Technology‎ > ‎

Content Scramble System

Content Scramble System (CSS) is a Digital Rights Management (DRM) and encryption system employed on almost all commercially produced DVD-Video discs. CSS utilizes a proprietary 40-bitstream cipher algorithm. The system was introduced around 1996 and was first compromised in 1999.

The purpose of CSS is twofold:

  1. CSS prevents byte-for-byte copies of an MPEG (digital video) stream from being playable since such copies do not include the keys that are hidden on the lead-in area of the restricted DVD.
  2. CSS provides a reason for manufacturers to make their devices compliant with an industry-controlled standard, since CSS scrambled discs cannot in principle be played on noncompliant devices; anyone wishing to build compliant devices must obtain a license, which contains the requirement that the rest of the DRM system (region codesMacrovision, and user operation prohibition) be implemented.[1]

While most CSS-decrypting software is used to play DVD videos, other pieces of software (such as DVD DecrypterAnyDVDDVD43Smartripper, and DVD Shrink) can copy a DVD to a hard drive and remove Macrovision, CSS encryption, region codes, and User operation prohibition.

CSS has been superseded by newer DRM schemes such as Content Protection for Recordable Media (CPRM), or by Advanced Encryption Standard (AES) in the Advanced Access Content System(AACS) DRM scheme used by HD DVD and Blu-ray Disc, which have 56-bit and 128-bit key sizes, respectively, providing a much higher level of security than the 40-bit key size of CSS.

Contents

 [hide]

[edit]Terminology

Authentication
a process for a DVD drive and CSS Decryption module to recognize (or authenticate) each other; this is normally necessary before reading data from a CSS-encrypted DVD, and an authenticationkey is used for this purpose. Authentication can be bypassed with a brute-force attack (see below).
Title key
used for scrambling and descrambling DVD data known collectively as a title, which could be a complete motion picture, a trailer, or some similar self-contained unit.
Disc key
used for decrypting a title key on a DVD.
Player key
used for decrypting a disc key on a DVD; each DVD player manufacturer is allocated one of approximately 400 player keys to incorporate in its players.

[edit]Method

The CSS key sets are licensed by the DVD Copy Control Association to manufacturers who incorporate them into products such as DVD movie releases, drives, and players. Most DVD players are equipped with a CSS Decryption module. The generic term CSS key may refer to an authentication key used in the CSS secure handshake with a descrambler, a disc key, a player key, a title key, a secured disk key set, or an encrypted title key.

Disc keys are stored on the lead-in area of the disc, an area which a compliant drive is only supposed to read in a special way; CSS does not prevent the raw image of a DVD from being copied to a hard drive, but such a copy is unusable without the keys, which can only be retrieved with authentication. The key area is not present on DVD-R discs, thus preventing the trivial copying of a CSS-encrypted DVD to a DVD-R. However, the key area is present on DVD+R discs, but most drives refuse to write to it. Keys can be passed from a DVD drive to a descrambler over a data bus using a secure (but now compromised) handshake protocol.[1]

[edit]Cryptanalysis

In October 1999, Jon Lech Johansen and two people who have remained anonymous reverse engineered CSS and created DeCSS to share the exploit with others; this is an example of the trusted client problem. Not long after, CSS was further revealed to be easily susceptible to a brute force attack, which is implemented by the widely used libdvdcss; the brute-force attack works even if the keys can not be retrieved from the lead-in area, as is the case when the DVD's region code is different from that of the drive. This allows region-free DVD player software to work with region-locked drives.

CSS's weakness is primarily due to the regulations placed on the export of cryptographic systems from the United States;[2] at the time that CSS was introduced, it was forbidden to export systems that employ keys in excess of 40 bits, a key length that had already been proven to be wholly inadequate in the face of increasing computer processing power (see Data Encryption Standard). In addition, structural flaws in CSS reduce the effective key length to only around 16 bits, allowing for CSS to be compromised in less than a minute by brute-force with a 450 MHz processor;[3] because a 450 MHz processor is the official minimum computational requirement for playing an unencrypted DVD-compliant MPEG-2 videostream, this effectively means that any computer that can decode a DVD entirely in software can also crack a CSS-encrypted DVD.

In Geeks Bearing Gifts, author Ted Nelson states "DVD encryption was intentionally made light by the DVD encryption committee, based on arguments in a libertarian book Computer Lib.", a claim cited as originating from personal communication with ananonymous source; Nelson also wrote Computer Lib.[4]

[edit]See also

Comments