Doom9's Forum - View Single Post - Understanding AACS (including Subset-Difference)

FoxDisc · 25th February 2007, 13:49

My two long explanatory posts were an effort to follow in arnezami's footsteps and simplify, simplify.

The first post was an attempt to explain the simple concept of overlapping groups of device with an associated secret number assigned to each group. I was focusing on the "why" overlapping groups were chosen. By giving the secret number to everyone in a group, and not giving it to anyone else, the AACSLA could shift initial key storage away from the disc and into the player devices.

The second post was an attempt to explain why they chose the specific type of overlapping groups (S-D sets). S-D sets do seem like an odd choice, but they were chosen out of the necessity to have lots and lots of such groups. I was focusing on "why" they needed so many groups - again to minimize the space used on the discs, but this time it was for minimizing space used up for each revocation.

On the issue of terminology:
I started off trying not to use any words from the spec for the secret number assigned to a group. I should have tried harder. The terms "secret number," "secret key" "random number," pseudorandom number," "device key," "processing key" and "subsidiary device key" are all words that refer to the original simple concept of a secret number assigned to a group of devices. They are all either the secret number assigned to a group or they are some other number that can be used to calculate the secret number. The true name for that secret number when it's assigned to an S-D set is "processing key," but I started with ordinary sets, not S-D sets, so I didn't want to call the secret number a processing key and I didn't want to go into details of how processing keys were derived from device keys.

25th February 2007, 13:49	#94 \| Link
FoxDisc Registered User Join Date: Jan 2007 Posts: 274	My two long explanatory posts were an effort to follow in arnezami's footsteps and simplify, simplify. The first post was an attempt to explain the simple concept of overlapping groups of device with an associated secret number assigned to each group. I was focusing on the "why" overlapping groups were chosen. By giving the secret number to everyone in a group, and not giving it to anyone else, the AACSLA could shift initial key storage away from the disc and into the player devices. The second post was an attempt to explain why they chose the specific type of overlapping groups (S-D sets). S-D sets do seem like an odd choice, but they were chosen out of the necessity to have lots and lots of such groups. I was focusing on "why" they needed so many groups - again to minimize the space used on the discs, but this time it was for minimizing space used up for each revocation. On the issue of terminology: I started off trying not to use any words from the spec for the secret number assigned to a group. I should have tried harder. The terms "secret number," "secret key" "random number," pseudorandom number," "device key," "processing key" and "subsidiary device key" are all words that refer to the original simple concept of a secret number assigned to a group of devices. They are all either the secret number assigned to a group or they are some other number that can be used to calculate the secret number. The true name for that secret number when it's assigned to an S-D set is "processing key," but I started with ordinary sets, not S-D sets, so I didn't want to call the secret number a processing key and I didn't want to go into details of how processing keys were derived from device keys. Last edited by FoxDisc; 28th February 2007 at 20:04.