It was supposed to be unbreakable; a next-gen DRM solution. Yet a hacker named Muslix64 is now claiming he has cracked the Advanced Access Content System (AACS), the standard that is currently used by companies like Disney, Warner Brothers, IBM, Toshiba, Microsoft, and Sony to protect their high-definition HD-DVD and Blu-ray discs.
On Wednesday, Muslix64 posted BackupHDDVD, a tool for decrypting AACS protected movies, on a Doom 9 forum thread along with the volume and title keys needed to decrypt HD-DVD movies such as Full Metal Jacket and Van Helsing.
Muslix64's alleged exploit comes only a few months after hackers discovered that a copy of any still frame from within a film could be produced using the Print Screen function of Windows OS.
At the time, it was theorized that one could make a perfect copy of an entire film using this approach—in much the same way DVD films were copied before the advent of DeCSS, a computer program for decrypting content on a DVD disc that used the older Content-Scrambling System (CSS) standard. This method produces output data in the form of decompressed video as opposed to compressed video from the disc.
Content that is AACS-protected is encrypted using one or more title keys, according to the AACA home page. These keys are usually derived from a combination of a media key and other elements such as the physical serial number embedded on a DVD and a cryptographic hash of the title usage rules.
The main difference between AACS and CSS is in the ways that title-specific decryption keys are distributed. Under CSS, all players of a given model are assigned the same shared decryption key. That content is then encrypted under the title-specific key, which is itself encrypted under each model's key.
Earlier this year, IEEE Spectrum magazine voted AACS as one of the technologies most likely to fail precisely because of its similarities to past encryption schemes.