BackupHDDVD

According to the creator of BackupHDDVD, he or she first set out to circumvent AACS to bypass a restriction in software HD DVD players which reduced the quality of AACS restricted 1080p high definition video to that of standard definition DVD video or refused to play outright unless an HDCP compliant chain of video hardware was present. At the time only a few computer monitors and video cards supported HDCP. As a result, configurations that would have allowed high-definition HD DVD viewing in software players were exceptionally rare.{{cite magazine|url=http://www.pcworld.com/article/id,126345-page,1/article.html|magazine=PC World|author=Tom Mainelli|title=GeekTech: Want to View HD Content on Your PC? Upgrade Wisely|date=2006-07-13|access-date=2007-05-04|archive-date=2007-09-30|archive-url=https://web.archive.org/web/20070930190210/http://www.pcworld.com/article/id,126345-page,1/article.html|url-status=dead}}{{cite web|url=https://arstechnica.com/news.ars/post/20060214-6177.html|website=Ars Technica|author=Ken Fisher|title=The truth behind HDCP and video card support|date=2006-02-14|access-date=2007-05-04| archive-url= https://web.archive.org/web/20070406192527/http://arstechnica.com/news.ars/post/20060214-6177.html| archive-date= 6 April 2007 | url-status= live}}

On December 18, 2006, a video which showed BackupHDDVD being used to decrypt and copy the film Full Metal Jacket to a hard drive was uploaded to YouTube.{{cite web|url=https://news.yahoo.com/s/nf/20061230/tc_nf/49022|title= Hacker Cracks High-Def DVD Encryption System|date=2006-12-30| access-date=2007-01-02}} {{Dead link|date=September 2010|bot=H3llBot}} Two days after the video was uploaded, the initial version of the utility along with its source code and documentation was uploaded to a file hosting service. A link to the file was then posted by the utility's creator on the forums of Doom9, a website devoted to DVD backup. The utility's documentation, along with the forum post, contained little information as to how necessary keys could be obtained. The author elaborated in another forum post, claiming that keys could be obtained by exploiting the necessity for them to be held in memory to allow playback in player software.

On January 2, 2007, the author posted the 1.0 version of the BackupHDDVD utility, which included support for the decoding of discs using volume keys.{{cite web|url=http://effectu.com/index.php?option=com_content&task=view&id=363|author=Michael O'Connor|title= BackupHDDVD v1.00 Released|date=2007-01-02| access-date=2007-01-02| archive-url= https://web.archive.org/web/20070114024443/http://effectu.com/index.php?option=com_content&task=view&id=363| archive-date= 14 January 2007 | url-status= live}} For several weeks following the utility's release no success using the author's key extraction technique was reported.{{cite web|url=https://www.engadget.com/2006/12/27/aacs-drm-cracked-by-backuphddvd-tool/|title= AACS DRM cracked by BackupHDDVD tool?| author=Block, Ryan|publisher=Engadget|date=2006-12-27| access-date=2007-01-02| archive-url= https://web.archive.org/web/20070102172230/http://www.engadget.com/2006/12/27/aacs-drm-cracked-by-backuphddvd-tool/| archive-date= 2 January 2007 | url-status= live}}{{cite web|url=https://arstechnica.com/news.ars/post/20061228-8510.html|title= HD DVD reportedly cracked, but difficult to verify|author=Ken Fisher|website=Ars Technica|date=2006-12-28| access-date=2007-01-02| archive-url= https://web.archive.org/web/20070103080047/http://arstechnica.com/news.ars/post/20061228-8510.html| archive-date= 3 January 2007 | url-status= live}} In mid-January 2007, a volume key was published by another member of the Doom9 forum along with an explanation of the technique used to obtain it. Other forum members quickly discovered keys for different titles. Keys for many discs are now readily available on the internet.

Further development of BackupHDDVD was being hosted on SourceForge until the site received a DMCA takedown notice alleging a violation in late February. In compliance with the notice, the project was immediately removed. Several versions of BackupHDDVD have been released by individuals other than the original author, including some versions with GUIs and the ability to locate keys on the internet or scan for them in memory automatically. HDDecrypter, a port of BackupHDDVD to C with a native Windows GUI is also available. This version supports multiple CPU threads and runs faster than its Java counterparts. While development of BackupHDDVD has ceased, a commercial HD DVD decryption utility called Slysoft AnyDVD HD exists which relies on compromised AACS processing or media keys to allow for the backup or unrestricted viewing of any AACS-protected discs without the need for title or volume keys.{{cite news|url=http://www.dailytech.com/article.aspx?newsid=6065|title=All Blu-ray Disc and HD DVD Encryption Defeated by Single Key|author=Marcus Yam|work=DailyTech|date=2007-02-13|access-date=2007-02-16|archive-url=https://web.archive.org/web/20070219103417/http://www.dailytech.com/Article.aspx?newsid=6065|archive-date=2007-02-19|url-status=dead}}{{cite magazine|url=https://www.pcmag.com/article2/0,1895,2094932,00.asp |title=Beta Software to Copy HD DVDs Released |author=Mark Hachman |magazine=PC Magazine |date=2006-02-14 |access-date=2007-02-20 |archive-url=https://web.archive.org/web/20070223023506/http://www.pcmag.com/article2/0%2C1895%2C2094932%2C00.asp |archive-date=23 February 2007 |url-status=live }}

Image:AACS dataflow.svg

{{main|Advanced Access Content System}}

The AACS Licensing Authority (LA) assigns a series of 253 unique cryptographic keys to device manufacturers. When an AACS protected disc is manufactured, a series of up to 64 keys called title keys are generated and the video content on the disc is encrypted using these keys. The title keys are stored on the disc and themselves encrypted with another key called the volume unique key. The volume unique key for any disc can be calculated by all authorized devices using another key called a processing key, which is derived from a media key block stored on each disc. Authorized devices use one or more of the manufacturer's assigned device keys to decrypt the media key block, yielding a processing key and enabling further decryption of the volume and title keys, and finally the content.{{cite web|url=http://forum.doom9.org/showthread.php?t=122363|title=Understanding AACS (including Subset-Difference)|author=arnezami|date=2007-02-17|access-date=2007-03-18| archive-url= https://web.archive.org/web/20070303012909/http://forum.doom9.org/showthread.php?t=122363| archive-date= 3 March 2007 | url-status= live}}

If a device key is to be revoked, the media key blocks on all discs manufactured after the time of revocation are encrypted in a way which does not enable the revoked device to obtain a valid processing key.{{cite web|url=http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf|title=Introduction and Common Cryptographic Elements|author=AACS-LA|access-date=2007-03-22|archive-url=https://web.archive.org/web/20070302130221/http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf|archive-date=2007-03-02|url-status=dead}} Users trying to view new content on a revoked player would be forced to upgrade their player software to a more secure version, thereby limiting the scope of the compromise each time an exploit is discovered.{{cite web|url=http://www.betanews.com/article/Studios_Take_Claims_of_AACS_Crack_Seriously/1167427818|title= Studios Take Claims of AACS Crack Seriously|date=2006-12-29|author=Scott M. Fulton, III|publisher=BetaNews| access-date=2007-01-02| archive-url= https://web.archive.org/web/20070101225526/http://www.betanews.com/article/Studios_Take_Claims_of_AACS_Crack_Seriously/1167427818| archive-date= 1 January 2007 | url-status= live}}{{cite web|url=http://www.reghardware.co.uk/2006/12/28/hddvd_crypto_cracked/|title=HD DVD anti-rip encryption cracked|date=2006-12-28|author=Tony Smith|website=The Register|access-date=2007-01-02|archive-url=https://web.archive.org/web/20070103062420/http://www.reghardware.co.uk/2006/12/28/hddvd_crypto_cracked/|archive-date=3 January 2007|url-status=dead}} While a compromised device or processing key could be used to decrypt a large number of discs, BackupHDDVD does not use these keys because they can be revoked by AACS LA. Because the AACS revocation system works by preventing a given device or player from calculating a valid volume unique key, BackupHDDVD circumvents the system entirely by relying on volume or title keys leaked from authorized players. With these keys BackupHDDVD is not subject to device revocation and is able to decrypt the content directly, bypassing the key exchange and verification process.{{cite web|url=https://www.theregister.co.uk/2007/05/04/aacs_crack/|title=Latest AACS crack 'beyond revocation'|author=John Leyden|website=The Register|date=2007-04-04|access-date=2007-05-05| archive-url= https://web.archive.org/web/20070507083451/https://www.theregister.co.uk/2007/05/04/aacs_crack/| archive-date= 7 May 2007 | url-status= live}}{{cite web|url=https://arstechnica.com/news.ars/post/20070415-aacs-cracks-cannot-be-revoked-says-hacker.html|title=New AACS cracks cannot be revoked, says hacker|author=Jeremy Reimer|website=Ars Technica|date=2007-03-15|access-date=2007-05-05| archive-url= https://web.archive.org/web/20070505034539/http://arstechnica.com/news.ars/post/20070415-aacs-cracks-cannot-be-revoked-says-hacker.html| archive-date= 5 May 2007 | url-status= live}}

Users must have either found decryption keys themselves or obtained them elsewhere for most versions of BackupHDDVD to work. The utility reads a text file containing volume or title keys and attempts to find a set of corresponding keys for the inserted disc. Through a standard AES library, it then decrypts each video file on the disc using the appropriate keys and writes the results to a location specified by the user. Direct file decryption allows the utility's functionality to remain unaffected by device key revocation and its performance unencumbered with AACS overhead.

Originally intended to be a proof of concept, BackupHDDVD is severely limited in its ability to produce fully functional copies of commercial discs. Early versions were unable to properly decrypt discs which used the in-movie experience technology. New versions work around this limitation by excluding interactive content from decrypted copies. The utility cannot process HD DVD navigation functionality which enables menus, chapters, secondary audio tracks and subtitles, so these features are inaccessible in copies created by BackupHDDVD. Most versions provide no validation for keys and will still attempt to decrypt a disc's contents with an incorrect key, resulting in corrupt files.

Under United States anti-circumvention law created by the Digital Millennium Copyright Act, BackupHDDVD may qualify as a device primarily intended to "circumvent a technological measure that effectively controls access to a [protected] work." If identified as such, it would be illegal to use or distribute.

Reaction to the utility by Doom9 forum members, bloggers, and mainstream media has ranged from supportive to intensely hostile. By some, the circumvention of AACS was seen as a reaffirmation of fair use. Others felt that the utility was no more than a piracy tool and would bring about group punishment against consumers in the form of player revocation. One article compared proponents of BackupHDDVD to terrorists.{{cite web|url=http://www.dvdfile.com/index.php?option=com_content&task=view&id=5932&Itemid=11|title=The HD Disc Hacks|date=2007-02-21|access-date=2007-03-18|archive-url = https://web.archive.org/web/20070316113644/http://www.dvdfile.com/index.php?option=com_content&task=view&id=5932&Itemid=11 |archive-date = March 16, 2007|url-status=dead}} When the release of the tool was first publicized, several articles claimed that AACS had been cracked. In fact no cryptographic weaknesses constituting a crack have yet been found in AES, the underlying cryptographic system of AACS. Keys are actually obtained through a side-channel attack.

Initially, it was thought that the compromise of HD DVD's security would entice some studios into adopting the competing Blu-ray format, but Blu-ray's AACS implementation has since been circumvented using a similar method. However, Blu-ray offers an additional layer of protection called BD+.

There was some speculation that the player used by the utility's author to obtain keys would be revoked. Cyberlink, which sells the PowerDVD player software, was quick to deny that its software could be used to obtain keys.{{cite web|url=http://www.engadgethd.com/2007/01/02/cyberlink-responds-to-backuphddvd-crack-it-wasnt-us/|author=Richard Lawler|publisher=Engadget HD|title= Cyberlink responds to BackupHDDVD crack: It wasn't us|date=2007-01-02| access-date=2007-01-02| archive-url= https://web.archive.org/web/20070107174954/http://www.engadgethd.com/2007/01/02/cyberlink-responds-to-backuphddvd-crack-it-wasnt-us/| archive-date= 7 January 2007 | url-status= live}} Corel was silent about the role its WinDVD software had played in the leaking of volume and title keys. Both companies have since released updates for their player software.

The consortium behind the HD DVD format and the studios delivering films on the format did not release an official statement beyond that they were investigating the utility.{{Cite news |last=Markoff |first=John |date=2007-01-01 |title=Studios' DVDs Face a Crack in Security |language=en-US |work=The New York Times |url=https://www.nytimes.com/2007/01/01/technology/01hack.html |access-date=2023-01-29 |issn=0362-4331}} On January 24, 2007 AACS LA issued a statement acknowledging that AACS security had been compromised while urging software vendors to limit the availability of keys in memory.{{cite web| url=http://www.aacsla.com/press| title=RESPONSE TO REPORTS OF ATTACKS ON AACS TECHNOLOGY| date=2007-01-24| access-date=2007-01-31| archive-url=https://web.archive.org/web/20070204103232/http://www.aacsla.com/press| archive-date=4 February 2007| url-status=dead}} Beginning with discs manufactured in late April, versions of PowerDVD and WinDVD responsible for leaking keys have been revoked and free updates are available to owners of affected versions.{{cite web|url=https://arstechnica.com/news.ars/post/20070407-corel-updates-windvd-to-stop-aacs-hackers.html| title=Corel updates WinDVD to stop AACS hackers| author=Reimer, Jeremy|website=Ars Technica|date=2007-04-07| access-date=2007-04-15| archive-url= https://web.archive.org/web/20070505112742/http://arstechnica.com/news.ars/post/20070407-corel-updates-windvd-to-stop-aacs-hackers.html| archive-date= 5 May 2007 | url-status= live}}

{{Reflist|2}}

• [http://forum.doom9.org/showthread.php?t=119871 Original post] at Doom9

Category:2006 software

Category:DVD rippers

Category:Video software

Category:Digital rights management circumvention software

Category:Windows-only freeware