Cinavia DRM: How I Learned to Stop Worrying and Love Blu-ray’s Self-Destruction
by Ganesh T S on March 21, 2012 11:00 AM EST- Posted in
- Home Theater
- Blu-Ray
- DRM
- Cinavia
Content providers mandate the presence of protection schemes at all times when the consumers want to access their wares. For the consumer, this entails:
1. Conditional access
2. Protected transmission
3. Protected distribution
4. Protected storage
Conditional access is applicable to cases where media travels over insecure channels (such as satellite or cable). This is implemented in STBs. Protected transmission is the path to the display device, and it is usually protected by HDCP (over HDMI) or Macrovision in legacy systems. Protected storage is encountered in broadcast content, with its copy flags to allow DVR archiving. Protected distribution is enabled by the DRM mechanism in Blu-rays / DVDs. In Blu-rays, this DRM scheme is called as AACS (Advanced Access Content System). AACS also provides for protected storage through the Managed Copy feature.
A Popular Webcomic's Take on DRM (c) xkcd
AACS uses 128-bit AES for encryption. Each Blu-ray player / device has a Device Key, while discs come with a Media Key Block (MKB). The shared key generated by using these two (Media Key) is used to decrypt the Title Key, which is then used to decrypt the audio/video data in the disc. AACS also has a revocation mechanism. The MKB in each disc has a Host Revocation List for software players and a Device Revocation List for hardware drives. For PC-based playback to be successful, both the player and the drive must not be on the revocation list.
In practice, key revocation is quite rare because device keys could be shared across an entire lineup, making it hard to pinpoint which particular device was compromised. AACS does provide some sequence keys to identify a particular device as compromised if one has access to multiple pirated copies of different discs from the same drive. In addition to the MKB-Media Key-Title Key combination, PC-based players also have support to generate a Shared Bus Key to encrypt the data inbetween the drive and the software player. This ensures that any snooped data can't be used to get to the original content on the disc. AACS also has a renewal process to prevent attacks similar to those carried out on CSS (with DVDs). The net result is that we are currently at AACS v30.
In addition to AACS, the BDA mandates a BD-ROM mark, which is a physical irregularity on the disc with a 128-bit VolumeID. Blu-ray players will not play back protected content without the VolumeID, as it is essential to the decryption process. Also, the VolumeID can't be generated by consumers (BD-Recorders don't have the capability to burn a VolumeID). The process is tied to the manufacturing facility (which can obtain a license only under strict security considerations). With a counterfeit Blu-ray, it is a simple matter of using the VolumeID to trace the place where the piracy took place.
Note that AACS is based solely on cryptography and, after having been compromised, has the possibility of revoking cryptographic keys as the only means of regaining its effectiveness. So far, this method has failed. This has tempted studios to move over to other forms of DRM such as BD+ and Sony Screen Pass.
It is mandatory for players to implement support for BD+, but not all Blu-rays need to be BD+ enabled. From a player's perspective, a Security Virtual Machine (SVM) needs to be implemented. Blu-rays with BD+ have special content code which are loaded by the SVM and executed during the playback process. The content code has full control over all the components involved in playback. It can alter menus and show on-screen messages if some security breach is detected in the player.
One of the most common BD+ implementations involves storing garbled video on the disc (i.e, after AACS decryption, certain segments of the video are distorted). The content code can implement a fix for the distorted video so that licensed playback is still problem free. For example, in the recently released Contagion Blu-ray, watching the disc with an old version of AnyDVD HD (which performs only AACS decryption, say) would result in heavily distorted video in various scenes. This is because the BD+ code to fix the video wasn't being executed by AnyDVD HD. Unlike AACS, technologies such as BD+ from Irdeto (responsible for the BD+ in the Contagion Blu-ray) and Sony Screen Pass continue to evolve with each new disc.
BD+ needs a SVM to be implemented, but note that the Blu-ray specifications already include a VM requirement for the BD-Java feature. This BD-J feature can also be used to implement structural protection schemes such as Sony DADC's Screen Pass. In this scheme, BD-J code on the disc actively looks for signs of protection being in place during playback. When the BD-J code finds that the protection features are missing (say, due to playing an unprotected copy, or when ripping tools are active in the background), playback is immediately stopped along with an on-screen message. DVDFab's blog has some more details on Screen Pass.
In addition to DRMs aimed at directly protecting content by encryption, the Blu-ray developers also considered some watermarking schemes. Watermarking doesn't actually encrypt the content, but places some non-discernible (to the naked eyes/ears) information in the audio / video tracks of the stream. By serving as a digital signature, it helps the player / analyzer identify the content status. In the next section, we will be talking in detail about Cinavia, the audio watermarking scheme from Verance. Thomson's NexGuard is a type of video watermarking scheme which works with the help of the BD+ SVM. The BD+ content code embeds some invisible information in the video track which contains details of the player / drive used to decrypt the stream. If the video gets out and becomes a 'pirated copy', the watermark can be analyzed to determine the player / drive responsible for the 'piracy'. BD+ code in subsequent Blu-rays can be used to blacklist the player / add it to a revocation list.
If you are interested in learning more about content protection in Blu-rays, I strongly suggest perusing Chapter 4 of Blu-ray Disc Demystified.
121 Comments
View All Comments
bobbozzo - Friday, March 23, 2012 - link
on Page 4 the article says:assumptions...
3. People interested in backing up their purchased Blu-rays on hard drives do so in the ISO or folder backup format
but on page 6, it says:
MKV: This is undoubtedly the most popular format for storing HD movies. In this backup mode...
So first you imply that people using MKVs are pirates, and then you recommend it.
I've found that large DVD/BD collections are unmanageable in ISO format due to disk space.
One of my clients has a 12TB RAID5 (7 2TB drives) for his media, plus another RAID5 mirror, and is constantly plagued by failing drives, etc.
I recommended he switch to MKV and has cut his storage requirements by at least 50%.
Also, as you point out on page 6, the load times are ridiculous for BDs and ISOs.
Please fix your comment on page 4.
ganeshts - Friday, March 23, 2012 - link
Pirates use MKVs, but not all people who use MKVs are pirates :) I still recommend MKV like you do for large collections where hard drive space is an issue.The reason I talked about backups in ISO or folder format is because those are the types of backups which require a Blu-ray player with menu support (and which are more likely to have Cinavia and get affected).
Matt355 - Friday, March 23, 2012 - link
As someone who has been victimized by these jerks. I love your article and agree that BD Live its trash, I have never read the FBI Warnings, I change inputs on my TV till it's over since I can't fast forward it, I do the same with the trailers.But how about this.
I've payed extra to buy quite a few Blu-Rays that included digital copies. I downloaded them in iTunes only to discover that not only are they all SD copies. but that Apples cloud storage dose not store or stream to my Apple TV, iPhone, or iPad because they were not purchased directly through iTunes. But if i ripped the Blu Ray. I could stream or store the HD copies on any device I own. Apple or not. Witch means I payed extra for nothing.
MamiyaOtaru - Saturday, March 24, 2012 - link
I will never purchase a bluray. 3d movies are right out too.brucek2 - Saturday, March 24, 2012 - link
As was most recently shown with the iPod, and before that with the McDonalds and 7-11s of the world, convenience usually wins. Personal MP3 players often have sound quality well below what is available to consumers in home stereos they already owned, yet my experience is today the vast majority of music today is played back on this lower quality, more convenient format.The same thing is happening with Blu-Ray. Consumers with the right infrastructure will prefer more convenient approaches such as streaming or piracy. Consumers without may find themselves spending their recreational time doing something else entirely.
Not sure why the content owners are shooting themselves in the foot like this. Its especially puzzling since with Blu-Ray being the format that presumably brings the most dollars directly to the studio, you'd think they'd want to make that the best, most convenient experience possible. Instead, its probably the worst.
The Jedi - Saturday, March 24, 2012 - link
So Ganesh doesn't trust what he can't steal. If you can't steal a high def movie in Blu-Ray format off of a file sharing service, or you can't rent something and then copy it to keep a copy, you just shouldn't support Blu-Ray as a standard. Whine, whine whine.Students tend to have no money so they justify stealing music or software. Hopefully when they mature and become employed, their ethics will also mature and they will take pride in being "legit" and purchasing and owning things. Until then renting from RedBox and NetFlix is still cheap and legal.
Besides, it's too hard to pirate with ISP 3 strikes warnings and bandwidth caps. If you like streaming Netflix and don't like bandwidth caps, get service on a business account.
ganeshts - Sunday, March 25, 2012 - link
If you read the whole piece, I am actually trying to convey that unless Blu-rays give consumers a better experience than Netflix / Vudu streaming (which is basically instant watch as long as the bandwidth is there), Blu-rays will start to decline in popularity. I am not suggesting that one needs to copy it or get off a file sharing service for that. Why can't studios just give a MKV on a Blu-ray disc (with same DRMs) which enables a consumer to start watching the movie immediately without all the trailers / load screens / warnings etc.? These are the types of measures I would like to see the studious adopt.Netflix also has DRM obviously, but we are not complaining about it because it is transparent to the user and doesn't treat him like a criminal.
The 'whining' is about making sure studios see where they can improve the consumers' Blu-ray experience. It is obvious that DRM is not going to go away any time soon. However, when measures like Cinavia come about, they punish the legit consumer more than the actual pirates (and I have explained in detail why that is the case).
colonelciller - Wednesday, March 28, 2012 - link
kinda have to agree with you... used to have a big DVD collection until I realized that it really was just a collection. I used to buy movies out of habit and a desire to own it... I'd watch them once and file it away into the collection where it would sit for YEARS...in short, why buy when you'd have to rent it 5 times before you paid the price of buying it..?
insx - Wednesday, March 28, 2012 - link
I have a good laptop and a 3D projector at my disposal. I would love to buy a few 3D blu-rays and rent lots more. However, I can't legally watch them because the projector isn't HDMI 1.4 compliant (and there's some other technical stuff I don't understand) and licensing issues prevent anyone from releasing software that will let me play 3D blu-ray on my setup.I have 2 legal options:
1. Spend thousands more pounds on equipment that is approved (too expensive)
2. Go without (unsatisfactory)
I have 2 illegal options:
1. Buy/rent the 3D blu-ray and rip to MKV file. Watch and enjoy (time consuming/inconvenient)
2. Download from the web and don't pay anybody (time consuming, getting easier)
I really think that there should be a legal option that looks like this:
Rent/buy 3D blu-ray. Watch and enjoy (convenient, everybody happy).
As many people have said, they really have shot themselves in the foot.
rickcain2320 - Wednesday, March 28, 2012 - link
Its interesting to note that CD's have now been around for 30+ years and none of them have any DRM, yet the music industry still exists and continues to grow.I don't see any difference between the CD and the DVD in terms of distributing entertainment to the consumer, but they seem to believe there is one.