One of the most controversial issues related to HD DVD this year was related to the copy protection mechanism, AACS (advanced access content system). You might recall that controversy arose when some hackers published a code key that could be used to illegally copy some content on the news site Digg. When the site owners took down the key, a controversy broke out among their users.
The controversy had less to do with AACS than with Digg, but the association threatened to give a black eye to an effective content protection technology.
Richard Doherty, director of strategy for our Consumer Media Technology Group at Microsoft, recently took time to discuss some of the advantages of AACS and how it came to be the standard for copy protection for HD DVD.
Many people may not realize that AACS is the protection technology for both Blu-ray and HDDVD video formats. The DVD Forum when developing the HD DVD standard made a decision to keep the content protection system separate from the format. AACS then was developed as a separate system. According to Richard, the forum members believed that the systems would be more effective, and the movie studios, TV, and IT industries would be more supportive of a separate protection system.
Blu-ray originally had its own copy protection system, but as the competing formats were developing, the movie studios expressed a strong interest in trying to get the two working groups to join. The studios wanted to influence the content protection system and played a role in negotiating with the Blu-ray Disc Association, which ultimately chose to also use AACS.
It boils down to this: Content protection systems are not a competitive advantage for consumers. The studios need an effective system before they will release movies, and this is especially a concern for studios as they release high-definition content. But viewers don’t choose to buy a movie or a format because of its content protection system. Therefore, it behooves the industry to come together and agree on one effective system.
As the industry agreed on AACS, a working group was formed that created the specifications and adaptation books. The specifications are available to the public and anyone can find information on the Web to see how AACS is implemented.
That’s not a contradiction. Cryptographers believe a system is safe if it is peer reviewed and publicized – which makes it much better than a system designed in secrecy.
AACS is different from many other forms of content protection, also known as digital rights management (DRM). For example, Windows Media DRM, and Microsoft PlayReady content access technology are proprietary protection technologies. In some ways, these are more sophisticated in that they support many types of players, they support content transmission over the Internet for audio and video, and support a great deal of flexibility in rights management.
In contrast, AACS is designed for one specific purpose--protecting high-definition video on an optical disc.
As Richard put it: “We have been very clear about the application for which this was designed so there would be no confusion in the marketplace between it and other types of DRM systems that are designed to protect a broader group of content.”
With AACS, the disc authors encrypt the data on the disc, and the players in the field decrypt the data.
The working group that developed AACS learned from the experience of the DVD copy protection system, known as CSS. That system was rendered mostly ineffective after tools and methods to circumvent it were widely distributed.
AACS has more built-in flexibility, strong cryptography, and has some built-in safeguards against attacks, includes a more robust revocation mechanism. That means even if key codes or methods to get around AACS are widely distributed, the standards body can revoke the rights for a specific player or specific disc to play. For example, if the protection system for a specific brand of player, or the protection system for a specific video were broken and widely distributed, the standards body could revoke the rights for that player or video. It may mean a minor inconvenience for the player or video owner – nothing more than downloading an update, in most cases, similar perhaps to a common Windows Update. The benefit for the viewer is that it creates a more reliable system into which movie studios will continue to release new content.
In the Digg controversy, the codes posted online were extracted from two software media players, which made it possible for users to unlawfully circumvent the copy protection. The AACS standards body revoked the keys for those players. The software vendors then issued updates to their customers with new versions of the software with new keys. The updates are easy to install, and are required for future content. In effect, viewers who do not update their media players will not be able to play new video titles released after the date of the revocation.
A similar mechanism can be used to revoke AACS rights for hardware players. In such cases, new video discs could include instructions that prevent playing on certain specific players unless they have been patched. Although HD DVD players do have Internet connection capabilities, many players may not be connected. The patches after a revocation, therefore, could be distributed on the discs. “We did not want to disturb the business model of going to the store, buying a disc, going home and playing it,” Richard said.
AACS also provides the flexibility necessary in a content protection system. A disc owner will be able to make copies of the video that he or she buys. This right is known as “managed copy.” A movie owner will be able to at least make one copy on a hard drive, for example, to use in a home network or on a portable device. The details of managed copy in AACS are still being worked out. Points of discussion include (limited) exceptions to the requirement for all discs to offer a copy, and the breadth of offer availability. Studios will be able to control the price of the offers, and some have suggested making the first offer free.
Managed copy is partially a response to the DVD system breakdown. It is also a response to consumer demand. Studios also see it as a potential business opportunity, according to Richard, whether the managed copy be provided as an added value for disc owners to spur the purchase of movies, or perhaps in a scenario in which fees are charged depending on the type of copy.
“We tried to design a system that allows consumers to use content in the way they want.”