Slashdot Mirror
Building the AACS Next-Gen Copy Protection Scheme
Anonymous Slashdotter writes "The IEEE Spectrum has a piece that discusses the proposed encryption scheme for the upcoming HD-DVD standard. 'The key to the spirit of compromise is an agreement that the AACS specification will allow consumers to move the data on an optical disc to the various devices they own, including video servers and portable video players, either directly or via a home network.' AACS will use a so-called strong key, the 128-bit Advanced Encryption Standard approved by the U.S. National Institute of Standards and Technology."
According to the article, a compromised key will be dropped so that device will no longer be able to decode new content. So the vendor has to explain to his customer why his product doesn't work anymore, likely through no fault of his own? Yeah, that'll fly...
I can see the ads in the theaters already. "I'm John Weiner and I design ciphers for the movie industry. Downloading movies hurts me."
Trolling is a art,
The main flaw I can see in this is that as soon as it has been 'cracked' (which could be as simple as re-digitising the stream being sent to the video device), it can be reformatted into an MPEG2 / H264 stream and put onto BitTorrent. The simple fact is that it only needs to be broken *once*, and *everyone* can get it.
The movie business is going to hit the same wall as the audio business did, and the solution the audio business came up with (well, more accurately, were forced into) was to make the downloading of songs relatively cheap (under $1). As soon as it's not worth it to go through the hassle of copying the data, it is once again a viable product. At the moment, the movies are not viable products...
Simon.
Physicists get Hadrons!
Mabey I'm wrong?
Unless I can extract the content to a non-encrypted format that I can play using non-proprietary software on stock hardware, it can go to hell.
Isn't not being able to copy "Who's Your Daddy?" multiple times a feature and not a bug?
The only thing they can hope to achieve is to make it harder to copy originals.
What I mean is, the problem isn't preventing people from copying a Blockbuster DVD, it's more a problem of preventing one guy, dedicated enough, from making a unencrypted copy and posting it on P2P. Once that's done, the cat's out of the bag and the copy-protection scheme will just annoy legit users. All the others will download the free copy.
So, what will happen is, when Joe Pirate wants to make a copy, instead of just sticking the disk in the drive and wait, he'll make himself some setup to capture the video from the DVD player and he'll re-encode the video. Added cost: a capture card and a cable. Period. And once the captured video is on the net, the game's over. And I'm ready to wager there's an awful lot of people out there who hate the *AAs enough to take the (small) trouble of doing exactly that, just to shaft them.
I don't care how secure the encryption is, as everyone has already said, all it takes is a "legal" DVD player outputting a high quality signal into a capture card, and you have a decrypted copy.
I doubt that the industry is foolish enough to force consumers to upgrade their televisions to support some form of signal encryption, therefore this must fail.
It's only an insult if it's not true.
This has the same flaws as all of them.
The authorized user and the attacker are one and the same. You can't protect against that, not with cryptography.
I don't think you have any idea what you're talking about...
Honestly - I work in the industry, and I'm still amazed at the lengths content providers will go to to try to prevent a single D-to-A, A-to-D conversion.
Apparently they just don't get that people - who seem willing to buy cheap videos recorded on consumer cameras in movie theaters - are going to be completely unable to see the difference in a re-recorded playback of what they see on T.V.
Folks - if you're too stupid to realize the network effect will swamp the casual copyright infringement, do something simple: don't release it. That's your only option.
that re-digitized HDTV stream will have better quality than direct rip from a DVD.
Copy right violations and the like are a social problem, and are going to be solved with a social solution.
We can throw all the technology and litigation we want at the problem, but it won't be solved until we come up with a social solution.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
It's not necessary, but the movie industry has the illusion that if they make it harder to copy then somehow they will sell more. Remember, in their fantasy world each illegal copy is retail price lost.
So the proposal seems to be, content on DVD is encrypted with AES, using some random key. The key is stored on the DVD, but encrypted against another key, which is part of the player. How do you distribute this key inside players, without people being able to dig it out? Is it by putting it in a hardware-only form, like the chip on a smart-card? How easy is it to hide such a key in compiled software?
Correct. It is technically impossible to steal a thing using a recorder, unless you do something really odd like club a victim witha VCR during a mugging, or heave a reel-to-reel unit through a jewelry store window in order to break in and burglarize it.
Don't blame Durga. I voted for Centauri.
In any case, I am less worried about the crypto, which doesn't affect video quality. Fingerprinting of video and audio with watermarks can affect quality; in copy protection circles, you'll see iffy technologies proposed simply because they "can't hurt" to throw them in---but then some of them are detectable by golden eyes/ears. IMHO even that much quality loss is not worth whatever security a watermark offers.
Caj
It was only when DVDs came out that the industry's policy shifted to issuing new releases priced for sale. That's because there was a guy in the industry somewhere that convinced everybody that a durable media format (vs. shoddy VHS tapes) that contained a high-quality version of the movie was something a large number of people would be willing to own, rather than just rent. And he was right! People are buying DVDs in droves. DVD players were adopted by the mainstream public faster than any other electronic gadget in history, from what I've heard.
What I'm saying is, this theory that people download AVIs because DVDs cost too much just doesn't ring true. DVD sales have been phenomenal. If you think there's a DVD piracy problem in this country, think again -- check out the situation in Asia if you want to see a DVD piracy problem. I think people download AVIs because they're there. They can get the AVI before the actual movie comes out, and they can get the AVI for free for a movie that they probably wouldn't have bothered to buy, or even walk down to the video store to rent.
I mean, come on -- you can still rent DVDs. Are you honestly telling me that a price point of $3 for three nights (or whatever Blockbuster is doing right now) is more than most Americans are willing to pay to see some random shitty Hollywood movie? Of course it's not. But downloading AVIs, for many people, is just too easy.
Breakfast served all day!
this scheme, as with decss, has nothing to do with copy protection. that is merely its disguise. it has everything to do with mandatory royalties to the consortium from all dvd player manufacturers and dvd mass producers. its all related to control over who makes and sells media players and what they are capable of doing or not doing out of the box.
The HD-DVD and the Blu-Ray players both support the mpeg4 formats. While the disks you buy from the store might be all messed up, either play or not play, there isn't really anything stopping anyone from taking some mpeg4 content and placing that on a Blu-Ray or HD-DVD blank; those will probably play every time, more or less. It would not be surprising to see iTunes-like services springing up around the mpeg4 format.
What's going to happen is simple: the HD-DVD thing isn't going to take off; not if you have to keep upgrading keys all the time. Joe and Jane Average are probably going to stick with the regular DVD from Netflix, Blockbuster, or whomever, knowing that it will work every time.
If the new formats can be gotten to "work every time", perhaps by having the keys downloaded from the internet or something like that, then they might do better. Anytime you make something too complicated, though, it's bound to fail. Look at 3D movies with those uncomfortable cardboard 3D glasses. Where have they gone? Look at DVD-Audio or the SACD? Going nowhere fast. Lossless compression formats from iTunes or other services? We're not really there yet - if people are willing to settle for mp3 or aac quality sound, why would they want to spend extra money on a DVD-audio quality sound?
The movie industry risks entering a situation not unlike the music industry finds itself in today. Many of the same symptoms are there; the same attempt to control is there; the same low-quality, high-budget, intellectually lacking content is being pumped out. A new format that is harder and more expensive to use just isn't going to cut it. It would not be surprising to see mpeg4 take the place of mp3 files, with people cramming movie after mpeg4 movie onto a DVD5 or perhaps a DVD9 that they either downloaded from a legitimate service, or if no such legitimate services happen to spring up in the near future, a p2p network.
The popularity of iTunes and other legitimate music download services goes to show that consumers don't care so much about the absolute highest sound quality, but that they care more about convenience, selection, ease of use, accessibility, and things like that. These new formats are probably more or less doomed to not do as well as they could.
These new disks, though, the Blu-Ray especially, these are going to be GREAT for backing up systems, documents, and also for businesses to do backups and things like that. The technology is awesome; what Hollywood is trying to do with it is the part that isn't going to work very well.
The big question for the Linux/FOSS community isn't how hard is it to crack: it's can we be included without being forced to crack it.
I'm sure I'm not alone in not wanting to make pirate copies of DVDs, but just wanting to be able to watch my discs on the equipment of choice, including open source players.
This boild down to: i) will the algorithm be well known (ie rely on secrecy of keys not the algorithm) and ii) how do you get allocated a key
CSS sucked because it used weak keys and tried to keep the algorithm secret. The first rule of cryptography is to assume the algorithm is known, and thanks to DVD Jon we got it reverse engineered. And it sucked for the FOSS crowd because you couldn't make a player without paying a huge sum of money and signing all sorts of agreements.
If the new system removes these barriers to entry, then it at least it won't be as evil as the original CSS. It'll still be useless, but not actually evil.
This was never about copy protection.
No form of encryption will not make it harder to copy the original disk. Constructing a bit for bit copy of a digital stream in no way requires you to be able to understand the data being copied.
Rather, this is a playback protection system.
It's to stop you from watching the media when the distributors don't want you to be able to. Such as, for example, should you try to play a movie released in the US which is only just being shown in movie theatres in Western Europe. Or Asia. Or anywhere other than Region 1.
Encryption of the media is only there to force DVD player manufacturers to obtain a key -- which will only be provided if they also sign a contract to adhere to certain terms and conditions that, in essence, states that they're not allowed to undermine the distributors' business model.