The CSS (Conent Scrambling System) was designed by Toshiba and Matsushita Electric Industrial Co. in order to meet the demands of the motion picture companies to provide protection against unauthorized copying of their copyrighted material. Its mechanism consists of two parts: authentication and encryption.
¬ Authentication: restricts user access to the encryption keys needed for decryption, and to some of the actual data sectors of the disc. There are three keys on the disc: the authentication key and the disc key, which are located in the lead in, and the title key, which is located in the sector header. Starting with the authentication key, each key must be manipulated and checked before proceeding to the next. Each DVD decoder, whether hardware or software, has a unique 40-bit player key, which must be used to descramble the corresponding segment of the disc key, and the result is combined with the title key to unlock the movie for playback.
¬ Encryption: The actual method used for the encrypting utilizes the symmetric-key system, as described below.
A symmetric-key encryption system consists of three procedures: a key generator, an encryption function, and a decryption function.
¬ Key Generator: The user first runs the key generator to obtain a key. In a well-designed system, the key will look random to the user, that is, it will be indistinguishable from a key chosen uniformly at random from the set of all possible keys.
¬ Encryption Function: The user then runs the encryption function, using as input the cleartext object and the key. The result is the ciphertext object.
¬ Decryption Function: Subsequently, anyone who possesses both the ciphertext object and the key can feed them as input to the decryption function and obtain the cleartext object as output.