The movie industry wants to protect digital content distributed on
DVD’s. We develop a variant of a method used to protect Blu-ray disks called
AACS.
Suppose there are at most a total of
DVD players in the
world (e.g.
). We view these
players as the leaves
of a binary tree of height
. Each node in this binary
tree contains an AES key
. These keys are kept secret from
consumers and are fixed for all time. At manufacturing time each DVD
player is assigned a serial number
. Consider the
set of nodes
along the path from the root to leaf number
in the binary tree. The manufacturer of the DVD player embeds in
player number
the keys associated with the nodes in the
set
. A DVD movie
is encrypted as
where
is a random AES key called a content-key and
is the key
associated with the root of the tree. Since all DVD players have the
key
all players can decrypt the movie
. We
refer to
as the header and
as the
body. In what follows the DVD header may contain multiple ciphertexts
where each ciphertext is the encryption of the content-key
under
some key
in the binary tree.
Suppose the keys embedded in DVD player number
are exposed
by hackers and published on the Internet. In this problem we show that when the movie industry distributes a new
DVD movie, they can encrypt the contents of the DVD using a slightly
larger header (containing about
keys) so that all DVD
players, except for player number
, can decrypt the movie. In
effect, the movie industry disables player number
without
affecting other players.
As shown below, consider a tree with
leaves. Suppose the leaf node labeled 25 corresponds to an exposed DVD
player key. Check the set of keys below under which to encrypt the key
so that
every player other
than player 25 can decrypt the DVD. Only four keys are needed.