StarDestroyer.Net BBS

muslix64 from the doom9 forums wrote:Hi everyone.

I was not aware of anyone having done that, so I did.
BackupHDDVD is a tool to decrypt a AACS protected movie that you own, so you can play it back later using
an HDDVD player software.

This is the first version, and it's not very stable yet.

This software don't provide any cryptographic keys, so you have to add your own keys.

Watch:

http://www.youtube.com/watch?v=_oZGYb92isE

Executable and source code:
http://rapidshare.com/files/8318838/...HDDVD.zip.html

Please read the FAQ before asking me any questions.

Merry Christmas everyone!

Well that's the same way CSS was cracked (Thanks Xing!), but since he doesn't provide any information about how to get the title keys then all we have here is a reference AACS decoder implementation. Nice, but not useful. I don't know enough about AACS to know whether or not compromising the "volume unique key" is enough to break the whole format or if the key revocation list system is robust enough to survive a break of this magnitude.

It *is* enough, as it turns out. Each title will have a title key. Those title keys are NOT revocable, though they can be changed by re-encrypting the movie and making a new 'glass master' for the pressing factory.

However, in order to get the title key, a player must have a 'player key'. Those are revocable, so a revoked player key won't work on movies produced after it was revoked, as they cannot be used to decrypt the title key.

But so what? You can simply 'break' a player key, not tell anyone which was broken, and then send out title keys instead. The resultant tile key doesn't reveal which players key was used, so if the player key used is kept secret, it cannot be easily revoked. The title keys are very short, and easily distributed. Once a title key is out, no matter what, that movie can be decrypted for whatever purpose.

I suspect a title key 'scene' will appear, that will have crackers who pull keys out of software, off the firmware in players, or have contacts in china who pull them right off the pressing line for the disks.

These title keys will be trivial to distribute, and people can then use them as they see fit.

Q. What if SDMI uses your results, and those of others, to develop a more secure or unbeatable system?

We believe their general security model is inherently vulnerable to a number of attacks no matter how sophisticated their watermarking technologies become. We can never say for certain, but we are confident that we can continue to develop attacks like we have if SDMI updates their technologies.

This is essentially the situation of the "trusted" client in a hostile environment, a common problem in piracy prevention. Basically, an anti-piracy measure is enforced by a device or computer program belonging to an adversary who wishes to circumvent it, and who can take apart and analyze it. Such measures are usually quickly circumvented, and many attacks exist that involve the exploitation of the device itself.

CaptainChewbacca wrote:How was the encryption supposed to work? I'm afraid I don't speak 'code cracker' so if someone could nerd this down a bit, I'd appreciate it.