DVD encryption break is a good thing

The scheme to protect DVDs has been broken. There are now freeware programs on the Internet that remove the copy protection on DVDs, allowing them to be played, edited, and copied without restriction.

This should be no surprise to anyone, least of all to the entertainment industry.

The protection scheme is obviously flawed in several ways. Each DVD is encrypted with something called Content Scrambling System (CCS). It has a 40-bit key. (I have no idea why. The NSA and the FBI don't care about DVD encryption. There aren't any terrorist movies they need to be able to watch.) It's not even a very good algorithm. But even if the encryption were triple-DES, the scheme would be flawed.

Every DVD player, including hardware consoles that plug into your television and software players that you can download to your computer, has its own unique unlock key. This key is used to unlock the encryption key on the DVD. Every DVD has 400 copies of the same decryption key, each encrypted with every unlock code. Note the global secret: if you manage to get one unlock key, you can decrypt every DVD.

But even if this were all perfect, the scheme could never work. The software player eventually gets the decryption key, decrypts the DVD, and displays it on the screen. That decrypted DVD data is on the computer. It has to be; there's no other way to display it on the screen. No matter how good the encryption scheme is, the DVD data is available in plaintext to anyone who can write a computer program to take it.

And so is the decryption key. The computer has to decrypt the DVD. The decryption key has to be in the computer. So the decryption key is available, in the clear, to anyone who knows where to look.

The DVD software manufacturers were supposed to disguise the decryption program, and the playing program, using some sort of software obfuscation techniques. These techniques have never worked for very long; they only seem to force hackers to spend a couple of extra weeks figuring out how the software works. I've written about this previously in relation to software copy protection; you can't obfuscate software.

It might be a bitter pill for the entertainment industry to swallow, but software content protection does not work. It cannot work. You can distribute encrypted content, but in order for it to be read, viewed, or listened to, it must be turned into plaintext. If it must be turned into plaintext, the computer must have a copy of the key and the algorithm to turn it into plaintext. A clever enough hacker with good enough debugging tools will always be able to reverse-engineer the algorithm, get the key, or just capture the plaintext after decryption. And he can write a software program that allows others to do it automatically. This cannot be stopped.

If you have secure hardware, you can prevent it. The attack works because the hacker can run a debugger and other programming tools. If the decryption device and the viewing device (it must be both) is inside a tamperproof piece of hardware, the hacker is stuck. He can't reverse-engineer anything. But tamperproof hardware is largely a myth, so in reality this would just be another barrier that someone will eventually overcome.

One more lesson, and an observation.

The lesson: This is yet another example of an industry meeting in secret and designing a proprietary encryption algorithm that ends up being embarrassingly weak. I never understand why people don't use free, public, encryption algorithms. They're almost always better.

The observation: One solution that the entertainment industry has been pushing for is to make reverse-engineering illegal. They managed in the United States: the Digital Millennium Copyright Act includes provisions to this effect, despite the protests of the scientific and civil rights communities. (Yes, you can go to jail for possessing a debugger.) This "solution" does not work and makes no sense.

First, unless reverse-engineering is illegal everywhere on the planet, someone will be able to do it somewhere. And one person is all you need; he can write software that everyone else uses. Second, the reverse-engineer can--like in this case--work anonymously. Laws wouldn't have helped in this case. And third, laws can't put the cat back into the bag. Even if you could catch and prosecute the hackers who did this, it wouldn't affect the hacker tools that have already, and continue to be, written.

The fatal flaw is that the entertainment industry is lazy, and are attempting to find a technological solution to what is a legal problem. It is illegal to steal copyrights and trademarks, whether it is a DVD movie, a magazine image, a Ralph Lauren shirt, or a Louis Vitton handbag. This legal protection still exists, and is still strong. For some reason the entertainment industry has decided that it has a legal right to the protection of its technology, and that makes no sense.

This DVD break is a good thing. It serves no one's interests for the entertainment industry to put their faith in a bad security system. It is good research, illustrating how bad the encryption algorithm is and how poorly thought out the security model is. What is learned here can be applied to making future systems stronger.

Bruce Schneier is CTO of Counterpane Internet Security, based in San Jose

I want to visit the DVD Basement