Content providers mandate the presence of protection schemes at all times when the consumers want to access their wares. For the consumer, this entails:

1. Conditional access
2. Protected transmission
3. Protected distribution
4. Protected storage

Conditional access is applicable to cases where media travels over insecure channels (such as satellite or cable). This is implemented in STBs. Protected transmission is the path to the display device, and it is usually protected by HDCP (over HDMI) or Macrovision in legacy systems. Protected storage is encountered in broadcast content, with its copy flags to allow DVR archiving. Protected distribution is enabled by the DRM mechanism in Blu-rays / DVDs. In Blu-rays, this DRM scheme is called as AACS (Advanced Access Content System). AACS also provides for protected storage through the Managed Copy feature.

A Popular Webcomic's Take on DRM (c) xkcd

AACS uses 128-bit AES for encryption. Each Blu-ray player / device has a Device Key, while discs come with a Media Key Block (MKB). The shared key generated by using these two (Media Key) is used to decrypt the Title Key, which is then used to decrypt the audio/video data in the disc. AACS also has a revocation mechanism. The MKB in each disc has a Host Revocation List for software players and a Device Revocation List for hardware drives. For PC-based playback to be successful, both the player and the drive must not be on the revocation list.

In practice, key revocation is quite rare because device keys could be shared across an entire lineup, making it hard to pinpoint which particular device was compromised. AACS does provide some sequence keys to identify a particular device as compromised if one has access to multiple pirated copies of different discs from the same drive. In addition to the MKB-Media Key-Title Key combination, PC-based players also have support to generate a Shared Bus Key to encrypt the data inbetween the drive and the software player. This ensures that any snooped data can't be used to get to the original content on the disc. AACS also has a renewal process to prevent attacks similar to those carried out on CSS (with DVDs). The net result is that we are currently at AACS v30.

In addition to AACS, the BDA mandates a BD-ROM mark, which is a physical irregularity on the disc with a 128-bit VolumeID. Blu-ray players will not play back protected content without the VolumeID, as it is essential to the decryption process. Also, the VolumeID can't be generated by consumers (BD-Recorders don't have the capability to burn a VolumeID). The process is tied to the manufacturing facility (which can obtain a license only under strict security considerations). With a counterfeit Blu-ray, it is a simple matter of using the VolumeID to trace the place where the piracy took place.

Note that AACS is based solely on cryptography and, after having been compromised, has the possibility of revoking cryptographic keys as the only means of regaining its effectiveness. So far, this method has failed. This has tempted studios to move over to other forms of DRM such as BD+ and Sony Screen Pass.

It is mandatory for players to implement support for BD+, but not all Blu-rays need to be BD+ enabled. From a player's perspective, a Security Virtual Machine (SVM) needs to be implemented. Blu-rays with BD+ have special content code which are loaded by the SVM and executed during the playback process. The content code has full control over all the components involved in playback. It can alter menus and show on-screen messages if some security breach is detected in the player.

One of the most common BD+ implementations involves storing garbled video on the disc (i.e, after AACS decryption, certain segments of the video are distorted). The content code can implement a fix for the distorted video so that licensed playback is still problem free. For example, in the recently released Contagion Blu-ray, watching the disc with an old version of AnyDVD HD (which performs only AACS decryption, say) would result in heavily distorted video in various scenes. This is because the BD+ code to fix the video wasn't being executed by AnyDVD HD. Unlike AACS, technologies such as BD+ from Irdeto (responsible for the BD+ in the Contagion Blu-ray) and Sony Screen Pass continue to evolve with each new disc.

BD+ needs a SVM to be implemented, but note that the Blu-ray specifications already include a VM requirement for the BD-Java feature. This BD-J feature can also be used to implement structural protection schemes such as Sony DADC's Screen Pass. In this scheme, BD-J code on the disc actively looks for signs of protection being in place during playback. When the BD-J code finds that the protection features are missing (say, due to playing an unprotected copy, or when ripping tools are active in the background), playback is immediately stopped along with an on-screen message. DVDFab's blog has some more details on Screen Pass.

In addition to DRMs aimed at directly protecting content by encryption, the Blu-ray developers also considered some watermarking schemes. Watermarking doesn't actually encrypt the content, but places some non-discernible (to the naked eyes/ears) information in the audio / video tracks of the stream. By serving as a digital signature, it helps the player / analyzer identify the content status. In the next section, we will be talking in detail about Cinavia, the audio watermarking scheme from Verance. Thomson's NexGuard is a type of video watermarking scheme which works with the help of the BD+ SVM. The BD+ content code embeds some invisible information in the video track which contains details of the player / drive used to decrypt the stream. If the video gets out and becomes a 'pirated copy', the watermark can be analyzed to determine the player / drive responsible for the 'piracy'. BD+ code in subsequent Blu-rays can be used to blacklist the player / add it to a revocation list.

If you are interested in learning more about content protection in Blu-rays, I strongly suggest perusing Chapter 4 of Blu-ray Disc Demystified.

Introduction Cinavia: The Lowdown
Comments Locked


View All Comments

  • SpaceRanger - Wednesday, March 21, 2012 - link

    One of the common aspects in the above three YouTube videos is the fact that both of them involved the use of a PS3 as the media player.

    Those aren't youtube videos..
  • ganeshts - Wednesday, March 21, 2012 - link

    Thanks for the note. We had initially uploaded to YouTube, but later shifted to DM on account of copyright concerns (Fair use and all that is good to talk about, but the possibility of tussling that out with YouTube is not something we really want to do). I have fixed the text.
  • yelped - Wednesday, March 21, 2012 - link

    Yup, this idiocy is really getting out of hand.

    I personally don't watch movies at all, but I hate watching all this big-brother bullying.

    So, thanks for writing this article!
  • zxr250cc - Friday, March 23, 2012 - link

    I worked for a medium size consumer electronics manufacturer in Japan when DVD was about to launch as a director or marketing. Many of the regional distributors in various global markets for future DVD players were asking me about the Regional encoding for disks and how it would affect their sales or ability to have content. I told them then that the stupid idea of having a region for disks would create a so called 'black market' for region free players. I have also worked in the US high end manufacturing sector and followed the 'breaking' of all encryption schemes with great interest.

    I have done many public AV demonstrations with disk based source material and I always have been EXTREMELY OFFENDED by the FBI label telling me I am a thief for disks that I purchased at retail for my use. Anyone ripping the titles will choose to delete that stupid and offensive section of the disk and the only loser is the normal retail user. Any copy protection code will be broken quickly. ANY... If Blu-Ray wants to be succeed for a longer period of time it should be attempting to be easier to use. HDMI and HDCP are only short term solutions that have caused more trouble than they have fixed, by a long sight. USELESS FEATURES, FORCED TRAILER VIEWS and other such idiocy merely feed into consumer dissatisfaction with the format.

    Make it easy to use for the normal retail customer, make it have good simple features and put the stupid FBI and trailer views in the back of the disk, if they are there at all, and let the consumer watch their purchase in peace. I hate the various encumbering schemes attempted to make using products that we have paid good money for and irritated by while trying to enjoy a movie.


  • SlyNine - Wednesday, March 21, 2012 - link

    DVDFab has a free DVD/Blueray decryptor. Which will burn a bluray in to a folder structure on your HDD.

    I use ClownBD to get demux the video/audio and MKVtoolnix's MKVmerge to remux into MKVs.

    Sorry to hijack your thread but I wanted this on the first page.
  • SlyNine - Wednesday, March 21, 2012 - link

    And to save money on backups, Flexraid is AWESOME. Snapshot based raid for free baby.
  • Aankhen - Thursday, March 22, 2012 - link

    I liked the bit about both of the three videos too. ;-)
  • Death666Angel - Wednesday, March 21, 2012 - link

    "A look at the market trends seem to indicate that online streaming services like Netflix and Hulu are overtaking conventional media distribution channels such as DVDs and Blu-rays."
    I guess you are solely talking about the North American market? I haven't seen such numbers for Germany or Europe, much less for Russia, Asia and Africa....
  • ganeshts - Wednesday, March 21, 2012 - link

    I believe that the European market already has some online streaming services such as LoveFilm and even Netflix is setting up shop over there soon. In India, the first VoD subscription service was started last month. Internet infrastructure needs to come up to speed first for online streaming services to be effective. So, yes, many comments in the piece are based upon our opinion, being here in the US, but we do feel that the trend will soon reflect worldwide.
  • Kristian Vättö - Wednesday, March 21, 2012 - link

    I have to say that the offerings are pretty much non-existent here in Finland. A couple ISPs offer some kind of movie rental services but the quality is 480p and you have to be a customer of that ISP to get access. Usually, you also need a specific plan which may not be available everywhere (at one point, they offered it only for ADSL contracts, high-speed optics were left out). iTunes offers HD quality but the selection is rather small, at least right now.

    As far as I know, there is no online streaming service similar to Netflix. All services are pay as you watch, which is quite expensive.

    Also, it's definitely not the internet infrastructure that is causing it here. The average internet speed is faster here than in the US according to NetIndex. Plus we don't have any caps.

    I think one of the key things is dubbing/subtitling. I think UK is a lot ahead of us because their native language is English so all content is ready for them. However, other countries have their own language. Dubbing or subtitling takes time and money, so it makes sense that the companies are concentrating on English countries first.

Log in

Don't have an account? Sign up now