Original author(s) | Muslix64 |
---|---|
Stable release | Non [±] |
Preview release | 1.0.3 (January 25, 2007 ) [±] |
Operating system | Windows |
License | Freeware [1] |
BackupHDDVD is a small computer software utility program available in command line and GUI versions which aids in the decryption of commercial HD DVD discs protected by the Advanced Access Content System. It is used to back up discs, often to enable playback on hardware configurations without full support for HDCP. The program's source code was posted online, but no licence information was given.
Written by an anonymous programmer using the handle Muslix64, BackupHDDVD is distributed with none of the cryptographic keys necessary for decryption. Users wanting to use the software to decrypt a protected disc's contents must obtain the appropriate keys separately, a task with which neither the original author nor his or her versions of BackupHDDVD assist. [2] [3]
BackupHDDVD represented the first known successful attack against AACS. The utility circumvents content protection by decrypting video files directly with AES, the underling cryptographic cipher used by AACS. Using this technique, BackupHDDVD is able to completely bypass the AACS chain of trust, rendering it immune to revocation. The cost of this immunity is that users are forced to rely on keys leaking from commercial player software to use BackupHDDVD with new discs. [4] [5]
According to the creator of BackupHDDVD, he or she first set out to circumvent AACS to bypass a restriction in software HD DVD players which reduced the quality of AACS restricted 1080p high definition video to that of standard definition DVD video or refused to play outright unless an HDCP compliant chain of video hardware was present. [2] At the time only a few computer monitors and video cards supported HDCP. As a result, configurations that would have allowed high-definition HD DVD viewing in software players were exceptionally rare. [6] [7]
On December 18, 2006, a video which showed BackupHDDVD being used to decrypt and copy the film Full Metal Jacket to a hard drive was uploaded to YouTube. [8] Two days after the video was uploaded, the initial version of the utility along with its source code and documentation was uploaded to a file hosting service. A link to the file was then posted by the utility's creator on the forums of Doom9, a website devoted to DVD backup. The utility's documentation, along with the forum post, contained little information as to how necessary keys could be obtained. The author elaborated in another forum post, claiming that keys could be obtained by exploiting the necessity for them to be held in memory to allow playback in player software.
On January 2, 2007, the author posted the 1.0 version of the BackupHDDVD utility, which included support for the decoding of discs using volume keys. [9] For several weeks following the utility's release no success using the author's key extraction technique was reported. [10] [11] In mid-January 2007, a volume key was published by another member of the Doom9 forum along with an explanation of the technique used to obtain it. Other forum members quickly discovered keys for different titles. Keys for many discs are now readily available on the internet.
Further development of BackupHDDVD was being hosted on SourceForge until the site received a DMCA takedown notice alleging a violation in late February. In compliance with the notice, the project was immediately removed. Several versions of BackupHDDVD have been released by individuals other than the original author, including some versions with GUIs and the ability to locate keys on the internet or scan for them in memory automatically. HDDecrypter, a port of BackupHDDVD to C with a native Windows GUI is also available. This version supports multiple CPU threads and runs faster than its Java counterparts. While development of BackupHDDVD has ceased, a commercial HD DVD decryption utility called Slysoft AnyDVD HD exists which relies on compromised AACS processing or media keys to allow for the backup or unrestricted viewing of any AACS-protected discs without the need for title or volume keys. [12] [13]
The AACS Licensing Authority (LA) assigns a series of 253 unique cryptographic keys to device manufacturers. When an AACS protected disc is manufactured, a series of up to 64 keys called title keys are generated and the video content on the disc is encrypted using these keys. The title keys are stored on the disc and themselves encrypted with another key called the volume unique key. The volume unique key for any disc can be calculated by all authorized devices using another key called a processing key, which is derived from a media key block stored on each disc. Authorized devices use one or more of the manufacturer's assigned device keys to decrypt the media key block, yielding a processing key and enabling further decryption of the volume and title keys, and finally the content. [14]
If a device key is to be revoked, the media key blocks on all discs manufactured after the time of revocation are encrypted in a way which does not enable the revoked device to obtain a valid processing key. [15] Users trying to view new content on a revoked player would be forced to upgrade their player software to a more secure version, thereby limiting the scope of the compromise each time an exploit is discovered. [16] [17] While a compromised device or processing key could be used to decrypt a large number of discs, BackupHDDVD does not use these keys because they can be revoked by AACS LA. Because the AACS revocation system works by preventing a given device or player from calculating a valid volume unique key, BackupHDDVD circumvents the system entirely by relying on volume or title keys leaked from authorized players. With these keys BackupHDDVD is not subject to device revocation and is able to decrypt the content directly, bypassing the key exchange and verification process. [14] [18] [19]
Users must have either found decryption keys themselves or obtained them elsewhere for most versions of BackupHDDVD to work. The utility reads a text file containing volume or title keys and attempts to find a set of corresponding keys for the inserted disc. Through a standard AES library, it then decrypts each video file on the disc using the appropriate keys and writes the results to a location specified by the user. Direct file decryption allows the utility's functionality to remain unaffected by device key revocation and its performance unencumbered with AACS overhead. [3]
Originally intended to be a proof of concept, BackupHDDVD is severely limited in its ability to produce fully functional copies of commercial discs. Early versions were unable to properly decrypt discs which used the in-movie experience technology. New versions work around this limitation by excluding interactive content from decrypted copies. The utility cannot process HD DVD navigation functionality which enables menus, chapters, secondary audio tracks and subtitles, so these features are inaccessible in copies created by BackupHDDVD. Most versions provide no validation for keys and will still attempt to decrypt a disc's contents with an incorrect key, resulting in corrupt files. [11]
Under United States anti-circumvention law created by the Digital Millennium Copyright Act, BackupHDDVD may qualify as a device primarily intended to "circumvent a technological measure that effectively controls access to a [protected] work." If identified as such, it would be illegal to use or distribute.
Reaction to the utility by Doom9 forum members, bloggers, and mainstream media has ranged from supportive to intensely hostile. By some, the circumvention of AACS was seen as a reaffirmation of fair use. Others felt that the utility was no more than a piracy tool and would bring about group punishment against consumers in the form of player revocation. One article compared proponents of BackupHDDVD to terrorists. [20] When the release of the tool was first publicized, several articles claimed that AACS had been cracked. [2] [8] In fact no cryptographic weaknesses constituting a crack have yet been found in AES, the underlying cryptographic system of AACS. Keys are actually obtained through a side-channel attack. [21]
Initially, it was thought that the compromise of HD DVD's security would entice some studios into adopting the competing Blu-ray format, but Blu-ray's AACS implementation has since been circumvented using a similar method. However, Blu-ray offers an additional layer of protection called BD+.
There was some speculation that the player used by the utility's author to obtain keys would be revoked. Cyberlink, which sells the PowerDVD player software, was quick to deny that its software could be used to obtain keys. [22] Corel was silent about the role its WinDVD software had played in the leaking of volume and title keys. Both companies have since released updates for their player software. [21]
The consortium behind the HD DVD format and the studios delivering films on the format did not release an official statement beyond that they were investigating the utility. [23] On January 24, 2007 AACS LA issued a statement acknowledging that AACS security had been compromised while urging software vendors to limit the availability of keys in memory. [21] Beginning with discs manufactured in late April, versions of PowerDVD and WinDVD responsible for leaking keys have been revoked and free updates are available to owners of affected versions. [24]
High-bandwidth Digital Content Protection (HDCP) is a form of digital copy protection developed by Intel Corporation to prevent copying of digital audio and video content as it travels across connections. Types of connections include DisplayPort (DP), Digital Visual Interface (DVI), and High-Definition Multimedia Interface (HDMI), as well as less popular or now deprecated protocols like Gigabit Video Interface (GVIF) and Unified Display Interface (UDI).
The Encrypting File System (EFS) on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption. The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.
DVD Shrink is a freeware DVD transcoder program for Microsoft Windows that uses a DVD ripper to back up DVD video. It can also be run under Linux using Wine. The final versions are 3.2.0.15 (English) and 3.2.0.16 (German); all other versions, such as DVD Shrink 2010, are illegitimate. DVD Shrink's purpose is, as its name implies, to reduce the amount of data stored on a DVD with minimal loss of quality, although some loss of quality is inevitable. It creates a copy of a DVD, during which the DVD region code is removed, and copy protection may also be circumvented. A stamped DVD may require more space than is available on a writeable DVD, unless shrunk. Many commercially released video DVDs are dual layer ; DVD Shrink can make a shrunk copy which will fit on a single-layer writeable DVD, processing the video with some loss of quality and allowing the user to discard unwanted content such as foreign-language soundtracks.
VOB is the container format in DVD-Video media. VOB can contain digital video, digital audio, subtitles, DVD menus and navigation contents multiplexed together into a stream form. Files in VOB format may be encrypted.
Windows Media DRM or WMDRM, is a digital rights management service for the Windows Media platform. It is designed to provide delivery of audio or video content over an IP network to a PC or other playback device in such a way that the distributor can control how that content is used.
Slyck was a website that produced and aggregated file sharing news stories, as well as offering a forum for users.
Broadcast encryption is the cryptographic problem of delivering encrypted content over a broadcast channel in such a way that only qualified users can decrypt the content. The challenge arises from the requirement that the set of qualified users can change in each broadcast emission, and therefore revocation of individual users or user groups should be possible using broadcast transmissions, only, and without affecting any remaining users. As efficient revocation is the primary objective of broadcast encryption, solutions are also referred to as revocation schemes.
The High-Definition Audio-Video Network Alliance (HANA) was a cross-industry collaboration of members addressing the end-to-end needs of connected, HD, home entertainment products and services. Leading companies formed the organization from the four industries most affected by the HD revolution: content providers, consumer electronics, service providers, and information technology. HANA created design guidelines for secure high-definition audio-video networks that would speed the creation of new, high-quality, easy-to-use HD products. HANA membership was open to all companies involved in the digital entertainment industry. HANA was dissolved in September 2009, and the 1394 Trade Association assumed control of all HANA-generated intellectual property.
RedFox is a software development company based in Belize. The company is most prominently known for its software AnyDVD, which can be used to bypass copy protection measures on optical media, including DVD and Blu-ray Disc media, as well as CloneCD, which is used to back up the contents of optical discs.
An illegal number is a number that represents information which is illegal to possess, utter, propagate, or otherwise transmit in some legal jurisdiction. Any piece of digital information is representable as a number; consequently, if communicating a specific set of information is illegal in some way, then the number may be illegal as well.
The Advanced Access Content System (AACS) is a standard for content distribution and digital rights management, intended to restrict access to and copying of the post-DVD generation of optical discs. The specification was publicly released in April 2005. The standard has been adopted as the access restriction scheme for HD DVD and Blu-ray Disc (BD). It is developed by AACS Licensing Administrator, LLC, a consortium that includes Disney, Intel, Microsoft, Panasonic, Warner Bros., IBM, Toshiba and Sony. AACS has been operating under an "interim agreement" since the final specification has not yet been finalized.
Doom9 is a website featuring information on digital audio and video manipulation and digital copyrights. It is also the forum username of the author of the page, an Austrian who was a college student at the time of the creation of the site. The site's tagline is "The Definitive DVD Backup Resource".
HD DVD is an obsolete high-density optical disc format for storing data and playback of high-definition video. Supported principally by Toshiba, HD DVD was envisioned to be the successor to the standard DVD format, but lost to Blu-ray, supported by Sony and others.
BD+ is a component of the Blu-ray Disc digital rights management system. It was developed by Cryptography Research Inc. and is based on their Self-Protecting Digital Content concept. Its intent was to prevent unauthorized copies of Blu-ray discs and the playback of Blu-ray media using unauthorized devices.
The security of Advanced Access Content System (AACS) has been a subject of discussion amongst security researchers, high definition video enthusiasts, and consumers at large since its inception. A successor to Content Scramble System (CSS), the digital rights management mechanism used by commercial DVDs, AACS was intended to improve upon the design of CSS by addressing flaws which had led to the total circumvention of CSS in 1999. The AACS system relies on a subset difference tree combined with a certificate revocation mechanism to ensure the security of high definition video content in the event of a compromise.
The Content Scramble System (CSS) is a digital rights management (DRM) and encryption system employed on many commercially produced DVD-Video discs. CSS utilizes a proprietary 40-bit stream cipher algorithm. The system was introduced around 1996 and was first compromised in 1999.
The WIPO Copyright and Performances and Phonograms Treaties Implementation Act, is a part of the Digital Millennium Copyright Act (DMCA), a 1998 U.S. law. It has two major portions, Section 102, which implements the requirements of the WIPO Copyright Treaty, and Section 103, which arguably provides additional protection against the circumvention of copy prevention systems and prohibits the removal of copyright management information.
The Media Key Block (MKB) is one of the keys included inside the copying protection system (DRM) AACS. This system is used to prevent Blu-ray and HD DVD formats from being copied. The system was developed by companies from the film industry and the electronics industry including IBM, Intel, Microsoft, Matsushita (Panasonic), Sony, Toshiba, The Walt Disney Company and Warner Bros.
A controversy surrounding the AACS cryptographic key arose in April 2007 when the Motion Picture Association of America and the Advanced Access Content System Licensing Administrator, LLC began issuing cease and desist letters to websites publishing a 128-bit (16-byte) number, represented in hexadecimal as 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
, a cryptographic key for HD DVDs and Blu-ray Discs. The letters demanded the immediate removal of the key and any links to it, citing the anti-circumvention provisions of the United States Digital Millennium Copyright Act (DMCA).
Encrypted Title Key is an encrypted key that belongs to anticopy Advanced Access Content System (AACS). This key is included in the Media Key Block system and is an important part of the content protection process of Blu-ray and HD-DVD contents.