Misplaced Pages

Advanced Access Content System: Difference between revisions

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
Browse history interactively← Previous editNext edit →Content deleted Content addedVisualWikitext
Revision as of 14:31, 24 May 2005 editMatt Crypto (talk | contribs)23,089 edits System overview: you might say "protect", I would say "restrict" -- how about "control" as an NPOV term?← Previous edit Revision as of 14:36, 24 May 2005 edit undoMatt Crypto (talk | contribs)23,089 edits System overview: more "protect" alterations, and other minor tweaksNext edit →
Line 6: Line 6:


==System overview== ==System overview==
AACS utilizes cryptography to control the use of digital media. AACS-protected content is encrypted under one or more ''title keys'' using the ] (AES). Title keys are derived from a combination of a ''media key'' and several elements, including the ''volume ID'' of the media (e.g., a physical serial number embedded on a DVD), and a cryptographic hash of the title ''usage rules''. AACS utilizes cryptography to control the use of digital media. AACS-protected content is encrypted under one or more ''title keys'' using the ] (AES). Title keys are derived from a combination of a ''media key'' and several elements, including the ''volume ID'' of the media (e.g., a physical serial number embedded on a DVD), and a ] of the title ''usage rules''.


The principal difference between AACS and earlier content protection systems such as CSS is in the means by which title-specific decryption keys are distributed. Under CSS, all players of a given model are provisioned with the same, shared decryption key. Content is encrypted under the title-specific key, which is itself encrypted under each model's key. Each CSS-protected volume contains a collection of several hundred encrypted keys, one for each licensed player model. In principal, this approach allows licensors to "revoke" a given player model (prevent it from playing back future content) by omitting to include the encryption corresponding to that model. In practice, however, revoking all players of a particular model is costly, as it causes many innocent users to lose playback capability. Furthermore, the inclusion of a shared key across many players makes key compromise significantly more likely, as was demonstrated by a number of compromises in the mid-1990s. The principal difference between AACS and earlier content management systems such as CSS is in the means by which title-specific decryption keys are distributed. Under CSS, all players of a given model are provisioned with the same, shared decryption key. Content is encrypted under the title-specific key, which is itself encrypted under each model's key. In CSS, each volume contains a collection of several hundred encrypted keys, one for each licensed player model. In principle, this approach allows licensors to "revoke" a given player model (prevent it from playing back future content) by omitting to include the encryption corresponding to that model. In practice, however, revoking all players of a particular model is costly, as it causes many users to lose playback capability. Furthermore, the inclusion of a shared key across many players makes key compromise significantly more likely, as was demonstrated by a number of compromises in the mid-1990s.


The approach of AACS provisions each individual player with a unique set of decryption keys which are used in a ] scheme. This approach allows licensors to "revoke" individual players, or more specifically, the decryption keys associated with the player. Thus, if a given player's keys are compromised by an attacker, the AACS licensing authority can simply revoke those keys in future content, making the keys/player useless for decrypting new titles. The approach of AACS provisions each individual player with a unique set of decryption keys which are used in a ] scheme. This approach allows licensors to "revoke" individual players, or more specifically, the decryption keys associated with the player. Thus, if a given player's keys are compromised by an attacker, the AACS licensing authority can simply revoke those keys in future content, making the keys/player useless for decrypting new titles.

Revision as of 14:36, 24 May 2005

The Advanced Access Content System is a new standard for content distribution and digital rights management, which will allow limited sharing and copying of the next generation of DVDs.

The group developing it includes Microsoft, Sony, Disney, IBM, Matsushita, and Warner Brothers. The standard has been adopted as the copy-protection scheme for HD-DVDs, and is expected to be used for Blu-ray too.

The proposal is based on broadcast encryption using Naor-Naor-Lotspiech subset difference trees. The proposal was voted one of the technologies most likely to fail by IEEE Spectrum magazine. Concerns about the approach include its similarity to past systems that failed, such as Content Scrambling System (CSS), and the inability to preserve security against hacking attacks that compromise large numbers of players. The specifications for the product have been publicly released (as of April 2005).

System overview

AACS utilizes cryptography to control the use of digital media. AACS-protected content is encrypted under one or more title keys using the Advanced Encryption Standard (AES). Title keys are derived from a combination of a media key and several elements, including the volume ID of the media (e.g., a physical serial number embedded on a DVD), and a cryptographic hash of the title usage rules.

The principal difference between AACS and earlier content management systems such as CSS is in the means by which title-specific decryption keys are distributed. Under CSS, all players of a given model are provisioned with the same, shared decryption key. Content is encrypted under the title-specific key, which is itself encrypted under each model's key. In CSS, each volume contains a collection of several hundred encrypted keys, one for each licensed player model. In principle, this approach allows licensors to "revoke" a given player model (prevent it from playing back future content) by omitting to include the encryption corresponding to that model. In practice, however, revoking all players of a particular model is costly, as it causes many users to lose playback capability. Furthermore, the inclusion of a shared key across many players makes key compromise significantly more likely, as was demonstrated by a number of compromises in the mid-1990s.

The approach of AACS provisions each individual player with a unique set of decryption keys which are used in a broadcast encryption scheme. This approach allows licensors to "revoke" individual players, or more specifically, the decryption keys associated with the player. Thus, if a given player's keys are compromised by an attacker, the AACS licensing authority can simply revoke those keys in future content, making the keys/player useless for decrypting new titles.

See also

External links

Stub icon

This cryptography-related article is a stub. You can help Misplaced Pages by expanding it.

Categories: