Slashdot Mirror

← Back to Stories (view on slashdot.org)

Johansen Cracks AirPort Express Encryption

Posted by michael on from the airport-express-sales-increase dept.

womby writes "DVD Jon has just announced that he cracked the encryption in Apple's AirPort Express. 'I've released JustePort, a tool which lets you stream MPEG4 Apple Lossless files to your AirPort Express. The stream is encrypted with AES and the AES key is encrypted with RSA.' No real details of the process employed in cracking the unit but newsworthy none the less."

11 of 459 comments (clear)

  1. From the Site... by Anonymous Coward · · Score: 5, Informative

    So sue me
    Jon Lech Johansen's blog
    Wed, 11 Aug 2004
    Reversing AirTunes

    I've released JustePort, a tool which lets you stream MPEG4 Apple Lossless files to your AirPort Express.

    The stream is encrypted with AES and the AES key is encrypted with RSA.

    AirPort Express RSA Public Key, Modulus:
    59dE8qLieItsH1WgjrcFRKj6eUWqi+bGLOX1HL3U 3GhC/j0Qg9 0u3sG/1CUtwC
    5vOYvfDmFI6oSFXi5ELabWJmT2dKHzBJKa3k 9ok+8t9ucRqMd6 DZHJ2YCCLlDR
    KSKv6kDqnw4UwPdpOMXziC/AMj3Z/lUVX1G7 WSHCAWKf1zNS1e Lvqr+boEjXuB
    OitnZ/bDzPHrTOZz0Dew0uowxf/+sG+NCK3e QJVxqcaJ/vEHKI Vd2M+5qL71yJ
    Q+87X6oV3eaYvt3zWZYD6z5vYTcrtij2VZ9Z mni/UAaHqn9Jds BWLUEpVviYnh
    imNVvYFZeCXg/IdTQ+x4IRdiXNv5hEew==
    Exponent: AQAB

    MD5(JustePort-0.1.tar.gz) = fe13e96751958c6e9d57cce0caa7b17b

    1. Re:From the Site... by codework · · Score: 5, Informative

      As someone else who has recovered the public key from iTunes, I can say He did break a form of encryption. The public keys are encryped in itunes albit it with a very simple rolling xor algo.

      There is actually table of 255 public keys encoded in itunes. This is just one of them.

  2. Re:What? by Anonymous Coward · · Score: 5, Informative

    DeCSS was indeed released by the group, MoRE, 4 years ago (MoRE had 3 members, you call that "large"?).

    However, as far as I can tell Johansen no longer has any connections with MoRE. All the software on his site is GPL'ed and copyrighted by himself. MoRE is not mentioned anywhere.

  3. Re:Great News by Kristoph · · Score: 5, Informative

    The hack in question does not permit you to stream to the AE unless you have access to the network on which the AE resides. If you did gain access to that network in some way you could still engage in the "abuse" you mention through iTunes without this hack.

    The point of the hack is to permit you to stream music from programs other than iTunes to an AE you have access to and not to hijack AE's.

    ]{

  4. Re:What does it means? by Kristoph · · Score: 5, Informative

    The point of the hack is to permit you to stream audio to an AE from a program other than iTunes.

    ]{

  5. Re:Lossless? by matthew.thompson · · Score: 4, Informative

    MPEG4 is not a single standard - but a collection.

    Among these there is a Lossless compression codec that Apple have put forward for inclusion into the MPEG4 collection.

    --
    Matt Thompson - Actuality - Insert product here.
  6. Re:What? by Anonymous Coward · · Score: 5, Informative

    It's worth mentioning that Johansen is a member of the open source VideoLAN project, which develops the libdvdcss library and VLC multimedia player.

    He reverse engineered FairPlay and added FairPlay support to VLC.

    Together with the fact that all his recent software has been licensed under the GPL this indicates that he no longer has anything to do with any "cracking" groups.

  7. Re:Too bad... by zokum · · Score: 5, Informative

    Yes, Norway is in fact the country implementing the EU-regulations the most (EU countries included) . We have a trade agreements etc with the EU, and we implement all the EU directives.

    We really should have joined EU a long time ago, and I find it absurd to not be in it. One can only hope. :-)

    If you want me to elaborate more, just reply, i can cite numerous examples, but I'd rather be on-topic to the post. But al in all, I agree with the grandparents post, it could smell trouble when the EU-DMCA comes into play....

    --
    Rest in peace Malin "looxn" Kristiansen. We miss you...
  8. Re:This should be pretty cool by RadioheadKid · · Score: 4, Informative

    RSA encrypted AES key

    You answered your own question. RSA here means the RSA Public Key Cryptography Standard The AES key (which is a symmetrical cipher key) was encrypted using RSA PKCS.

    --
    "Karma can only be portioned out by the cosmos." -Homer Simpson
  9. Re:Why is Apple's encryption so weak? by mmusson · · Score: 5, Informative

    The strong encryption was not cracked. The implementation was cracked. No software-only based encryption is secure, period. The audio stream is encrypted with AES. AES is a symmetric key encryption sceme which means that both sides need the same key. The key needs to change over time or the encryption scheme can be cracked.

    This leaves the problem of how iTunes can tell the Airport the new key without everyone else listening and knowing the key also. Apple use RSA to secure the key transfer. RSA is a public key encryption system. This means there are two keys one public and one private. The private key is only known by the Airport. The public key is embedded in the iTunes software.

    When iTunes wants to send a new AES key to the Airport it uses the RSA public key to encrypt the AES key. This encrypted message can only be decryped with the private key that the Airport has which means the system is secure even though everyone hears the new key in encrypted form.

    The problem is that the RSA public key is embedded in the iTunes code. But that code needs to read in the key in order to use it and someone can reverse engineer this process to read the key themselves. This isn't necessaryily an easy thing to do but in a software only solution there is no way to stop it.

    --
    SYS 49152
  10. Is this really a crack? by mpaque · · Score: 4, Informative

    It appears that he's just published the public key. That may allow him to ENCRYPT music for play over Airport Express, but it doesn't let him decrypt the stream.

    Heck, I put a public key for mail in my .plan and sigs. I don't think that enables anyone to crack my mail. They can SEND me mail, but that's sort of the whole idea, isn't it?