The DVD Content Scrambling System Explained (Part 3)
In this third part of the "DVD Content Scrambling System Explained" series, we'll examine how the pseudo-random byte generator works. This generator is an essential part of the DVD CSS algorithm and must be examined in detail to understand how decryption is possible.
As was perviously observed, the content scrambling system involves three basic decryption functions: DA, DB, and DC. All three functions involve the same major building block seen in Figure 2. This component produces a stream of bytes that appear to be random, but are repeatable with the same initial seed (with the seed corresponding to the five byte key).
Figure 2: Content Scrambling System Pseudo-random Byte Generator
|Disk Key (DA)||-||-||Player Key|
|Title Key (DB)||-||Invert||Disk Key|
|Data (DC)||Invert||-||(Sector Key) XOR (Title Key)|
This seeding key is fed into two linear feedback shift registers (LFSRs) at the beginning of the process for decrypting a key or decrypting an entire sector. In the case of the 17 bit LFSR, two of the seed bytes are put in the lower 16 bits and a '1' is placed in the most significant bit. In the case of the 25 bit LFSR, two seed bytes are placed in the most significant 16 bits. The lower 9 bits are seeded with another key with its upper 5 bits shifted left and a '1' placed into the 4th bit. The 25 bit LFSR is depicted in Figure 4, with the 3 byte seed value seen in the top of the diagram.
After seeding the LFSRs, the bits are shifted right on each clock tick. The new most significant bit shifted in is comprised of a combination of the current contents of the shift register. In the case of the 25 bit LFSR, bits 0, 3, 4, and 14 go through an exclusive or function to produce the value that is fed back to the most significant bit. This value is also shifted into another shift register to produce an output byte. Much like the 25 bit LFSR, the 17 bit one uses the same logic however bits 0 and 14 go through the exclusive or function.
Figure 4: 25-bit Linear Feedback Shift Register Module
After the two LFSR modules have produced two output bytes, their results are optionally inverted, depending on the decryption mode. Then these bytes are summed with an 8-bit adder. A final resulting byte is produced, with its carry out bit being used as the carry in bit for it next sum. Now that a pseudo random byte has been created, it can be used in the key decryption and data decryption algorithms.
|< Prev.||Jump to Part 1, Part 2, Part 3, Part 4.||Next >|