HD DVD's AACS Protection Bypassed

Mr. BS writes "Playfuls.com is running a story how HD DVD's AACS protection has been compromised. Although the video of the hack leaves much to be desired, the source code has already been made available. Feel free to start backing up your HD DVD's whenever you feel the need."

Dupe

[rrohbeck]

http://hardware.slashdot.org/article.pl?sid=06/12/ 28/0259244

Re:Dupe

[nacturation]

Half-dupe. The last story said source coming in January. This one provides source.

Re:Dupe

[evilviper]

The last story said source coming in January.

You should pay more attention before you "correct" other people...

The source was linked in the Doom9 thread the /. story linked to. I have the zipfile on my hard drive to prove it, and a large number of the comments in that thread revolve around a review of the source.

Dupe

[dominick]

This also just in...

slashdot seems to be posting stories more than once to demonstrate
the real effect of deja vu on the jolt drinking, halo playing, pornography
downloading whacked out crowd it caters to.

And the winner is..

I guess HD DVD just won the war against blu-ray!

Re:And the winner is..

[Workaphobia]

Why?

http://en.wikipedia.org/wiki/AACS

"The specification was publicly released in April 2005 and the standard has been adopted as the access restriction scheme for HD DVD and Blu-ray Disc."

Blu-ray IIRC had room for additional DRM methods as well.

The source is not for the "break"

[plover]

The source code provided is simply code to decrypt the stream. It's an implementation of the AACS published standard for decrypting a stream. What it does not do is provide a way to extract the keys from the disks.

The author is waiting till some time in the new year to reveal how he got the keys, but the evidence suggests to me that he used some kind of debugging hook into Power HD-DVD.

Re:The source is not for the "break"

[Gyorg_Lavode]

Pretty simple. He identified the encrypted key. He probably debugged the player and looked for routines that accessed that part of thefile. When he found them he ran the routine and pulled it's output out of memory.

Re:The source is not for the "break"

[Workaphobia]

Actually that's true of most dvd drives these days. The industry made a major push a few years ago to make sure newer drives enforce region codes in hardware, so it's not just that one brand that's defective by design. I don't know if it violates the CSS specs or not.

From http://en.wikipedia.org/wiki/Regional_lockout

"DVD Video discs are the most infamous and visible example of regional lockout. Computer DVD drives come from the factory with RPC (Regional Playback Control), either RPC-1 (older drives) or RPC-2 (newer drives). The difference between the two is that RPC-1 means the player software has the responsibility of enforcing the region control, while in RPC-2, it is enforced by the drive's firmware.

It means that RPC-1 drives can play DVDs from any region (0-7) while RPC-2 drives play only from a particular region (although the region code can be changed 5 times after which it is locked)"

Sucks, doesn't it. After those five times are up, you're screwed unless you can reflash the firmware. That's your money at work.

It needs a name...

[jakedata]

How about AACS-Hole?

Should read:

[Swimport]

Feel free to back up your hd-dvds once you get some.

To be honest, I've missed the dupes

When you have Alzheimer's, dupes are fantastic!

Ironically.. probably a boost for the format

[Maxo-Texas]

the mfg's won't understand of course.

Par for the course

[fireproofjew]

Every encryption/DRM scheme that the companies think up will inevitably be cracked/hacked. All they need to do is realize that and then they can save money instead of pursuing a futile effort. I, for one, would buy the stuff if it was worth the money they charge.

Maybe they could charge less if they didn't take the time or spend the money developing newer DRM?

Re:Par for the course

[arminw]

.....Maybe they could charge less if they didn't take the time or spend the money developing newer DRM........

Maybe the movie and music moguls are duped by the inventors and purveyors of these harebrained copy protection schemes. The latter KNOW that the laws of physics and mathematics GUARANTEE that *any* copy protection scheme WILL be broken. After all, in order to use the content, the key has to be given to the consumer in order to play it. There is NO way to hide a key, if it is needful to be able to use it at some point in order to view the movie or play the music. Perhaps some sane crypto expert can convince the content producers that they have been lied to by these crooked, money grabbing "experts" who know deep down that none of their schemes can ever work for long. The hollywood and the music industry have been sold the equivalent of a certain bridge labeled DRM by these companies who make money selling their DRM schemes to the content producers. Content makers would likely make more money if they did NOT pay these liars a dime.

Re:Par for the course

[rob_squared]

The point has never been to make an unbreakable DRM scheme. The point is to use in in conjunction with the DMCA to get more control. DRM and the DMCA go together like bullets and handguns. The bullets (DRM) are useless themselves, but with the handgun (DMCA) they can get you to follow any restrictions they want.

Re:Par for the course

[gutnor]

"The latter KNOW that the laws of physics and mathematics GUARANTEE that *any* copy protection scheme WILL be broken."

Ah, they don't want the protection to be completely unbreakable. They just want to make breaking the protection costing too much for average Joe to make copy of DVD to his friends.

The real value of a DVD for Joe user is something along the line of 20-50$ to purchase and will cost probably around 5$ to rent. If the protection is worth more than 5$ of pain for Joe user, then the mission is already a success. At 50$ worht of trouble, Joe will take its car to walmart and buy the DVD.

If Joe user cannot make an easy almost free copy, he needs to get it from
- P2P: Perfect, this channel is closely monitored by RIAA already. Moreover, the power of P2P is what allows the RIAA to buys mandatory taxes on blank CD/DVD in most countries.
- Lower quality copy with camcorder ? For people not interested in HD 'quality', there is VHS or DVD. So this side is also covered.

That's the same philosophy you use to secure your house. You don't build a bunker, but you put enough security in and around to make sure it is not worth the pain to break in.

Hello? Article submitter?

[Jugalator]

Feel free to start backing up your HD DVD's whenever you feel the need

Not only do we skip RTFA quite often, the article submitters seem to as well.

What he says in that quote is simply not possible; you still need the keys, and that hack doesn't cover that problem.

We may have something for that too in the future, but this is not the hack for piracy-at-will.

Hey MPAA/RIAA cretins!

[kimvette]

Now that it's cracked, I might consider buying your media in HD-DVD and Blu-Ray formats, since now I can take care of Fair Use when it comes to format shifting and making backups. Until it was cracked there was absolutely ZERO possibility that I would ever consider purchasing HD-DVD and Blu-Ray media.

Don't you think it's high time that you quit trying to block Fair Use now, especially since the real pirates in China are totally unaffected by DRM in the first place?

Thanks for listening.

Signed,
A paying customer

Re:Hey MPAA/RIAA cretins!

[fourchannel]

Fair use doesn't give you the right to break the encryption on copyrighted works. Sure doesn't. But did you also know that copyright restrictions don't even apply in the first place if you are using the media for private use. Copyright only comes into play if someone is trying to publish the work of someone else. It's not even fair use to be able to do what you want to with your legally purchased DVD in your own home, in fact, that's just called plain old use.

No matter how much bullshit these companies try to control your every move, realize that once I purchase that little plastic disc, and go home, I can do whatever the fuck I want to, as long as what I do only stays in my own private house.

Now, on a completely different note, breaking encryption schemes falls under the long arm of the DMCA. My opinion of the DMCA is that the piece of legislation is not even worthy to wipe my ass with.

Actually...

[raehl]

This was just a backup of the last article.

HD-DVD is -NOT- cracked

[derrickh]

Unlike DVDs, HD-DVD's have dual keys, 1 for the title, and 1 for the player. At the most, this guy has managed to make 3 titles playable on a single player. What will happen next is Cyberlink will have it's PowerDVD keys revoked and new keys will be provided with a patch.

So at most, you'll be able to 'back up' (or Pirate) the current batch of Full Metal Jacket HD-DVD's to play on an older version of PowerDVD.

So dont go around yelling about how HD-DVD is cracked, cuz it's not.

Here's an article that has a few more facts and less sensationalism.
http://videobusiness.com/article/CA6403011.html

D

Re:HD-DVD is -NOT- cracked

[DamnStupidElf]

Unlike DVDs, HD-DVD's have dual keys, 1 for the title, and 1 for the player. At the most, this guy has managed to make 3 titles playable on a single player. What will happen next is Cyberlink will have it's PowerDVD keys revoked and new keys will be provided with a patch.

And when PowerDVD is re-released it will have to load its brand new decryption key into memory and use it to decrypt the data from the disk. If they're smart-asses, they'll only use the decryption key for key setup or even completely skip the AES 128 key and directly build the AES decryption key schedule by some other obfuscated process. If they really want to get wild, they'll continually decrypt and reencrypt the key schedule so that its never fully intact in memory at any given point in time, and integrate the last decryption steps into the first huffman decoding steps for the mpeg process (since it's just a bunch of XORs) to further annoy crackers. Unfortunately, the fact that unencrypted material ever exists in PowerDVD proves that they must have the entire AES decryption key schedule available for any given decryption, and it will be relatively trivial for crackers to pull the key schedule out and just pick the first 128 (or 192 or 256) bits of the key schedule which is the original AES key. Trying to hide encryption keys within an executable's memory space is probably one of the silliest ever conceived. All an attacker has to do is try every K-bit (K is the size of the key) sequence of memory as a test key at several points in the program. That is in fact what this article's attack accomplished. The key schedule can be dynamically encrypted and decrypted as each word is required, but this is just a stopgap measure and slows encryption down significantly.

Re:HD-DVD is -NOT- cracked

[supersat]

That article is wrong is one regard: "CSS relied on a single set of keys that were used to encrypt every DVD and were provided to every DVD player, both hardware and software."

CSS also uses different player keys. The three big differences between AACS and CSS is that AACS has many more player keys (CSS only had ~400), once one player key was discovered, you could easily discover all of the other player keys, and weaknesses in the encryption algorithm made it possible to discover the title keys without any player keys.

As the video said, the real story isn't the software released (it merely implements publicly-available standards), but that title keys could be obtained from PowerDVD.

Cost Effectiveness?

[I'll+Provide+The+War]

Feel free to start backing up your HD DVD's whenever you feel the need.

Is it really cost-effective to do so at this point? HDDs seem to be at around $0.25/GB best case, so we are talking about $7+ per movie. That means 1/3 of your collection would have to be destroyed just to break even, assuming you value your time outside the office at $0/hr.

Maybe people are backing these up for other reasons such as skipping the 10 second FBI warning or saving the 20 seconds it takes to locate a disc and physically place it in the player?

I really don't see the utility, especially when giganews et al have 90 days retention now.

Universal availability

[symbolset]

If I paid for the content, I feel I'm entitled to play it when and where I want. That includes on my cell phone, my mp4 video player, streaming onto one of my pc's from my server, or even on a monitor that's attached with a VGA cable instead of a HDRM cable. And I feel I'm entitled to keep it safe from harm, watching the related movie while the shipping container disc is secure in its plastic box. I'm also entitled to watch just the content and skip the advertising, FBI threats, extras, menus and other crap that detract from the movie experience I paid for. Being threatened with prison for exercising my rights under fair use is distasteful to me, and doesn't leave me in a good mood to enjoy the dramatic experience.

People are backing these things up to their USB external HDDs so they can take their movies with them, or watch them how they like. The cracks for both of these formats will be available and people will transcode them to open formats. That's the way it is because the studios won't sell us content in the format we want, or their terms are otherwise unacceptable. I don't approve of people sharing the content with people who haven't paid for it, but, well, the penalty doesn't get any worse does it?

Oh, and usenet was cool once. I wonder what it's like to download a 25GB movie. That SSL encrypted subscription looks like a winner. Maybe it's time to look into that again.

Dance Dance Revocation

[tepples]

Pretty simple. He identified the encrypted key.

Which will be the first revoked key.

Re:Dance Dance Revocation

[Workaphobia]

This point has been mentioned a lot in this article's comments and the last one on this topic, but I'll karma whore and reiterate it:

There's a difference between the title key and the player key. The title keys are used to directly decrypt the contents of the dvd (or hddvd or blu-ray), and differ between discs. They are not revoked because they are never reused to begin with. The player key is what's licensed to the companies and stored in players. This is the key that allows access to the title key, and if compromised, this key can be revoked by simply not allowing it to decode any more title keys on future discs. So if this guy has obtained a player key, he can continue to decrypt future title keys up until the powers that be catch on, which may never happen if he doesn't publish it.

But he may not even have a player key. He might have just read the title keys, after they were decrypted by powerdvd, out of memory. I think that's what the GP meant.

I heard a suggestion in another thread that the title keys alone might be useful enough - the idea was that they could be exchanged freely across a p2p network, but the player keys that yielded them would remain in private hands to ensure their usefulness. I think the people discussing that missed one important point (although I could be wrong): the title keys should be unique not just to each movie, but to each disc containing that movie, as they are derived from the serial number in the disc. So your title key is useless to anyone else. It's a shame if that's true.

Guess the only thing to do is go back to trading gigabytes of movie data over bittorrent illegally, instead of a couple kilobytes of key data so you can view a legal copy. ;)

Re:Dance Dance Revocation

[tepples]

But if that were not the case, wouldn't it be trivial to make an image and distribute this rather than the unencrypted movie data, since people can just burn the image illegally and play it in a liscensed player to accomplish the same goal?

Even in DVD-R, the consumer burners can't burn the player key block, which is preset to the unencrypted state on all consumer blanks. Special "authoring" burners are prohibitively expensive for the typical low-scale pirate's business model.

Because 1201 nullifies 107, 108, 109, and 117

[tepples]

Unfortunately, there are any number of people in the world who feel perfectly empowered to illegally copy and distribute whatever material they want. What, exactly, are these people - who spend millions upon millions of dollars to generate this content (well, at least in the case of movies - music, apart from marketing, has relatively low overhead) - supposed to do to try to prevent this?

Unfortunately, there any number of people in the world who feel perfectly empowered to use litigation against others who reuse their material in critical ways, to withdraw material from distribution, and to make material that has been distributed useless. What, exactly, is the public - who spends millions upon millions to preserve this content - supposed to do to try to prevent this?

A problem occurs when the conditions imposed by digital restrictions management interfere with the public's right to make parodies and other fair uses that would be protected under 17 USC 107 were it not for 17 USC 1201. A problem occurs when the conditions imposed by digital restrictions management interfere with libraries' and archives' right to make backup copies that would be protected under 17 USC 108 were it not for 17 USC 1201. A problem occurs when the conditions imposed by digital restrictions management interfere with users' right to resell copies that would be protected under 17 USC 109 were it not for 17 USC 1201. A problem occurs when the conditions imposed by digital restrictions management interfere with users' right to platform-shift computer programs that would be protected under 17 USC 117 were it not for 17 USC 1201. If the MAFIAA wants to run a legit business, how can it help preserve the traditional balance between the rights of the copyright owner and the rights of users?

2ndMIX

[tepples]

The disk keys *cannot* be revoked as they are burned into the disk.

They can be revoked in future titles and in remasters of existing titles. What use is circumvention software that can break only a few months of releases?

No DRM!

[cciRRus]

That's what happens when Slashdot articles are not protected by DRM. You get dupes, lots of them!

not as usefull as it sounds

[ILuvRamen]

I heard those discs can hold about 50GB so back them up all you want, you sure can't save more than a very few images. I'm not a big fan of disc to disc backups cuz the point is to back it up to a medium that isn't easily destroyed or scratched so maybe the best DRM is making the movie too big to save. Combine that with super-protection against players playing burned discs (or don't make a 'civilian' burner for the disc format at all) and movie pirating is over.