Warner to join Paramount in going HD DVD only?

[diogen]

It depends on who the small groups are. Very smart people working in groups can accomplish quite a bit.

IIRC, SlySoft is a team of about a dozen and 2-3 of them are the actual "brain"...

I don't know; CPU horsepower is getting dramatically cheaper each year -- and we know have Quad Core CPUs retailing < $300. Wouldn't be too expensive to set up a farm of them to do a brute force hack.

It would. Mathematically speaking, breaking AES-128 would require all the computer systems we have times ten running for a period of time longer than the age of the universe...

But it is likely that this won't be a brute force hack; as AACS and CSS weren't brute force hacks.

The proof-of-concept hack performed by DVD-Jon was not (Xing DVD player left the key unencrypted in memory).
But all todays DVD rippers use brute-force, IIRC. Otherwise we would see key revokation on DVDs, too (CSS does have this option as well).

These cryptosystems that you speak of are dramatically more complex than what is being deployed as AACS.

Just publish the white paper about the secure communication line between the US and Russia on the internet and we'll see...
I think its main advantage is the "security through obscurity" part.

Diogen.

 

[John Kotches]

IIRC, SlySoft is a team of about a dozen and 2-3 of them are the actual "brain"...

Hence a few very smart people

It would. Mathematically speaking, breaking AES-128 would require all the computer systems we have times ten running for a period of time longer than the age of the universe...

Assuming there are no changes to current aglorithmic means. Not necessarily a safe bet IMO.

The proof-of-concept hack performed by DVD-Jon was not (Xing DVD player left the key unencrypted in memory).

But all todays DVD rippers use brute-force, IIRC. Otherwise we would see key revokation on DVDs, too (CSS does have this option as well).

It's "only" AES-40. 8 years ago that was about 24 hours to crack on a high-end PC. You can do the math on how tough that is to crack today. Eight years; 5ish doublings? 2^5 = 32 so it would crack in under an hour. Maybe that's a generous estimate.

There's no elegance in a brute force attack though. I like elegance.

Just publish the white paper about the secure communication line between the US and Russia on the internet and we'll see...
I think its main advantage is the "security through obscurity" part.

First I have to get access to it Then I have to decide how much I value my freedom

 

[navychop]

Is anyone still coding in Cobol? Yeah, but I know you're laughing with me.

Yes, I came to hate COBOL.


You too are guilty of speaking in futures instead of today. That's nice; but it doesn't get the job done today.

The future is where most sales will be. No massive sales increases likely over the next year. J6P is not really in the game yet


This assumes a growth rate similar to DVD -- not a "gimme" IMO.

No, I don't believe the growth/adoption rate will be anywhere near DVD. But it will eventually get there in terms of volume, if the media approach survives. If a cheap DVD player goes for $60 and a DVD + high def player goes for $100, many folks will pay the freight.


We are of course free to vote with our wallets and buy whatever we want. So if we prefer region free titles; that's a possibility.

Studios seem to be counting on the desire for certain titles to drive customers to certain formats. Most folks pick a title they want to see. I believe a large majority of DVD owners today have no idea what region coding is. It doesn't affect them- they buy a title on a shelf in front of them, not from some overseas guy or importer.


And if it is hacked in 2-3 months after release is that considered a complete failure?

Hacked for one title, some copies of one title, all titles, .......??? We'll have to wing this one, until we learn more about BD+ in the real world.


It is impractical at this time -- when we're talking 25-30GB+ downloads.

Fios. Kids with good connections and days. Kids with access to Daddy's office & OC-1. Commercial level pirates with production gear. It's coming. Can't ignore it because it's years from spreading.


I believe that the content providers should be paid; but has piracy really impacted their revenue as much as is claimed?

Studio paranoia.


These cryptosystems that you speak of are dramatically more complex than what is being deployed as AACS. This isn't an apples to apples comparison.

With suitable application of the coin of the realm, studios, etc, could come up with something very advanced. The idea likely being to force the cracking to a very difficult brute force approach, perhaps by using key lengths never before seen in the commercial world. (I wouldn't count on it.) Genius can try other avenues to greatly reduce the possible key calculations needed. Smart guys might figure a way to just tap in to the software stream, or the hardware, to snatch the keys to the kingdom. I suspect they've spent only "just enough" to come up with something "good enough." Perhaps they've learned to respect the abilities of hackers. If not, and it's cracked early and completely, we may all lose.


Perhaps. BD+ is middle ground. I am very leery if some of the reported capabilities of BD+ are true. I hope they are not.

And I'll say one more thing. Some very, very smart people in the industrialized countries have come up with some very good codes for government and military use, using extremely advanced super computers. That level of work isn't going to be compromised by a group of smart guys using overclocked PCs. The question is- how close to that level of effort have the studios/format designers gone to? I'll bet they've used high speed "mainframes" or even massively parallel computers, but not nearly to the maximum extent possible. Again- did they put in the design effort to come up with a system that will last, with minor cracks, for a few years? Spend too little, early failure. Spend too much, loss of profits or even spending more than the value of what you're defending.

I hope BD+ holds, at least long enough to encourage the release of many, many titles. If it doesn't, I expect releases to dry up, or move only to catalog titles from years ago.

 

[diogen]

Assuming there are no changes to current aglorithmic means.

That remains the only unanswered question.
It would be nice to have the equivalent of the Abel's impossibility theorem in cryptography: no shortcuts in the search of keys.
But - no such luck. Hence, a method could be derived tomorrow to calculate encryption keys in a matter of seconds.
But I don't believe in that. Something like this would have to be developed in the academic world, and those guys don't keep secrets...

"Never assume malice when stupidity will suffice."

Diogen.

 

[mike123abc]

It would. Mathematically speaking, breaking AES-128 would require all the computer systems we have times ten running for a period of time longer than the age of the universe...

AES-128 is only approved by the NSA for secret information. Top secret requires 192 or 256 at this time. I doubt of course that the NSA would use a brute force attack against AES, there is probably some secret theories that could lead to significantly reducing the computation down to a level where they feel 128 can be beaten in a time frame that concerns them.

 

[JoeSp]

John, I have said many times that the HD-DVD format came out pretty much mature and that the BD format has been playing catch-up. And yes I am talking about the future -- the immeadiate future as in this XMAS. I hope we all make it. At that time we will be able to see if BD can deliver the same experiance with BD-Java as HD-DVD does with HDi. And I have admonised the BD group for the lack of maturity in their players as concerned with BD-Java. Hence the reason I purchased a PS3 -- the only BD player I know that has all the hardware to be fully BD-Live compliant right now.

And while I am at it the cat is out of the bag -- M$ is off the hook for the $150 mil as it was Toshiba who purchased the exclusivity of both Paramount and Dreamworks. We will see if it makes any impact at all in discs sales because quite frankly -- it is discs sales that a studio counts - not player sales.

 

[teachsac]

I don't think we will see BD-J in action by this Christmas. All players currently announced are not and will not be 1.1 compliant. The only exception to this could be the PS3 and there have been no guarantees on this one either. The only announced player that was supposed to be out this year is the Denon and it is being delayed until sometime in 2008. We'll have to see what everyone is saying at CEDIA next week.

It is a catch 22 when it comes to disc sales. You have to have players in the home for people to buy disks. BD and Sony were counting heavily on the PS3 to tide things over until the specs come around. While the PS3 has increased total disk sales to date to 3:2 and around 2:1 for the year, sales are no where near what Sony and BD expected. You said it yourself back in December or so when the HD-DVD add on came out. A game machine will not win this "war". Warner said the same thing a month or so ago. Dedicated players are what they are looking at to win.

S~

 

[diogen]

AES-128 is only approved by the NSA for secret information. Top secret requires 192 or 256 at this time.

There is nothing preventing you from employing 1024 bit length keys, using the Open Source PGP implementation, for example.
Since Phil Zimmerman (PGP creator) high security encryption is not rocket science anymore - period. It is just science.
NSA, if I'm not mistaken, uses ECC (elliptic curve cryptography) for secure communication up to a certain level (also key based but not the same as AES).
Nobody knows what is used higher.

...there is probably some secret theories that could lead to significantly reducing the computation down...

I don't really believe in this theory but there is certainly no factual information to refute it.

Diogen.

 

[diogen]

And while I am at it the cat is out of the bag -- M$ is off the hook for the $150 mil as it was Toshiba who purchased the exclusivity of both Paramount and Dreamworks.

Because Blu Shill Bill Hunt says so, right? I wouldn't be surprised if he is wrong again.
I guess, the ego cacophony volume finally toned down and he heard his lawyers' advice to shut the f*ck up...

The first time I really wish Microsoft would have sued...

Diogen.

 

[John Kotches]

That remains the only unanswered question.
It would be nice to have the equivalent of the Abel's impossibility theorem in cryptography: no shortcuts in the search of keys.
But - no such luck. Hence, a method could be derived tomorrow to calculate encryption keys in a matter of seconds.
But I don't believe in that. Something like this would have to be developed in the academic world, and those guys don't keep secrets...

"Never assume malice when stupidity will suffice."

Diogen.

What about the quantum super computers? 15 years ago; they were 10 years away. 10 years ago they were 10 years away. 5 years ago... You get the picture But there is no impossibility theorem and our computing power is growing very quickly.

Are we to the point where AES-40 can be brute force cracked in real time? I would think we're pretty close by now.

When using brute force means for cracking the assumption made is that all possible keys must be tested to find the correct key. Is this truly the case? or do you just have to find the right key? That could be on iteration 1 or iteration n

This is fun discussion -- although I'm not sure how many other people are enjoying it.

Cheers,

 

[John Kotches]

Diogen:

Would the advanced keys have to be developed in academia? NSA has some pretty smarty cryppies there

 

[John Kotches]

John, I have said many times that the HD-DVD format came out pretty much mature and that the BD format has been playing catch-up. And yes I am talking about the future -- the immeadiate future as in this XMAS. I hope we all make it. At that time we will be able to see if BD can deliver the same experiance with BD-Java as HD-DVD does with HDi. And I have admonised the BD group for the lack of maturity in their players as concerned with BD-Java. Hence the reason I purchased a PS3 -- the only BD player I know that has all the hardware to be fully BD-Live compliant right now.

There will be no BDj compliant players available this Christmas; 18 months after the formats launch.

And while I am at it the cat is out of the bag -- M$ is off the hook for the $150 mil as it was Toshiba who purchased the exclusivity of both Paramount and Dreamworks. We will see if it makes any impact at all in discs sales because quite frankly -- it is discs sales that a studio counts - not player sales.

From a source notorious for playing fast and loose with the facts. Time will tell.

 

[John Kotches]

navychop:

Just a couple of quick replies...

The intent of any cryptosystem is twofold; either make it too expensive in compute resources as to be financially unviable or too long in time to decrypt that the content payload has lost its value.

With respect to AACS -- I haven't seen a raw cryptanalysis of it. You don't need a supercomputer to come up with an algorithm and encrypt very long keys. Given the lead time (not really long in the grand scheme of things) and the fact that the payload has to be decrypted in real time it isn't going to be anywhere near a beast of an encryption/decryption algorithm.

Cheers,

 

[John Kotches]

navychop:

As an aside; OC-1/T3 isn't that fast anymore. My new office has redundant OC-12. Now all I have to do is find a way to start downloading anything and everything at my office without getting in trouble

> 10x realtime speeds? What is that 10 minutes / 2 hour movie or less? That's almost real bandwidth. Me, I'm waiting for OC-192 to come to my office so I can download the movie in 1 minute

Just kidding although the thought of that much bandwidth is truly eye opening.

Cheers,

 

[diogen]

What about the quantum super computers? 15 years ago; they were 10 years away. 10 years ago they were 10 years away. 5 years ago...

I don't think we'll live that long...

When using brute force means for cracking the assumption made is that all possible keys must be tested to find the correct key. Is this truly the case?

Yes, it is.

or do you just have to find the right key? That could be on iteration 1 or iteration n...

You can't bank on being lucky . At least not in breaking a cipher.
"God does not play dice". ---- Albert Einstein.

Would the advanced keys have to be developed in academia? NSA has some pretty smarty cryppies there

They do ("Good Will Hunting")
But having been in academia for over 20 years (not in North America), I don't believe is secret genuises...

A couple years ago IBM offered a model of practically unbreakable secure communication: have a stationary satellite stream non-stop random numbers. Two parties decide on the exact timing when the communication will start to identify the first number in this stream that will be used for encryption/decryption. A "middleman" doesn't know when it starts, when it ends, what cipher is used, what is the message and what the "stuffing", etc.

I believe something like this will be implemented well before brute-forcing AES is feaseble. But this is not applicable for anything but communication...

Diogen.

 

[John Kotches]

You can't bank on being lucky . At least not in breaking a cipher.

Plan for the worst case; and if it comes in ahead of time its good news.

"God does not play dice". ---- Albert Einstein.

This quote is always taken out of context. It is a direct reference to the bizarre nature of Quantum interactions and the indeterminancy of events. Einstein was quite a deterministic fellow. As it turns out; Einstein was wrong about this -- but it's about the only thing he was wrong about.

Why Einstein stepped away from the whole quantum concept of the small scale universe when he helped build the principles and won his Nobel prize on the topic is a mystery to me.

But having been in academia for over 20 years (not in North America), I don't believe is secret genuises...

Secret is a relative term. There's secret by obscurity and truly unknown types. The latter is the part I believe you're referring to.

A couple years ago IBM offered a model of practically unbreakable secure communication: have a stationary satellite stream non-stop random numbers. Two parties decide on the exact timing when the communication will start to identify the first number in this stream that will be used for encryption/decryption. A "middleman" doesn't know when it starts, when it ends, what cipher is used, what is the message and what the "stuffing", etc.

This gets a tad tricky. How do you secure the timing to the appropriate degree of accuracy? Not impossible; just tricky.

I believe something like this will be implemented well before brute-forcing AES is feaseble. But this is not applicable for anything but communication...

What level of AES

 

[diogen]

This quote is always taken out of context.

Yes, it is.

This gets a tad tricky. How do you secure the timing to the appropriate degree of accuracy? Not impossible; just tricky.

Those are technicalities that are easy to overcome even today...

Diogen.

 

[navychop]

Hence the reason I purchased a PS3 -- the only BD player I know that has all the hardware to be fully BD-Live compliant right now.

But the PS3 doesn't have enough memory to technically be -live compliant, right? And PiP isn't assured, is it?


"What about the quantum super computers? 15 years ago; they were 10 years away. 10 years ago they were 10 years away. 5 years ago..."

Commercial fusion reactors are 30 years away from commercial viability and have been for the last 50 years.


BTW, IIRC, the decoding we are discussing in fact only required that "half plus 1" of the possibilities be examined/decoded, on average, for an infinite number of problems in which the correct answer is determinable (e.g.- language, sentences, etc). All would have to be examined/decoded when, for example, a string of numbers was the object being decoded. Then other concerns enter as well. Determining you have the correct result is not trivial.


I suggest we pursue no further the comments about continuous transmission and random numbers.

 

[John Kotches]

Hence the reason I purchased a PS3 -- the only BD player I know that has all the hardware to be fully BD-Live compliant right now.

But the PS3 doesn't have enough memory to technically be -live compliant, right? And PiP isn't assured, is it?

Correct. It only has 256MB but the spec for BD-Live is 1GB.

I suggest we pursue no further the comments about continuous transmission and random numbers.

Worried about the black helicopters?

 

[meStevo]

This thread makes my head hurt.