CSS (Content Scrambling System) is an algorithm commonly used to encrypt DVD (Digital Versatile Disks). Although it is often described as a copyright protection system, in practice the primary use of CSS is to enforce differential pricing between the U.S. and other "regions" in which DVD disks are sold. It also has the side effect of making it very difficult to provide a free software DVD player (e.g. for use in Linux and other open-source operating systems).

The CSS algorithm was recently reverse-engineered. (This is often reported as having been done by decompiling a software DVD player called Xing. Actually it was done first by persons unknown, not necessarily using the Xing player; a secret key was then obtained from Xing to complete the attack.) Because the algorithm was extremely weak, this made it easy to recover the keys used by other DVD players, breaking the entire system. The original intention had been that if a player was decompiled, the corresponding key would be omitted from the keys used to encrypt new DVDs; this idea failed spectacularly.

The decompilation of the Xing player was done by a group called MoRE (Masters of Reverse Engineering), who released a program called DeCSS to demonstrate the attack, and how this information could be used to write a DVD player. A member of this group, Norwegian student Jon Johansen, and his father have now been charged under Norwegian criminal laws for "forced entry and break-in", which effectively means that the cryptanalytic work and reverse-engineering done by MoRE is considered equivalent to burglary.

I am making the C++ source to DeCSS available here as a protest against this legal action, which was instigated by the MPAA (Motion Picture Association of America), and against attempts by the MPAA to prevent the distribution of DeCSS on the World Wide Web.

Most of the court documents for the case are available at John Young's Cryptome site (which also has a lot of other interesting information about the politics of cryptography). Here are articles by C-Net and LinuxWorld about the case.

The code: css.tar.gz or

David Hopwood

Best viewed with ANY browser Valid HTML 4.0!

On-line private communications - Golden Key campaign Free speech on-line - Blue Ribbon campaign Campaign for Unmetered Telecommunications in the UK