AACS revokes released HD-DVD and Blu-ray keys

In December 2006, a member of the Doom9’s forum (named Muslix64) released code that would allow a person to copy HD-DVD and later Blu-ray movies. Many claimed Muslix64 did not truly break AACS at that time, because the ‘hack’ only went after the player. On the same forum, in February, a user named Arnezami posted the details and research, but more importantly, the processing key that allowed free copies to be made of any HD-DVD and Blu-ray disk. AACS DRM protection was broken completely.

Shortly after Arnezami’s discovery and the news surrounding it, the AACS-LA, the ones responsible for the DRM used on HD-DVD and Blu-ray released a statement about the reports of the encryption being busted wide open.

“Regarding the reported attacks on 2/13/2007, AACS has confirmed that an additional key (called a “processing key”) has been published on public websites without authorization. This is a variation of the previously reported attack (a compromise of a specific implementation) on one or more players sold by AACS licensees. Although a different key was extracted, this represents no adverse impact on the ability of the AACS ecosystem to address the attack. All technical and legal measures applicable to the previously reported attack will be applicable against this attack as well.” –AACS statement

It would appear that now the action taken was to revoke the published keys, which invalidates the methods used to break the encryption. “In response to attacks against certain PC-based applications for playing HD DVD and Blu-ray movie discs, Advanced Access Content System Licensing Administrator, LLC (“AACS LA”) announces that it has taken action, in cooperation with relevant manufacturers, to expire the encryption keys associated with the specific implementations of AACS-enabled software,” said the AACS LA over the weekend.

The AACS advised consumers to check with the manufacturer of their player to get any of the needed updates compatible with the new keys issued on the newly released movies. Corel was one of the first to announce an update and release a mandatory patch to fix the cracked processing key.

In a news post on the InterVideo website, a letter to the public announcing the update was posted including a strong warning for those who would choose to skip the update.

“To our valued InterVideo WinDVD Customers, Today Corel is releasing an important new security update for InterVideo WinDVD. Our decision stems from recent reports that hackers have illegally obtained certain software licensing keys and have used them to duplicate copyrighted content without prior authorization. Corel takes this situation very seriously. We have been working closely with our partners and other industry organizations to ensure we take the steps necessary to prevent copyright infringement from happening in the future.”

The warning that came after is what caused a ruckus on several websites and forums, “Please be aware that failure to apply the update will result in AACS-protected HD DVD and BD playback being disabled.” That led people to believe that, if they did not update that the ability to play HD-DVD movies or Blu-ray, would be lost to them. This is true only after the new disk with an updated Host Revocation List (HRL) is placed in the drive and played. If the HRL on the new disk is newer than the one on the player, the player will refuse. This is explained in the specs for the AACS in section 4.8. (AACS Introduction and Common Cryptographic Elements)

What do the users like Arnezami, and the others on Doom9, the forum where the cracks first gained attention, think about the loss of they keys. Will this prevent the known methods of breaking the encryption form working?

“They cannot revoke this hack. No matter how many Private Host Keys they revoke, we will still be able to get Volume IDs using patched Xbox 360 HD DVD drives. Of course some measures must be taken to make sure a patched drive will not be identified as such and revoked (in theory they could make new versions of WinDVD and PowerDVD ‘examine’ your patched drive and if confirmed to be hacked they could (in theory) "call back home" and tell the AACS LA who can revoke your drive). But by simply reflashing the drive (with the original firmware) after getting all your Volume IDs (or making this feature stealthy) this will not be an issue at all,” said Arnezami on Doom9.

If the patches and revocation of the keys help stem the loss of the DRM protection, then the AACS will have won in the ongoing fight to prevent piracy. However, if the claims on Doom9 are true, then this is just a minor setback. In the meantime, WinDVD owners might want to patch the players just incase.

Further Reading on M&C