Print 33 comment(s) - last by scrapsma54.. on Jan 31 at 8:10 PM

AACS LA confirms the work of hackers

The AACS LA, those behind the advanced access content system protecting HD DVD and Blu-ray Discs, today responded to the recent defeat of its technology.

“AACS LA has confirmed that AACS Title Keys have appeared on public web sites without authorization,” read a statement from the AACS Web site. “Such unauthorized disclosures indicate an attack on one or more players sold by AACS licensees.”

The AACS is taking the stance that the exploit is a wake-up call to all licensees to ensure that the technology is implemented securely. PC software players, such as WinDVD, are particularly vulnerable to hackers.

“This development is limited to the compromise of specific implementations, and does not represent an attack on the AACS system itself, nor is it exclusive to any particular format. Instead it illustrates the need for all AACS licensees to follow the Compliance and Robustness Rules set forth in the AACS license agreements to help ensure that product implementations are not compromised.

“AACS LA employs both technical and legal measures to deal with attacks such as this one, and AACS LA is using all appropriate remedies at its disposal to address the attack,“ the statement concludes.

A hacker named “Muslix64” circumvented HD DVD copy protection during late December, resulting in the release of pirated copies on the Internet. Less than one month later, the same hacker was able to crack the encryption on Blu-ray Discs.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: The two doesn't add up
By borowki on 1/26/2007 7:36:17 PM , Rating: 4
No, he didn't just extract the volume key off the disc. The key is stored encrypted on the disc. You need a device key in order to decrypt it. Presumably this is somewhat protected within WinDVD. What muslix did was to look for the volume key after WinDVD has decrypted it. The player clearly needs ready access to the volume key in order to decrypt the movie data. If you assume that the key is sitting somewhere in memory unprotected, then all you have to do is try every 16-byte segment in the dump file. Which ever that yields something resembling HD-DVD data is the key. Testing a couple million keys doesn't take long.

RE: The two doesn't add up
By hoppa on 1/27/2007 12:54:50 AM , Rating: 2
Not quite. He actually paged through the memory manually and found certain patterns between discs that he assumed would be keys. Once the patterns were recognized, it was just a matter of itteratively generating keys to fit that pattern until one worked. Less work and more clever than trying every 16 bit sequence in memory as a key.

"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer
Related Articles
Blu-ray Encryption Defeated
January 23, 2007, 6:49 PM
First Pirated HD DVDs Released
January 17, 2007, 4:30 PM
Hackers Claim HD DVD Encryption Circumvented
December 28, 2006, 12:24 PM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki