HD DVD's AACS Protection Bypassed

Mr. BS writes "Playfuls.com is running a story how HD DVD's AACS protection has been compromised. Although the video of the hack leaves much to be desired, the source code has already been made available. Feel free to start backing up your HD DVD's whenever you feel the need."

Dupe

[rrohbeck]

http://hardware.slashdot.org/article.pl?sid=06/12/ 28/0259244

The source is not for the "break"

[plover]

The source code provided is simply code to decrypt the stream. It's an implementation of the AACS published standard for decrypting a stream. What it does not do is provide a way to extract the keys from the disks.

The author is waiting till some time in the new year to reveal how he got the keys, but the evidence suggests to me that he used some kind of debugging hook into Power HD-DVD.

Hey MPAA/RIAA cretins!

[kimvette]

Now that it's cracked, I might consider buying your media in HD-DVD and Blu-Ray formats, since now I can take care of Fair Use when it comes to format shifting and making backups. Until it was cracked there was absolutely ZERO possibility that I would ever consider purchasing HD-DVD and Blu-Ray media.

Don't you think it's high time that you quit trying to block Fair Use now, especially since the real pirates in China are totally unaffected by DRM in the first place?

Thanks for listening.

Signed,
A paying customer

HD-DVD is -NOT- cracked

[derrickh]

Unlike DVDs, HD-DVD's have dual keys, 1 for the title, and 1 for the player. At the most, this guy has managed to make 3 titles playable on a single player. What will happen next is Cyberlink will have it's PowerDVD keys revoked and new keys will be provided with a patch.

So at most, you'll be able to 'back up' (or Pirate) the current batch of Full Metal Jacket HD-DVD's to play on an older version of PowerDVD.

So dont go around yelling about how HD-DVD is cracked, cuz it's not.

Here's an article that has a few more facts and less sensationalism.
http://videobusiness.com/article/CA6403011.html

D

Re:HD-DVD is -NOT- cracked

[DamnStupidElf]

Unlike DVDs, HD-DVD's have dual keys, 1 for the title, and 1 for the player. At the most, this guy has managed to make 3 titles playable on a single player. What will happen next is Cyberlink will have it's PowerDVD keys revoked and new keys will be provided with a patch.

And when PowerDVD is re-released it will have to load its brand new decryption key into memory and use it to decrypt the data from the disk. If they're smart-asses, they'll only use the decryption key for key setup or even completely skip the AES 128 key and directly build the AES decryption key schedule by some other obfuscated process. If they really want to get wild, they'll continually decrypt and reencrypt the key schedule so that its never fully intact in memory at any given point in time, and integrate the last decryption steps into the first huffman decoding steps for the mpeg process (since it's just a bunch of XORs) to further annoy crackers. Unfortunately, the fact that unencrypted material ever exists in PowerDVD proves that they must have the entire AES decryption key schedule available for any given decryption, and it will be relatively trivial for crackers to pull the key schedule out and just pick the first 128 (or 192 or 256) bits of the key schedule which is the original AES key. Trying to hide encryption keys within an executable's memory space is probably one of the silliest ever conceived. All an attacker has to do is try every K-bit (K is the size of the key) sequence of memory as a test key at several points in the program. That is in fact what this article's attack accomplished. The key schedule can be dynamically encrypted and decrypted as each word is required, but this is just a stopgap measure and slows encryption down significantly.