or Connect
AVS › AVS Forum › Blu-ray & HD DVD › HDTV Software Media Discussion › AACS Not So Cracked After All
New Posts  All Forums:Forum Nav:

AACS Not So Cracked After All - Page 2

post #31 of 603
article in New York Times today about this:

Studios' DVDs Face a Crack in Security


By JOHN MARKOFF
Published: January 1, 2007

snippet:

"If the HD-DVD protection system has indeed been compromised, it was not immediately clear which camp would benefit most directly.

Some posters in Internet discussion groups have argued that the cracking of HD-DVD may increase the popularity of the system among consumers eager to make copies of movies they have purchased.

At the same time, a weakened encryption system could undermine studio support, causing some to turn to the Blu-ray technology instead and giving the Blu-ray group an advantage in offering a wider range of content."
post #32 of 603
Just FYI guys.

In the original forum where the news of the AACS crack claim was placed, there is starting to be more and more doubts on the validity of the claim.

First the software version used 6.5 is OEM, and not in general release anymore, and cannot be readily downloaded.

Next noone can find the keys to use, even trying his memory dump techniques.

In short in the past week, no one can replicate his results, and here are some recent comments about it.

http://forum.doom9.org/showthread.php?t=119871&page=8

Quote:
Each day that goes on without someone else actually providing a key or at least confirming spotting one makes me more skeptical this is real.

Quote:
I am afraid you are not understanding...once this version of PowerDVD is blacklisted it won't work anymore with newer released titles. The newer released HD-DVDs will know that this version of powerDVD has been compromised and will refuse to work. You either update to a newer version of powerDVD or you are stuck with only be able to play the old (150 or so HD-DVD) titles that have come out up to now.

Quote:
I've got the 360 HDDVD drive in hand. In the youtube video it shows that he is using powerDVD 6.5 . I'm only finding 7.0 online. Should I try to find 6.5 or go with 7.0?

Quote:
Am I the only one who thinks this was a hoax?

Quote:
But you cannot playback FROM HD, right ?

Quote:
Now I'm starting to think that video (on tube) might be... fake.

BTW , the original poster has not posted anywhere again since his announcement post.....
post #33 of 603
Quote:
Originally Posted by Kosty View Post

Just FYI guys.

In the original forum where the news of the AACS crack claim was placed, there is starting to be more and more doubts on the validity of the claim.

First the software version used 6.5 is OEM, and not in general release anymore, and cannot be readily downloaded.

Next noone can find the keys to use, even trying his memory dump techniques.

In short in the past week, no one can replicate his results, and here are some recent comments about it.

http://forum.doom9.org/showthread.php?t=119871&page=8


BTW , the original poster has not posted anywhere again since his announcement post.....

Lots of people have the 6.5 software.
post #34 of 603
Quote:
Originally Posted by Kosty View Post

Just FYI guys.

In the original forum where the news of the AACS crack claim was placed, there is starting to be more and more doubts on the validity of the claim.

First the software version used 6.5 is OEM, and not in general release anymore, and cannot be readily downloaded.

Next noone can find the keys to use, even trying his memory dump techniques.

In short in the past week, no one can replicate his results, and here are some recent comments about it.

http://forum.doom9.org/showthread.php?t=119871&page=8


BTW , the original poster has not posted anywhere again since his announcement post.....

You know, when I originally read about AACS being cracked a couple of days ago and watched the video.... I was never convinced that the video proved a damn thing. People all immediately jumped the gun and in some cases believe everything they see and hear on the internet with little to no hard evidence. Him typing in DOS mode with his "backupHDDVD" was unimpressive as I could create a simple backupHDDVD batch file to show the same thing when in reality it would do nothing.

The only hard evidence (for me anyway) is if people can replicate what this guy supposedly has done. I'm still waiting. I'm surprised I haven't heard more people call this out as a hoax considering the timing of the post and his youtube flick.... a couple of weeks before the 2007 CES, interesting to say the least.
post #35 of 603
Also, funnily he never published the title keys ... may be FBI will get him before he comes out with all the details ....
post #36 of 603
Thread Starter 
Quote:
Originally Posted by BuGsArEtAsTy View Post

Lots of people have the 6.5 software.

Lots of people will have to upgrade their 6.5 software.
post #37 of 603
I just find it surprising that noone has posted saying they can replicate his results.

or use his technique to find the results in memory.

or that he hasn't posted again, even someone claiming to be him under a different alias.
post #38 of 603
Quote:


Lots of people have the 6.5 software.

But enough to make this a country-wide piracy epidemic that would shift the balance of power in the HD disc war?
post #39 of 603
Quote:
Originally Posted by Michael Mullis View Post

But enough to make this a country-wide piracy epidemic that would shift the balance of power in the HD disc war?

The Cyberlink Power DVD 6.5 software was only shipped as an OEM release with HD DVD drives. It was not sold as a standalone release.

The cracker said he was using a Xbox 360 drive. Why would he do this if he already had a HD DVD drive?

Or if he already had a copy of Power DVD 6.5 or got it from a waerz site, wouldn't he just be able to play the film clip straight from the disc? If you look at the youtube video, the windows titlebar for the running application is blurred out.

All the posted application does without the keys is transfer the encrypted files to the harddrive.

You could make up the video without even having be able to actually run the decrypted files, the video playback could be just watching legimate playback on a PC through a HD DVD drive, (or the Xbox 360 add on ??) wit the HD DVD still in the drive.
post #40 of 603
Quote:
Originally Posted by Michael Mullis View Post

But enough to make this a country-wide piracy epidemic that would shift the balance of power in the HD disc war?

No, but I didn't say it would. I was just implying his posting of that quote* of a person saying they couldn't find the 6.5 version has absolutely no bearing on whether or not this AACS workaround is real.

*"I've got the 360 HDDVD drive in hand. In the youtube video it shows that he is using powerDVD 6.5 . I'm only finding 7.0 online. Should I try to find 6.5 or go with 7.0?"


Quote:


The cracker said he was using a Xbox 360 drive. Why would he do this if he already had a HD DVD drive?

Why not? And anyways, I suspect he may have gotten an "evaluation copy" of it.

Quote:


Or if he already had a copy of Power DVD 6.5 or got it from a waerz site, wouldn't he just be able to play the film clip straight from the disc?

Yes, but this was a hack post after all. Not very people would be interested if he posted: "Hey I got PowerDVD 6.5 and I can play HD DVD! OMG!"

Quote:


All the posted application does without the keys is transfer the encrypted files to the harddrive.

The implication is that the files are decrypted on his hard drive.

Quote:


You could make up the video without even having be able to actually run the decrypted files, the video playback could be just watching legimate playback on a PC through a HD DVD drive, (or the Xbox 360 add on ??) wit the HD DVD still in the drive.

Yes, the video could be fake, but I don't think your reasons prove anything either way.
post #41 of 603
Quote:


Yes, but this was a hack post after all. Not very people would be interested if he posted: "Hey I got PowerDVD 6.5 and I can play HD DVD! OMG!"

My point was that he could have created his video without him even being able to do what he is claiming.

It could still be a hoax.
post #42 of 603
Quote:
Originally Posted by Kosty View Post

My point was that he could have created his video without him even being able to do what he is claiming.

It could still be a hoax.

Yes, it could. However, you haven't discredited his video at all, so as far as we know, it could also be real.
post #43 of 603
Quote:


The implication is that the files are decrypted on his hard drive.

Yes if the title keys are placed in his input file before the program is run. If the keys are not placed there, all his application does ( and the video shows) is copy the encrypted files onto the harddrive with decyrpting them.
post #44 of 603
Quote:
Originally Posted by BuGsArEtAsTy View Post

Yes, it could. However, you haven't discredited his video at all, so as far as we know, it could also be real.

Yep it could be.

But the more time passes, the chance that it was a hoax increases.

BTW, I still think this was a real vulnerabilty, what he did was real and could be duplicated by a early version of one of the two software players. But the distribution of those players is limited and the practicable effect of this will be small. I'm just finding it curious that no one else is claiming they can duplicate the feat after a week. Thats unusual for this kind of thing.
post #45 of 603
What I find amusing is the fact that there are posts out there from n00bs thinking that we're gonna have top quality 1080p reencodes on torrent sites that will fit on a DVD-R or something using DivX. I guess people don't quite understand the point of H.264 & VC-1 on HD DVD & Blu-ray.

That said, we could start seeing 4-8 GB 720p reencodes showing up nonetheless, using H.264, DivX, or WMV.

That is, if anyone can replicate this so-called workaround.
post #46 of 603
Quote:
Originally Posted by BuGsArEtAsTy View Post

What I find amusing is the fact that there are posts out there from n00bs thinking that we're gonna have top quality 1080p reencodes on torrent sites that will fit on a DVD-R or something using DivX. I guess people don't quite understand the point of H.264 & VC-1 on HD DVD & Blu-ray.

That said, we could start seeing 4-8 GB 720p reencodes showing up nonetheless, using H.264, DivX, or WMV.

That is, if anyone can replicate this so-called workaround.

What? Are you indicating that we will be able to get an encoded copy of the original encoded copy to fit on a 9GB disc. Wow, that video must be awesome!!
post #47 of 603
Quote:
Originally Posted by AV Doogie View Post

What? Are you indicating that we will be able to get an encoded copy of the original encoded copy to fit on a 9GB disc. Wow, that video must be awesome!!

Actually, the Xbox 360 720p HD movie download for the 2h12 minute long V for Vendetta is only about 6 GB.



Not the same quality as HD DVD, but definitely good enough for bootlegged videos.
post #48 of 603
Quote:
Originally Posted by BuGsArEtAsTy View Post

What I find amusing is the fact that there are posts out there from n00bs thinking that we're gonna have top quality 1080p reencodes on torrent sites that will fit on a DVD-R or something using DivX.

Not so noobish. Using x264 you can get 2 hours of 9mbit video with Dolby Digital in 8.5GB. As computer playback allows more heavy compression (hd-dvd limitations aren't actually that severe), you can get terrific quality in that. Obviously you'll struggle with longer movies, and it's not going to be exactly the same as a typical HD-DVD (12-15mbit), but the quality will be pretty close for many discs.

Also, if you have a 720p display just re-encode to that, and you'll get utterly minimal quality loss as 9mbit is a very light compress.
post #49 of 603
Quote:
Originally Posted by arfster View Post

Not so noobish. Using x264 you can get 2 hours of 9mbit video with Dolby Digital in 8.5GB. As computer playback allows more heavy compression (hd-dvd limitations aren't actually that severe), you can get terrific quality in that. Obviously you'll struggle with longer movies, and it's not going to be exactly the same as a typical HD-DVD (12-15mbit), but the quality will be pretty close for many discs.

It will be relatively good, but 1080p 9 Mbps x264 won't be in the same league as HD DVD by a long shot.

BTW, home brew x264 is not as good as commercial VC-1 at the same bitrate.

Quote:


Also, if you have a 720p display just re-encode to that, and you'll get utterly minimal quality loss as 9mbit is a very light compress.

Well, I already said that. 720p encodes would make for a perfect way for people to distribute HD content illegally. One could get a short 720p movie onto a DVD-5, even if it would be more compressed than most AVSers would like.
post #50 of 603
Cyberlink Responds to Alleged AACS Crack

Quote:


With the HD DVD AACS Crack/Hack that supposedly happened last week, I said that Cyberlink would most likely issue some additional information on the matter. I just got an e-mail from the people at Cyberlink with some great information. Above all, Cyberlink is sure PowerDVD's implementation of AACS fully protects HD DVD contents.

First of all, PowerDVD complies to AACS compliance rules to ensure HD DVD contents are fully protected. Cyberlink is confident that PowerDVD fully protects HD DVD contents.
Secondly, PowerDVD does not keep "Title Keys" in system memory. Cyberlink is not sure how the user got the Title Key and notes that the released tool nor the video on YouTube provides the information on obtaining the Titles Keys.
Thirdly, there are no evidences that the user is using PowerDVD to hack/crack HD DVD video content. He or she was simply using PowerDVD to playback the video that was ripped with other software. PowerDVD supports evo video file format playback.
Overall, it doesn't look like AACS or Cyberlink have found any faults in PowerDVD. So, at this point no updates will be issued for PowerDVD and the verdict is still out on whether or not additional playback software was used to obtain the Title Keys. No one has yet to prove that the keys can be obtained through a memory dump or any other methods.

Yet again, AACS wasn't cracked/hacked and the one piece of the puzzle for obtaining the Title Keys doesn't appear to add up.

Thanks goes out to Cyberlink for the information.
post #51 of 603
I'm thinking hoax. People will do anything for attention. Someone would have duplicated this by now and be very proud of themselves for having done so, and would post it somewhere. It's awfully suspicious that hasn't happened yet.
post #52 of 603
Elaborate hoax...

By an anonymous person...

Focused against HD DVD...

Just before CES...

Hmmmm...
post #53 of 603
Quote:
Originally Posted by chad_cincy View Post

Elaborate hoax...

By an anonymous person...

Focused against HD DVD...

Just before CES...

Hmmmm...

I'm right there with you. And where is the updated version on Jan 2? It's getting near the end of the day.

I'm also fairly certain that SOMEONE else would have got this to work by now. 7 weeks to duplicate something in the hacker community with hints and videos would have been done by now.

Chris
post #54 of 603
Thread Starter 
Quote:
Originally Posted by chad_cincy View Post

Elaborate hoax...

By an anonymous person...

Focused against HD DVD...

Just before CES...

Hmmmm...

If a hoax I wouldn't put it past Sony to do something like this. They have the means and the motive, regardless of the fact that no Blu-Ray movie disc contains any additional 'protection'.
post #55 of 603
This was posted on doom9 by muslix64 a little while ago:

Quote:


I spent the last few days reading a lot of articles on BackupHDDVD, reading a lot of people's post/comments on various websites.

This is the time to set the record straight about this new tool and what the impacts are.

First I need to clarify some points.

Revocation:

In the AACS system, there is 4 types of revocation:
Drive revocation
Host revocation
Device revocation (with MKB)
Content revocation

There is no such thing as "title key revocation" and "volume key revocation"

-------------

Now, here is a list of affirmations I have seen lately.


Affirmation 1: You did not break AACS, just the player

My comment: I did not break AACS, but I find a way to decrypt movies and I have bypassed all the revocation system.
Not that bad...


Affirmation 2: The BackupHDDVD circumvention tool won't last long

My comment: As long as insecure players will exist, it will last...
And insecure players will always exist, in fact you can extract keys from any player! Some players are just easier to extract the key from. Being lazy, I prefer to extract keys from an insecure player than a secure one.
And the AACS spec says "Device keys must be protected!" but they did not said that about volume key, fatal mistake!


Affirmation 3: The keys can easily be revoked.

My comment: What keys are you talking about?
As I stated before, there is no such thing as "title key revocation" and "volume key revocation". If someone publishes only volume keys, there is no way to know from which player these keys where extracted from, making the revocation system useless. They can do content revocation, but to revoke what? All movies before 2007? They can do player revocation, so I will just change the player I'm using, big deal...


So what is the AACS revocation system good at?
It is good for that scenario:
Someone post on the net, a tool that do the complete decryption automatically. Off course the program use stolen device keys from an official player. They (AACS and friends) will eventually get their hands on this program, look at the device keys and revoke them. Making that player unable to play new titles. But the author of this program can pre-extract a bunch of devices keys from different players and release them, one at the time, when the previous one have been blacklisted. The AACS spec says "Device keys must be protected!" so I suppose they put more effort in protecting these keys then the volume key in memory.


Affirmation 4: BackupHDDVD is nothing, only one person out of a million have the technical skills to extract keys.

My comment: BackupHDDVD is a proof of concept.

Picture this:
Few skilled persons can do massive volume key extraction, and send the keys to a central server on the internet. Then, they create an easy to use decryption program, with a nice GUI that do online key recovery. That way, my father and your father can backup movies.
Or they can send the keydb.cfg file on P2P networks (**********, E-Mule, etc..)
See the problem now?


Affirmation 5: You can extract keys from software player on personal computer but not on hardware player.

My comment: It's easier to extract keys from software player, but it also possible to extract keys from hardware player (the set-top box in your living room!)



Conclusion:

The attack I describe in "Affirmation 4", is not here yet, but it's coming. So I give MPAA and AACSLA a head start. Start to think what you can do about that.

To totally block this attack, they need to put different keys on every disk! Now, they only have different keys for different movies. I don't know about the manufacturing process of the disk. This solution may not be possible.

The best they can do, is doing shorter manufacturing run of a particular movie, so it would be difficult to get your hand on every "pressing" of a movie.

When they design AACS, they assume people will look for the device keys. I don't care about device keys. I do care about volume key. Having the device keys mean that you have to re-implements all the complex crypto and do the full AACS process.
I leave all this dirty job to the player and recover only the volume key.

There is 3 important things in cryptography:

1-Private key protection
2-Private key protection
3-Private key protection


Did I break AACS? I don't know. What do you think?
post #56 of 603
Thread Starter 
He admitted, "I did not break AACS" and then says he doesn't know if he broke AACS. Bottom line: he did not break AACS.
post #57 of 603
His "Affirmation 2" and "Affirmation 3" are interesting.

Indeed, if only the title keys are released along with an AACS decryption engine like what he released (well, the AACS decryption spec/algorithm IS public), it would be difficult for AACS to pin-point the insecure player or how that insecure player was attacked.

Well, so far, we do not have that many software players and he did say which version of a player he used. So, that will make the job easier for AACS although it's not clear still how to scan for the memory for the title keys.

But his scenario IS interesting. If the attackers just release the title keys, it might take AACS a long time to find the insecure player, to confirm the attack and to issue a revocation.

Edit: Well, it seems that Cyberlink's official position currently is that they think their software is adhering to the AACS spec and do not know how the attacker retrieved the title keys (or they said the attacker did not explain how he/she did it ). The only thing this attacker needs is just one title key released somewhere. Then we know a HD DVD player is not completely following AACS. Maybe the attacker will wait until he gets all 163 title keys using NetFlix or something...

Hong.
post #58 of 603
Quote:


From the AACS spec:

Media Key
A key that is used to unlock the Title Keys stored on a media that contains Titles protected by AACS. The Media Key can be computed by successfully processing a MKB.

Media Key Block (MKB)
A critical component of the subset difference tree key management system. The MKB is a data block that provides access to a common key (Media Key) that can be accessed by any device that contains the necessary secret keys and has not been revoked. Refer to Chapter 3 for additional details.

If you check out Chapter 3, I suspect that if I were to go after this one, I'd start searching PowerDVD and/or WinDVD for strings of 0123456789ABCDEFH.

Cheers!
MarkF
post #59 of 603
Quote:
Originally Posted by Mark J. Foster View Post

If you check out Chapter 3, I suspect that if I were to go after this one, I'd start searching PowerDVD and/or WinDVD for strings of 0123456789ABCDEFH.

Cheers!
MarkF

Or in binary you could just search for strings of 1's and 0's.

- Tom
post #60 of 603
Hi, Tom!

I actually wasn't kidding about that pattern! To peek at a little bit of the spec again (from Chapter 3 of the common section of the spec):
Quote:
A properly formatted MKB shall have exactly one Verify Media Key Record. It shall precede the Explicit Subset Difference Record, the Subset Difference Index Record, and the Media Key Data Record, although it may not immediately precede them. Bytes 4 through 19 of the Record contain the ciphertext value

Dv = AES-128E (Km, 0123456789ABCDEF16 || XXXXXXXXXXXXXXXX16)

where XXXXXXXXXXXXXXXX16 is an arbitrary 8-byte value, and Km is the correct final Media Key value. The presence of the Verify Media Key Record in an MKB is mandatory. The device may use the Verify Media Key Record to verify the correctness of a given MKB, or of its processing of it. If everything is correct, the device should observe the condition:

[AES_128D(Km, Dv)]msb_64 == 0123456789ABCDEF16

where Km is the Media Key value.

Hmmm... where's the DEADBEEF16?

Cheers!
MarkF
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: HDTV Software Media Discussion
AVS › AVS Forum › Blu-ray & HD DVD › HDTV Software Media Discussion › AACS Not So Cracked After All