Encrypted Title Key is an encrypted key that belongs to anticopy

Advanced Access Content System The Advanced Access Content System (AACS) is a standard for content distribution and digital rights management, intended to restrict access to and copying of the post-DVD generation of optical discs. The specification was publicly released in ...

(AACS). This key is included in the

Media Key Block The Media Key Block (MKB) is one of the keys included inside the copying protection system (DRM) AACS. This system is used to prevent Blu-ray and HD DVD formats from being copied. The system was developed by companies from the film industry and t ...

system and is an important part of the content protection process of Blu-ray and HD-DVD contents.

What is it used for?

The main objective of the Encrypted Title Key is to reinforce the discs’ content security during the decryption process of content stored in the media. The content stored in medias like Blu-ray or HD-DVDs is composed and divided in information units called Titles. The owner of the protected contents, divide this information in the form of one or more Titles. It also provides a license to the player, a series of rules called Usage Rules which will be used later on to decrypt the disc information. To protect the content, the information units are encrypted using encryption keys called

Title Keys A title is one or more words used before or after a person's name, in certain contexts. It may signify either generation, an official position, or a professional or academic qualification. In some languages, titles may be inserted between the f ...

. To achieve more security and so that the key obtention process cannot be obtained by player without license, the Title Keys are encrypted giving as a result the Encrypted Title Keys. The licensed replicator shall select a secret, random Title Key for each Title to be protected. Each Title Key shall be used to encrypt the content of its corresponding Title, as specified for each supported content format elsewhere in this specification. At the replicator’s discretion, a given Title may be encrypted using the same Title Key for all instances of pre-recorded media, or different Title Keys may be used for different instances.

Decryption Procedure

So that the players with license can achieve reading the discs’ content, there are some decryption procedures before achieving the reading. The discs have a volume identifier called VID ( Volume ID), the Encrypted Title Key and a decryption key (

The players have some keys, according to each model, called

Device Keys Device Keys play a role in the cryptographic key management procedure in the Advanced Access Content System (AACS) specification. This specification defines a method for protecting audiovisual entertainment content, including high-definition conte ...

, which are granted by the AACS organization. In the reproduction moment, one of these keys decrypts the contained MKB in the disc and as a result of this process, the Media Key, is obtained. The Media Key is combined with the VID (Volume ID) and the Volume Unique Key (KVU) is originated so that the decryption of the Encrypted Title Key can finally be done and in consequence the necessary Title Key is obtained to decrypt and reproduce the discs’ content. To codify the Encrypted Title Key, a codification is made following the next formula: AES-128E (Kvu, Kt ⊕ Nonce ⊕ AES_H(Volume ID , , title_id)) It is possible to demonstrate, with a simple analysis of the formula, that the result is obtained of a combination between the Volume ID and a Title identifier obtained from the Media Key, giving as a result the Kvu (Volume Unique Key). AACS dataflow

Decryption Problems

Although the process of updating all the Title Keys for an application usually takes a very small amount of time (much less than a second), it is a critical time. If the device were to fail during the re-encryption process, the user's content might be lost. To reduce the risk of user loss, recording devices shall begin the reencryption process by renaming the old MKB to a temporary name before writing the new MKB. When the device completes the re-encryption process, it shall delete the temporary MKB. If any recorder discovers a temporary MKB on a piece of media, it is an indication that the encrypted Title Keys might be corrupted. The device shall perform one of the following protocols to recover the corrupted encrypted Title Keys. Which protocol is chosen depends on where the encrypted Title Keys are stored in the particular application. A device re-encrypting Title Keys as a normal result of updating a recordable MKB shall also use these same protocols. These protocols are: - Recovery Protocol When the Encrypted Title Keys are in a Separate File: In this case, the original recording device shall rename the old encrypted Title Keys to a defined temporary name before beginning to write the new encrypted Title Key File. -Recovery Protocol When the Encrypted Title Keys are in the Content File: In the extreme case, each content file contains its own encrypted Title Key. In that case, it is not likely that there is a temporary version of the encrypted Title Keys.

Where is it located?

The Encrypted Title Keys are located in the Blu-ray and HD-DVDs where there is content to reproduce by the player with license. The information stored in the discs is found divided in three different parts: Reading/Writing area, read-only area and protected area. The Encrypted Title Keys are found in the Reading/Writing area with the Media Key Block, the Usage Rules and the encrypted content.

Sources

Introduction and Common Cryptographic Elements
Rev 0.91
AACS Technical Overview
7/2004

References

{{Reflist

External links

AACS web page

ACCS users Guide
Advanced Access Content System