Monday, July 25. 2005
DRM in Hi-Def
If you own a high definition (HD) television, you might sometimes wonder why you spent so much money on it since almost no content is available that can showcase the television’s capabilities. You might also wonder when you are going to be able to buy or rent high definition movies on DVD. I can’t answer your doubts about spending money on the new technology, but I can tell you when and how you will get your high definition content.
Almost all new television series are being recorded in high definition, and in most US markets the major networks are broadcasting in high definition. So at present you can watch some television series and most sporting events in hi-def. The real availability for hi-def content will not be for at least another five months, until fourth quarter 2005 or first quarter 2006. These are the launch dates for both of the new high definition disc formats, HD-DVD and Blu-Ray.
This site is not a forum to discuss which technology is better, so we are going to focus on the software behind the hardware. However, I will give a quick take on the technologies for background. On paper Blu-Ray appears to me to be a more advanced standard with higher storage capacity and more software options, but it also appears to be more expensive to build. The first of the two formats to hit the market appears to be HD-DVD. These players should be on the market sometime this year with less than one hundred movies available at launch. Firm prices have not yet been set for the players or the movies, but expect player prices to be over $500US and movies to be in the $30US price range. The Blu-Ray players will be out sometime in early 2006 with about equal movie support. It is possible that the first Blu-Ray player to reach the mass market will be the Sony Playstation 3 gaming console. Most computer makers are very happy to see higher capacity discs appearing, so expect to see computer drives for both formats start showing up soon after the stand-alone players show up.
With the hardware talk out of the way, let’s compare the software and digital rights management that will be included in these HD players. The video encoding software that has been adopted by both standards is known as VC-1 which was developed by Microsoft. Microsoft has now turned over licensing of this standard to MPEG LA which is the same licensing board that handles all licensing for MPEG video systems. This means that even though Microsoft will get paid for every new hi-def player, they will not have the ability to charge more to some clients than others as they do with their personal computer software.
Both systems use new sophisticated DRM schemes. In the case of HD-DVD, the DRM scheme is known as Advanced Access Content System (AACS). Blu-Ray has not officially announced which DRM scheme it will use, but recent reports indicate that they too may use AACS. The exact internals between the two systems will vary some but I will try to explain the basics of how the system works. Keep in mind that this explanation is very simplified.
The first thing to understand is that AACS will use a system of encryptions and keys. Content can be encrypted so that it will work with one or more keys. This approach is already used to encrypt email, so it makes an easy example. Imagine that you want to encrypt an email and send it to me. I would provide you with my public key. You would give this public key to your email client and associate it with my email address. Now anytime you send me an email it will be encrypted in such a way that only my private key can decrypt it. If you wanted to send the same email to two people, your email client would encrypt the message in such a way that both people’s private keys could decrypt it.
In the same way, the new HD discs can be encrypted using one or more keys. Every device will have a unique private key similar to the email clients described previously. Or in some cases, the manufacturers may choose to assign one key to multiple devices. In order to get the content off of the disk, a person would have to have one of these keys. If a person is able to extract this key from the device’s firmware, then they would be able to copy the new disc to a computer, make backups, pirate it, etc.
The next thing to understand is the concept of a binary tree. A binary tree is a type of data structure used in computer science where there is a base node that expands by two branches at each level. Each branch is referred to as either left or right and each branch has at its end either a node or a leaf. A node will have branches extending out of it to the next level while a leaf does not have any branches extending from it. Leaves are the last level of the tree.
I explain the tree structure because it will be the data structure used to store all of these device keys. While this may not seem logical, consider how many keys can be stored in a relatively small tree. There is one key in the first level, two keys in the second level, four keys in the third level and so forth. The number of nodes (keys) at a particular level is equal to 2(n-1) where n is the level number in the tree. So a tree with only 17 levels would have 216 or 65,536 keys on the bottom most level. The number can grow quickly with 2,147,483,648 at level 32 of the tree.
What does storing all of these keys in a tree have to do with DRM? Well, this is where the really insidious part of this scheme begins to show. The AACS specification calls for every device to have network connectivity. That’s right, your hi-def DVD player is going to be connected to the network and will have the ability to call home and receive updates. What kind of updates? Key revocation notices, of course. If a device key gets cracked and posted to the internet, then the DVD makers can encrypt all new discs so that they cannot work with that key. Now is where the tree comes into play. Since every key is a sub-key of the node to which it is attached, entire groups of keys can be disabled by disabling a key higher in the tree than where your key is located.
Let’s say that your device has a key that is in level 30 of the tree. Now let’s say that I have a key at level 32 and I publish my key to the internet so that people can decode DVDs on player without a key, such as a Linux computer. The DVD makers will go to some level above me, say level 20, and disable that key. Any node (key) that is a child of the disabled key will no longer work. The device will have to call home to get new keys to continue to work. In this example with thirty two levels, if the cutoff is done at level 20 then 8191 devices (keys) would stop working until they phoned home.
At this point you must have realized that this revocation process only works if the DVD makers can identify the key that is cracked. If a hacker cracks his device but does not publish his key then the DVD makers will never know it was cracked. This hacker can then begin putting unencrypted movies on P2P networks then the DVD makers are powerless to stop this. In this regard, this DRM scheme fails to stop piracy just like every other DRM scheme on the market. Pirates that operate for profit will not be affected by this new DRM because they will either publish nonencrypted DVDs or will make a bit-by-bit copy of the original disc. Casual pirates will simply circulate stripped copies without the DRM.
So why put this much work into something that does not prevent piracy? Money and power. With current DVD’s, if I want to go into business building DVD players, all I have to do is pay my yearly encryption license fee and start building the DVD players. The movie industry has no control over how I build my devices. I can let my devices ignore region encoding, not use MacroVision, and generally allow the user to do whatever he wants. Even if I stop paying my yearly license fee, the movie industry has little recourse against me. However, this is not so with the new generation of devices.
If a device maker does not build their devices to suit the movie industry or if the device maker stops paying their licensing fee, then all the movie industry has to do is revoke their key. The problem is that if you happen to be one of the poor people that bought a hi-def DVD player from one of these disreputable companies then your player will most likely never work again.
It seems to me that this particular DRM scheme can only serve to punish innocent consumers. The exact companies that the movie industry is worried about are the ones that generally make the lower-end, lower-priced players. An example is Apex DVD players which have a flashable ROM so that a person could turn off any of the protection schemes that were built into the player. Instead of stopping piracy and file sharing, this new scheme only serves to boost profits for the movie industry and the electronics industry by keeping prices artificially high and reducing competition. It is reprehensible when companies wave the anti-piracy banner and use DRM to merely veil engorged profits and artificial price inflation. As a side note, such tactics are perfectly legal because the DMCA prevents any circumvention of DRM schemes.
Expect next generation high definition players to cost $500US or more. Also expect the prices to stay at this lofty price for a long time. It is up to you and me as consumers to send a message to the movie industry that we are not willing to accept this sort of lunacy. With all of this said, it is my fear that like many other things in today’s society, this will become commonplace because people do not understand the technology or because people are too apathetic to do anything about it.
Author: Jimmy Palmer
Almost all new television series are being recorded in high definition, and in most US markets the major networks are broadcasting in high definition. So at present you can watch some television series and most sporting events in hi-def. The real availability for hi-def content will not be for at least another five months, until fourth quarter 2005 or first quarter 2006. These are the launch dates for both of the new high definition disc formats, HD-DVD and Blu-Ray.
This site is not a forum to discuss which technology is better, so we are going to focus on the software behind the hardware. However, I will give a quick take on the technologies for background. On paper Blu-Ray appears to me to be a more advanced standard with higher storage capacity and more software options, but it also appears to be more expensive to build. The first of the two formats to hit the market appears to be HD-DVD. These players should be on the market sometime this year with less than one hundred movies available at launch. Firm prices have not yet been set for the players or the movies, but expect player prices to be over $500US and movies to be in the $30US price range. The Blu-Ray players will be out sometime in early 2006 with about equal movie support. It is possible that the first Blu-Ray player to reach the mass market will be the Sony Playstation 3 gaming console. Most computer makers are very happy to see higher capacity discs appearing, so expect to see computer drives for both formats start showing up soon after the stand-alone players show up.
With the hardware talk out of the way, let’s compare the software and digital rights management that will be included in these HD players. The video encoding software that has been adopted by both standards is known as VC-1 which was developed by Microsoft. Microsoft has now turned over licensing of this standard to MPEG LA which is the same licensing board that handles all licensing for MPEG video systems. This means that even though Microsoft will get paid for every new hi-def player, they will not have the ability to charge more to some clients than others as they do with their personal computer software.
Both systems use new sophisticated DRM schemes. In the case of HD-DVD, the DRM scheme is known as Advanced Access Content System (AACS). Blu-Ray has not officially announced which DRM scheme it will use, but recent reports indicate that they too may use AACS. The exact internals between the two systems will vary some but I will try to explain the basics of how the system works. Keep in mind that this explanation is very simplified.
The first thing to understand is that AACS will use a system of encryptions and keys. Content can be encrypted so that it will work with one or more keys. This approach is already used to encrypt email, so it makes an easy example. Imagine that you want to encrypt an email and send it to me. I would provide you with my public key. You would give this public key to your email client and associate it with my email address. Now anytime you send me an email it will be encrypted in such a way that only my private key can decrypt it. If you wanted to send the same email to two people, your email client would encrypt the message in such a way that both people’s private keys could decrypt it.
In the same way, the new HD discs can be encrypted using one or more keys. Every device will have a unique private key similar to the email clients described previously. Or in some cases, the manufacturers may choose to assign one key to multiple devices. In order to get the content off of the disk, a person would have to have one of these keys. If a person is able to extract this key from the device’s firmware, then they would be able to copy the new disc to a computer, make backups, pirate it, etc.
The next thing to understand is the concept of a binary tree. A binary tree is a type of data structure used in computer science where there is a base node that expands by two branches at each level. Each branch is referred to as either left or right and each branch has at its end either a node or a leaf. A node will have branches extending out of it to the next level while a leaf does not have any branches extending from it. Leaves are the last level of the tree.
I explain the tree structure because it will be the data structure used to store all of these device keys. While this may not seem logical, consider how many keys can be stored in a relatively small tree. There is one key in the first level, two keys in the second level, four keys in the third level and so forth. The number of nodes (keys) at a particular level is equal to 2(n-1) where n is the level number in the tree. So a tree with only 17 levels would have 216 or 65,536 keys on the bottom most level. The number can grow quickly with 2,147,483,648 at level 32 of the tree.
What does storing all of these keys in a tree have to do with DRM? Well, this is where the really insidious part of this scheme begins to show. The AACS specification calls for every device to have network connectivity. That’s right, your hi-def DVD player is going to be connected to the network and will have the ability to call home and receive updates. What kind of updates? Key revocation notices, of course. If a device key gets cracked and posted to the internet, then the DVD makers can encrypt all new discs so that they cannot work with that key. Now is where the tree comes into play. Since every key is a sub-key of the node to which it is attached, entire groups of keys can be disabled by disabling a key higher in the tree than where your key is located.
Let’s say that your device has a key that is in level 30 of the tree. Now let’s say that I have a key at level 32 and I publish my key to the internet so that people can decode DVDs on player without a key, such as a Linux computer. The DVD makers will go to some level above me, say level 20, and disable that key. Any node (key) that is a child of the disabled key will no longer work. The device will have to call home to get new keys to continue to work. In this example with thirty two levels, if the cutoff is done at level 20 then 8191 devices (keys) would stop working until they phoned home.
At this point you must have realized that this revocation process only works if the DVD makers can identify the key that is cracked. If a hacker cracks his device but does not publish his key then the DVD makers will never know it was cracked. This hacker can then begin putting unencrypted movies on P2P networks then the DVD makers are powerless to stop this. In this regard, this DRM scheme fails to stop piracy just like every other DRM scheme on the market. Pirates that operate for profit will not be affected by this new DRM because they will either publish nonencrypted DVDs or will make a bit-by-bit copy of the original disc. Casual pirates will simply circulate stripped copies without the DRM.
So why put this much work into something that does not prevent piracy? Money and power. With current DVD’s, if I want to go into business building DVD players, all I have to do is pay my yearly encryption license fee and start building the DVD players. The movie industry has no control over how I build my devices. I can let my devices ignore region encoding, not use MacroVision, and generally allow the user to do whatever he wants. Even if I stop paying my yearly license fee, the movie industry has little recourse against me. However, this is not so with the new generation of devices.
If a device maker does not build their devices to suit the movie industry or if the device maker stops paying their licensing fee, then all the movie industry has to do is revoke their key. The problem is that if you happen to be one of the poor people that bought a hi-def DVD player from one of these disreputable companies then your player will most likely never work again.
It seems to me that this particular DRM scheme can only serve to punish innocent consumers. The exact companies that the movie industry is worried about are the ones that generally make the lower-end, lower-priced players. An example is Apex DVD players which have a flashable ROM so that a person could turn off any of the protection schemes that were built into the player. Instead of stopping piracy and file sharing, this new scheme only serves to boost profits for the movie industry and the electronics industry by keeping prices artificially high and reducing competition. It is reprehensible when companies wave the anti-piracy banner and use DRM to merely veil engorged profits and artificial price inflation. As a side note, such tactics are perfectly legal because the DMCA prevents any circumvention of DRM schemes.
Expect next generation high definition players to cost $500US or more. Also expect the prices to stay at this lofty price for a long time. It is up to you and me as consumers to send a message to the movie industry that we are not willing to accept this sort of lunacy. With all of this said, it is my fear that like many other things in today’s society, this will become commonplace because people do not understand the technology or because people are too apathetic to do anything about it.
Author: Jimmy Palmer
Comments
No comments.
The author has not allowed comments to this entry
