They've released a draft of the specification for the copyprotection scheme for HD-DVDs. It's called "AACS", and "they", the people involved, are some pretty big names: Intel, IBM, Microsoft, Sony, Toshiba, Disney, Warner Brothers, etc. You can read the technical overview, introduction, and a few other documents. Note that if you don't use the links I've provided above, you may need to click through an NDA (and of course, they may break the above links at any time).

First, here's a quick primer on public cryptography. A "key" is aptly named because it allows you to unlock data. In public cryptography, though, keys usually come in pairs. If you use key A to encrypt data, then you need to use key B to unencrypt (or unlock) it. And if someone uses key B to encrypt it, only key A can unencrypt it (meaning B can't unencrypt it in this latter case). Usually you'll keep one key secret (for example A) and make another key public (for example B). The benefit of this is you can "sign" your documents. Since you're the only one who has key A, only you can lock data using key A. And people can check that data has been locked by key A. How? By unlocking it with key B. If key B "fits" (i.e. if it is able to decrypt the data), then it must have been key A that locked it (meaning it musth ave been you that locked it). If the key doesn't fit, it wasn't key A that locked it, so it must be someone masquerading as you. Also, you anyone can send you encrypted data now. Anyway can write you a letter, and lock it with key B (which is made public), and only you can unlock it, because only ou have key A.

Now the documents above are fairly technical, and I only skimmed through them, so I might have gotten some details wrong, but here's the basic gist of it.

AACS seems to use a variation on the key pair idea. There's one Media Key Base (or MKB) which is made publically known, and then there's multiple Device Keys which are kept private. Each DK is different, but all of them are the "reverse" of the MKB, meaning if someone locks data with one of the DK (doesn't matter which one), the MKB can unlock it. And if someone locks data with the MKB, then any DK can unlock it. However, the MKB is tailored for a specific set of DK. So if Sony and Hitachi both have their own secret DK, then the MKB can unlock data from both of them. Then, if Mitsubishi wants to join it, they'd have to make a new MKB to support all 3 DKs. Similarly, if Hitachi wants to leave (or, if they want to force Hitachi to leave), they can change the MKB so that Hitachi's DK doesn't work anymore, and the MKB only supports the remaining 2 DKs.

Now on each HD-DVD, yet another key is used, the Media Key. Disney makes Aladdin 4, and encrypts it so that the Media Key can unlock it. Then, they place the MK onto the HD-DVD, but then encrypt the MK itself using the MKB. Now, when you put Aladdin 4 into your Hitachi drive, the hitachi drive uses its DK (which, remember, is the reverse of the MKB) to get the MK. Then it uses the MK to decrypt the actual movie and watch it.

The HD-DVD drive is specially designed so that you can't fast forward over commercials, or rip the movie onto your harddrive, or anything else Disney doesn't want you to do. Now let's say a clever hacker manages to figure out how to bypass all of this so she can rip, fast forward, and essentially do whatever they want. Let's say, furthermore, that she performed all these hacks using Hitachi's drive. All they have to do is change the MKB so that Hitachi's DK doesn't unlock the data anymore. Now the hacker's HD-DVD player won't be able to play any new movies using the new MKB (though it should still work on all the movies released using the old MKB). The problem with that, though, is that everyone's Hitachi drive won't work anymore. So everyone has to buy a new HD-DVD drive.

Now it's in Hitachi's best interest to make their HD-DVD drives as difficult to hack as possible, or else the central head of AACS, the "AACS LA", can render the DKs useless as soon as a hack for Hitachi drives come out. Previously, it was DVD drive maker's best interest to make the drives as hackable as possible, because given the choice, the consumer would want to buy the DVD drive that lets you fast forward through commercial versus the drive that didn't.

Hitachi isn't nescessarily shit out of luck though. They can claim that it wasn't their fault, get a new DK, and make new HD-DVD drives. They might sell these new HD-DVD drives, or they might offer to replace the old (disabled and useless) drives for free, depending on how generous Hitachi is feeling.

In fact, Zagar has a theory that the content creators (e.g. Disney) and and the device makers (e.g. Hitachi) might use AACS to profit together.

The real kicker is that the AACS Licensing Authority can change those media keys at any time. They don't have to wait for a Jon Johansen to write DeCSS. They can do it any time they want, for any reason whatsoever. For example, they could decide to revoke a media key whenever sales go flat and blame it all on the "piracy" problem.

This is an excellent method for stimulating sales, because once they revoke that media key you won't be able to watch the latest releases on your old HD-DVD player. Now you'll have to go buy a new HD-DVD player. Just remember, don't go buying it on eBay... You'll have to buy a brand-new one because ALL the old players on eBay will have the same revoked keys that yours does.

And how many of you think you'll be able to watch your old HD-DVD movies (you know, the ones with the revoked media keys) on a new HD-DVD player? I'm betting you won't be able to... Why? Because it'd improve Hollywoods' bottom-line if you have to go out and buy new copies of all the movies in your library.

It's in the interests of both the consumer electronics manufacturers, and Hollywood, to revoke these media keys as often as the market will bear... This is the easiest way for both industries to maximize their profits.

There's a few posts on Slashdot about "bad things" that will result from this too (both of them are from "Anonymous Cowards" though).

Well, what happens to the customers that have a player-model that gets, by no fault of themselves, revoked. Are they reembursed (getting (part of) their money back), or are they just left with a piece of worthless, but costly junk?

Even worse: you have no way of knowing if the player you are going to buy is on the list of players shortly-to-be-revoked, or worse yet : allready revoked.

If they can revoke keys, then we can DoS the keyspace. There's no need to crack any crypto. All we gotta do is trick them into deprecating keys.

This later idea is interesting, but probably not feasible. What the poster is saying is that if we just keep hacking devices, eventually the AACS LA is going to run out of unused DKs, and no one will be able to view any HD-DVDs ever. However, all the keys are 128 bits, which means there are 3.40282367 × 10³⁸ possible keys. First of all, it takes time to hack a device, and then for the device maker to find out it's been hacked, and then to get a new DK, and then to ship new HD-DVD players with that new DK, and then for you to buy the new HD-DVD player to start hacking again. But even if the entire process I described above takes only 1 second, that's 3.40282367 × 10³⁸ seconds or 1.07831278 × 10³¹ years. And then that means you have to actually BUY HD-DVD players. If the makers collectively sold 3.40282367 × 10³⁸ players, even at a profit of 1 cent per player, I bet they'd retire happy. Finally, let's say instead of the whole process taking 1.07831278 × 10³¹ years, it takes 20 years. The AACS LA can, in 20 years, release AACS2, which is the same thing, but using a 1024 bit key this time instead of 128 bit.

Update: Slashdotter Siener points out:

You don't need to DoS the whole keyspace, or even any significant fraction of it. You only need to DoS the keys that are actually in use. Imagine there are 100 different models of DVD player on the market. You just get those 100 keys revoked and suddenly no-one can watch any DVDs.