Slashdot Mirror

← Back to Stories (view on slashdot.org)

Johansen Cracks AirPort Express Encryption

Posted by michael on from the airport-express-sales-increase dept.

womby writes "DVD Jon has just announced that he cracked the encryption in Apple's AirPort Express. 'I've released JustePort, a tool which lets you stream MPEG4 Apple Lossless files to your AirPort Express. The stream is encrypted with AES and the AES key is encrypted with RSA.' No real details of the process employed in cracking the unit but newsworthy none the less."

19 of 459 comments (clear)

  1. Re:Lawyers, start your engines. by Anonymous Coward · · Score: 3, Informative

    why would they ?, Jon is from Norway where US laws and ideals do not apply

    welcome to the rest of the world, where there is more of them than you

  2. From the Site... by Anonymous Coward · · Score: 5, Informative

    So sue me
    Jon Lech Johansen's blog
    Wed, 11 Aug 2004
    Reversing AirTunes

    I've released JustePort, a tool which lets you stream MPEG4 Apple Lossless files to your AirPort Express.

    The stream is encrypted with AES and the AES key is encrypted with RSA.

    AirPort Express RSA Public Key, Modulus:
    59dE8qLieItsH1WgjrcFRKj6eUWqi+bGLOX1HL3U 3GhC/j0Qg9 0u3sG/1CUtwC
    5vOYvfDmFI6oSFXi5ELabWJmT2dKHzBJKa3k 9ok+8t9ucRqMd6 DZHJ2YCCLlDR
    KSKv6kDqnw4UwPdpOMXziC/AMj3Z/lUVX1G7 WSHCAWKf1zNS1e Lvqr+boEjXuB
    OitnZ/bDzPHrTOZz0Dew0uowxf/+sG+NCK3e QJVxqcaJ/vEHKI Vd2M+5qL71yJ
    Q+87X6oV3eaYvt3zWZYD6z5vYTcrtij2VZ9Z mni/UAaHqn9Jds BWLUEpVviYnh
    imNVvYFZeCXg/IdTQ+x4IRdiXNv5hEew==
    Exponent: AQAB

    MD5(JustePort-0.1.tar.gz) = fe13e96751958c6e9d57cce0caa7b17b

    1. Re:From the Site... by codework · · Score: 5, Informative

      As someone else who has recovered the public key from iTunes, I can say He did break a form of encryption. The public keys are encryped in itunes albit it with a very simple rolling xor algo.

      There is actually table of 255 public keys encoded in itunes. This is just one of them.

  3. Re:What? by Anonymous Coward · · Score: 5, Informative

    DeCSS was indeed released by the group, MoRE, 4 years ago (MoRE had 3 members, you call that "large"?).

    However, as far as I can tell Johansen no longer has any connections with MoRE. All the software on his site is GPL'ed and copyrighted by himself. MoRE is not mentioned anywhere.

  4. Re:Great News by Kristoph · · Score: 5, Informative

    The hack in question does not permit you to stream to the AE unless you have access to the network on which the AE resides. If you did gain access to that network in some way you could still engage in the "abuse" you mention through iTunes without this hack.

    The point of the hack is to permit you to stream music from programs other than iTunes to an AE you have access to and not to hijack AE's.

    ]{

  5. Re:What does it means? by Kristoph · · Score: 5, Informative

    The point of the hack is to permit you to stream audio to an AE from a program other than iTunes.

    ]{

  6. Re:Great News by lysander · · Score: 3, Informative
    I can't reach the website, but presumably this only works if you have access to the wireless network, so you'd have to break WPA/WEP as well (or find a sucker with an open network).
    It's possible to password protect the audio aspect of the airport express separate from WPA/WEP. You can even leave the access point entirely open and still password protect access to the audio. The article's still unavailable, so it's unclear what exactly Jon cracked.
    --
    GET YOUR WEAPONS READY! --DR.LIGHT
  7. Re:WTF? by IntergalacticWalrus · · Score: 3, Informative

    > But doesn't the Airport Express take any stream sent to it from iTunes 4.6 or greater?

    Not really, iTunes always converts streams to Apple Lossless format prior to sending it to an AE (which is most likely the only format the AE understands, obviously).

    > So what did I miss? Is this the ability to do that from other programs on other platforms?

    Yes, but of course this is going to be the dvdcss case all over again, where the industry will accuse Jon of having made this purely for pirating purposes.

  8. Re:Lossless? by matthew.thompson · · Score: 4, Informative

    MPEG4 is not a single standard - but a collection.

    Among these there is a Lossless compression codec that Apple have put forward for inclusion into the MPEG4 collection.

    --
    Matt Thompson - Actuality - Insert product here.
  9. Assuming he's right... by Kjella · · Score: 3, Informative

    ...I suppose he's talking about the Apple lossless codec in a MPEG4 container format (it is more than just a video codec, you know...)

    Kjella

    --
    Live today, because you never know what tomorrow brings
  10. Re:WTF? by the+hopthrisC · · Score: 3, Informative

    Is this the ability to do that from other programs on other platforms?

    Exactly.

    If so, why does the poster pick out the ability to transfer Apple Lossless files?

    He hasnt picked it out, it is the only option! Airport Express understands Apple Losless only. Every other format is recoded by iTunes before it is streamed.

  11. Re:What? by Anonymous Coward · · Score: 5, Informative

    It's worth mentioning that Johansen is a member of the open source VideoLAN project, which develops the libdvdcss library and VLC multimedia player.

    He reverse engineered FairPlay and added FairPlay support to VLC.

    Together with the fact that all his recent software has been licensed under the GPL this indicates that he no longer has anything to do with any "cracking" groups.

  12. Re:Oh good by Jeremy+Erwin · · Score: 3, Informative

    they didn't "invent" OS X, they stole it from BSD and overcharged for it. keep shelling out your $130 every year for a "secure" OS.

    Darwin is free. Cocoa, Quartz, Carbon, and a number of other technologies that have nothing to do with BSD are not.

  13. Re:Too bad... by zokum · · Score: 5, Informative

    Yes, Norway is in fact the country implementing the EU-regulations the most (EU countries included) . We have a trade agreements etc with the EU, and we implement all the EU directives.

    We really should have joined EU a long time ago, and I find it absurd to not be in it. One can only hope. :-)

    If you want me to elaborate more, just reply, i can cite numerous examples, but I'd rather be on-topic to the post. But al in all, I agree with the grandparents post, it could smell trouble when the EU-DMCA comes into play....

    --
    Rest in peace Malin "looxn" Kristiansen. We miss you...
  14. Re:This should be pretty cool by RadioheadKid · · Score: 4, Informative

    RSA encrypted AES key

    You answered your own question. RSA here means the RSA Public Key Cryptography Standard The AES key (which is a symmetrical cipher key) was encrypted using RSA PKCS.

    --
    "Karma can only be portioned out by the cosmos." -Homer Simpson
  15. Re:Too bad... by arcade · · Score: 3, Informative

    Last time I spoke to Per (Jon's father), he told me that Jon has moved to France. Still no DMCA, but maybe the EUCD will come in play quite a bit faster down there than here in Norway.

    --
    "Rune Kristian Viken" - http://www.nwo.no - arca
  16. Re:Does anyone know Jon's doctor? by jandrese · · Score: 3, Informative

    Nice try, but Bzzzzt! Wrong answer. That expression was probably just as vulgar as it sounds.

    --

    I read the internet for the articles.
  17. Re:Why is Apple's encryption so weak? by mmusson · · Score: 5, Informative

    The strong encryption was not cracked. The implementation was cracked. No software-only based encryption is secure, period. The audio stream is encrypted with AES. AES is a symmetric key encryption sceme which means that both sides need the same key. The key needs to change over time or the encryption scheme can be cracked.

    This leaves the problem of how iTunes can tell the Airport the new key without everyone else listening and knowing the key also. Apple use RSA to secure the key transfer. RSA is a public key encryption system. This means there are two keys one public and one private. The private key is only known by the Airport. The public key is embedded in the iTunes software.

    When iTunes wants to send a new AES key to the Airport it uses the RSA public key to encrypt the AES key. This encrypted message can only be decryped with the private key that the Airport has which means the system is secure even though everyone hears the new key in encrypted form.

    The problem is that the RSA public key is embedded in the iTunes code. But that code needs to read in the key in order to use it and someone can reverse engineer this process to read the key themselves. This isn't necessaryily an easy thing to do but in a software only solution there is no way to stop it.

    --
    SYS 49152
  18. Is this really a crack? by mpaque · · Score: 4, Informative

    It appears that he's just published the public key. That may allow him to ENCRYPT music for play over Airport Express, but it doesn't let him decrypt the stream.

    Heck, I put a public key for mail in my .plan and sigs. I don't think that enables anyone to crack my mail. They can SEND me mail, but that's sort of the whole idea, isn't it?