HD-DVD and Blu-Ray Processing Keys Cracked.

GEC: Discuss gaming, computers and electronics and venture into the bizarre world of STGODs.

Moderator: Thanas

Post Reply
User avatar
Arrow
Jedi Council Member
Posts: 2283
Joined: 2003-01-12 09:14pm

HD-DVD and Blu-Ray Processing Keys Cracked.

Post by Arrow »

Article
Tuesday, February 13, 2007
Blu-Ray AND HD-DVD broken - processing keys extracted

Arnezami, a hacker on the Doom9 forum, has published a crack for extracting the "processing key" from a high-def DVD player. This key can be used to gain access to every single Blu-Ray and HD-DVD disc.

Previously, another Doom9 user called Muslix64 had broken both Blu-Ray and HD-DVD by extracting the "volume keys" for each disc, a cumbersome process. This break builds on Muslix64's work but extends it -- now you can break all AACS-locked discs.

AACS took years to develop, and it has been broken in weeks. The developers spent billions, the hackers spent pennies.

For DRM to work, it has to be airtight. There can't be a single mistake. It's like a balloon that pops with the first prick. That means that every single product from every single vendor has to perfectly hide their keys, perfectly implement their code. There can't be a single way to get into the guts of the code to retrieve the cleartext or the keys while it's playing back. All attackers need is a single mistake that they can use to compromise the system.

There is no future in which bits will get harder to copy. Instead of spending billions on technologies that attack paying customers, the studios should be confronting that reality and figuring out how to make a living in a world where copying will get easier and easier. They're like blacksmiths meeting to figure out how to protect the horseshoe racket by sabotaging railroads.

The railroad is coming. The tracks have been laid right through the studio gates. It's time to get out of the horseshoe business.
But then I realized why I first didn't find the Media Key: it was removed from memory after the Volume ID was retrieved and the VUK calculated. I also saw that in my "corrupt" memdump the VUK, Vol ID, Media Key and the Title Key MAC were all closely clustered in memory: in the first 50kb (of the entire multi megabyte file!) but there were large empty parts around it. Almost as if it was cleaned up.

This gave me an idea: what I wanted to do is "record" all changes in this part of memory during startup of the movie. Hopefully I would catch something insteresting. In the end I did something a little more effiecient: I used the hd dvd vuk extractor (thanks ape!) and adapted it to slow down the software player (while scanning its memory continously) and at the very moment the Media Key (which I now knew: my bottom-up approach really paid off here) was detected it halted the player. I then made a memdump with WinHex. I now had the feeling I had something.

And I did. Not suprisingly the very first C-value was a hit. I then checked if everyting was correct, asked for confirmation and here we are.
User avatar
Admiral Valdemar
Outside Context Problem
Posts: 31572
Joined: 2002-07-04 07:17pm
Location: UK

Post by Admiral Valdemar »

Determined cracker > movie/technology industry.

Ring any CSS like bells, anybody?
User avatar
Xisiqomelir
Jedi Council Member
Posts: 1757
Joined: 2003-01-16 09:27am
Location: Valuetown
Contact:

Post by Xisiqomelir »

EDIT: I should read links :P
User avatar
Beowulf
The Patrician
Posts: 10621
Joined: 2002-07-04 01:18am
Location: 32ULV

Post by Beowulf »

Now that they know one key, can't they run a known plaintext attack to find all of them?
"preemptive killing of cops might not be such a bad idea from a personal saftey[sic] standpoint..." --Keevan Colton
"There's a word for bias you can't see: Yours." -- William Saletan
User avatar
DarkSilver
Jedi Council Member
Posts: 1606
Joined: 2004-10-28 08:54am
Location: Librium Arcana
Contact:

Post by DarkSilver »

imagine they could, since they know where to find them, should be childsplay to get the rest of them.
XBL: Darek Silver | Wii Friend: 5602 6414 0598 0225
LibriumArcana - Roleplaying, Fiction, Irreverence
Trekker (TOS, TNG/DS9-Era) | Warsie (semi-movie purist) | B5'er | TransFan
Cult of Vin Diesel: While it is well known that James Earl Jones performed the voice of Darth Vader, it is less appreciated that Vin Diesel performs the voice of James Earl Jones.
User avatar
Admiral Valdemar
Outside Context Problem
Posts: 31572
Joined: 2002-07-04 07:17pm
Location: UK

Post by Admiral Valdemar »

The key will be revoked in future released, but this already shows that the user base has the skill and the highly paid manufacturers and programmers are only human. These errors have allowed a massive flaw to be exploited and this pretty much signals the end to HD DRM as far as the disc formats go. Though pirating such titles will be difficult what with the cost of HD and BD blank media.
User avatar
phongn
Rebel Leader
Posts: 18487
Joined: 2002-07-03 11:11pm

Post by phongn »

Eh, the issue around AACS was always going to be the trouble of securely implementing it (read: next to impossible). I was a bit surprised it came about so quickly, though.
User avatar
Admiral Valdemar
Outside Context Problem
Posts: 31572
Joined: 2002-07-04 07:17pm
Location: UK

Post by Admiral Valdemar »

Indeed. Without any inside worker or some silly laws like with CSS, I was expecting a few months tops. That they managed to find a player that was so poorly secured and crack the main key so quickly is producing a hilarious mental image in my mind for the big corporate types who backed such projects.

One wonders if they'll learn, especially after the likes of Apple and EMI are considering DRM free media the future (finally!).
User avatar
Arthur_Tuxedo
Sith Acolyte
Posts: 5637
Joined: 2002-07-23 03:28am
Location: San Francisco, California

Post by Arthur_Tuxedo »

My dad pointed out something interesting about the corporate bigwigs who seem so myopic. Not only do these people make appalling salaries, but they inflate them with stock options and walk away with severance packages of tens of millions of dollars. They're just trying to keep the show going and stay in power for as long as they can before the gig's up, and they'll do whatever it takes to make that extra ten million. They couldn't care less if consumers are getting the shaft or if they're fucking over the company and the shareholders in the long run, or that the company could be a lot more profitable if it embraced the new ideas sooner rather than later. The bright side to this is that once the gig is up, there will be no real reason for companies to keep shooting everyone including themselves in the foot with this DRM bullshit.
"I'm so fast that last night I turned off the light switch in my hotel room and was in bed before the room was dark." - Muhammad Ali

"Dating is not supposed to be easy. It's supposed to be a heart-pounding, stomach-wrenching, gut-churning exercise in pitting your fear of rejection and public humiliation against your desire to find a mate. Enjoy." - Darth Wong
User avatar
Arrow
Jedi Council Member
Posts: 2283
Joined: 2003-01-12 09:14pm

Post by Arrow »

Ars has an another article describing the crack:
Crack in Blu-ray, HD DVD encryption gets wider

2/13/2007 8:35:22 PM, by Jeremy Reimer

A poster named arnezami on the Doom9 forums has claimed to have found a method of extracting the Volume ID signatures from both HD DVD and Blu-ray discs, which could make it easier for hackers to extract an unprotected version of the high-resolution video and audio content from store-bought titles.

The previous method, developed by other Doom9 members jokin and Muslix64, used a technique that scanned memory locations used by the software player WinDVD while a disc was playing, and from there extracted the Volume Unique Key for that particular disc. This method was somewhat cumbersome, and required some sophistication on behalf of the cracker. Furthermore, it had to be repeated for each HD DVD or Blu-ray title. arnezami used a program called USB sniffer to connect to an HD DVD drive as a mass storage device, started playing back the movie, then scanned the resulting dump of the transfer between the drive and the computer.

As shown in the chart below, the "MKB" is the Master Key Block, which is different for every disc. When combined with the device key for a particular player, this generates a Master Key (Km). This key is then combined using the AES algorithm to create the Volume Unique Key (Kvu). It was this Volume Unique Key that Muslix64 captured in memory from WinDVD. The Volume Unique Key is then combined with an encrypted Title Key stored on the disk to create the Title Key (Kt) which is then used to decrypt the video and audio content on the disc itself.

The new method saves a step and allows anyone to easily capture the Volume ID from any disc, but it still requires a Master Key in order to unlock the content. The creators of AACS, the copy protection used by HD DVD and Blu-ray, anticipated that this would happen, and built into the specification the ability to revoke Device Keys that have been released into the wild, so that new discs will refuse to work on those particular players or playback software versions.

So does this mean that the gates are open for Blu-ray and HD DVD? Not quite. The hackers believe that it is only a matter of time before WinDVD's device key is revoked, which will necessitate a software update for WinDVD owners and set the work of decrypting new titles back to square one. The hackers have been careful not to release the actual Device Key for WinDVD to the public, but as all the hacks to date have been accomplished using software-based players (which unlike hardware-based players can be easily updated over the Internet) it seems likely that these Device Keys will be revoked anyway. Therefore, it cannot really be stated that AACS has been completely cracked at this point in time. The new crack still requires a general-purpose method of extracting the Master Keys, which has not yet been accomplished.

Still, the discovery of an easy way to grab the Volume ID information from Blu-ray and HD DVD discs demonstrates that there is more than one way to skin the encrypted cat, as it were. While not a complete crack, it does open the door slightly wider towards the ability to remove protection from high-definition media.
So AACS hasn't been completely defeated, but it just had big hole put through it. This going to end up being a race between the hackers and the key makers, and in the end, its just going to piss off the consumer; stick a fork in it, this DRM scheme is done.
User avatar
Arthur_Tuxedo
Sith Acolyte
Posts: 5637
Joined: 2002-07-23 03:28am
Location: San Francisco, California

Post by Arthur_Tuxedo »

When hundreds or thousands of people tell their friends and co-workers that they can't play the new DVD they bought because their key was revoked, it will finish the job of sealing the fate of the new formats. For this reason, they're not going to revoke keys in the players of legitimate users. If they do, they're even dumber than we thought.
"I'm so fast that last night I turned off the light switch in my hotel room and was in bed before the room was dark." - Muhammad Ali

"Dating is not supposed to be easy. It's supposed to be a heart-pounding, stomach-wrenching, gut-churning exercise in pitting your fear of rejection and public humiliation against your desire to find a mate. Enjoy." - Darth Wong
Velthuijsen
Padawan Learner
Posts: 235
Joined: 2003-03-07 06:45pm

Post by Velthuijsen »

The people on the Doom9 forum are actually hoping that the WinDVD key gets revoked. That would give them one more key they can use to get a shot at the master key.
User avatar
muse
Jedi Council Member
Posts: 1818
Joined: 2003-11-26 07:04pm

Post by muse »

Here's another take on this whole mess, read through all 7 pages. It was written about a month ago shortly after the first hacks were made in the system, but it predicts what just happened a few days ago. Dr. Ed Felten is a CS professor at my university has written numerous articles on DRM and copyright issues and was part of the team which broke the music industry's SDMI challenge.

As he stated years ago, when target device and the media are both in the user's hands, it will inevitably be compromised sooner rather than later.
ø¤ º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸¸,ø¤º°`°º¤ø,¸¸,ø
Quidquid latine dictum sit, altum viditur.
(Whatever is said in Latin sounds profound.)

I like Celine Dion myself. Her ballads alone....they make me go all teary-eyed and shit.
- Havok
User avatar
Darth Wong
Sith Lord
Sith Lord
Posts: 70028
Joined: 2002-07-03 12:25am
Location: Toronto, Canada
Contact:

Post by Darth Wong »

You don't even need to be a pirate in order to want to crack those keys. Copy protection is just goddamned annoying at the best of times, especially with all of those "fuck the customer, we're in charge" options they build into the standard (like forcing the customer to sit through certain sections of a disc by disabling the fast-forward button). If (for example) I have a film that I think my kids would enjoy except for one objectionable scene, I'd like to make a copy of the disc but snip out that one scene. Shouldn't be a problem since I legally bought and paid for the DVD, right? Of course not, it's illegal and I should go to jail.
Image
"It's not evil for God to do it. Or for someone to do it at God's command."- Jonathan Boyd on baby-killing

"you guys are fascinated with the use of those "rules of logic" to the extent that you don't really want to discussus anything."- GC

"I do not believe Russian Roulette is a stupid act" - Embracer of Darkness

"Viagra commercials appear to save lives" - tharkûn on US health care.

http://www.stardestroyer.net/Mike/RantMode/Blurbs.html
User avatar
Admiral Valdemar
Outside Context Problem
Posts: 31572
Joined: 2002-07-04 07:17pm
Location: UK

Post by Admiral Valdemar »

Darth Wong wrote:You don't even need to be a pirate in order to want to crack those keys. Copy protection is just goddamned annoying at the best of times, especially with all of those "fuck the customer, we're in charge" options they build into the standard (like forcing the customer to sit through certain sections of a disc by disabling the fast-forward button). If (for example) I have a film that I think my kids would enjoy except for one objectionable scene, I'd like to make a copy of the disc but snip out that one scene. Shouldn't be a problem since I legally bought and paid for the DVD, right? Of course not, it's illegal and I should go to jail.
That's because you don't "own" the film and are merely "renting" it as a production on digital media which you can watch from the comfort of your own home. If the studios deemed it necessary to put a sign on the first scene of the feature saying fuck you and all your family, they'd do it for a presumed profit slice.

There's all sorts of legal justifications applied to this issue and how they can further the DRM fiasco and more. Pirating isn't a sign of the current situation being woefully unacceptable to the public, but a sign that their measures are simply not working well enough and need to be more stringent.

So you see, they fuck you over for that percentage, real or imagined.
User avatar
Uraniun235
Emperor's Hand
Posts: 13772
Joined: 2002-09-12 12:47am
Location: OREGON
Contact:

Post by Uraniun235 »

The insidious part is the double-standard at work with Big Media.

If you want to make backup copies so that your kids don't scratch the hell out of the original media... oh, well, sorry, but you actually only bought a license to play the movie, so you can only view and use the Content on our terms.

But if your original copy breaks, can you order an inexpensive replacement disk? Of course not, because you bought a physical product, why would we give one away to you?

Big Media wants to eat their cake and have it too.
"There is no "taboo" on using nuclear weapons." -Julhelm
Image
What is Project Zohar?
"On a serious note (well not really) I did sometimes jump in and rate nBSG episodes a '5' before the episode even aired or I saw it." - RogueIce explaining that episode ratings on SDN tv show threads are bunk
Post Reply