HD-DVD and Blu-Ray Protections Fully Broken

gEvil (beta) writes "According to an article at BoingBoing, the processing keys for the AACS encryption scheme used by both HD-DVD and Blu-Ray video discs have been extracted, and a crack has been released. What this means is that there is now a method to extract the copy-protected content of any HD-DVD or Blu-Ray disc out there. This is different from Muslix64's previous crack, which only extracted the volume key for each disc. This new method bypasses this step and allows anyone to extract the data without first requiring the volume key."

Doom9's Forum

[yanos]

It all starts here: http://forum.doom9.org/showthread.php?t=121866&pag e=6

Later posts seem to confirm that it works for both BR and HD-DVD

Re:All DRM implementations will be broken.

[TheSpoom]

Indeed. These guys should have listened to Cory Doctorow when he was talking at Microsoft. Unfortunately, it seems they didn't get it either.

Not Really Broken

[Jah-Wren+Ryel]

The guy just pulled the device keys for windvd and/or powerdvd from system memory. People have already been pulling the volume keys from memory so this was just an incremental step. The keys will be revoked (which really means that future discs will not include support for the compromised device keys, there is no actual 'taking back' of the keys as the word 'revoke' tends to imply).

One key thing to take away from this is that the authors of the software made it really easy to pull the device keys out of memory for two reasons

1. They kept them in variables that were physically near the variables for the volume key
2. They zero-ed them out after use, leaving big gaping holes of zeros in memory in a place where that kind of looked funny, drawing attention to those areas

If they are smart (and if the MPAA even give them another chance), the powerdvd/windvd authors will reimplement their AACS decryption code to never store the keys in memory. Without double-checking, I believe the keys are only 128 bits, they could be loaded into the SSE registers in encrypted form and then decrypted on chip. The authors will still need to take measures to prevent an OS context switch from storing the registers in kernel-private memory during the period in which the device keys are present, but that is not an extended period of time, presumably they can kick their priority up high enough that it won't happen without hurting the system much.

Even that approach isn't hack-proof, but it is a lot harder to dump the cpu registers under such conditions than it is to trace memory accesses.

Re:Not Really Broken

[Jah-Wren+Ryel]

Couldn't you still load the program into gdb and get the register values that way? Or is there something in the modern versions of MS Windows that prevents using a debugger?

Under most versions of unix, only one debugger can attach to a process at a time. So an easy trick to prevent being debugged is to make the program attach to itself, thus locking out other debuggers. Some unices don't let a process attach to itself, but for those it may be possible to fork a child and have each process mutually debug the other. I'm not an NT programmer, but I would bet something along those lines works the same there too.

Don't get me wrong, nothing is fool-proof (and I said so in my first post) the best these guys can do is make it difficult. So far, the windvd/powerdvd guys just wiped the device key from memory after use which is about the bare minimum - they could have done lots more without too much effort.

Re:Not Really Broken

[plalonde2]

it is a lot harder to dump the cpu registers under such conditions than it is to trace memory accesses.

You've clearly never worked with a good hardware-assisted debugger. And virtualization makes this scenario possible without debugger hardware support.

Even more, no matter what, the key has to make its way from the device to the CPU register. On every modern machine that transaction goes through memory. Which means that brute-force tracing from the device to the registers should be able to find it. Not necessarily easily, but quite doable.

DRM is dead. Let's bury it.

Re:All DRM implementations will be broken.

[CastrTroy]

Security through obscurity means that you hide the way your security algorithm works in order to make it seem more secure than it is. Take a safe for instance. Security through obscurity would be trying to hide how the safe was designed, and trying to stop the thief from touching the safe in order to prevent them from breaking into it. A safe that doesn't rely on security through obscurity means that you could give the plans to the safe, to show how it's made, and all the mechanisms inside, as well as give him free access to the safe to try to do a bunch of things with it, and you would still be sure that he wouldn't break into the safe, short of using brute force. Common encryption algorithms like RSA are believed to be secure, even though everybody already knows how they work. The only way people know to break them, is to try all the keys. This is like trying every possible combination on a safe, in order to open it. Instead of safes which aren't really secure, that you can break just by listening to the tumblers with a stethescope.

Re:Nice.

Editor's Note: Houston is a porno actress who was supposed to gang bang 500 men and wound up gangbanging 620 men instead. So the parent post would suggest that only 620 movies would be online in five years. I suspect that there will be many more movies online.

Re:props to Muslix64 and hackers everywhere

[h2g2bob]

Sorry everybody, but it's not.

That said, they have got a player key now, so all disks published to date can be decoded.

Each player has its own player key, and each disk accepts any player key in its list (the player key is used to decode the volume key which decodes the film).

With this player key, they can decode any HD-DVD which has been printed already. However, as the key has now been compromised, future disks will not accept that player key. The software will have its player key updated, but the software will be tightened in an attempt to remove this loophole.

Take a look at the archives of http://www.freedom-to-tinker.com/ for a detailed discussion.

Re:props to Muslix64 and hackers everywhere

[D3viL]

You would be correct, execpt what has been relesed is not the player key. In fact the player (device) key is one of the two that have not been released, the other one being the root key held by AACS LA. The key that has just been released and reusulted in this article is the processing key which can (and probably will) be changed for any disc authored after the previous key bacame known. The key difference is that the player key is linked to the specific player whereas the processing key is specific to the hddvd/blueray discs created with it and will continue to be valid for those discs even after new ones are produced with a new key. Relasesing a device key would be counterproductive as indiviual device keys can be blacklisted meaning if you had one you would have to break a new player device (hardware or software).

MOD PARENT Up!

[tacokill]

This is the real story here. Mod parent up.

Essentially, what he is saying is this: while the crack is temporary, the method of attack is unassailable under the current model.

That's whats important here. If keys get revoked, its a trivial matter to go get them again. The hard work has been done. Now all you have to do is follow procedures and -voila- you can crack AACS too.

Despite other comments on this board, AACS IS cracked.