ADVANCED ACCESSADVANCED ACCESSCONTENT SYSTEM CONTENT SYSTEM

(AACS)(AACS)

AACS Status UpdatePresented to BDA CPG

November 7, 2013

Topics to be discussedTopics to be discussed

AACS StatusAACS StatusKey Generation Facility Key Generation Facility Reminder on Analog SunsetReminder on Analog SunsetCompliance TestingCompliance TestingEnforcement, Regulatory and Legislative ActivityEnforcement, Regulatory and Legislative ActivityContent Protection Improvements (Current)Content Protection Improvements (Current)Future Content Protection ImprovementsFuture Content Protection ImprovementsManaged CopyManaged CopyOtherOther

AACS Status OverviewAACS Status Overview

From AACS perspective, Blu-ray business continues From AACS perspective, Blu-ray business continues to grow – high key volumesto grow – high key volumes

AACS now has over 1000 licensees and growingAACS now has over 1000 licensees and growing Efforts continue to control costs in order to maintain Efforts continue to control costs in order to maintain

the fee levelsthe fee levels On schedule for sunrises and sunsetsOn schedule for sunrises and sunsets

Next sunset is analog outputs – Dec 31Next sunset is analog outputs – Dec 31stst

On line key order entry progressingOn line key order entry progressing Compliance testing for devices also proceedingCompliance testing for devices also proceeding Enforcement/Regulatory/Legislative activities Enforcement/Regulatory/Legislative activities

continue to take effortcontinue to take effort AACS is working on system improvements for current AACS is working on system improvements for current

and the future formats and the future formats

AACS Status – Key GenerationAACS Status – Key Generation

Step-by-step work on KGF upgrades for on-line key Step-by-step work on KGF upgrades for on-line key order entry continueorder entry continue

Being done in a careful manner so that the key space is Being done in a careful manner so that the key space is not contaminatednot contaminated

Upgrade in January completed – volume drivenUpgrade in January completed – volume driven Upgrade in June completed – new back end processing Upgrade in June completed – new back end processing

system in productionsystem in production Next upgrade planned for mid-December to eliminate Next upgrade planned for mid-December to eliminate

two manual steps (air gaps)two manual steps (air gaps) Website interface being used daily by AACS AdminWebsite interface being used daily by AACS Admin

Will need to develop interface for large replicators that have Will need to develop interface for large replicators that have automated key orders – this will be prioritized with work for automated key orders – this will be prioritized with work for content protection improvementscontent protection improvements

Reminder on Analog SunsetReminder on Analog Sunset

Three Important DatesThree Important DatesDecember 31, 2010 – Sunset for hi resolution December 31, 2010 – Sunset for hi resolution

analog outputs, except for existing modelsanalog outputs, except for existing modelsDecember 31, 2011 – Sunset for existing December 31, 2011 – Sunset for existing

modelsmodelsDecember 31, 2013 – Sunset for analog December 31, 2013 – Sunset for analog

outputs on all AACS compliant devicesoutputs on all AACS compliant devices

Please be sure to review the Adopter Please be sure to review the Adopter Agreement for exact wordingAgreement for exact wording

Device Compliance TestingDevice Compliance TestingActivity Activity Status or Anticipated End DateStatus or Anticipated End Date

ACE review of the ACE Agreement ACE review of the ACE Agreement Complete, Complete,

Beta test by potential ACE’s Beta test by potential ACE’s Complete Complete

Evaluate ACE beta test comments Evaluate ACE beta test comments Complete Complete

Notice to Adopters on anticipated Notice to Adopters on anticipated schedule and distribute Questionnaire schedule and distribute Questionnaire

CompleteComplete

Conduct training sessions for ACE’s Conduct training sessions for ACE’s CompleteComplete

Dry run site visit 1 and 2 with potential Dry run site visit 1 and 2 with potential ACEACE

CompleteComplete

ACE site visits being scheduledACE site visits being scheduled Complete by year endComplete by year end

Final ACE selection and approval Final ACE selection and approval After the site visitsAfter the site visits

Device Compliance TestingDevice Compliance Testing

Second dry run site visit completed last week – Second dry run site visit completed last week – test tools and documents are now validated and test tools and documents are now validated and completecomplete

Dry runs were conducted at potential ACE. As a Dry runs were conducted at potential ACE. As a result, that potential ACE is now qualifiedresult, that potential ACE is now qualified

ACE agreements are being finalizedACE agreements are being finalized Notice with schedule to be sent shortlyNotice with schedule to be sent shortly Compliance obligation will start no earlier than Compliance obligation will start no earlier than

JanuaryJanuary

EnforcementEnforcement, Regulatory and , Regulatory and LegislativeLegislative

SlysoftSlysoftTrial commenced on June 25Trial commenced on June 25 thth

Two AACS witnesses testifiedTwo AACS witnesses testifiedAACS counsel continues close contact with AACS counsel continues close contact with

Antiguan prosecutorsAntiguan prosecutorsWas continued until January due to illness of Was continued until January due to illness of

a key participanta key participant

Enforcement, Enforcement, RegulatoryRegulatory and and LegislativeLegislative

US Special 301 FilingUS Special 301 FilingUSTR Report in April 2013 recognized Antigua’s USTR Report in April 2013 recognized Antigua’s

failure to proceed with SlySoft trial as an issuefailure to proceed with SlySoft trial as an issue

USTR Notorious Markets filing done on Oct USTR Notorious Markets filing done on Oct 25th (requesting that four rogue software 25th (requesting that four rogue software distribution websites be placed on the distribution websites be placed on the Notorious Markets list)Notorious Markets list)

Enforcement, Enforcement, RegulatoryRegulatory and and LegislativeLegislative

New USTR request – related to the Caribbean New USTR request – related to the Caribbean Basin trade program agreement, AACS LA Basin trade program agreement, AACS LA comments filed November 1 (requesting that comments filed November 1 (requesting that Antigua and Barbuda be denied Caribbean Antigua and Barbuda be denied Caribbean Basin trade concessions due to the failure to Basin trade concessions due to the failure to provide “adequate and effective” IP rights provide “adequate and effective” IP rights protection based on the delay in investigation protection based on the delay in investigation and trial of SlySoft) and trial of SlySoft)

Enforcement, Enforcement, RegulatoryRegulatory and and LegislativeLegislative

FCC comments on closed caption rulemaking FCC comments on closed caption rulemaking filed November 4 (focused on requesting that filed November 4 (focused on requesting that the FCC not mandate that BD Players have the FCC not mandate that BD Players have analog outputs, which the FCC had proposed analog outputs, which the FCC had proposed as a possibility in Federal Register notice this as a possibility in Federal Register notice this past summer)past summer)

Enforcement, Regulatory and Enforcement, Regulatory and LegislativeLegislative

Legislative – Nothing new to reportLegislative – Nothing new to reportUSUS

US Congress absorbed in other mattersUS Congress absorbed in other mattersFranceFrance

Possible legislative as a result of the Possible legislative as a result of the VLC/HADOPI procedure – this is stretching VLC/HADOPI procedure – this is stretching out out

Australia – new administrationAustralia – new administration AACS retains two law firms that keep track of AACS retains two law firms that keep track of

legislative activity world widelegislative activity world wide

Content Protection ImprovementsContent Protection Improvements

Certification Testing Certification Testing Bus EncryptionBus Encryption Host Private Key TrackingHost Private Key Tracking Legal Actions and Market Legal Actions and Market

MonitoringMonitoring Cooperation with US Cooperation with US

AuthoritiesAuthorities Slysoft TrialSlysoft Trial Payment ProcessorsPayment Processors AvangateAvangate

Implementer with Implementer with repeated key lossesrepeated key losses

AACS Recordable AACS Recordable removalremoval

Audio WatermarkingAudio Watermarking BCM Guide (outreach)BCM Guide (outreach) MCM Guide (outreach)MCM Guide (outreach) Enhanced Key TrackingEnhanced Key Tracking Deployment of Unified Deployment of Unified

MKB’sMKB’s Key Discovery and Key Discovery and

Enhanced RevocationEnhanced RevocationPresented to BD CPG at June, 2012 MeetingPresented to BD CPG at June, 2012 Meeting

Status of Content Protection Status of Content Protection ImprovementsImprovements

Certification Testing – nearly complete Certification Testing – nearly complete Host Private Key Tracking – currently performed Host Private Key Tracking – currently performed

by founder personnelby founder personnel Legal Actions and Market Monitoring – on-goingLegal Actions and Market Monitoring – on-going Lobbying and Cooperation with US Authorities – Lobbying and Cooperation with US Authorities –

ongoingongoing Slysoft Trial – underwaySlysoft Trial – underway Payment Processors – Encouraging initial Payment Processors – Encouraging initial

assistance, less recent cooperation received; assistance, less recent cooperation received; further follow up planned further follow up planned

Avangate – some success and some Avangate – some success and some backsliding; further activity plannedbacksliding; further activity planned

Status of Content Protection Status of Content Protection ImprovementsImprovements

Implementer with repeated key losses – audits Implementer with repeated key losses – audits done and corrective action takendone and corrective action taken

AACS Recordable removal - completedAACS Recordable removal - completed Audio Watermarking – successful rolloutAudio Watermarking – successful rollout BCM Guide (outreach) – drafted, on hold BCM Guide (outreach) – drafted, on hold MCM Guide (outreach) – drafted, on holdMCM Guide (outreach) – drafted, on hold Enhanced Key Tracking – completed in Enhanced Key Tracking – completed in

December KGF updateDecember KGF update Key Discovery and Enhanced Revocation – Key Discovery and Enhanced Revocation –

completed in December KGF upgradecompleted in December KGF upgrade

Content Protection ImprovementsContent Protection ImprovementsBus encryptionBus encryption

Bus encryption makes it impossible Bus encryption makes it impossible for a ripper to rip a movie that is for a ripper to rip a movie that is protected with bus encryption, to be protected with bus encryption, to be played on a new bus-encryption-played on a new bus-encryption-capable drive, without revealing a capable drive, without revealing a compromised host certificate.compromised host certificate.

Some studios now encoding for bus Some studios now encoding for bus encryptionencryption

Outreach to other studios plannedOutreach to other studios planned

Content Protection ImprovementsContent Protection Improvements

Unified MKB (uMKBs, variants)Unified MKB (uMKBs, variants)

uMKBs are a cryptographic enhancement uMKBs are a cryptographic enhancement which allows AACS to determine the device which allows AACS to determine the device keys used based on pirate content itself.keys used based on pirate content itself.

Currently working on test discs to validate Currently working on test discs to validate that movie variations do not cause that movie variations do not cause playback issues in fielded playersplayback issues in fielded players

Content Protection ImprovementContent Protection Improvementas a result of CPIWGas a result of CPIWG

Three companies (Fox,Irdeto and IBM) Three companies (Fox,Irdeto and IBM) made an initial presentation to CPG-TF in made an initial presentation to CPG-TF in response to the BDA charter to improve response to the BDA charter to improve the content protection for Blu-raythe content protection for Blu-ray

This presentation included the concept of:This presentation included the concept of:Solution(s) internal to AACS, referred to as Solution(s) internal to AACS, referred to as

“Path A”“Path A”Solution(s) that involved AACS and BD+ Solution(s) that involved AACS and BD+

working jointlyworking jointly

AACS Path AAACS Path AProvides primarily forensic benefits with initial Provides primarily forensic benefits with initial

operational benefits operational benefits Path A provides the ability to determine the Path A provides the ability to determine the

device keys being used in a ripper, and device keys being used in a ripper, and makes it very difficult to hide those keys in a makes it very difficult to hide those keys in a server (anonymous attack).server (anonymous attack).

Specs will be confidential and released only Specs will be confidential and released only to the affected PC player manufacturers, to the affected PC player manufacturers, unlike other AACS specsunlike other AACS specs

Based on existing AACS IPBased on existing AACS IP

AACS Path A (continued)AACS Path A (continued)Path A will be optional for content companiesPath A will be optional for content companies

Only a few titles will need to be authored with the Only a few titles will need to be authored with the new cryptographic informationnew cryptographic information

Forensic benefits accrue to all content companiesForensic benefits accrue to all content companiesThe initial operational benefits will accrue only to The initial operational benefits will accrue only to

the titles authored with the cryptographic the titles authored with the cryptographic informationinformation

Benefits the whole Blu-ray ecosystem Benefits the whole Blu-ray ecosystem Requires KGF changes that will be started Requires KGF changes that will be started

after the current on-line work is finishedafter the current on-line work is finished

BD+/AACS Hybrid SolutionBD+/AACS Hybrid Solution

The 3C (Fox, Irdeto and IBM) and AACS The 3C (Fox, Irdeto and IBM) and AACS discussed several approaches to working discussed several approaches to working together to benefit both AACS and BD+together to benefit both AACS and BD+

3C preferred an approach that AACS 3C preferred an approach that AACS believes would have involved new legal believes would have involved new legal entities, cross licensing and uncertainty entities, cross licensing and uncertainty regarding the robustness rulesregarding the robustness rules

AACS has recently proposed a less AACS has recently proposed a less complicated alternate approachcomplicated alternate approach

Alternate AACS/BD+ ApproachAlternate AACS/BD+ Approach AACS believes this approach features many benefits of AACS believes this approach features many benefits of

the initial approachthe initial approach AACS has offered a new encryption value to BD+ to be AACS has offered a new encryption value to BD+ to be

used for forensic purposesused for forensic purposes Presentation materials provided to Fox, IrdetoPresentation materials provided to Fox, Irdeto Conference call meeting held to walk through and Conference call meeting held to walk through and

discuss possible approachdiscuss possible approach Work is continuingWork is continuing If accepted by BD+ in a timely manner, can be If accepted by BD+ in a timely manner, can be

implemented at the same time as the KGF changes implemented at the same time as the KGF changes made for the Path A approach at minimal cost and made for the Path A approach at minimal cost and schedule considerationsschedule considerations

In addition, sharing of forensic information is proposed In addition, sharing of forensic information is proposed and discussions are continuingand discussions are continuing

Future Format AACS Content Future Format AACS Content Protection DirectionProtection Direction

The 8 AACS Founders are committed to The 8 AACS Founders are committed to developing the content protection regime for the developing the content protection regime for the next generation BD format if and when that next generation BD format if and when that format is agreed upon, guided by the format is agreed upon, guided by the requirements of the BDA and the MovieLabs requirements of the BDA and the MovieLabs document. document.

AACS has begun work on the related technical AACS has begun work on the related technical and legal aspects, and expects to ramp up and legal aspects, and expects to ramp up activity significantly in the near future activity significantly in the near future (depending, in part, on the developments in, and (depending, in part, on the developments in, and direction from, the BDA)direction from, the BDA)

Future Format AACS Content Future Format AACS Content Protection DirectionProtection Direction

AACS would welcome a working AACS would welcome a working relationship or liaison with the BDArelationship or liaison with the BDA

AACS has also begun outreach to other AACS has also begun outreach to other companies in the Blu-ray ecosystemcompanies in the Blu-ray ecosystem

Managed Copy DirectionsManaged Copy Directions

Functionally complete MCAS server – Functionally complete MCAS server – successful third party security assessment successful third party security assessment completedcompleted

Functionally complete User Interface for Functionally complete User Interface for Content Owners and AACS AdministratorsContent Owners and AACS Administrators

Press Reports of “Digital Bridge” Press Reports of “Digital Bridge” discussions in BDAdiscussions in BDA

AACS interested in and stands ready to AACS interested in and stands ready to work with BDA on any future requirementswork with BDA on any future requirements

OtherOther

DiscussionDiscussionQuestionsQuestions

And, Thank YouContact at admin@aacsla.comOr Don at leakede@us.ibm.com