Advanced Access Content System
Advanced Access Content System (AACS) is a standard for content
distribution and digital rights management, intended to restrict
access to and copying of the post-DVD generation of optical discs. The
specification was publicly released in April 2005 and the standard has
been adopted as the access restriction scheme for
HD DVD and Blu-ray
Disc (BD). It is developed by AACS Licensing Administrator, LLC (AACS
LA), a consortium that includes Disney, Intel, Microsoft, Panasonic,
Warner Bros., IBM,
Toshiba and Sony. AACS has been operating under an
"interim agreement" since the final specification (including
provisions for Managed Copy) has not yet been finalized.
Since appearing in devices in 2006, several AACS decryption keys have
been extracted from software players and published on the Internet,
allowing decryption by unlicensed software.
1 System overview
1.2 Volume IDs
1.3 Decryption process
1.4 Analog Outputs
1.5 Audio watermarking
1.6 Managed Copy
3 Unlicensed decryption
5 Patent challenges
6 See also
8 External links
AACS uses cryptography to control and restrict the use of digital
media. It encrypts content under one or more title keys using the
Advanced Encryption Standard
Advanced Encryption Standard (AES). Title keys are decrypted using a
combination of a media key (encoded in a Media Key Block) and the
Volume ID of the media (e.g., a physical serial number embedded on a
The principal difference between AACS and CSS, the DRM system used on
DVDs and CDs, lies in how the device decryption keys and codes are
Under CSS, all players of a given model group are provisioned with the
same shared activated decryption key. Content is encrypted under the
title-specific key, which is itself encrypted under each model's key.
Thus each disc contains a collection of several hundred encrypted
keys, one for each licensed player model.
In principle, this approach allows licensors to "revoke" a given
player model (prevent it from playing back future content) by omitting
to encrypt future title keys with the player model's key. In practice,
however, revoking all players of a particular model is costly, as it
causes many users to lose playback capability. Furthermore, the
inclusion of a shared key across many players makes key compromise
significantly more likely, as was demonstrated by a number of
compromises in the mid-1990s.
The approach of AACS provisions each individual player with a unique
set of decryption keys which are used in a broadcast encryption
scheme. This approach allows licensors to "revoke" individual players,
or more specifically, the decryption keys associated with the player.
Thus, if a given player's keys are compromised and published, the AACS
LA can simply revoke those keys in future content, making the
keys/player useless for decrypting new titles.
AACS also incorporates traitor tracing techniques. The standard allows
for multiple versions of short sections of a movie to be encrypted
with different keys, while a given player will only be able to decrypt
one version of each section. The manufacturer embeds varying digital
watermarks in these sections, and upon subsequent analysis of the
pirated release the compromised keys can be identified and revoked
(this feature is called Sequence keys in the AACS specifications).
Volume IDs are unique identifiers or serial numbers that are stored on
pre-recorded discs with special hardware. They cannot be duplicated on
consumers' recordable media. The point of this is to prevent simple
bit-by-bit copies, since the Volume ID is required (though not
sufficient) for decoding content. On
Blu-ray discs, the Volume ID is
stored in the BD-ROM Mark.
To read the Volume ID, a cryptographic certificate (the Private Host
Key) signed by the
AACS LA is required. However, this has been
circumvented by modifying the firmware of some
HD DVD and Blu-ray
To view the movie, the player must first decrypt the content on the
disc. The decryption process is somewhat convoluted. The disc contains
Media Key Block
Media Key Block (MKB), the Volume ID, the Encrypted
Title Keys, and the Encrypted Content. The MKB is encrypted in a
subset difference tree approach. Essentially, a set of keys are
arranged in a tree such that any given key can be used to find every
other key except its parent keys. This way, to revoke a given device
key, the MKB needs only be encrypted with that device key's parent
Once the MKB is decrypted, it provides the Media Key, or the km. The
km is combined with the Volume ID (which the program can only get by
presenting a cryptographic certificate to the drive, as described
above) in a one-way encryption scheme (AES-G) to produce the Volume
Unique Key (Kvu). The Kvu is used to decrypt the encrypted title keys,
and that is used to decrypt the encrypted content.
Parts of this article (those related to --This needs to be updated so
it doesn't deal mostly with the obsolete HD-DVD format--) need to be
updated. Please update this article to reflect recent events or newly
available information. (November 2010)
Main article: Image Constraint Token
AACS-compliant players must follow guidelines pertaining to outputs
over analog connections. This is set by a flag called the Image
Constraint Token (ICT), which restricts the resolution for analog
outputs to 960×540. Full 1920×1080 resolution is restricted to HDMI
or DVI outputs that support HDCP. The decision to set the flag to
restrict output ("down-convert") is left to the content provider.
Warner Pictures is a proponent of ICT, and it is expected that
Paramount and Universal will implement down-conversion as well.
AACS guidelines require that any title which implements the ICT must
clearly state so on the packaging. The German magazine "Der Spiegel"
has reported about an unofficial agreement between film studios and
electronics manufacturers to not use ICT until 2010 – 2012.
However, some titles have already been released that apply ICT.
On 5 June 2009, the licensing agreements for AACS were finalized,
which were updated to make
Cinavia detection on commercial Blu-ray
disc players a requirement.
Managed Copy refers to a system by which consumers can make legal
copies of films and other digital content protected by AACS. This
requires the device to obtain authorization by contacting a remote
server on the Internet. The copies will still be protected by DRM, so
infinite copying is not possible (unless it is explicitly allowed by
the content owner). It is mandatory for content providers to give the
consumer this flexibility in both the
HD DVD and the
(commonly called Mandatory Managed Copy). The
adopted Mandatory Managed Copy later than HD DVD, after HP requested
Possible scenarios for Managed Copy include (but are not limited to):
Create an exact duplicate onto a recordable disc for backup
Create a full-resolution copy for storage on a media server
Create a scaled-down version for watching on a portable device
This feature was not included in the interim standard, so the first
devices on the market did not have this capability. It was
expected to be a part of the final AACS specification.
In June 2009, the final AACS agreements were ratified and posted
online, and include information on the Managed Copy aspects of AACS.
On 24 February 2001, Dalit Naor, Moni Naor and Jeff Lotspiech
published a paper entitled "Revocation and Tracing Schemes for
Stateless Receivers", where they described a broadcast encryption
scheme using a construct called Naor-Naor-Lotspiech subset-difference
trees. That paper laid the theoretical foundations of AACS.
AACS LA consortium was founded in 2004. With
IEEE Spectrum magazine's readers voted AACS to be one
of the technologies most likely to fail in the January 2005 issue.
The final AACS standard was delayed, and then delayed again when
an important member of the
Blu-ray group voiced concerns. At the
request of Toshiba, an interim standard was published which did not
include some features, like managed copy. As of 15 October 2007,
the final AACS standard had not yet been released.
On 26 December 2006, a person using the alias "muslix64" published a
working, open-sourced AACS decrypting utility named BackupHDDVD,
looking at the publicly available AACS specifications. Given the
correct keys, it can be used to decrypt AACS-encrypted content. A
corresponding BackupBluRay program was soon developed. Blu-ray
Copy is a program capable of copying Blu-rays to the hard drive or to
blank BD-R discs.
Main article: Security of Advanced Access Content System
Both title keys and one of the keys used to decrypt them (known as
Processing Keys in the AACS specifications) have been found by using
debuggers to inspect the memory space of running
HD DVD and Blu-ray
player programs.   Hackers also claim to have found
Device Keys (used to calculate the Processing Key) and a Host
Private Key (a key signed by the
AACS LA used for hand-shaking
between host and HD drive; required for reading the Volume ID). The
first unprotected HD movies were available soon afterwards. The
processing key was widely published on the Internet after it was found
AACS LA sent multiple DMCA takedown notices in the aim of
censoring it. Some sites that rely on user-submitted content, like
Digg and, tried to remove any mentions of the key. 
Digg administrators eventually gave up trying to censor
submissions that contained the key.
The AACS key extractions highlight the inherent weakness in any DRM
system that permit software players for PCs to be used for playback of
content. No matter how many layers of encryption are employed, it does
not offer any true protection, since the keys needed to obtain the
unencrypted content stream must be available somewhere in memory for
playback to be possible. The PC platform offers no way to prevent
memory snooping attacks on such keys, since a PC configuration can
always be emulated by a virtual machine, in theory without any running
program or external system being able to detect the virtualization.
The only way to wholly prevent attacks like this would require changes
to the PC platform (see Trusted Computing) which could provide
protection against such attacks. This would require that content
distributors do not permit their content to be played on PCs without
trusted computing technology, by not providing the companies making
software players for non-trusted PCs with the needed encryption keys.
On 16 April 2007, the AACS consortium announced that it had expired
certain encryption keys used by PC-based applications. Patches were
available for WinDVD and PowerDVD which used new and uncompromised
encryption keys.  The old, compromised keys can still be used
to decrypt old titles, but not newer releases as they will be
encrypted with these new keys. All users of the affected players (even
those considered "legitimate" by the AACS LA) are forced to upgrade or
replace their player software in order to view new titles.
Despite all revocations, current titles can be decrypted using new MKB
v7, v9 or v10 keys widely available in the Internet.
Besides spreading processing keys on the Internet, there have also
been efforts to spread title keys on various sites. The AACS LA
has sent DMCA takedown notices to such sites on at least one
occasion. There is also commercial software (
AnyDVD HD) that can
circumvent the AACS protection. Apparently this program works even
with movies released after the
AACS LA expired the first batch of
While great care has been taken with AACS to ensure that contents are
encrypted right up to the display device, on the first versions of
HD DVD software players a perfect copy of any still
frame from a film could be made simply by utilizing the Print Screen
function of the Windows operating system. This was broken in
On 30 May 2007, Canadian encryption vendor
that AACS violated two of its patents, "Strengthened public key
protocol" and "Digital signatures on a Smartcard." The patents
were filed in 1999 and 2001 respectively, and in 2003 the National
Security Agency paid $25 million for the right to use 26 of Certicom's
patents, including the two that
Sony is alleged to have infringed
History of attacks against Advanced Access Content System
AACS encryption key controversy
^ Hongxia Jin; Jeffery Lotspiech;
Nimrod Megiddo (4 October 2006).
"Efficient Traitor Tracing" (PDF). Retrieved 2007-05-02.
^ "AACS Reference: Pre-recorded Video Book" (PDF). Retrieved
Blu-ray Disc Pre-recorded Book" (PDF). AACS LA. 27 July 2006.
p. 15. Archived (PDF) from the original on 6 November 2007.
^ a b Reimer, Jeremy (15 April 2007). "New AACS cracks cannot be
revoked, says hacker". Ars Technica. Archived from the original on 4
May 2007. Retrieved 2007-05-04.
^ Geremia (4 April 2007). "Got VolumeID without AACS
authentication :)". Doom9.net forums. Archived from the original
on 10 May 2007. Retrieved 2007-05-04.
Advanced Access Content System
Advanced Access Content System (AACS): Introduction and Common
Cryptographic Elements" (PDF). AACS Licensing Administrator. 17
February 2007. Retrieved 2007-06-05.
^ Sweeting, Paul (19 January 2006). "High-def 'down-converting'
forced". Video Business. Archived from the original on 15 April 2006.
^ Ken Fisher (21 May 2006). "Hollywood reportedly in agreement to
delay forced quality downgrades for Blu-ray, HD DVD". arstechnica.com.
Archived from the original on 5 November 2007. Retrieved
^ "HD DVD: "Resident Evil" nur in Standard-Auflösung via YUV".
areadvd.de (in German). 29 October 2007. Archived from the original on
11 January 2008. Retrieved 2007-11-02.
^ "AACS Issues Final Agreements, Enabling Commercial Deployment of
Blu-ray Disc Players" (Press release). Verance. 5 June
2009. Retrieved 11 October 2010.
^ "HP to Support HD-DVD High-definition DVD Format and Join HD-DVD
Promotions Group". 5 February 2006. Archived from the original on 4
May 2007. Retrieved 2007-05-03.
^ a b Perenson, Melissa J. (21 March 2006). "Burning Questions: No
Copying From First High-Def Players". PC World.
^ "HD DVD,
Blu-ray "Managed Copy" coming later this year".
arstechnica.com. Archived from the original on 26 May 2010. Retrieved
29 June 2010.
^ Dan Nicolae Alexa (28 December 2006). "HD DVD's AACS Protection
Bypassed. In Only 8 Days?!". playfuls.com. Archived from the original
on 10 February 2008. Retrieved 2007-10-25.
^ Katie Dean (15 July 2004). "Can Odd Alliance Beat Pirates?". Wired.
^ Tekla S. Perry (January 2007). "Loser: DVD Copy Protection, Take 2".
Spectrum Online. Archived from the original on 8 June 2007. Retrieved
^ Martyn Williams (14 December 2005). "
Toshiba Hints at HD-DVD Delay".
pcworld.com. Archived from the original on 5 October 2007. Retrieved
^ Craig Morris (14 February 2006). "AACS copy protection for Blu-ray
HD DVD delayed again". heise.de. Archived from the original
on 2 November 2007. Retrieved 2007-10-19.
^ Paul Sweeting (15 October 2007). "AACS still trying to manage
copying". contentagenda.com. Retrieved 2007-10-25.
^ Drawbaugh, Ben (24 January 2007). "BackupBluray available now too".
Engadget. Archived from the original on 16 May 2007. Retrieved
^ Broida, Rick (July 9, 2012). "Get
Blu-ray Copy (Win) for free".
CNET. Retrieved 2013-07-18.
^ "HD-DVD Content Protection already hacked?". TechAmok. 28 December
2006. Retrieved 2007-01-02.
^ "Hi-def DVD security is bypassed". BBC news. 26 January 2007.
Archived from the original on 5 May 2007. Retrieved 2007-05-02.
^ Block, Ryan (20 January 2007). "
Blu-ray cracked too?". Engadget.
Archived from the original on 23 January 2007. Retrieved
^ Leyden, John (23 January 2007). "
Blu-ray DRM defeated". The
Register. Archived from the original on 25 January 2007. Retrieved
^ "ATARI Vampire" (24 February 2007). "WinDVD 8 Device Key Found!".
Doom9.net forums. Retrieved 2007-05-04.
^ "jx6bpm" (3 March 2007). "PowerDVD private key". Doom9.net forums.
Archived from the original on 29 March 2007. Retrieved
^ Yam, Marcus (17 January 2007). "First Pirated HD DVDs Released".
DailyTech. Retrieved 2007-05-03.
^ "AACS licensor complains of posted key". Retrieved 2007-05-02.
^ Boutin, Paul (1 May 2007). "Locks Out "The Number"".
Wired. Archived from the original on 4 May 2007. Retrieved
^ Greenberg, Andy (2 May 2007). "Digg's DRM Revolt". Forbes. Archived
from the original on 4 May 2007. Retrieved 2007-05-04.
^ "DVD DRM row sparks user rebellion". BBC news. 2 May 2007. Archived
from the original on 16 May 2007. Retrieved 2007-05-02.
^ "Press Messages: AACS – Advanced Access Content System". Archived
from the original on 30 April 2007. Retrieved 2007-05-02.
^ Yam, Marcus (26 January 2007). "AACS Responds to Cracked
HD DVD and
Blu-ray Disc Protections". DailyTech. Retrieved 2007-05-03.
^ Lindsay Martell (26 January 2007). "
HD DVD Encryption
Cracked". NewsFactor Network. Retrieved 2007-05-29.
^ Alexander Kaplan (5 April 2007). "Illegal Offering of Title/Volume
Keys to Circumvent AACS Copyright Protection: hdkeys.com" (pdf). DMCA
takedown notice. Retrieved 2007-05-29.
^ Ryan Paul (7 May 2007). "Latest AACS revision defeated a week before
release". Ars Technica. Archived from the original on 20 May 2007.
^ "Work Around for New DVD Format Protections". Slashdot. 7 June 2006.
^ Edward Henning (7 July 2006). "Copy protection hole in
HD DVD movies". heise Security. Retrieved 2007-05-02.
^ Scott A. Vanstone; et al. (1 April 1999). "Strengthened public key
protocol". US Patent Office. Retrieved 2007-05-31.
^ Scott A. Vanstone; et al. (29 August 2001). "Digital signatures on a
Smartcard". US Patent Office. Retrieved 2007-05-31.
^ Nate Anderson (31 May 2007). "
Encryption vendor claims AACS
infringes its patents, sues Sony". Ars Technica. Archived from the
original on 2 June 2007. Retrieved 2007-05-31.
Wikinews has related news: High definition anti-piracy DRM possibly
Understanding AACS, an introductory forum thread.
ISAN homepage, ISAN as required in the Content ID defined in AACS
Introduction and Common Cryptographic Elements rev 0.91
libaacs, an open source library implementing AACS
Hal Finney on 'AACS and Processing Key', Hal Finney's post on
metzdowd.com cryptography mailing list
Broadcast encryption and digital rights management
Conditional access system
Smart cards and encryption
Digital video disc
Content Scramble System (CSS)
Advanced Access Content System
Advanced Access Content System (AACS)
Analogue broadcast encoding
See also free-to-view and pay television
Blu-ray (BD / BD-ROM)
Blu-ray Disc recordable (BD-R / BD-RE)
Blu-ray Disc Java (BD-J)
High Fidelity Pure Audio
High Fidelity Pure Audio (HFPA)
Blu-ray Disc region codes
Blu-ray & HD-DVD comparison
HDTV disc format war
Blu-ray Disc Association (BDA)
Blu-ray Disc Founders (BDF)
Blu-ray Disc recorder
Total Hi Def (THD)
China Blue High-definition Disc (CBHD/CH-DVD)
HDTV disc format war
Advanced Interactivity Consortium
HD DVD devices
HD DVD Movies