AACS: A Tale of Three Keys

[David Farber <dave () farber net>]

Begin forwarded message:

From: Monty Solomon <monty () roscom com>
Date: February 17, 2007 11:35:21 AM EST
To: undisclosed-recipient:;
Subject: AACS: A Tale of Three Keys


AACS: A Tale of Three Keys
Thursday February 15, 2007 by J. Alex Halderman

This week brings further developments in the gradual meltdown of AACS
(the encryption scheme used for HD-DVD and Blu-Ray discs). Last
Sunday, a member of the Doom9 forum, writing under the pseudonym
Arnezami, managed to extract a "processing key" from an HD-DVD player
application. Arnezami says that this processing key can be used to
decrypt all existing HD-DVD and Blu-Ray discs. Though currently this
attack is more powerful than previous breaks, which focused on a
different kind of key, its usefulness will probably diminish as AACS
implementers adapt.

To explain what's at stake, we need to describe a few more details
about the way AACS manages keys. Recall that AACS player applications
and devices are assigned secret device keys. Devices can use these
keys to calculate a much larger set of keys called processing keys.
Each AACS movie is encrypted with a unique title key, and several
copies of the title key, encrypted with different processing keys,
are stored on the disc. To play a disc, a device figures out which of
the encrypted title keys it has the ability to decrypt. Then it uses
its device keys to compute the necessary processing key, uses the
processing key to decrypt the title key, and uses the title key to
extract the content.

...

http://www.freedom-to-tinker.com/?p=1121



-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/@now
Powered by Listbox: http://www.listbox.com