Cinavia DRM: How I Learned to Stop Worrying and Love Blu-ray’s Self-Destructionby Ganesh T S on March 21, 2012 11:00 AM EST
- Posted in
- Home Theater
Content providers mandate the presence of protection schemes at all times when the consumers want to access their wares. For the consumer, this entails:
1. Conditional access
2. Protected transmission
3. Protected distribution
4. Protected storage
Conditional access is applicable to cases where media travels over insecure channels (such as satellite or cable). This is implemented in STBs. Protected transmission is the path to the display device, and it is usually protected by HDCP (over HDMI) or Macrovision in legacy systems. Protected storage is encountered in broadcast content, with its copy flags to allow DVR archiving. Protected distribution is enabled by the DRM mechanism in Blu-rays / DVDs. In Blu-rays, this DRM scheme is called as AACS (Advanced Access Content System). AACS also provides for protected storage through the Managed Copy feature.
A Popular Webcomic's Take on DRM (c) xkcd
AACS uses 128-bit AES for encryption. Each Blu-ray player / device has a Device Key, while discs come with a Media Key Block (MKB). The shared key generated by using these two (Media Key) is used to decrypt the Title Key, which is then used to decrypt the audio/video data in the disc. AACS also has a revocation mechanism. The MKB in each disc has a Host Revocation List for software players and a Device Revocation List for hardware drives. For PC-based playback to be successful, both the player and the drive must not be on the revocation list.
In practice, key revocation is quite rare because device keys could be shared across an entire lineup, making it hard to pinpoint which particular device was compromised. AACS does provide some sequence keys to identify a particular device as compromised if one has access to multiple pirated copies of different discs from the same drive. In addition to the MKB-Media Key-Title Key combination, PC-based players also have support to generate a Shared Bus Key to encrypt the data inbetween the drive and the software player. This ensures that any snooped data can't be used to get to the original content on the disc. AACS also has a renewal process to prevent attacks similar to those carried out on CSS (with DVDs). The net result is that we are currently at AACS v30.
In addition to AACS, the BDA mandates a BD-ROM mark, which is a physical irregularity on the disc with a 128-bit VolumeID. Blu-ray players will not play back protected content without the VolumeID, as it is essential to the decryption process. Also, the VolumeID can't be generated by consumers (BD-Recorders don't have the capability to burn a VolumeID). The process is tied to the manufacturing facility (which can obtain a license only under strict security considerations). With a counterfeit Blu-ray, it is a simple matter of using the VolumeID to trace the place where the piracy took place.
Note that AACS is based solely on cryptography and, after having been compromised, has the possibility of revoking cryptographic keys as the only means of regaining its effectiveness. So far, this method has failed. This has tempted studios to move over to other forms of DRM such as BD+ and Sony Screen Pass.
It is mandatory for players to implement support for BD+, but not all Blu-rays need to be BD+ enabled. From a player's perspective, a Security Virtual Machine (SVM) needs to be implemented. Blu-rays with BD+ have special content code which are loaded by the SVM and executed during the playback process. The content code has full control over all the components involved in playback. It can alter menus and show on-screen messages if some security breach is detected in the player.
One of the most common BD+ implementations involves storing garbled video on the disc (i.e, after AACS decryption, certain segments of the video are distorted). The content code can implement a fix for the distorted video so that licensed playback is still problem free. For example, in the recently released Contagion Blu-ray, watching the disc with an old version of AnyDVD HD (which performs only AACS decryption, say) would result in heavily distorted video in various scenes. This is because the BD+ code to fix the video wasn't being executed by AnyDVD HD. Unlike AACS, technologies such as BD+ from Irdeto (responsible for the BD+ in the Contagion Blu-ray) and Sony Screen Pass continue to evolve with each new disc.
BD+ needs a SVM to be implemented, but note that the Blu-ray specifications already include a VM requirement for the BD-Java feature. This BD-J feature can also be used to implement structural protection schemes such as Sony DADC's Screen Pass. In this scheme, BD-J code on the disc actively looks for signs of protection being in place during playback. When the BD-J code finds that the protection features are missing (say, due to playing an unprotected copy, or when ripping tools are active in the background), playback is immediately stopped along with an on-screen message. DVDFab's blog has some more details on Screen Pass.
In addition to DRMs aimed at directly protecting content by encryption, the Blu-ray developers also considered some watermarking schemes. Watermarking doesn't actually encrypt the content, but places some non-discernible (to the naked eyes/ears) information in the audio / video tracks of the stream. By serving as a digital signature, it helps the player / analyzer identify the content status. In the next section, we will be talking in detail about Cinavia, the audio watermarking scheme from Verance. Thomson's NexGuard is a type of video watermarking scheme which works with the help of the BD+ SVM. The BD+ content code embeds some invisible information in the video track which contains details of the player / drive used to decrypt the stream. If the video gets out and becomes a 'pirated copy', the watermark can be analyzed to determine the player / drive responsible for the 'piracy'. BD+ code in subsequent Blu-rays can be used to blacklist the player / add it to a revocation list.
If you are interested in learning more about content protection in Blu-rays, I strongly suggest perusing Chapter 4 of Blu-ray Disc Demystified.
Post Your CommentPlease log in or sign up to comment.
View All Comments
cbgoding - Wednesday, March 21, 2012 - link"we can't but help"
should probably be
"we can't help but"
ludikraut - Wednesday, March 21, 2012 - linkAll of the mentioned issues in the article are why I don't own any BluRay discs and most likely never will. Ironically I own two BluRay players (both given away by Sony for free as part of other purchases), but until it becomes as easy, quick and cheap to use as watching a regular DVD I will never own any BluRay media.
Even more ironic is that I own a Sony DVD (The Tourist) that refuses to play on my Sony BluRay player. LOL. I assume I could connect the player to the internet to let it update itself, but I refuse to connect anything that I consider to be a standalone device to my home network.
SandmanWN - Wednesday, March 21, 2012 - linkSmells like BS to me. You "say" you won't hook up a bluray player but I can almost guarantee you have other devices like a cable/uverse/dish box on your network that goes out and downloads program data and firmware patches all the time without your knowledge. Managed modem by your ISP, cell phone and tablets on your wifi reaching out and checking for updates from your carrier. All kinds of devices on your network that are standalone.
BlueAqua - Wednesday, March 21, 2012 - linkPhysical media and DRM needs to die. I haven't bought any physical media in years now.
In the last sentence you state that the consumers need to wake up and decide if it's worth it to us, but its really the industry that needs to wake up.
Exodite - Wednesday, March 21, 2012 - linkThere's nothing inherently wrong with physical media, indeed it makes a lot of sense for most consumers.
The only issue is the DRM nightmare, though that isn't really any better on (legally) digitally distributed media.
haukionkannel - Wednesday, March 21, 2012 - linkI think allso so. BD guality is so much better than what you can get downloaded, because it would reguire so much bandwide.
And the only reason I really hate DVD and BD is that DRM and other stuff that makes it so difficult to watch my disks... "You need bios, upgrade" you need new version of..." and so on...
I want my 4k movies in so insane high guality that it would be unpractical to send them via internet and without DRM please... and is physical format... what ever that would be.
seapeople - Wednesday, March 21, 2012 - linkI don't understand the dichotomy between the droves of people who jump on and smear every review of a sub-premium monitor on this site (oh my, it's *e*-IPS!!?!?!?!) while an article on Blu-Ray's results in a near universal proclamation of streaming content adoration.
It just seems to me there should be more of a middle ground between people willing to pay 3x-5x as much for a monitor that looks ever so slightly better and has juuuuust the right colors here and there versus people who don't care if their NetFlix streaming version of Transformers has periodic blocky fadeouts and frequent black crush highlighting the obvious heavy compression artifacts throughout.
Blu Ray is premium. You buy the 55" premium television, get the 7.1 booming surround sound system set up, buy your favorite popcorn, and pop your beautiful, high-quality Blu-Ray movie in. You don't turn on your cheap, crappy pseudo-HD compression nightmare streaming service just to save 2 minutes and feel smug about it.
chaos215bar2 - Wednesday, March 21, 2012 - linkActually, you just described why I cringe just about any time I pay for any media. I do pay, most of the time, at least, since I don't really want to watch something I'm not willing to support by paying, but there is literally no convenient, high quality video source available.
I won't touch Blu-ray for most of the reasons discussed above. All streaming I've tried is terrible, even if it will actually play at "720p". (Netflix and Hulu generally do select the maximum quality. Amazon has a tendency to play at the lowest quality even though my connection has never tested at less than 22 Mb/s.)
iTunes is fairly good, at least for 720p (I haven't tried 1080p yet), but most of what I watch is TV shows, and I don't really want to pay to own entire seasons that I'll only watch once. (The $0.99 rentals were nice while they lasted, but I'd be happy to pay even a bit more than that.)
The whole situation is just sad. I'm just waiting, hoping they figure it out eventually like the music industry did (mostly).
SlyNine - Wednesday, March 21, 2012 - linkScrew that man and screw your idea, I want to OWN my collection!
jnmfox - Wednesday, March 21, 2012 - linkAlways makes me think of this image:
I don't pirate but I correlate this to why I rip all my movies.
Studios wonder why people want to rip their moves to their HDs, for me this is one of the main reasons. I don't care about the extras (if I did I can always actually put in the disk) I just want to see the movie.