I was not aware of anyone having done that, so I did.
BackupHDDVD is a tool to decrypt a AACS protected movie that you own, so you can play it back later using
an HDDVD player software.
This is the first version, and it's not very stable yet.
This software don't provide any cryptographic keys, so you have to add your own keys.
Please read the FAQ before asking me any questions.
Merry Christmas everyone!
Further commentary from the SH/SC forum:
Well that's the same way CSS was cracked (Thanks Xing!), but since he doesn't provide any information about how to get the title keys then all we have here is a reference AACS decoder implementation. Nice, but not useful. I don't know enough about AACS to know whether or not compromising the "volume unique key" is enough to break the whole format or if the key revocation list system is robust enough to survive a break of this magnitude.
It *is* enough, as it turns out. Each title will have a title key. Those title keys are NOT revocable, though they can be changed by re-encrypting the movie and making a new 'glass master' for the pressing factory.
However, in order to get the title key, a player must have a 'player key'. Those are revocable, so a revoked player key won't work on movies produced after it was revoked, as they cannot be used to decrypt the title key.
But so what? You can simply 'break' a player key, not tell anyone which was broken, and then send out title keys instead. The resultant tile key doesn't reveal which players key was used, so if the player key used is kept secret, it cannot be easily revoked. The title keys are very short, and easily distributed. Once a title key is out, no matter what, that movie can be decrypted for whatever purpose.
I suspect a title key 'scene' will appear, that will have crackers who pull keys out of software, off the firmware in players, or have contacts in china who pull them right off the pressing line for the disks.
These title keys will be trivial to distribute, and people can then use them as they see fit.
"There is no "taboo" on using nuclear weapons." -Julhelm
What is Project Zohar? "On a serious note (well not really) I did sometimes jump in and rate nBSG episodes a '5' before the episode even aired or I saw it."- RogueIce explaining that episode ratings on SDN tv show threads are bunk
To quote Dr. Felten, leader of the Princeton team which broke the RIAA's SDMI challenge:
Q. What if SDMI uses your results, and those of others, to develop a more secure or unbeatable system?
We believe their general security model is inherently vulnerable to a number of attacks no matter how sophisticated their watermarking technologies become. We can never say for certain, but we are confident that we can continue to develop attacks like we have if SDMI updates their technologies.
This is essentially the situation of the "trusted" client in a hostile environment, a common problem in piracy prevention. Basically, an anti-piracy measure is enforced by a device or computer program belonging to an adversary who wishes to circumvent it, and who can take apart and analyze it. Such measures are usually quickly circumvented, and many attacks exist that involve the exploitation of the device itself.
That was copy protection for music, but the more things change, the more they remain the same.
ø¤ º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸¸,ø¤º°`°º¤ø,¸¸,ø
Quidquid latine dictum sit, altum viditur.
(Whatever is said in Latin sounds profound.)
I like Celine Dion myself. Her ballads alone....they make me go all teary-eyed and shit.
- Havok
CaptainChewbacca wrote:How was the encryption supposed to work? I'm afraid I don't speak 'code cracker' so if someone could nerd this down a bit, I'd appreciate it.
Basically, each film would be encrypted, so that viewing the data would make it look scrambled unless you had the 'key'; the string of data which decryption technology uses to unscramble the data.
When you pop the disc in and run it, the software looks for an approved 'key' on the player; basically, a tag proving this physical device is allowed to play this media. When this is confirmed, it sends the player it's own 'key', which is then used to decrypt the content, and thus play the film.
Manic Progressive: A liberal who violently swings from anger at politicos to despondency over them.
Out Of Context theatre: Ron Paul has repeatedly said he's not a racist. - Destructinator XIII on why Ron Paul isn't racist.
I think the designers of the system were banking on the ability to revoke keys in order to prevent a repeat of the DeCSS fiasco. But that scheme was never well thought-out. If you revoke player keys, that doesn't do anything about existing movies already on the market. It only affects future releases. And if someone stole a key that is used in commercial players, then you would render a lot of commercial players useless for future movies if you revoke their keys. That will anger consumers to no end, and hurt the viability of the entire format.
Can you imagine Joe Sixpack calling up Sony tech support to find out why new movies won't play on his player, and getting told that he needs to buy a new player because his old player has some kind of "key" which has been revoked?
"It's not evil for God to do it. Or for someone to do it at God's command."- Jonathan Boyd on baby-killing
"you guys are fascinated with the use of those "rules of logic" to the extent that you don't really want to discussus anything."- GC
"I do not believe Russian Roulette is a stupid act" - Embracer of Darkness
"Viagra commercials appear to save lives" - tharkûn on US health care.
You'd probably laugh at this ordinarily, but there was talk of some big tech companies going down that line whereby thousands of units could instantly be made useless by key revocation should a key be leaked or cracked. The thinking goes that a few thousand useless players isn't as bad as millions of players playing "illegal" movies (this could mean simply using a disc outside your "Region").
Quite how this would let any company survive, I don't know. But it would seem to me that the antiquated copyright laws and DRM are causing far more harm to society than they're worth. I'd also think pouring this much money into systems getting beaten within months is a losing game too. No matter what the music industry does, the community can adapt to it like a superbug in no time at all, so why bother anymore?
Mind you, looking at the RIAA, it seems they have the patience of saints and the coffers of drug barons.
So, their system for dealing with piracy is by potentially rendering thousands of players unable to play new movies... and thus forcing the owners to buy pirated versions that have the copy protect crap already stripped off.
