Media, Tech Firms Probe Possible High-def DVD Hack
The companies behind the AACS encryption system for high-definition DVDs are looking into a hacker's claim that he has cracked the code protecting the new discs from piracy, a spokesman for one of the companies said on Thursday.
A hacker known as Muslix64 posted on the Internet details of how
he unlocked the encryption, known as the Advanced Access Content
System, which prevents high-definition discs from illegal copying
by restricting which devices can play them.
The AACS system was developed by companies including Walt Disney, Intel, Microsoft, Toshiba and Sony to protect high-definition formats, including Toshiba's HD-DVD and Sony's Blu-ray.
Muslix64 posted a video and decryption codes showing how to copy several films, including Warner Bros' "Full Metal Jacket" and Universal Studios' "Van Helsing," on a popular hacker Internet blog and a video-sharing site.
The hacker also promised to post more source code on January 2 that will allow users to copy a wider range of titles.
If the encryption code has been cracked, then any high-definition DVD released up to now can be illegally copied using the Muslix64 "key," according to technology experts.
Muslix64 said that he discovered that the title key - the principal component the studios use to encrypt and decrypt the disc masters - are retrieved from the disc by his HD DVD player software, and then stored in an unencrypted portion of memory. According to the video posted in the Youtube.com web site, that player software is CyberLink PowerDVD 6.5 HD DVD Edition.
A quick question that arises here is whether the title key that is retrieved by the play back software is enough to decrypt all the HD movies. The AACS scheme uses a separate decryption key, called the revocation key. This key is could be because revoked by the AACS Authorities in the event that discs using that key have been cracked. According to the plan, the once-cracked media would become unreadable once the HD players connect to the internet.
However, Muslix64's implementation claims that a player could use the title key instead of the revocation key for decryption of a copied disc, thereby bypassing the revocation feature.
AACS LA spokepersons have not yet officially commented on these "hacking" tricks. A spokesman for one of the AACS companies, who declined to have the company identified, said they were aware of it and were looking into the claims.
The vulnerability could pose a threat to movie studios looking for ways to boost revenue as sales of standard-format DVDs flatten.
In addition, the "hack" could give a small lead to the popularity of the HD DVD movies over those available on the rival Blu-Ray format, since the latter are claimed to offer additional layers of protections through the ROM Mark and the BD+ technologies.
The AACS system was developed by companies including Walt Disney, Intel, Microsoft, Toshiba and Sony to protect high-definition formats, including Toshiba's HD-DVD and Sony's Blu-ray.
Muslix64 posted a video and decryption codes showing how to copy several films, including Warner Bros' "Full Metal Jacket" and Universal Studios' "Van Helsing," on a popular hacker Internet blog and a video-sharing site.
The hacker also promised to post more source code on January 2 that will allow users to copy a wider range of titles.
If the encryption code has been cracked, then any high-definition DVD released up to now can be illegally copied using the Muslix64 "key," according to technology experts.
Muslix64 said that he discovered that the title key - the principal component the studios use to encrypt and decrypt the disc masters - are retrieved from the disc by his HD DVD player software, and then stored in an unencrypted portion of memory. According to the video posted in the Youtube.com web site, that player software is CyberLink PowerDVD 6.5 HD DVD Edition.
A quick question that arises here is whether the title key that is retrieved by the play back software is enough to decrypt all the HD movies. The AACS scheme uses a separate decryption key, called the revocation key. This key is could be because revoked by the AACS Authorities in the event that discs using that key have been cracked. According to the plan, the once-cracked media would become unreadable once the HD players connect to the internet.
However, Muslix64's implementation claims that a player could use the title key instead of the revocation key for decryption of a copied disc, thereby bypassing the revocation feature.
AACS LA spokepersons have not yet officially commented on these "hacking" tricks. A spokesman for one of the AACS companies, who declined to have the company identified, said they were aware of it and were looking into the claims.
The vulnerability could pose a threat to movie studios looking for ways to boost revenue as sales of standard-format DVDs flatten.
In addition, the "hack" could give a small lead to the popularity of the HD DVD movies over those available on the rival Blu-Ray format, since the latter are claimed to offer additional layers of protections through the ROM Mark and the BD+ technologies.
