Studios’ DVDs Face a Crack in Security

SAN FRANCISCO, Dec. 31 — An anonymous computer programmer may have skewed the competition over standards for high-definition DVD discs by possibly defeating a scheme that both sides use to protect digital content.

The standards, HD-DVD and Blu-ray, are being backed by rival coalitions of Hollywood studios and consumer electronics and computer companies that are eagerly marketing a new generation of digital media players and video game machines tailored for widescreen TVs.

The HD-DVD coalition includes companies like Microsoft, Intel, Toshiba and NEC; the Blu-ray camp has Sony, Philips and Samsung. Among studios, Universal is exclusively backing HD-DVD. Paramount and Warner Brothers also support HD-DVD, but not exclusively. Representatives of Walt Disney, 20th Century Fox and Warner Brothers are on the board of the Blu-ray group.

The two groups have taken different technical approaches in their efforts to prohibit consumers from making copies of movies and other digital material stored on discs. Both groups use an encryption scheme known as Advanced Access Copy System. The Blu-ray system also adds a software-based component that makes it possible to modify the copy protection scheme on new discs if the old one is broken by hackers.

The standards are brand new, but it appears that the two groups’ copy protection schemes are already about to be tested.

The HD-DVD camp may have suffered a setback when the programmer, who identified himself as Muslix64, announced in the Internet discussion forum Doom9 on Dec. 18 that he had successfully copied movies distributed in the HD-DVD format. The note directed readers to a site where demonstration software he had written could be downloaded.

“I was not aware of anyone having done that, so I did,” he wrote.

In an accompanying video demonstration posted on the YouTube Web site, the programmer showed encryption keys for six movies and concluded by stating “A.A.C.S. is unbreakable? I don’t think so. Do you? Stay tuned for source code in January. Merry Christmas.”

Because the encryption system has a hierarchy of encryption keys, simply breaking the system for a single movie does not mean that it is possible to copy all movies.

Technical experts who have examined the software posted by Muslix64 said that it was only a partial solution for making copies of the digitally protected material, but that it did not bode well for the Advanced Access Content System.

“They’re playing with something that is incomplete, but it is still a troubling sign,” said Richard Doherty, the president of Envisioneering, a consumer electronics industry consulting firm.

The programmer has said that he plans to post more software on Tuesday, describing a more complete attack on A.A.C.S.

On Friday, the industry group that is completing the A.A.C.S. protection standard issued a short statement saying that it was aware of the claims but had not yet verified them.

If the person who identified himself as Muslix64 is able to create a complete version of a decryption program, or if others extend the software so that consumers without technical expertise can readily make copies of movies, that would create a crisis for the HD-DVD camp. That system contains a “revocation” mechanism for shutting down HD-DVD players whose encryption system has been compromised. But industry analysts say that taking such a step would give the HD-DVD system a tremendous black eye, angering consumers and shaking the confidence of Hollywood studios in the system.

Today’s DVDs are protected using an earlier encryption technique known as Content Scramble System, or C.S.S. That system was undermined in 1999 by a small group of programmers, and movie studios have said that the new A.A.C.S. would not fall victim to the same kind of technological attack.

The Blu-ray system adds modifiable copy protection software, known as BD Plus, that is based on an approach pioneered by a group of technologists at Cryptography Research in San Francisco as a safeguard in the event the A.A.C.S. is compromised. Industry executives said that Microsoft opposed the Cryptography approach because it would shift control to the studio and away from hardware makers.

If the HD-DVD protection system has indeed been compromised, it was not immediately clear which camp would benefit most directly.

Some posters in Internet discussion groups have argued that the cracking of HD-DVD may increase the popularity of the system among consumers eager to make copies of movies they have purchased.

At the same time, a weakened encryption system could undermine studio support, causing some to turn to the Blu-ray technology instead and giving the Blu-ray group an advantage in offering a wider range of content.