Was a mistake made in the design of AACS?
Allen
netsecurity at sound-by-design.com
Wed May 2 20:14:20 EDT 2007
Hal Finney wrote:
[snip]
> http://www.freedom-to-tinker.com/?p=1111
>
> "By this point in our series on AACS (the encryption scheme used in
> HD-DVD and Blu-ray) it should be clear that AACS creates a nontrivial
> strategic game between the AACS central authority (representing the
> movie studios) and the attackers who want to defeat AACS. Today I want
> to sketch a model of this game and talk about who is likely to win..."
>
> Felten focuses on the loss of revenue due to extraction of device keys
> and subsequent file sharing of decrypted content. AACS has a mechanism
> called sequence keys to watermark content and allow it to be traced
> back to the player that created it. Felten assumes that attackers would
> publish decrypted movies, AACSLA would then trace them back to the broken
> device, and revoke that device in future releases.
I know I'm in over my head on this so my apologies, but if the
key is used in one machine in a product line - Sony DVD players
say - then if they find the one machine that it came from and
disable it, wouldn't figuring out the key for the next machine in
the production run be relatively trivial as the algorithm and
hardware implementation used by all machines of a give run be the
same? Therefore, couldn't one buy several of them and use them
one after another as they are discovered and disabled?
So, in order to prevent any of those machines from being used
they'd have to disable a whole lot of machines owned by ordinary
individuals, right? What are the downside risks for Sony in doing
this?
What am I missing in this picture?
Thanks,
Allen
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list