Corel Warns InterVideo Users AACS Revocation May Be Forthcoming
The question hanging over the heads of users of high-definition DVD player software since the development of software that reveals all the encryption keys used by HD DVD and Blu-ray discs - potentially enabling them to back up their contents - has been whether manufacturers will invoke the AACS revocation key.
This is the feature of the encryption scheme that would unleash a handful of methods "downstream" into the user community, that would disable their players from working now that discs have apparently been cracked.
Today, we've seen the first evidence that the revocation key option, or something very much like it, is about to be put in play: Corel, the parent company of the producer of InterVideo DVD players, issued a warning to its customers, telling them they need to update their player software through the company Web site, or else face a situation where their players no longer work.
"WinDVD customers who are currently using either HD DVD or BD playback will need to download the free security update from your PC or Drive manufacturer's websites," the Corel warning states. "Please be aware that failure to apply the update will result in AACS-protected HD DVD and BD playback being disabled."
The warning does not state exactly how it would be disabled, though quite probably, it's through the dissemination of revocation keys through newly distributed high-def discs. AACS copy protection - which both Blu-ray and HD DVD use - enables both player consoles and software to look for revocation keys in new discs. These keys would disable the players' ability to play the content from the other discs whose keys have been extracted, even if the players' owners weren't the people who extracted the keys.
Another technical possibility is that the revocation keys may come by way of downloading the update software itself, which may seem silly since it's supposed to patch or replace the old software, though it can't be counted out.
"By downloading Corel's free update," the warning states, "you will be able to continue to enjoy the latest HD DVD/BD content, while ensuring that copyrighted materials are properly protected." The implication here is that the necessary device keys used to decrypt movie content as they're being played will have been replaced for this new player, and will most likely have been hidden in a different way.
Users of the Doom9 Forum have been actively working to develop what they describe as legal backup software for high-def discs, not to be used for piracy but instead for fair use. Last month, the Doom9 user whose handle is arnezami who last February discovered a process for detecting decryption keys from a memory dump, posted a utility program which reveals all of the encryption keys AACS uses for any given Blu-ray or HD DVD disc. Testers elsewhere on the forum verified the utility's efficiency.
Though press reports have described arnezami's process as "cracking" AACS, an evaluation of the theory behind his methods reveals he isn't actually cracking anything - simply re-using the device and media keys that have to be revealed in memory at some point in order for the software itself to be able to decrypt the disc. Still, Corel characterizes the individuals behind this and similar activities as "hackers," and implies that these people may be working against the rights of otherwise legitimate disc owners, preventing them from viewing the content they'd purchased.
A bill introduced last February before the US House of Representatives would make the use of arnezami's or similar processes perfectly legal, specifically in the case of individuals making backups of discs they'd already purchased. However, the bill - if passed - would not render illegal the deployment of revocation keys by disc player software or hardware manufacturers or by studios and content producers, although it might create the situation whereby individuals could sue for the right not to have their licensed content be revoked at will.