006 \| access-date = 2 January 2007 ~~\| accessdate = 2007-01-02 }}</ref><ref>{{cite news~~ \| archive-date = 10 September 2023 \| archive-url = https://web.archive.org/web/20230910210905/http://www.techamok.com/?pid=1849 \| url-status = live }}</ref><ref>{{cite news \| url = http://news.bbc.co.uk/2/hi/technology/6301301.stm \| title = Hi-def DVD security is bypassed \|date=26 January 2007 \|~~accessdate~~access-date=2 May 2007~~-05-02~~ \|work=BBC ~~news~~News\| ~~archiveurl~~archive-url= https://web.archive.org/web/20070505121314/http://news.bbc.co.uk/2/hi/technology/6301301.stm\| ~~archivedate~~archive-date= 5 May 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref><ref>{{cite web ~~<ref>{{cite web~~ \| last = Block \| first = Ryan \| url = ~~http~~https://www.engadget.com/2007/01/20/blu-ray-cracked-too/ \| title = Blu-ray cracked too? \|date=20 January 2007 \| access-date = 22 January 2007 ~~\| accessdate = 2007-01-22~~ \|work=Engadget \| ~~archiveurl~~archive-url= https://web.archive.org/web/20070123114257/http://www.engadget.com/2007/01/20/blu-ray-cracked-too/\| ~~archivedate~~archive-date= 23 January 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref><ref>{{cite web \| url = https://www.theregister.co.uk/2007/01/23/blu-ray_drm_cracked/ ~~<ref>{{cite web~~ ~~\| url = http://www.theregister.co.uk/2007/01/23/blu-ray_drm_cracked/~~ \| first = John \| last = Leyden Line 149 ⟶ 169: \| title = Blu-ray DRM defeated \|date=23 January 2007 \| ~~accessdate~~access-date = ~~2007-01-~~22 January 2007\| ~~archiveurl~~archive-url= https://web.archive.org/web/20070125175901/~~http~~https://www.theregister.co.uk/2007/01/23/blu-ray_drm_cracked/\| ~~archivedate~~archive-date= 25 January 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref> Hackers also claim to have found Device Keys<ref>{{cite web \|url=http://forum.doom9.org/showthread.php?t=122664 \|title=WinDVD 8 Device Key Found! \|~~accessdate~~access-date=4 May 2007~~-05-04~~ \|author ="ATARI Vampire" \|date=24 February 2007 \|work=Doom9.net forums~~}}</ref>~~ \|archive-date=21 June 2007 \|archive-url=https://web.archive.org/web/20070621014631/http://forum.doom9.org/showthread.php?t=122664 \|url-status=live }}</ref> (used to calculate the Processing Key) and a Host Private Key<ref>{{cite web \|url=http://forum.doom9.org/showthread.php?t=122969 \|title=PowerDVD private key \|~~accessdate~~access-date=4 May 2007~~-05-04~~ \|author ="jx6bpm" \|date=3 March 2007 \|work=Doom9.net forums\| ~~archiveurl~~archive-url= https://web.archive.org/web/20070329033807/http://forum.doom9.org/showthread.php?t=122969\| ~~archivedate~~archive-date= 29 March 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref> (a key signed by the AACS LA used for hand-shaking between host and HD drive; required for reading the Volume ID). The first unprotected HD movies were available soon afterwards.<ref> {{cite web \|url=http://www.dailytech.com/article.aspx?newsid=5747 \|title=First Pirated HD DVDs Released \|~~accessdate~~access-date=3 May 2007~~-05-03~~ \|first=Marcus \|last=Yam \|date=17 January 2007 \|work=DailyTech~~}}</ref>~~ \|archive-url=https://web.archive.org/web/20070219103102/http://www.dailytech.com/article.aspx?newsid=5747 \|archive-date=19 February 2007 \|url-status=dead }} </ref> The [[AACS encryption key controversy\|processing key was widely published]] on the Internet after it was found and the AACS LA sent multiple [[DMCA takedown notice]]s in the aim of censoring it.<ref>{{cite web \|url=http://www.chillingeffects.org/notice.cgi?sID=3218 \|title=AACS licensor complains of posted key \|access-date=2 May 2007 ~~\|accessdate=2007-05-02<!--DASHBot-->}}</ref>~~ \|archive-date=1 May 2007 ~~Some sites that rely on user-submitted content, like [[Digg]] and Wikipedia, tried to remove any mentions of the key.<ref>{{cite news~~ \|archive-url=https://web.archive.org/web/20070501142633/http://www.chillingeffects.org/notice.cgi?sID=3218 \|url-status=live }}</ref> Some sites that rely on user-submitted content, like [[Digg]] and Wikipedia, tried to remove any mentions of the key.<ref>{{cite magazine \|url=http://blog.wired.com/business/2007/05/wikipedia_locks.html \|title=Wikipedia Locks Out "The Number" ~~\|first=Paul~~ \|last=Boutin \|~~accessdate~~access-date=2 May 2007~~-05-02~~ \|date=1 May 2007 \|~~work~~magazine=Wired\| ~~archiveurl~~archive-url= https://web.archive.org/web/20070504012402/http://blog.wired.com/business/2007/05/wikipedia_locks.html\| ~~archivedate~~archive-date= 4 May 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref><ref>{{cite news ~~<ref>{{cite news~~ \|title=Digg's DRM Revolt \|first=Andy Line 190 ⟶ 222: \|date=2 May 2007 \|work=Forbes \|url=~~http~~https://www.forbes.com/technology/2007/05/02/digital-rights-management-tech-cx_ag_0502digg.html \|~~accessdate~~access-date=4 May 2007~~-05-04~~\| ~~archiveurl~~archive-url= https://web.archive.org/web/20070504173353/http://www.forbes.com/technology/2007/05/02/digital-rights-management-tech-cx_ag_0502digg.html\| ~~archivedate~~archive-date= 4 May 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nodead}}</ref> The Digg administrators eventually gave up trying to censor submissions that contained the key.<ref>{{cite news \|url=http://news.bbc.co.uk/2/hi/technology/6615047.stm \|title=DVD DRM row sparks user rebellion \|~~accessdate~~access-date = 2 May 2007~~-05-02~~ \|date=2 May 2007 \|work=BBC ~~news~~News\| ~~archiveurl~~archive-url= https://web.archive.org/web/20070516215800/http://news.bbc.co.uk/2/hi/technology/6615047.stm\| ~~archivedate~~archive-date= 16 May 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}}</ref> The AACS key extractions highlight the inherent weakness in any DRM system that permit software players for PCs to be used for playback of content. No matter how many layers of encryption are employed, it does not offer any true protection, since the keys needed to obtain the unencrypted content stream must be available somewhere in memory for playback to be possible. The PC platform offers no way to prevent memory snooping attacks on such keys, since a PC configuration can always be emulated by a [[virtual machine]], in theory without any running program or external system being able to detect the virtualization. The only way to wholly prevent attacks like this would require changes to the PC platform (see [[Trusted Computing]]) which could provide protection against such attacks. This would require that content distributors do not permit their content to be played on PCs without trusted computing technology, by not providing the companies making software players for non-trusted PCs with the needed encryption keys. On 16 April 2007, the AACS consortium announced that it had expired certain encryption keys used by PC-based applications. Patches were available for [[WinDVD]] and [[PowerDVD]] which used new and uncompromised encryption keys.<ref>~~{{cite web~~ {{cite web\| url= http://www.aacsla.com/press/\| title= Press Messages: AACS – Advanced Access Content System\| access-date= 2 May 2007\| archive-url= https://web.archive.org/web/20070430070403/http://www.aacsla.com/press/\| archive-date= 30 April 2007\| url-status= dead\| df= dmy-all}} ~~\|url=http://www.aacsla.com/press/~~ </ref><ref> ~~\|title=Press Messages: AACS – Advanced Access Content System~~ {{cite web ~~\|accessdate=2007-05-02\| archiveurl= https://web.archive.org/web/20070430070403/http://www.aacsla.com/press/\| archivedate= 30 April 2007 <!--DASHBot-->\| deadurl= no}}</ref>~~ ~~<ref>{{cite web~~ \|url=http://dailytech.com/AACS+Responds+to+Cracked+HD+DVD+and+Bluray+Disc+Protections/article5879.htm \|title=AACS Responds to Cracked HD DVD and Blu-ray Disc Protections \|~~accessdate~~access-date=3 May 2007~~-05-03~~ \|first=Marcus \|last=Yam \|date=26 January 2007 \|work=DailyTech ~~}}</ref>~~ \|archive-url=https://web.archive.org/web/20070211005800/http://dailytech.com/AACS+Responds+to+Cracked+HD+DVD+and+Bluray+Disc+Protections/article5879.htm \|archive-date=11 February 2007 \|url-status=dead }} </ref> The old, compromised keys can still be used to decrypt old titles, but not newer releases as they will be encrypted with these new keys. All users of the affected players (even those considered "legitimate" by the AACS LA) are forced to upgrade or replace their player software in order to view new titles. Line 221 ⟶ 257: \|url=http://www.newsfactor.com/news/Blu-ray--HD-DVD-Encryption-Cracked/story.xhtml?story_id=121000E3UUOA \|title=Blu-ray and HD DVD Encryption Cracked \|access-date=29 May 2007 ~~\|accessdate=2007-05-29~~ \|author =Lindsay Martell \|date=26 January 2007 \|work=NewsFactor Network \|archive-url=https://web.archive.org/web/20071103050531/http://www.newsfactor.com/news/Blu-ray--HD-DVD-Encryption-Cracked/story.xhtml?story_id=121000E3UUOA ~~}}</ref>~~ \|archive-date=3 November 2007 ~~The AACS LA has sent [[DMCA takedown notice]]s to such sites on at least one occasion.<ref>~~ \|url-status=dead ~~{{cite web~~ }} </ref> The AACS LA has sent [[DMCA takedown notice]]s to such sites on at least one occasion.<ref>{{cite web \|url=http://forum.doom9.org/attachment.php?attachmentid=7071&d=1176327932 \|title=Illegal Offering of Title/Volume Keys to Circumvent AACS Copyright Protection: hdkeys.com \|format=pdf \|access-date=29 May 2007 ~~\|accessdate=2007-05-29~~ \|author =Alexander Kaplan \|date=5 April 2007 \|work=DMCA takedown notice \|archive-date=26 September 2007 \|archive-url=https://web.archive.org/web/20070926213835/http://forum.doom9.org/attachment.php?attachmentid=7071&d=1176327932 \|url-status=live }}</ref> There is also commercial software ([[AnyDVD\|AnyDVD HD]]) that can circumvent the AACS protection. Apparently this program works even with movies released after the AACS LA expired the first batch of keys.<ref> Line 240 ⟶ 282: \|url=https://arstechnica.com/news.ars/post/20070517-latest-aacs-revision-defeated-a-week-before-release.html \|title=Latest AACS revision defeated a week before release \|access-date=29 May 2007 ~~\|accessdate=2007-05-29~~ \|author =Ryan Paul \|date=7 May 2007 \|work=Ars Technica \| ~~archiveurl~~archive-url= https://web.archive.org/web/20070520054415/http://arstechnica.com/news.ars/post/20070517-latest-aacs-revision-defeated-a-week-before-release.html\| ~~archivedate~~archive-date= 20 May 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}} </ref> Line 251 ⟶ 293: \| title = Work Around for New DVD Format Protections \|date=7 June 2006 \| ~~accessdate~~access-date = 2 May 2007~~-05-02~~ \| work = [[Slashdot]]}}</ref><ref>{{cite web \| url = http://www.heise-online.co.uk/security/Copy-protection-hole-in-Blu-ray-and-HD-DVD-movies--/news/75103 \| archive-url = https://web.archive.org/web/20080222160135/http://www.heise-online.co.uk/security/Copy-protection-hole-in-Blu-ray-and-HD-DVD-movies--/news/75103 \| title = Copy protection hole in Blu-ray and HD DVD movies \| ~~accessdate~~access-date = 2 May 2007~~-05-02~~ \| archive-date = 22 February 2008 \|date=7 July 2006 \| author = Edward Henning \| work = heise Security}}</ref> ~~This was broken in later versions.~~ ==Patent challenges== {{main\|ECC patents}} On 30 May 2007, Canadian encryption vendor [[Certicom]] sued Sony alleging that AACS violated two of its patents, "Strengthened public key protocol"<ref> {{cite web \|url=~~http~~https://~~www~~patents.google.com/~~patents?id=rNoOAAAAEBAJ&dq=6,563,928~~patent/US6563928 \|title=Strengthened public key protocol \|access-date=31 May 2007 ~~\|accessdate=2007-05-31~~ \|author =Scott A. Vanstone \|date=1 April 1999 \|work=US Patent Office \|display-authors=etal}} </ref> and "Digital signatures on a Smartcard."<ref>{{cite web \|url=https://patents.google.com/patent/US6704870 ~~{{cite web~~ ~~\|url=http://www.google.com/patents?id=rZ0SAAAAEBAJ&dq=6704870~~ \|title=Digital signatures on a Smartcard \|access-date=31 May 2007 ~~\|accessdate=2007-05-31~~ \|author =Scott A. Vanstone \|date=29 August 2001 \|work=US Patent Office \|display-authors=etal}} \|archive-date=27 March 2019 </ref> The patents were filed in 1999 and 2001 respectively, and in 2003 the [[National Security Agency]] paid $25 million for the right to use 26 of Certicom's patents, including the two that Sony is alleged to have infringed on.<ref> \|archive-url=https://web.archive.org/web/20190327011204/https://patents.google.com/patent/US6704870 \|url-status=live }}</ref> The patents were filed in 1999 and 2001 respectively, and in 2003 the [[National Security Agency]] paid $25 million for the right to use 26 of Certicom's patents, including the two that Sony is alleged to have infringed on.<ref> {{cite web \|url=https://arstechnica.com/news.ars/post/20070531-encryption-vendor-claims-aacs-infringes-its-patents-sues-sony.html \|title=Encryption vendor claims AACS infringes its patents, sues Sony \|access-date=31 May 2007 ~~\|accessdate=2007-05-31~~ \|author =Nate Anderson \|date=31 May 2007 \|work=Ars Technica \| ~~archiveurl~~archive-url= https://web.archive.org/web/20070602130802/http://arstechnica.com/news.ars/post/20070531-encryption-vendor-claims-aacs-infringes-its-patents-sues-sony.html\| ~~archivedate~~archive-date= 2 June 2007 ~~<!--DASHBot-->~~\| ~~deadurl~~url-status= nolive}} </ref> The lawsuit was dismissed on May 27, 2009.<ref>{{cite web \| url=http://dockets.justia.com/docket/texas/txedce/2:2007cv00216/103383/ \| title=Certicom Corporation et al v. Sony Corporation et al Featured Case Has Decisions \| date=2009-05-27 \| publisher=justia.com \| access-date=2013-08-12 \| archive-date=18 September 2020 \| archive-url=https://web.archive.org/web/20200918180848/https://dockets.justia.com/docket/texas/txedce/2:2007cv00216/103383 \| url-status=live }}</ref> ==See also== * [[Security of Advanced Access Content System\|History of attacks against Advanced Access Content System]] * [[AACS encryption key controversy]] ==References== {{reflist~~\|colwidth=30em~~}} ==External links== {{wikinews\|High definition anti-piracy DRM possibly hacked}} * [https://web.archive.org/web/20100306013059/http://www.aacsla.com/home Old AACS homepage] * [~~http~~https://www.aacsla.com~~/specifications/~~ Current AACS ~~specifications~~homepage] * [https://web.archive.org/web/20070128110342/http://www.aacsla.com/specifications/ AACS specifications] * [http://forum.doom9.org/showthread.php?t=122363 Understanding AACS], an introductory forum thread. * [http://forum.doom9.org/showthread.php?t=122363 Understanding AACS], an introductory forum thread. {{Webarchive\|url=https://web.archive.org/web/20120205101739/http://forum.doom9.org/showthread.php?t=122363\|date=dmy}} with the diagrams working. * [http://www.isan.org ISAN homepage], ISAN as required in the Content ID defined in AACS [http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf Introduction and Common Cryptographic Elements rev 0.91] * [http://www.isan.org ISAN homepage], ISAN as required in the Content ID defined in AACS [https://web.archive.org/web/20070302130221/http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf Introduction and Common Cryptographic Elements rev 0.91] * [http://www.videolan.org/developers/libaacs.html libaacs], an open source library implementing AACS * [http://www.metzdowd.com/pipermail/cryptography/2007-May/012313.html Hal Finney on 'AACS and Processing Key'], [[Hal Finney (cypherpunk)\|Hal Finney]]'s post on metzdowd.com cryptography mailing list Line 311 ⟶ 368: {{HD DVD}} [[Category:Advanced Access Content System\| ]] [[Category:Digital rights management standards]] [[Category:Compact Disc and DVD copy protection]] ~~[[Category:Advanced Access Content System\| ]]~~ ~~[[Category:Broadcast encryption]]~~ [[Category:Blu-ray Disc]]