This is definitely going to raise the stakes on the SDMI negotiations going on at the moment. It also raises the credibility of the 'paradigm shift' argument being made by the vocal minority there, the basis of which is that commercial music should adopt the same economic model as other mass-delivery information systems like TV programs and print media which removes the motivation for piracy. Example: Yes, you could pirate a newspaper, but what would be the point? It would probably cost more to photocopy than to buy your own copy. Yes, you can pirate commercial TV, but it comes 'free' over the air anyway.

Incidentally, I also regard DVD as a short-lived transitional format. It's marginally better than SVHS videotape, about on par with the old Laserdisc analog format (but with considerable economic and ergonomic advantages over LD). It seems that the major commercial push initially was on the basis of piracy resistance and durability in consumer hands. Now that CD R/W drives are common and DVD R/W drives loom on the near horizon, MPAA see it only as another threat to their proprietary profits.

Frankly, I think the longer that both the music and film/video industries fail to 'get with it' technically, the more likely that they'll be completely supplanted by some newer distribution channel, be it legal or otherwise. Joe Consumer accepts videotape because it's out there and it performs adequately on the playback hardware in the living room. When NTSC TV goes away, videotapes are going to look awful on HDTV sets. If MPAA drag their feet too much hoping for some 'unbreakable' copy-protection scheme, and fail to bless a format with at least HDTV broadcast resolution, they'll find a market-driven piracy solution for HD Video has landed in US households just as MP3 has. And with the increasing number of desktop PC's in households (50% in US according to Gates at Fall COMDEX), it's only going to get worse if you're a proprietary data format pusher.

Unfortunately, the media coverage is disturbingly wrong and this case
illustrates the lack of checking journalists do before copying news from
other sources. I don't know who badmouthed Xing in the first place, but
as an outside witness I would like to tell the world what really
happened.

The round-up is this:

  1. It is difficult (next to impossible) to copyright digital content.
     So the film industry decided to implement a copy protection scheme
     (it does not matter if it works or not) and legally protect that.
     Then, if anyone copies a DVD, they can sue him on violating the
     copy protection rights.
  2. Like most clueless consortia, they did not ask an expert but
     defined their own encryption. This should remind everyone of the
     spectacular failures that previous consortia suffered with this
     strategy (notably the GSM mobile telephony "encryption" and the
     pay TV standards). Actually there is a conspiracy theory that the
     film industry deliberately made the standard weak so they more
     people would break it and they could get more money out of the
     combined lawsuits. An interesting side-note is that they actually
     _did_ ask an expert (at least one expert, the Intel security
     officer who designed the DVD key exchange with the 409 player
     keys). That expert told them that their cryptography was weak and
     they did not listen to him.
  3. The algorithm was proprietary and unpublished. But once software
     players can decrypt the DVD you can read the decryption key and
     binary code from your computer's RAM and look at it. It is vital
     to understand that no amount of obfuscation or "encryption" can
     prevent this. If the computer can decrypt the DVD, the decryption
     code must be visible to the processor and then it is also visible
     to the attacker. To blame the DVD crack on Xing shows an amazing
     amount of incompetence. Xing probably is the party with the least
     "guilt" (if you can talk about guilt in the first place).
  4. Some warez cracker group disassembled the decryption code gleaned
     from the Xing player and decompiled it back to C code. This C code
     was anonymously published around the world. Among others, the
     mailing list of the Linux DVD development effort was one of the
     recepients.
  5. A cryptographer got hold of this code and wrote a program that
     would crack the code by trying all the keys within a single day.
     That program would crack a key in at most 17 hours, that is after
     8.5 hours average running time it would have found the key. This
     is notable because it shows just how bad the encryption is. The
     DES crack took eight days on 40 machines, this crack takes 8.5
     hours on one machine. And DES is nowadays regarded as too weak
     because of that.
  6. The next day the same cryptographer had found and implemented an
     attack that would find a key within a fraction of a second if you
     know 6 bytes of decrypted output.
  7. It was later found that the attack can be enhanced to work with 5
     known output bytes. These 5 bytes are known if you watch an
     encoder successfully decrypt a DVD! The new attack takes 5
     seconds.
  8. The DVD encryption works like this: each DVD is encrypted with a
     randomly generated session key. This key is encrypted with 408
     different "player keys", each of the encrypted keys are stored in a
     sector on the DVD. Each player vendor must have registered with
     the DVD consortium and received a player key. It can then decrypt
     all the encrypted session keys with its player key and check if it
     got the right one against a hash value that is also stored on disk.
     The rationale is that, if a player key is compromised, you can
     fabricate future DVDs without the session key with that player key,
     i.e. you can retract keys.
  9. 5 seconds and 408 keys means that you can decrypt all player keys
     in about 30 minutes. The next day someone published "a few hundred
     random numbers" with the comment that the generation took 30
     minutes. That means that CSS has been completely broken. This was
     the event that caused the DVD consortium to unleash their lawyers.
     If the DVD consortium would replace all the player keys on future
     DVDs, then it would only take another 30 minutes to break them all,
     and all the people who have bought DVD players from Sony,
     Panasonic, whatever, would have to bring them in for replacement.
 10. The absolute killing stroke was delivered the next day when it was
     found out that you can retrieve the session key just by using the
     hash value that players use for verification in a mere 20 seconds!
     That is even if the DVD consortium would change the DVD player keys
     every few months, CSS would still be broken, and there would even
     be no manual intervention when someone needs to invest the 30
     minutes of CPU time to crack all the player keys.

Conclusion: CSS is amazingly weak. They did almost everything wrong.
The only thing they did right was the retraction scheme for DVD player
keys. I couldn't point at any other thing that they could have done
worse than they already did.

What I find the very worrisome about this is that the consumer has to
pay all the money that was wasted on devising and implementing CSS. And
now the film industry is hunting the wrong people with their lawyers.
The reverse engineers posted the stuff anonymously, so the lawyers are
going after the Linux developers who had nothing to do with the whole
issue besides that it was posted on their mailing list.


It is interesting to note that the code came from different players.
While the player key came from the Xing player, the authentication code
came from another player, rumours say it was the Cinemaster player, and
the CSS code comes from an unknown player. At any time there were at
least 5 teams working on extracting the code from different players.

This was _not_ just some kid stumbling upon on a weakly encrypted Xing
key as the media reported.

Felix

Actually I aggree with Prodeep( or whatever the name :), sorry ). But to another point, though...

On the point, it's all about profit 'n stuff... And jsut because some "patents" seem obvious doesn't mean they're obvious, at all. Being a compsci guy, well, maybe 1/2 cracker ( for some fun ), I'm still bother with that. Though it involves techno issues, the eco stuff are pretty obvious ( did somebody scream "patents" ?)

As stated by many writer on the net ( as far as I've seen, over 100, but that's just me ), the points are:
- Cost and benefit ( those include cost'n benefit of both the industry and authors', as well as consumers' )
- Conspiracy revolving C 'n B.
- 'til when they start another standard.(???)

It's a shame we're discussing something that does not help the issues at all, no matter how devoted we are. So why we keep discussing...

I, for one, desperately want to make a great voice out of the community, but couldn't. So are the majority of us. The hope can only come in the form of a certified individual/organisation that take the responsibility to speak our common voice. Anybody?? Well, not until a big-mouthed, famed jounalist joins us...
-(sorry, this will amuse most of the people here, so I beg to be anonymous)