Content scramble system

from Wikipedia, the free encyclopedia
This article or the following section is not adequately provided with supporting documents ( e.g. individual evidence ). Information without sufficient evidence could be removed soon. Please help Wikipedia by researching the information and including good evidence.

The Content Scramble System ( CSS ) is a method of encryption of DVD video content . It was developed primarily by Matsushita and Toshiba and is licensed by the DVD Copy Control Association (CCA), a film and consumer electronics company. The license itself is royalty free, but there is an administrative fee of $ 5,000 per year. CSS only uses symmetric cryptography and is completely broken due to several design flaws.

functionality

Licensed DVD players , regardless of whether they are hardware or software, contain one or more keys from a set of 409 device keys ( player keys ) that were generated once by the CCA. Individual keys are made available to various DVD player manufacturers; in principle, these keys should remain secret.

The content of a CSS-protected DVD is in encrypted form; the keys required for playback change from sector to sector ( sector key ) or from chapter to chapter ( title key ), but are in turn in encrypted form on the DVD . The disk key is required to decrypt the title keys . This disc key, which is different for each CSS DVD, is encrypted with all 409 device keys and is encoded 409 times with these 409 device keys on the DVD.

A licensed DVD player goes through the following steps to play a CSS protected video:

  • The disk key is decrypted with a device key known to the player.
  • The title key for the relevant chapter is decrypted with the help of the disk key.
  • The sector key is decrypted with the title key.
  • The sector key is used to decrypt the partially encrypted MPEG-2 -compressed video data.

A device license can be revoked if the disk key of newly produced DVDs is no longer encrypted with the corresponding device key. CSS does not prevent the creation of bit-true copies of a DVD, but rather the playback of DVDs on unlicensed devices that are not authorized by the CCA.

CSS-encrypted film files on DVD can be copied to the hard drive, for example, without any problems, but must first be decrypted before playing or converting the video material. It is also not possible to create a working 1: 1 copy on a writable DVD without breaking the encryption if the original is protected with CSS. There are also regional codes for DVD content , which should only allow DVDs to be played in the regions for whose market they are intended.

The successor to CSS that is used on HD DVDs and Blu-ray Discs is called the Advanced Access Content System (AACS). As an alternative to these methods, which are mainly based on encryption, there are also physical copy protection methods such as ARccOS .

CSS hack

Since the cryptography used in CSS with only 40-bit long keys, the complexity of which can be reduced to 2 25 , can be cracked in a reasonable time using normal PCs available today using brute-force attacks, the effort to restore the content is also manageable. This had to be knowingly accepted by the DVD Forum during the standardization of CSS in 1996, since the export restrictions of the USA at the time did not allow the export of strong cryptography abroad for security reasons. The brute force approach soon proved to be unnecessary, as cryptographers and hackers found out that CSS contains fundamental design flaws that allow the playback protection to be cracked within seconds.

For all of the industry's efforts to keep the exact functionality of CSS secret, the technology had to be implemented in each and every one of millions of devices and programs ( software DVD players ). Presumably, the way the technology worked became public through reverse engineering of the software DVD player. Finally, in October 1999, the DeCSS program , which can be used by CSS, spread on the Internet.

So-called ripper software was also available before that, which intercepts the data when it has been decrypted and decoded for display and then allows it to be stored unprotected. Information on bypassing the regional blockade can also be found on various websites.

On the day after the DeCSS source code was published, a code was mentioned in an analysis of the CSS key generation that only needed 17 hours to generate a valid player key on a Celeron processor clocked at 366 MHz .

Another day later, Frank A. Stevenson described an attack of complexity 2 16 with 6 known bytes. Modern processors do this practically immediately. This attack was further optimized so that only 5 bytes were needed (which, according to the CSS standard, are always known and as a hash value on the DVD). At the same time, a hacker built a crack that could decrypt a VOB (DVD Video Object ) file and save it on the hard drive as an MPEG file. At this point, the people involved had long been only interested in finding out how poor CSS was overall.

On October 30, 1999, all player keys were published on the livid-dev mailing list. The film industry had expected the loss of individual player keys and designed CSS to subsequently delete such keys as the Xing DVD player hacked as part of the DeCSS development. However, the latest development showed that this method was not feasible: on the one hand, replacing all of the player keys would have meant that all existing players would no longer be compatible with new DVDs; on the other hand, the hackers had shown that they had the new players -Keys would have figured out just as quickly as the old ones. On the same day, Stevenson posted another attack possibility: Using the disk key hash, it was possible to obtain the disk key within a few seconds without having a single player key.

The Chaos Computer Club calls CSS an "amateur encryption system" . The club posted a full report on how the hack went on on their website.

Even Bruce Schneier , a leading cryptographers worldwide, CSS called "a very weak program with a very weak 40-bit key, leaning on a weak algorithm" .

The Motion Picture Association of America (MPAA) commented in its FAQ on the allegation that CSS was easy to hack: “There is no such thing as a perfect encryption system that is immune to attacks. Newer and more complex copy protection systems are currently being developed; however, we admit that determined thieves will try to bypass these protective systems too ” .

Criticism and alternatives

Initiatives like the Global Internet Liberty Campaign and OpenDVD are campaigning against CSS. OpenDVD was founded by software and hardware engineers looking for new and better ways to deploy DVD across the industry. They too want to protect the rights of copyright owners, but also enable consumers to produce their own DVD videos and to make use of their fair use rights. For this purpose, the Linux Video and DVD Project ( LiViD ) was formed, which presented the Open Media System in February 2001 , with which DVDs can also be played under the GNU / Linux operating system .

Web links

swell

  1. DVD software ( Memento from April 7, 2014 in the web archive archive.today )
  2. In his testimony in the New York DeCSS trial