Content providers mandate the presence of protection schemes at all times when the consumers want to access their wares. For the consumer, this entails:

1. Conditional access
2. Protected transmission
3. Protected distribution
4. Protected storage

Conditional access is applicable to cases where media travels over insecure channels (such as satellite or cable). This is implemented in STBs. Protected transmission is the path to the display device, and it is usually protected by HDCP (over HDMI) or Macrovision in legacy systems. Protected storage is encountered in broadcast content, with its copy flags to allow DVR archiving. Protected distribution is enabled by the DRM mechanism in Blu-rays / DVDs. In Blu-rays, this DRM scheme is called as AACS (Advanced Access Content System). AACS also provides for protected storage through the Managed Copy feature.

A Popular Webcomic's Take on DRM (c) xkcd

AACS uses 128-bit AES for encryption. Each Blu-ray player / device has a Device Key, while discs come with a Media Key Block (MKB). The shared key generated by using these two (Media Key) is used to decrypt the Title Key, which is then used to decrypt the audio/video data in the disc. AACS also has a revocation mechanism. The MKB in each disc has a Host Revocation List for software players and a Device Revocation List for hardware drives. For PC-based playback to be successful, both the player and the drive must not be on the revocation list.

In practice, key revocation is quite rare because device keys could be shared across an entire lineup, making it hard to pinpoint which particular device was compromised. AACS does provide some sequence keys to identify a particular device as compromised if one has access to multiple pirated copies of different discs from the same drive. In addition to the MKB-Media Key-Title Key combination, PC-based players also have support to generate a Shared Bus Key to encrypt the data inbetween the drive and the software player. This ensures that any snooped data can't be used to get to the original content on the disc. AACS also has a renewal process to prevent attacks similar to those carried out on CSS (with DVDs). The net result is that we are currently at AACS v30.

In addition to AACS, the BDA mandates a BD-ROM mark, which is a physical irregularity on the disc with a 128-bit VolumeID. Blu-ray players will not play back protected content without the VolumeID, as it is essential to the decryption process. Also, the VolumeID can't be generated by consumers (BD-Recorders don't have the capability to burn a VolumeID). The process is tied to the manufacturing facility (which can obtain a license only under strict security considerations). With a counterfeit Blu-ray, it is a simple matter of using the VolumeID to trace the place where the piracy took place.

Note that AACS is based solely on cryptography and, after having been compromised, has the possibility of revoking cryptographic keys as the only means of regaining its effectiveness. So far, this method has failed. This has tempted studios to move over to other forms of DRM such as BD+ and Sony Screen Pass.

It is mandatory for players to implement support for BD+, but not all Blu-rays need to be BD+ enabled. From a player's perspective, a Security Virtual Machine (SVM) needs to be implemented. Blu-rays with BD+ have special content code which are loaded by the SVM and executed during the playback process. The content code has full control over all the components involved in playback. It can alter menus and show on-screen messages if some security breach is detected in the player.

One of the most common BD+ implementations involves storing garbled video on the disc (i.e, after AACS decryption, certain segments of the video are distorted). The content code can implement a fix for the distorted video so that licensed playback is still problem free. For example, in the recently released Contagion Blu-ray, watching the disc with an old version of AnyDVD HD (which performs only AACS decryption, say) would result in heavily distorted video in various scenes. This is because the BD+ code to fix the video wasn't being executed by AnyDVD HD. Unlike AACS, technologies such as BD+ from Irdeto (responsible for the BD+ in the Contagion Blu-ray) and Sony Screen Pass continue to evolve with each new disc.

BD+ needs a SVM to be implemented, but note that the Blu-ray specifications already include a VM requirement for the BD-Java feature. This BD-J feature can also be used to implement structural protection schemes such as Sony DADC's Screen Pass. In this scheme, BD-J code on the disc actively looks for signs of protection being in place during playback. When the BD-J code finds that the protection features are missing (say, due to playing an unprotected copy, or when ripping tools are active in the background), playback is immediately stopped along with an on-screen message. DVDFab's blog has some more details on Screen Pass.

In addition to DRMs aimed at directly protecting content by encryption, the Blu-ray developers also considered some watermarking schemes. Watermarking doesn't actually encrypt the content, but places some non-discernible (to the naked eyes/ears) information in the audio / video tracks of the stream. By serving as a digital signature, it helps the player / analyzer identify the content status. In the next section, we will be talking in detail about Cinavia, the audio watermarking scheme from Verance. Thomson's NexGuard is a type of video watermarking scheme which works with the help of the BD+ SVM. The BD+ content code embeds some invisible information in the video track which contains details of the player / drive used to decrypt the stream. If the video gets out and becomes a 'pirated copy', the watermark can be analyzed to determine the player / drive responsible for the 'piracy'. BD+ code in subsequent Blu-rays can be used to blacklist the player / add it to a revocation list.

If you are interested in learning more about content protection in Blu-rays, I strongly suggest perusing Chapter 4 of Blu-ray Disc Demystified.

Introduction Cinavia: The Lowdown
POST A COMMENT

118 Comments

View All Comments

  • Valis - Wednesday, March 28, 2012 - link

    DAT SCMS, DRM, SWG, Blu-Ray... The list goes on and on. Sony, hope it dies a slow an agonizing death. Will never buy a Sony product again, for as long as I live. Reply
  • jharper12 - Thursday, March 29, 2012 - link

    My freshman year of college I downloaded music and movies. I went to a well regarded university with Tech in its name. That year, every person on campus had watched LOTR weeks before it came out. I was a pirate, for one year.

    I have always worked hard though, and after that first year I didn't have time to consume massive amounts of media. Convenience started to matter, and services started to pop up that legally offered a means to consume media for a reasonable fee. My pirating days were over, not long after they began.

    Here's what bothers me. I have two HP LP2465 monitors hooked up to a nice home built computer. What do they lack? HDCP. I purchased AnyDVD HD for the sole purpose of playing my legally acquired Bluray collection on my computer. Someone should go to jail for that, and it shouldn't be me. Next up? I encountered that lovely little DRM issue with Silverlight while trying to watch movies on my paid subscription for Netflix. I have to run extra cabling to my Bluray players, so they can update to play discs that I bought... legally. I have to update, right as I'm excited to watch. The last time I didn't have to worry about DRM? My freshman year of college. Take note content industry, you didn't slow me down or even inconvenience me for that brief sliver of time in which I stole from you. No, only now, as a paying customer, do you make my life miserable. Thanks for that.
    Reply
  • GoodToGo - Saturday, March 31, 2012 - link

    I just wanted to say what an amazing read this was.

    *Tips hat*
    Reply
  • PeTroL42 - Tuesday, April 17, 2012 - link

    The majority of my friends aren't geeks like I am so most of them have no clue as to what DRM even is. While DRM is a major headache for a person like me where I'd like to have all my content in a central location, DRM isn't a major headache for the average consumer who just wants to buy a BD at Best Buy and play the movie when they get home and most of the time this works out for the average consumer who buys everything legitimately. Of course there are headaches for the average consumer such as firmware updates but c'mon, issues like these aren't common for the average consumer. One other thing unrelated to DRM, some of my friends LOVE to show off their massive BD collection.

    Also, the scenario where a consumer unknowingly buys a pirated BD is pretty ridiculous unless you regularly buy your BDs on the streets of Downtown LA or China.

    I understand why the Studios are taking measures like using Cinavia to protect their content.

    I'm not being an apologist for the studios but movies cost A LOT of money to produce. Just ask any independent film maker. I feel anybody who reads this article and then goes and spends 50 to 100 million dollars to produce a movie, I'd bet you'd want to get the maximum profits out of that movie which includes the sale of BDs.

    Also, low budget movies don't rake in a lot of profit. That's why low budget movies like Blair Witch Project or My Fat Greek Wedding garner a lot of attention when they make lots of money at the box office. This isn't common.

    There's no doubt that piracy hurts everyone except the people who pirate the material and the people who buy the pirated material or get it free if its made available such as when Napster was around. Take PC Games for instance. The PC Game piracy is so bad that the Publishers are currently using some draconian methods to combat it. This ONLY hurts the legitimate purchasers of the game. Back in the day, (like 1998) I'd buy a game, bring it home, install it, the game would ask me for the serial # on the Jewel Case, I'd enter it, wait a few more minutes and then I'm playing. Now, you usually have to be connected online to even play single player games. Now Big Brother knows when and how long I've been playing their game.

    I'm for the argument that if the Music industry had embraced technological advances such as MP3s instead of trying to combat it, they'd probably be in a better position than they are today but there's no doubt that piracy hit the music industry hard.

    The reason for this long post is this. I was just thinking the other day that there isn't a legitimate way to purchase movies in file format so I could put it on my NAS and play it through my Western Digital set top box. The only options for a person like me is to either download the content through P2P or RIP a DVD or BD myself and encode it into a format that my WD set top box could read which I am not admitting to. Because of the DMCA, ripping movies is illegal. And why was the DMCA written into law? Because of rampant piracy. CDs aren't encrypted so the DMCA doesn't apply to CDs so legitimate purchasers are allowed under law to RIP it to MP3 and play it on any device they choose. CDs don't have encryption because they were created in the early 80s and MP3s weren't even invented back then.

    If the average consumer has access to free stuff and they know how to use it, then they'll use it but if that access gets cut off and it becomes too difficult for the average consumer to figure out, then they'll eventually buy the stuff they want. If Napster and Kazaa and all those other easy file sharing programs were still around today, I'd bet Katy Perry wouldn't be selling the same amount of downloads from iTunes or Amazon.

    This sounds selfish of me but If piracy wasn't so rampant now and people would actually pay for the content they want, then there probably wouldn't be a bill written into law such as the DMCA and then I'd be free to RIP any movie that I legitimately purchased and enjoy it today on any device I please or I could've been buying movies in MP4 or some other format that my set top box could read. Thanks Pirates! (and I'm not talking about Pittsburgh)
    Reply
  • DVDRanger1 - Saturday, September 22, 2012 - link

    The developers of the DVD-Ranger software have the first future-proof solution for Cinavia free DVD and Blu-ray

    Santa Ponsa (Spain), 09/21/2012 – Many DVD and Blu-ray users know this problem: the DVD or Blu-ray playback stops suddenly with a cryptic error message or remains frozen or silent. This is caused by the relatively new copy protection system Cinavia.

    Shortly after the Cinavia solution of DVDFab has been once again made useless by the Cinavia producer, DVD-Ranger Software offers help. The developers of DVD-Ranger have eliminated the Cinavia’s signal during the development of other software by accident. The Cinavia’s signal has been changed so that it has become unreadable. They have not fought against the Cinavia’s system directly; it is more likely triggered by a design error of Cinavia itself.

    Pixbyte has chosen the release date for the DVD-Ranger 5 with Cinavia module to be 10/31/2012 (Halloween). At the moment, the solution is being tested by well known people in the world of copying. Approx. 55% of all reported Blu-ray Region A/B disks and DVDs have been successfully tested so far. It will be also tested on PS3, various Blu-ray players and PowerDVD.

    Pixbyte is known by the DVD neXt COPY Software and DVD-Ranger products line. Pixbyte has been present for about 10 years on the backup and copy software market.

    Price and availability: DVD-Ranger 5 is currently available as pre-order at a price of $69.99. The final release price will be approx. $89.99. The Cinavia module will cost approx. $39.99 (included in pre-order).

    About Pixbyte:
    Pixbyte is a trusted and respected researcher and developer of CD/DVD and BD recording and conversion technology. Its products are sold worldwide and are utilized by end-users and companies. The products are designed to provide speed and quality of copy operations and are developed continually in accordance with technological progress.
    Reply
  • Cypher1994 - Saturday, August 17, 2013 - link

    I like your Stanley Kubrick reference. Reply
  • ceceliagibson - Thursday, September 05, 2013 - link

    Hi very useful info about cinavia errors, this will protect playstation devices against playing un authorized movies. Reply
  • DVDRanger - Saturday, October 12, 2013 - link

    Cinavia has been broken by a software company. I suggest to search for DVD-Ranger and CinEx to forget Cinavia forever. Reply

Log in

Don't have an account? Sign up now