Quote:
Originally Posted by FoxDisc
I might as well go on a bit further from my last post. The processing key that arnezami found is a key that corresponds to a S-D set that all devices are members of and all devices can therefore calculate. If arnezami or muslix64 had just popped up and said here's the processing key, no one at AACS would have been sure where that key came from. Any device could have found it in theory. Lots of people are wondering why they did it this way.
|
arnezami did it that way just because he didn't get a Device Key set. He got a Processing Key, and this Processing Key can be revoked no matter if AACS LA knows how (or from) arnezami got it.
Revoking a key is just stop releasing new movies encrypted with that key.
Quote:
They could have done some things to help them figure out where it came from and that process is called "traitor tracing." It turns out they have some sophisticated procedures using what are called "sequence keys" to help with traitor tracing, but as far as anyone can tell, they are not using that method.
|
So let's wait until they start using Sequence Keys. BTW, AFAIK Sequence Keys say nothing about where the Processing Key is from, but i have not read completely spec chapter about Sequence Keys.
Quote:
Purely to help understand S-D sets, here is another way they could have done this - they could have divided all the devices up into two S-D sets. Using the convenient number tree quoted in my last post, one set would be the S-D set including: the set of all devices below node 1 minus the set of all devices below node 3. That S-D set would be devices 8, 9, 10 and 11. That S-D set would have only one processing key and only those devices could have figured it out.
The other S-D set would be: the set of all devices below node 1 minus the set of all devices below node 2. That S-D set would be devices 12, 13, 14 and 15. That S-D set would also have only one processing key, different from the first and only devices 12-15 could have figured it out.
Those two S-D sets do not overlap. Using the AACS system, they would have encrypted the media key twice, once with the processing key for the first set above and once for the second set above. Then when the processing key leaked, they would have known which of the two groups it came from. All devices could have decrypted the media key, but only with the processing key they knew how to get.
|
So attacker publish both Processing Keys, because he can derive both (as any player). Just an example: device 12 has keys 13,7, 2 so it can derive any Leaf Device Key except key 12.