Quote:
Originally Posted by Losko
A couple of questions from a noob: - when you say some host certificate have been revoked, does it mean some device will stop decrypting discs? (btw, does "host" mean a PC? a set-top-box? a bluray drive?)
- if the Media Key Block can revoke some certificates, does this mean it is stored onto the bluray drive? and if it is, is this irreversible?
|
You would need to read the AACS specification to get a better understanding of how everything works
1. The host certificate is used in PC based systems (software player + bd-drive) to read the Volume Identifier (VID) and remove optional bus encryption. If the host certificate used by the player is revoked, the drive refuses to talk to the player. If you can't read the VID you cannot calculate the keys needed for disc decryption. However if all the keys for your disc are already in a database like the one from FindVUK, you no longer need the host certificate (unless the disc uses bus encryption you need it for playback but that's just a small percentage of BD discs. However, all UHD discs use it).
2. When you insert a disc in a drive, the drive compares the MKB version on the disc to the version stored in its flash memory. If the version is higher it overwrites the stored revocation list with the new one on the disc. From then on it's no longer possible to play new or old (!) discs with a revoked certificate. It's possible on some drives to "clear" the list with a firmware flashing tool like Dosflash but that's a dangerous tool that can easily brick your drive so it's not recommended