« Out-source your infrastructure | Main | Before the Internet, there was… »

Chasing the crypto tail…

With the entire hullabaloo about public revolt and the publishing of the HD DVD encryption key, I'm surprised to see so little coverage of the (two week old) response by the Advanced Access Content System Licensing Administration (AACSLA). The latest news section of the AACSLA web site has a press release dated April 16th, 2007 announcing the expiration of encryption keys…

"In response to attacks against certain PC-based applications for playing HD DVD and Blu-ray movie discs, Advanced Access Content System Licensing Administrator, LLC ("AACS LA") announces that it has taken action, in cooperation with relevant manufacturers, to expire the encryption keys associated with the specific implementations of AACS-enabled software."

The press release also has pointers to the web sites of two of the vendors of PC software players (Intervideo and Cyberlink) where consumers can download updated players that are necessary to avoid playback of the AACS-protected content being disabled.

The Interim AACS adopter's agreement has a provision (section 10, page 57) that provides for a mechanism to expire keys either based on time or if there is evidence that the key has been compromised. I haven't dug into the specification in detail but the folks who put this spec together thought through what would be needed to deal with compromised keys.

While the revocation process takes time to be effective, it's surprising that the AACSLA didn't just quietly expire the affected key back in January when the compromised key was published on the Internet.


The comments to this entry are closed.

My Photo


Intense Brit, lived in Silicon Valley since 1984. Avid pilot, like digital photography, ham radio and a bunch of other stuff. Official Geek.

Proud member of

Venture Capital

a FeedBurner Network

Subscribe to this network

Buy ads in this network

© 2006 - 2009 Stu Phillips

All Rights Reserved.