Encrypted Title Key

Encrypted Title Key is an encrypted key that belongs to anticopy Advanced Access Content System (AACS). This key is included in the Media Key Block system and is an important part of the content protection process of Blu-ray and HD-DVD contents.

What is it used for?

The main objective of the Encrypted Title Key is to reinforce the discs’ content security during the decryption process of content stored in the media. The content stored in medias like Blu-ray or HD-DVDs is composed and divided in information units called Titles. The owner of the protected contents, divide this information in the form of one or more Titles. It also provides a license to the player, a series of rules called Usage Rules which will be used later on to decrypt the disc information.

To protect the content, the information units are encrypted using encryption keys called Title Keys. To achieve more security and so that the key obtention process cannot be obtained by player without license, the Title Keys are encrypted giving as a result the Encrypted Title Keys.

The licensed replicator shall select a secret, random Title Key for each Title to be protected. Each Title Key shall be used to encrypt the content of its corresponding Title, as specified for each supported content format elsewhere in this specification. At the replicator’s discretion, a given Title may be encrypted using the same Title Key for all instances of pre-recorded media, or different Title Keys may be used for different instances.

Decryption Procedure

So that the players with license can achieve reading the discs’ content, there are some decryption procedures before achieving the reading. The discs have a volume identifier called VID (Volume ID), the Encrypted Title Key and a decryption key (Media Key Block).

Process to obtain the Media key, from the MKB and the Device Keys

The players have some keys, according to each model, called Device Keys, which are granted by the AACS organization. In the reproduction moment, one of these keys decrypts the contained MKB in the disc and as a result of this process, the Media Key, is obtained. The Media Key is combined with the VID (Volume ID) and the Volume Unique Key (KVU) is originated so that the decryption of the Encrypted Title Key can finally be done and in consequence the necessary Title Key is obtained to decrypt and reproduce the discs’ content.[1]

To codify the Encrypted Title Key, a codification is made following the next formula:

AES-128E (Kvu, Kt ⊕ Nonce ⊕ AES_H(Volume ID || title_id))

It is possible to demonstrate, with a simple analysis of the formula, that the result is obtained of a combination between the Volume ID and a Title identifier obtained from the Media Key, giving as a result the Kvu (Volume Unique Key).

decrypted AACS process

Decryption Problems

Although the process of updating all the Title Keys for an application usually takes a very small amount of time (much less than a second), it is a critical time. If the device were to fail during the re-encryption process, the user's content might be lost. To reduce the risk of user loss, recording devices shall begin the reencryption process by renaming the old MKB to a temporary name before writing the new MKB. When the device completes the re-encryption process, it shall delete the temporary MKB. If any recorder discovers a temporary MKB on a piece of media, it is an indication that the encrypted Title Keys might be corrupted. The device shall perform one of the following protocols to recover the corrupted encrypted Title Keys. Which protocol is chosen depends on where the encrypted Title Keys are stored in the particular application. A device re-encrypting Title Keys as a normal result of updating a recordable MKB shall also use these same protocols.

These protocols are:

- Recovery Protocol When the Encrypted Title Keys are in a Separate File: In this case, the original recording device shall rename the old encrypted Title Keys to a defined temporary name before beginning to write the new encrypted Title Key File.

-Recovery Protocol When the Encrypted Title Keys are in the Content File: In the extreme case, each content file contains its own encrypted Title Key. In that case, it is not likely that there is a temporary version of the encrypted Title Keys.

Where is it located?

Components localization in the disc media

The Encrypted Title Keys are located in the Blu-ray and HD-DVDs where there is content to reproduce by the player with license. The information stored in the discs is found divided in three different parts: Reading/Writing area, read-only area and protected area.

The Encrypted Title Keys are found in the Reading/Writing area with the Media Key Block, the Usage Rules and the encrypted content.

Sources

gollark: And use the proprietary drivers to enforce artificial restrictions.
gollark: Basically, they're hostile to FOSS driver development.
gollark: I only use musl on lightweight servery things.
gollark: It isn't ideal but does sort of mostly work okay ish.
gollark: Well, my laptop ships with an Nvidia card, and they are also the only ones supporting CUDA, which is required for various things.

References

  1. AACS reference (2006-02-17). "Recordable Video Book" (PDF). Archived from the original (PDF) on 2008-09-07. Retrieved 2008-12-15.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.