Gallery of CSS Descramblers (original) (raw)
Exhibit
Description
[Hoy filing](dvd-hoy-reply.htm#Exhibit B)
This is the source code for the CSS descrambling algorithm that was posted anonymously to the LiViD mailing list in October 1999. The C code was supposedly written by someone who disassembled a software DVD player to uncover the descrambling algorithm. It was this posting that led Frank Stevenson to conduct his analysis of the CSS encryption scheme.
The code was subsequently included in an unsealed (whoops!) [legal filing](dvd-hoy-reply.htm#Exhibit B) by John Hoy, president of the DVD-CCA, in the California trade secret lawsuit against Andrew McLaughlin and 92 other defendants. Guess it's not a trade secret anymore. More about thathere.
<css%5Fdescramble.c>
or
or
or
These are different C implementations of the descrambling algorithm. <css%5Fdescramble.c>, by Derek Fawcus, is part of the css-auth package, which is a component of LiViD, a Linux DVD player. It is interesting to compare this implementation with the anonymous C source code to see how they differ in strategy. Fawcus' version uses fewer tables, and unrolls one of the loops. Such a comparison is only possible by examining the source code. Yet another implemenation, with only a single table, was produced by Frank Stevenson, and is less than 2,000 characters long.
A group of computer scientists from the �cole Centrale Paris have produced an open source DVD player called Videolan; its decryption module ishere.
qrpff Perl code:
shorter
or
faster
Cotton version:
order the t-shirt
Two Perl implementations courtesy of MIT Student Information Processing Board members Keith Winstein and Marc Horowitz. The shorter one, qrpff, is 472 bytes (discounting newlines). The faster one, 531 bytes long, caches the permutation corresponding to CSStab1, and is actually fast enough to use to watch a movie. The program takes a five-byte title key on the command line (five decimal numbers in least to most-significant order, separated by colons) and an MPEG2 Program Stream VOB file on stdin, and outputs a decrypted version of the VOB file. Title keys can be obtained using VobDec. To play a movie whose title key is 0xcd302010fe, do:cat file.vob | perl -I 254:16:32:48:205 qrpff | extract_mpeg2 | mpeg2dec -
This work grew out of Keith's preparation for a 6-hour seminar on DVD decryptiontaught at MIT in Jan-Feb 2001. Suggestions for further shortening the code should be sent to sipb-iap-dvd@mit.edu. Recently featured in Wired,Slashdot,The Register, and ZDNet/ USA Today / MSNBC. And now you can order the t-shirt.
efdtt.c:
The tiniest known C implementation
ASCII art efdtt.c as a DVD logo
This tiniest known C implementation, now just 434 bytes (discounting newlines), is also plenty fast. It originated with Charles M. Hannum, who then shrunk it further, and got additional suggestions for shrinkage from Phil Carmody. Mr. Hannum writes: "on my Mac G4 cube (running NetBSD, not MacOS), it can descramble in excess of 15MB/s [better than 10 times maximum DVD bit rate], ... without even particularly trying to optimize the I/O. This makes it pretty insignificant compared to the rest of the decoding process." He performed these measurements using artificial data; he would of course be in violation of 17 USC 1201(a)(1) if he used the code to watch a movie he had lawfully purchased. Author interview; article in The Register.
Here's an ASCII art version of efdtt.c by Alex Bowley.
Anonymous
SML code
This is a translation of the Anonymous C source code into Standard ML, a functional programming language popular among theoretically-oriented computer scientists. Since the code is purely functional, the author of this translation, a Carnegie Mellon undergraduate, says: Coupled with the ML definition, it's no stretch to think of it as a mathematical formula rather than a "device". Are mathematical formulas still protected speech? The student is taking no chances; he's asked to remain anonymous.
and
Another mathematical description of the decryption algorithm, by Charles M. Hannum, who writes:"The mathematical description ... is very similar to how things like FFT algorithms are presented in journals. These are clearly scholarly works, and are vital to progress -- e.g. in the area of signal processing. And yet, even an average programmer can easily translate such a description directly into code."
Hannum's description inspired Ralph Loader to use the LEGO proof development system to generate a proof that any CSS-encrypted text can be decrypted. According to Loader: "a deep mathematical result called the Curry-Howard isomorphism ... relates mathematical proofs and computer programs. Applied to the theorem I proved, Curry-Howard states that any proof of that theorem is in fact a program implementing CSS. The theorem proving tool I used (LEGO) can actually run this program - albeit very inefficiently." Maybe theorem provers should be illegal too.
Merlin and Robby
explain Hannum's
decryption formula:
Javascript or
VBScript
These Javascript and VBScript routines use animated Microsoft Agents Merlin and Robby to explain Charles Hannum's CSS decryption formula to you. You must access these pages using Internet Explorer after having downloaded the agent software and character definitions from here. Maximize the browser window for best effect. Animation courtesy of anonymous contributor_anniepoo_. If you don't run Windows, just view the source files to see the dialog.
<css%5Fdescramble.scheme>
css_descramble.java
DiatriBe's Java code
css_descramble.js
css_descramble.php
<css-auth.pascal.zip>
or
descrambler written
in Brainfuck
This translation of css_descramble.c into the Scheme programming language was contributed by John R. Hall. Scheme is a variant of Lisp popular among academic computer scientists. Here is a Java versioncontributed by Gavin Hall, and another Java version by anonymous author DiatriBe. And here is a JavaScript version by Shlomi Fish and Chen Shapira of Hackers-IL, along with some HTML code to activate it. This PHP version, based on their work, was sent in by Tom Stepleton. And Bruce Christensensent in a Pascal translation of the css-auth routines.
An anonymous author contributed a CSS descrambler in pure lambda calculus, where even integers are represented as functions. Is this "code"? Or is it pure mathematics?
The same author also produced a descrambler written in Brainfuck, a Turing machine-like language with only eight operators. A truly minimalist description of the algorithm.
<page1.gif>
<page2.gif>
<page3.gif>
Screen dump of the CSS descrambling code.
This is not the source code; it's a_picture_ of the source code. These GIF files are not directly readable by a C compiler.
However, a human looking at these images could certainly type the C code into a text file. Or the files could perhaps be converted automatically, by an OCR program.
Are these page images considered an illegal "circumvention device" under the DMCA? Or, since they're not executable, are they protected speech?
<new-language.txt>
Here is an implementation of the descrambling algorithm in a new programming language for which no compiler currently exists. This language, similar to C, was invented by Dave Touretzky. Since the code in this form is not executable, it is presumably protected speech. But if someone writes a compiler for this language, would Dave Touretzky then become liable for trafficking in a circumvention device under section 1201 of the DMCA?
<plain-english.html>
A description of the descrambling algorithm in plain English, written by Dave Touretzky. This description is not machine readable, but it can easily be translated into C code by a knowledgeable C programmer. It could not be translated by a non-programmer, or a machine. Is it therefore protected speech?
If natural language processing technology advances to the point that a machine could translate this English text into executable code, could the text then be suppressed under the DMCA?
and
In October, 2000, Omri Schwarz released Perl scriptsfor automatically translating C to English, and English back to C. Here is the English version of css-auth.c that it produces, called css-auth.eng.
Another C-to-English-to-C tool, called BabelBuster, has been released by Jonathan M. Baccash of Princeton University in April, 2001. This work was Jonathan's senior thesis. Here is his version of css-auth in English.
<english-and-c.html>
Another version of the descrambling algorithm in plain English, but this time each line is annotated with the equivalent statement written in the C language. This description is not directly machine readable because the C code is interspersed with English text and HTML formatting instructions. But the C code can easily be extracted from the document, and this requires less skill than translating the English into C. Can this text document therefore be suppressed under the DMCA?
<decss-haiku.txt>
DeCSS Haiku: this ingenious poem by Seth Schoen is both a commentary on the DeCSS situation and a correct and complete description of the descrambling algorithm. Truly inspired.(Original version February 12, 2001, published anonymously; minor revisions sent by author on February 23.) You can read about the poem in this Wall Street Journal article, or read Seth's own account of its history now that he's dropped anonoymity.
This is an analysis of the CSS algorithm by Frank Stevenson, along with a description of various attacks on the encryption scheme. Please see our Frank Stevenson archive for more documents and program examples.
And here is a more accessible tutorial on CSS by Gregory Kesden. Should these lecture notes, taken from a course taught at Carnegie Mellon University, be declared illegal? What about this case study on CSS by Jason Cherry?
DeCSS T-shirt
or
qrpff t-shirt
from CopyLeft
qrpff tie
from
The Digital Group
The source code for css_descramble.c was available on the back of this t-shirt from CopyLeft. (Don't try ordering from them now.) Copyleft was suedfor their trouble. Also offered: "I am a circumvention device" t-shirtwith the qrpff Perl code on the front.
The Digital Goroup was offering thisqrpff tie, with the Perl decryption code. Click herefor a close-up view.
Are sales of these clothing items banned under the DMCA?
Would merely wearing one of these in public constitute "trafficking in a circumvention device" as defined in section 1201 of the DMCA?
or
or
Code as music:
Schrepfer
Castleman
A dramatic reading of the file css_descramble.c, read by Xader Vartec. This is a 3.5Mbyte MP3 file; it runs 7 minutes and 20 seconds.
Joe Wecker of the band Don't Eat Pete recorded a musical version of my "plain English" rendition of the source code, with musical accompaniment. This is a 7.2Mbyte MP3 file that runs 7 minutes 28 seconds. Transcriptcourtesy of Keith Dawson of tbtf.com. Shane Killian later did a hilarious square dance version. Both songs have been banned from MP3.com. Are these kinds of "artistic performances" covered by Judge Kaplan's injunction?
Jeff Schrepfer turned the code directly into music, as a MIDI file. The file was created by starting with the source code and "removing all the white space, then transforming each ASCII character into a single 32nd note of its midi equivalent (midi notes, like ASCII characters, are coded into values ranging from 1 to 127.)" Mike Castleman improved on this by encoding whitespace and newlines in the note lengths.
A CD called Circumvention Device offers "an MP3 compilation of sound artists and musicians from around the world using the css_descramble.c source code as an artistic element in their work," courtesy of Chicago-based art and technology center Deadtech. Tracks may also be downloaded directly from the web site.
and
Left: DeCSS The Movie, by Samuel Hocevar and friends. Watch the code scroll by in a Star Wars-like MPEG animation. This is method #40 in Hocevar's list of 42 ways to distribute DeCSS. Right: Stairs of Freedom, by Anders Sandberg, another DeCSS animation.
DVD logo
in css-auth source
This DVD logo formed out of the characters in the css-auth source was generated by someone using the MosASCII tool created by Robert DeFusco. The intensity changes are accomplished by changing the font color every few characters.
To view the entire source, click on "Select All" from your browser's Edit menu.
Circuit implementation
in Verilog,
with pictures
Highly optimized implementation
(very few gates)
Verilog is a hardware description language. Here is the Verilog source for an actual circumvention device, contributed by anonymous author DAH, who writes: "not only can a human read the source, and a simulator interpret it, but with other quasi-pushbutton tools you could configure an FPGA (or fab an ASIC) with it. The README.txt explains more." This is not a device; it's just a description of a device. Should it be illegal to distribute this circuit description? Here's another Verilog implementation by an anonymous author.
Tony Bybell contributed a highly optimized Verilog implementation based on the mathematical formulation of the decryption algorithm by Charles Hannum.
Someone sent me a Yahoo electronic greeting card with the source code for css_descramble.c as the message (plus a two-for-one coupon for a Slurpee). Yahoo greeting cards expire after 60 days, so this file would have been good through the end of October, 2000, but Yahoo pulled it on September 13 after the Salon article referenced it.
2001 Onteora High School yearbook
Erik Michaels-Ober included a piece of the css-auth source in his 2001 Onteora High School yearbook entry, along with a quote from Thomas Jefferson: "The people are the only sure reliance for preservation of our liberty." What's remarkable is that Erik didn't sneak the code into the yearbook; he explained his motivations and received official permission from the school to publish it.
The New York Times linked to 2600 magazine's list of DeCSS mirrors in a CyberLaw Journal column published on April 28, 2000. Such a link may be illegal according to Judge Kaplan's ruling, although this affidavit by Richard J. Meislin, editor in chief of New York Times Digital, says it is "sound and appropriate journalism".
Visit our Steganography Wing to see many additional creative ways to encode the source for the decryption algorithm, including as a prime number.