Cryptography Research wants piracy speed bump on HD DVDs

[R.A. Hettinga]

<http://www.theregister.co.uk/2004/12/15/cryptography_research/print.html>

The Register


 Biting the hand that feeds IT

The Register ; Internet and Law ; Digital Rights/Digital Wrongs ;


Cryptography Research wants piracy speed bump on HD DVDs
By Faultline (peter at rethinkresearch.biz)
Published Wednesday 15th December 2004 11:49 GMT

Analysis Just about a year from today, if not sooner, if we believe the
outpourings of both the DVD Forum and the Blu-Ray Disc Association, we will
be able to go out to the shops and buy blue laser, high definition, high
density DVDs in two completely different designs. We will also be able to
buy the players and recorders by then, as well as studio content from
virtually every major studio in the world, on one or the other system.

If you believe the hype, DVD manufacturers will likely have to buy in two
types of DVD manufacturing equipment. Households will have to buy two DVD
players. Consumers will have to buy one PC with one type of high density
DVD player and buy another separate player to read the other format of disk.
We neither believe the hype, nor understand the argument between the two
formats. Surely a single format is better for everyone, but it appears not.
Every round of format wars that have gone on since the original VHS Betamax
wars, has been split, and the result a draw, and it looks like this one
will be too.

In the end the devices are likely to be virtually identical. The Sony-
Panasonic-Philips camp that inspired the Blu-ray version may have slightly
more capacity on their discs, that's the official view right now, but it
might change. They also have devices out right now and have had them for
over a year, but they are very expensive, up at around $2,000 and are not
the volume versions that will be able to play pre-recorded material.
Eventually these devices will be about 10 per cent more than DVD players
are now.

The DVD Forum backed Toshiba and NEC technology may be slightly cheaper for
studios to manufacture, but then again we only have the word of Toshiba on
that, and most DVD producers seem set on supporting both.

The disks need to play on PCs, as well as DVDs and games consoles, and it
is unlikely that anyone is going to shoot themselves in the foot by making
a disc that is incompatible with any of these devices.

So Microsoft's VC 9 codec has to be supported, as does the prevalent MPEG2
and H.264 codecs, and nobody is planning to argue the toss about the
quality of sound from Dolby. So there is a chance that all of the software
on top of these disks is going to be identical.

In the end all of the Blu-ray manufacturers are still in the DVD Forum, and
given that the Blu-ray leaders make about 90 per cent of the worlds DVD
players and that half of the studios have backed the DVD Forum standard,
their players may well end up playing both formats. The early consumers may
well be asking "What's the difference" a year from now having little clue
as to how different the two technologies are, under the "hood."

But what if they each choose a different way to protect the content on
their disks? How much danger would that put the two groups in?

The Content Scrambling System of the DVD has come in for a lot of criticism
over the years, as piracy has become relatively rampant. It was designed
more or less as a speed bump to put off anyone other than the professional
pirate. But then along came the internet, and it has become possible for
anyone to download CSS circumvention or to read up, on various websites,
how to go about it. The speed bump has been somewhat flattened and it needs
reinforcement in the next technology.

So it falls to these same companies to build something for the studios that
will be rather harder and more persuasive, to act as a hurdle against
piracy for these new DVDs. In fact an organization called Advanced Access
Content System (AACS), formed back in July by such notables as IBM, Intel,
Microsoft, Panasonic, Sony, Toshiba, Disney and Warner Brothers has come
together in order to create a decent speed bump against piracy that should
last at least for the next decade, a decade during which broadband lines
improve to the point where it will be child's play to download even a high
definition movie.

The definition of what is required has been very clear from the studios.
They want a system that has the ability for the security logic to be
renewed and which should also have some form of forensic marking in order
to help track pirates.

At the heart of this protection system will be the safety of the revenue of
all the major studios, which now get way in excess of 50 per cent of any
given film's revenues from DVD sales.

Faultline talked over such a system with its authors this week, who are
optimistic about its bid to become the new, but more sophisticated CSS for
the next generation DVD disk.

Cryptographic Research's senior security architect, who also mockingly
refers to himself as "chief anti-pirate" is Carter Laren, and Cryptography
Research is both realistic about just what it takes to stop pirates and how
difficult that is, as well as optimistic that the two competing
associations are set to choose its own submission as the basis for this
protection system.

Cryptography Research (CR) is just a 15 man intellectual property company,
but it was single handedly responsible for discovering how professional
pirates use Differential Power Analysis to read encryption keys and break
complex coding systems thought to be uncrackable, and has also come up with
circumvention strategies. Virtually all the intellectual property around
DPA is held by CR and is licensed all over the world. CR also wrote the
SSL3 secure sockets layer security version for the IETF.

Put simply DPA is a system of "listening" to power distribution on
semiconductors as they read encryption keys. Circumvention comes from
balancing out all power use when an encryption key is being applied so that
it cannot be read just by observing which circuits are active.

If it appears to you that DPA is really about making it harder for the
"professional" pirate who makes a fortune from illicit manufacture of
pirated goods, rather than about stopping college kids from using P2P
networks to swap files, then you'd be right.

"We would rather chase professional pirates than College students," says
Laren, and this shows in his strategy to build a protection system.

What CR has built, he calls Self Protecting Digital Content or SPDC. In
effect this is a form of content that is no longer passive and includes
code that can execute in a specially constructed SPDC virtual machine that
resides in each player.

The logic behind this approach is that so far Digital Rights Management
systems have tried to both support a trust chain, a way of moving
decryption keys around between devices, as well as allowing the expression
of rules to decide what usage is allowed with that content.

What CR does instead is much simpler and more direct. It tries to cut off
any player that has been used for mass piracy.

"When a pirate makes a copy of a film encoded as SPDC, the output file is
cryptographically bound to a set of player decryption keys. So it is easy
when looking at a pirated work on a peer to peer network, or any copies
found on copied DVDs, to identify which player made those copies," said
Laren "When the content owner sends out any further content it can contain
on it a revocation of just the player that was used to make a pirated copy."

"We picture a message popping up on a screen saying something like 'Disney
movies won't play on your player any more please call this number for
further information.' Or perhaps 'To fix this please call Disney with your
credit card,' something like that anyway.

"We know that pirates can make copies by tapping the MPEG stream with
modified players, or by making a bit for bit copy of the disk, or by using
an analog attack (catching the film stream on the way to the TV over aerial
cabling and re-digitizing it). But using this cryptographical binding we
have forensic marking visible on the copy."

The neat thing about this process is that if someone makes copies for their
own use, that can be enabled. Private individuals could be allowed to make
copies for other players, even for their friends, and that's no problem.

It's only when a pirated copy is discovered coming back to a content owner
(presumably watching P2P sites) that a player will get revoked, and that is
only effective on content made after that point, with the revocation
message in it.

When asked Laren said, "No, this is not the same as fingerprinting or
watermarking. When you generate a fingerprint you are making each copy that
is sold, slightly different and that has some cost implications when
stamping disks. Our forensic information is being created by the player's
virtual machine at the time it is played (copied) so all the disks can be
identical."

The virtual machine players create movie outputs that are artistically
identical but each one is altered if some minor way. This alteration is
just the changing of a few bits of data every few seconds, so every 50
frames or so. And the CR system works such that if ten separate players are
used in collusion in a copying process, taking samples of frames from each,
it will not only identify one of the players, but all of them and they can
be revoked from all future content.

"The big problem for studios is piracy based on film copies that have no
digital identifiers. Because they can be sent around the internet with no
chance of catching the original copier and then you have to go after the
P2P user."

"The problem now is that everything in this market has accelerated. There
are time constraints in that all the studios want to move to better
protection as soon as the new disk formats come out and that is set for the
end of next year. This means that AACS has to get its skates on if the
players for this market are not to be launched ahead of its choice of
security system.

By that time, if the CR system, or any other system, is to be used, the
virtual machine players need to be integrated onto the two format in time
for testing and studio acceptance to take place prior to the end of 2005.

CR has in fact dropped any attempt to have its actual encryption
technologies used in this process. The disk formats will accept RSA or AES
128 bit encryption or both, but CR says this doesn't matter.

"The cryptographic portion of this is pretty easy to solve and any
cryptographer that knows what he is doing can do a good job of that. So we
have withdrawn from that part of the spec and we're just putting forward
the binding process to our virtual machine," said Laren.

The virtual machine is based on a stripped down DLX processor. CR has taken
out the floating point arithmetic and we've made a few changes for the sake
of extra security. The DLX is a 32-bit pipelined embedded RISC CPU
architecture that has come out of academia and was originally designed for
teaching, but is not too unlike the ARM or any other RISC device.

It can be built in hardware, expressed in a hardware language like the
Verilog Hardware Description Language and CR has a reference implementation
in the C programming language.

As for the business model of CR, it plans to charge no royalty to the
consumer electronics manufacturers, and adheres to the principle of
charging the businesses whose security problems it solves, in this case the
studios. So it plans to charge, perhaps as little as a couple of cents, for
each HD disk that is pressed using the technology.

What if only one of the two disk formats agrees to install the player in
their HD DVD players? "Well if one format gets its security broken, then
that is a basis for suppliers to switch to the other format isn't it," says
Laren in a clearly rehearsed sales pitch.

But in the end, Self Protecting Digital Content remain only a speed bump.
For real pirates, buying a new player every time they get a set of keys
revoked is just an inconvenience, but for someone that is casually taking
content and placing it on the internet, the loss of function on their
personal devices will certainly reduce the activity to only the seriously
committed.

"We realize that all we are doing is enabling the game that goes on between
the pirate and the content owners. We see revocation of keys through this
system as taking last mover advantage away from the pirates, and giving it
back to the content owners," concludes Laren.


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'