HashThat!

DVD Encryption

Necessity is the mother of invention. Adversity is the mother of cryptography. When the digital video craze hit the world, the DRM (Digital Rights Management) scheme, began to incorporate CSS (Content Scrambling System) on every DVD- Video disc produced since 1996. Essentially an access control system, it aimed at restricting the rights to watch the movie to only the sanctioned playback devices. This was designed to prevent large scale pirates from making copies of DVDs and minting money off selling them in large numbers, but there was a bit of uproar when the public realized this would prevent legal owners of a DVD from making a backup copy, so that if the disc fell prey to unfortunate circumstance, the only answer to the solution would be replacement.

This CSS key, in effect, consists of smaller keys - the authentication key, disc key, player key, title key, second disk key set and the encrypted key. These keys handle data authentication according to the specific encryption standards as well as movie data conversion into indecipherable format and their eventual decryption, and the overall key length is 40 bits. The manufacturers of the playback devices were charged on account of license fees for decryption, and were also forced to incorporate several restrictions in their playback device. This encryption scheme is engineered to deal with XORs, table lookups and shifts.

Initially, the CSS remained a well guarded secret for fear of retribution from the pirates, but a fateful day on October 1999 saw the publishing of the CSS decryption algorithm on the Internet under the pretence of a Linux DVD player project by Norwegian programmer Jon Lech Johansen and two others, who continue to remain anonymous. The Motion Picture Association of America (MPAA) made desperate attempts to prevent the public from gaining exposure to this algorithm, but incidentally the more they tried to conceal it, the more attention it drew. DeCSS was the name given to this decrypting software, and it was first published on a mailing list in LiViD. Jon's role revolved around writing the graphic user interface and this demonstrated to the world that the CSS could be broken by a brute-force attack by even a home computer! It is said to call for longer characters, and is hence not widely used in other cryptographic applications other than decrypting DVDs.

Relevance Today

• Relevance Today Home
• Politics and Defence
• Economy
• Communication
• Entertainment Industry
  • DVD Encryption
  • Conditional Access TV
  • Digital Rights Management
• Cryptographic Technologies
• Social and Privacy Issues
• Behind the Scenes