HD-DVD AACS hacked

A hacker going under the alias "muslix64" has written a utility which is capable of decrypting a AACS (Advanced Access Content System) protected HD-DVD discs.

A hacker going under the alias "muslix64" has written a utility which is capable of decrypting a AACS (Advanced Access Content System) protected HD-DVD discs.

The decryption tool, called BackupHDDVD, is a Java-based command-line utility which decrypts the .evo video files found on a HD-DVD disc and saves them to your hard drive so they can be played using HD-DVD playback software.

I've taken a look at the source code for BackupHDDVD (which is currently included with the software download) and it seems genuine enough.  According to the comprehensive FAQ which accompanies the source code, BackupHDDVD simply implements the AACS decryption protocol as outlined at aacsla.com (the official AACS website).  Title keys, which are required to decrypt the movie files, are stored encrypted on the HD-DVD disc but this hack seems to rely on the fact that CyberLink PowerDVD 6.5 HD-DVD extracts these keys and doesn't protect them well enough (I'm a little hazy on this because "muslix64" is is being vague as to how he got hold of the title keys).  What I am sure of is that BackupHDDVD doesn't extract the keys itself, it merely relies on having access to the keys.  They key here (if you pardon the pun) is that "muslix64" has found a way to get at these keys.

Here's what "muslix64" thinks of the AACS protection mechanism:

What do you think of the technical aspects of AACS?

The design is not that bad, but it's too easy to have an insecure player implementation somewhere. And just one bad implementation is all it needs to get the keys! There will always be insecure implementations of a player somewhere! And the "Revocation system" is totaly useless if you use the Title key directly.

The point about the revocation system being next to useless is spot on - if you have access to title keys, you totally bypass the revocation system automatically.  Also, to be honest I never saw the revocation system as being all that effective - if the media companies revoked a key this would mean that legitimate owners couldn't play contents which they had bought.  This would no doubt end in lawsuits.

What's interesting here is that while this hack might give HD-DVD a temporary advantage amongst enthusiasts who want to backup discs (and given the higher data density of HD-DVD and Blu-ray discs, this isn't such a bad idea), in the long run it won't give either format an advantage because both HD-DVD and Blu-ray use the now cracked AACS DRM mechanism.

There are still a few bugs in the decryption process (namely fast-forward and rewind issues and also sub-titles don't work either) but I'm pretty sure that we'll see future implementations which fix these issues.  Also, BackupHDDVD currently only supports Windows, but given that it is based on Java, I think that Linux and Mac versions will be along shortly.

See the process in action in the video available on YouTube.

Does this make you more likely to adopt the HD-DVD standard?