A cat-and-mouse game between the guardians of the copy-protection system on next-generation DVDs and those intent on hacking it has kicked off with the first revocation of a descrambling key used in a popular software application.
Last week the Advanced Access Content System Licensing Administrator (AACSLA) said it was expiring a key used in Corel's InterVideo WinDVD 8 application after the key was discovered and posted on the Internet.
Writing on the Doom 9 message board, a user with the name "Atari Vampire" said that he or she had managed to find the device key for the software. The device key is used in conjunction with individual keys on each movie title to decrypt the data on the disc.
In response, Corel is updating WinDVD 8 with a new device key and warning users that they won't be able to watch HD-DVD or Blu-ray Disc titles unless they upgrade.
"Our decision stems from recent reports that hackers have illegally obtained certain software licensing keys and have used them to duplicate copyrighted content without prior authorization," Corel said in a statement.
The discovery of the device key is the latest in a string of attacks on AACS, which is used on both HD-DVD and Blu-ray Disc.
The first to be disclosed was a title key for Stanley Kubrick's 1987 film, Full Metal Jacket. A user with the name "Muslix64" posting to the same discussion board said he or she began attacking the copy-protection system after it prevented the viewing of the movie on a high-definition monitor. As an antipiracy measure, the system allows high-definition video output only over a monitor connection that supports copy protection.
Then on Feb. 13, an additional key, called a processing key, was also published online.
AACSLA downplayed the impact of both attacks, saying of the first that it "does not represent an attack on the AACS system itself" and of the second that it "represents no adverse impact on the ability of the AACS ecosystem to address the attack."
Ironically, technical documentation on AACSLA's own website appears to be lending a hand to people like Atari Vampire who are looking for weaknesses in the copy-protection system.
"I even printed out all 70 pages of the AACS Introduction and Common Cryptographic Elements document, painfully reading through this material," wrote Atari Vampire before explaining how an analysis of memory contents was conducted using data "per page 13 of the AACS Common Crypto doc."
The attacks to date have all involved exploiting weaknesses in PC software used to play the discs, and in this respect they bear a close resemblance to the downfall of the content scrambling system used on DVDs. The first attacks on that system were through badly written software rather than a brute-force attack on the encrypted data. The cracking of the scrambling system has led to the widespread availability of software that can copy DVDs.
The architects of AACS learned from the mistakes of the scrambling system and built into the system several different types of keys and the ability to change keys whenever attacks were successful. In this way, they can re-establish the security of the system once details of an attack are public.
This situation is very similar to one currently being played out by manufacturers of other connected consumer electronics devices like the PlayStation Portable or recently released Apple TV. Developers are finding ways to get around restrictions in the software of the devices, and typically the developers are quickly responding with security patches that block the exploits of weaknesses in their code.
For an indication of how long this might last, the Decrypting forum on the Doom 9 message board is well worth a look. It's already home to a community of people who are spending vast amounts of time pulling out various keys from high-definition movie discs and anticipating the next move of AACSLA and how they might get around it.