Custom DVDs & Players For Academy Members 266
xyankee writes "In an effort to curtail the piracy and bootlegging of DVD screeners, the Academy of Motion Picture Arts and Sciences has endorsed a plan to distribute about 6,000 special DVD players to members that will play specially encrypted screener discs that would be earmarked for a specific academy voter and would play only on that person's machine. The Associated Press has the full story, while Laurence Roth, VP and co-founder of Cinea, Inc., the company behind the technology, says 'the discs, by themselves, cannot be hacked.'"
Re:Riiiiight.... (Score:5, Informative)
1. DVDs have one key for the disc, which is encrypted about 400 different times. One of the basic rules of cryptography is that you NEVER encrypt the same thing with different keys.
2. The DVD players are publicly available, so it's not too hard to take out a ROM chip and analyze it.
3. The key size was only 40 bits.
Suppose this new system has only one key per disc, coded for a particular private player, using 256-bit Rijndael encryption. It will indeed be uncrackable given only the disc, which is what the quote said.
Re:Probably gonna be redundant.. but.. (Score:5, Informative)
Has everyone forgotten that you still have this kind of copy protection?
Steve.
(actually, two seconds of googling showed up this gem [quicknet.com.au].
Re:Alirght (Score:2, Informative)
Re:Won't stop a thing! (Score:4, Informative)
I hope you mean third world from the sun, otherwise I think you've missed the main target group for western movies.
Re:correct me if I'm wrong (Score:4, Informative)
That was how decss was cracked, but it wasn't possible only because of that. There are other methods. This was simply a very convenient one to take. It would have been cracked eventually anyway.
Translation... (Score:3, Informative)
He let something slip right there. My guess is that they're using a much longer encryption key, and that the key is not stored on the disc, but in the player. So to crack as easily as CSS was cracked you'd have to disassemble the player as well, and even that might not help unless you can read the code out from the inside of the chip, which may or may not be possible.
While nothing's "uncrackable", a disc encrypted with a 256-bit key that you don't have would take a while. And even if you did crack it, the odds are that the contents is watermarked, and they'd know who the release came through, and prosecute him. Then you'd have to get another source for the next disc.
Bottom line would be, you'd not get any more discs, if everyone who supplied a review copy to pirates got busted immediately. And that's assuming they CAN be hacked.
Re:Another Screen/Recording Unit (Score:3, Informative)
Re:Not really... (Score:3, Informative)
How secure is AES 128+ bits anyway? MPEG streams have a pretty regular pattern that offers a lot hints to cryptanalysts. I wouldn't bet on the security of a system that encrypts 2-8 GB of data with such a regular pattern!
If I gave you the transcript of everything ever said by every human that has ever lived and encrypted it with a random key and gave you the resulting cipher-text you'd still have to try 2^127 keys on average to recover the key .Knowing patterns in the plain-text doesn't help you at all!
In fact, even if you could choose what you wanted encrypted under my secret random key and I gave you the resulting encrypted text then even after billions of terrabytes you still wouldn't have any clue what the key is.
AES is a strong cipher by anyone's definition.
Simon.
Re:6000 members of the Academy... (Score:1, Informative)
In the registry. HKEYLocalMAchine > Software > Microsoft > Windows > Currentversion
Re:Cannot be hacked, eh? (Score:4, Informative)
It is called "One-Time Pad encryption", and is what the NSA and CIA use when they really are paranoid about somebody trying to read some of their communications. Basically, you get a random noise source (often background microware radiation hiss or even more often some radioactive source and using the unpredictible nature of individual decay particles, that way producing true random numbers) and then with that source of numbers you produce something that would go into a custom player. Each person with this special player could recieve discs that could only be played on that individual player, and anybody else would litterally see just random noise on an individual DVD-disc.
Now here is the nasty part of that system: If you produce more than one DVD using the same one-time pad, the code can be cracked. That is why it is called one-time pad, because once used it can never be used again. The NSA has usually a pile of CD-ROMs or DVDs with these codes on them (or some other digital medium), and they burn/destroy the discs as soon as they use one, with a duplicate of that disc available with the person sending/receiving a message, who either decodes/encodes the data and then similary destroys the disk.
Now a modified version of this could in theory be able to stop a random hacker from getting a disc from the U.S. Postal Service and decoding it, but there is still one more place of vunerability:
The player itself must decode the movie. I think most Academy members would object to the disc being destroyed in the process of watching it (perhaps they got a phone call in the middle of watching a scene and want to back it up for a moment to catch what was going on), and then there is one other vunerability.
The movie must be viewed at some point, and regardless of what other encryption schemes are done, it must be decoded to some very simple colorspace (RGB or with video usually YUV triplet pixel values) that can then be displayed on some viewing system. The whole point of this is that Robert Redford or Tom Hanks can watch a nominated movie at home, in their underware, whenever or however they feel like it. Or with a few friends if they so choose. Even then what is stopping somebody from pulling out a camcorder and filming the TV/projection screen that is showing the movie, and don't get me to rattle on about Macrovision or watermarking... that doesn't work and ruins the image anyway.
I gave the most plausable system from somebody who has worked with multimedia systems before, and even with this hyper-paranoid system it can still be cracked.
Copyright violation acts are an inner ethics issue, like not killing somebody or not shoplifting. Some things can be done to help discourage breaking the law or stopping people from doing things like this, but if you are really interested in accomplishing the goal (like killing the President of the USA), there really isn't anything that can be done to stop it from happening. All security does in these cases is to simply put up "speed bumps" to make it harder to accomplish, and weed out the rank amatures from the professionals. Unfortunately in this world there are people who totally lack ethics and would do anything and say anything, sometimes just for fun, like feeding your grandmother to the Ravanous Bugblatter Beast of Traal.
Re:Riiiiight.... (Score:3, Informative)