Slashdot Mirror
Analyst Says Blu-ray DRM Safe For 10 Years
Mike writes to let us know that a poster on the AVS forum says that the latest issue of HMM magazine (no link given) contains a quote from Richard Doherty, a media analyst with Envisioneering Group, extolling the strength of the DRM in Blu-ray discs, called BD+. Doherty reportedly said, "BD+, unlike AACS, which suffered a partial hack last year, won't likely be breached for 10 years." He added that if it were broken, "the damage would affect one film and one player." As one comment on AVS noted, I'll wait for the Doom9 guys to weigh in.
I won't be buying BluRay discs for at least 10+ years. I don't crybaby about DRM, I just don't buy it if it doesn't suit my needs and can't be cracked, ergo if he's right I won't buy BluRay. This is one reason I like HD-DVD, it's had the shit cracked out of it.
* examine the host environment, to see if the player has been tampered with. Every licensed playback device manufacturer must provide the BD+ licensing authority with memory footprints that identifies their devices.
* verify that the player's keys have not been changed.
* execute native code, possibly to patch an otherwise insecure system.
* transform the audio and video output. Parts of the content will not be viewable without letting the BD+-program unscramble it. But i have to think... If it has hardware access(or can run native code) what's to say someone wont make a disk that has a BD+ program that aids in the hacking? Once you break a way around(or through) the digital signature for BD+ your whole system is compromised, how is that a good strategy?
Imagine something close to, I make a disk with a BD+ program that once I have the program loaded I can eject the disk and put in a protected one, the BD+ can help circumvent the protection, and circumvent the BD+ on that disk. Vuala! BD+ makes it easier for me to copy.
If i had one dollar for every brain you dont have, i would have $1.
...it is as if they were just asking for it. Do we have a solid understanding of this Doherty fellow's finances?
You're thinking small. Why miniaturize the laser, when we could instead enlarge the sharks? -John Searle
Read what BD+ really is: .html
http://www.cryptography.com/technology/spdc/bluray
This means that each Blu-Ray disc has a computer program compiled to execute within a proprietary, secure VM. What this means is that each disc has a program built into it whose purpose is to boot, validate that it is running on licensed hardware, enforce security policy, and if those checks are met, extract a key from its own memory and play the content.
What does this mean for people attempting to defeat the security?
Well it means that a full crack of BD+ will require crackers to implement a virtual machine which acts in exactly the same way as the hardware VM would act. This represents a what I will casually call a "larger challenge" than defeating CSS or AACS, in which you have to decrypt a key or a list of keys. In this case, you have to come up with something which can determine the full dynamic runtime execution path of a static binary - a currently unsolved problem in Computer Science, despite numerous attempts to do such a thing by some of the world's brightest minds.
Just putting the same source code through a randomizing compiler/packer/obfuscator of the types that game companies have been working on for a while makes the challenge immensely harder. Precedent? http://spa.jssst.or.jp/summer-2005/paper/05046.pdf
There's too much to talk about.
And who's deployed this type of technology already? Who has a secure virtual machine with secure bytecode doing challenge-response to determine hardware legitimacy? People Who Care: a lot.
The other major problem is that the challenge-response authentication made by the program contained in the disc against the embedded hardware will require a "real" cert to succeed. Yes this is the TPCA/Palladium "sky is falling" scenario come to pass. Either the implementors made a cryptography implementation mistake, or someone with a scanning, tunneling electron microscope figures out how to defeat the epoxy guards and actually read the private cert material off a chip, or someone with a previously unheralded supercomputer or mathematical technique breaks the key from a known subset of challenge/response pairs... - or, it will remain unbroken. It is strong, known algorithm public key cryptography.
What's really interesting about all this is if someone DOES find a way to break BD+, there is really strong incentive for them to use it to break & release movies rather than release code which performs the break. Why? Get yourself a windows VM and download all the latest in DVD-breaking binaries: ripit4me, dvd decryptor-last, dvdshrink-last, etc. Then set windbg to be your default debugger, and start trying to break very recent DVD releases. What you'll find is that the entertainment company is employing people to literally find security holes in the input to the cracking tools - the dvd image itself, and then embed "exploits" into their dvd images. There is data on those discs that has no other purpose than to crash certain binaries. It becomes obvious once you trap execution in a debugger and know a little bit about x86 asm. Don't get me wrong, they're not executing arbitrary code, just causing a DoS - but that's only because they know they can't. Some of the conditions they've found and abused are CERTAINLY exploitable. But they also know that putting shellcode in their DVDs defeats plausible deniability, which is a hell of an asset.
Now push this knowledge forward to BD+. If someone actually manages to set up a "shim VM" that executes BD+ language and acts as a proxy between secure hardware and the bytecode, and RELEASES that VM, then we know the entertainment companies are going to enter a reverse engineering arms race. They're
Is all this DRM on BlueRay and HD-DVD optional? Ie. if I were to release a movie under the creative commons liscence, could I put it on one of the new formats in a way that it would be playable on a Linux box?
"Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
PS: I love Behind the Counter.
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
Because of Doom9's policy on links, I can't provide a direct link, but in the June news at the Doom9 website, Doom9 himself said that until the BD+ discs come out, nobody knows what will happen, but based on the spec, it is possible that it will be uncrackable. My best guess at this time is that the only way it will be cracked is if either the implementation has a gigantic hole nobody thought of (always possible) or someone gets an illegal peek at the hardware specs for the VM and is able to implement it in software. I'm not optimistic at all that BD+ will be cracked. If any of you care at all about DVD on HD formats and you want to be able to convert your future purchases in that format to other formats to watch on other devices you own such as video iPods, you better hope that BluRay fails.
Think of DRM as the movie company's warranty. They don't care if the format dies after the DRM is broken, and in fact it's to their advantage if the format dies after 10 years so that you have to re-buy your media collection. So that announcement probably describes their expectations of the lifetime of this technology.
The companies involved are probably anticipating that within 10 years they will have a higher resolution storage medium/encoding available with sufficient improvement that you will want to use that for new purchases.
Of course there will come a point where the increased resolution doesn't provide any visible difference for anything filmed on 35MM, so the only advantage will be for newer digitally recorded movies that can be played at ultra high resolution on 25' wall-screens. But, hey, they'll let their successors cross that bridge when they come to it. The back catalogue doesn't make them anywhere as much money in direct media sales as movies less than 5 years old anyways.
So information on BD+ seems relatively hard to find. The best explanations I could find are this presentation, this pdf at dell and best of all this general discussion of SPDC.
... And I used to be rooting for Blu Ray.
The basic idea here is that BD+ allows the BluRay maker to embed virtual machine code (and apparently native code) on their disks which are then executed on the host machine. This code then somehow verifies that the host machine is uncompromised (memory footprints apparently) and then executes whatever process is necessary to decrypt the key that allows content access. Now it seems likely that there is some additional decryption process similar to AACS that decrypts the BD+ virtual code. Perhaps this decryption process is implemented better than the one in AACS but that is the only security advantage BD+ provides.
The only extra security that BD+ can offer over an AACS type system is security through obscurity. There has to be some general cryptographic process to decrypt the BD+ VM instructions. Once decrypted an attacker who is aware of the BD+ standard just needs to emulate the virtual machine and have it pretend it is a valid device to access the content. The BD+ people can talk all they want about memory footprints and tamper checks but these are just a complicated private key for the device. Separating out these functions and putting them in a VM just makes the specification of the encryption scheme more complicated (and more obscure) but doesn't fundamentally increase the security.
So why do the studies want BD+? Well maybe they've been taken in by the claims of extra security but the more plausible reason is that they want the extra control BD+ gives them over their content BD+ might not be a real impediment for the serious pirate/hacker but it does allow the movie studios to implement even more fine grained control over how you use their content. The virtual machine might be set up to prevent you from watching the movie more than once, from using a streaming feature of the device, from using it after some fixed time. Imagine, for instance, movie companies creating tiered pricing based on how many rights you want to have. Say make you pay more if you want to stream it. Disney might release their next version of Aladdin on DVD in two classes. The 'gold' class that lasts forever and the standard class that only lasts 5 years. Well you get the idea.
So no I don't buy the argument that this feature makes the system much more secure (except insofar as it might eliminate some fuckups in how the AACS system was defined) but it certainly is in the Blu Ray consortium and movie theater's interest to portray it this way. Maybe this explains the much wider adoption of Blu Ray by the theaters.
If you liked this thought maybe you would find my blog nice too:
Blu-Ray players don't contain some mystical impossible-to-duplicate VM.
It's a fucking Java VM. It's not anything bizarre. It's Java. Completely free VM implementations for Java already exist.
Oh, how do I know it's a Java VM? =) I know the people at IBM who wrote the Java VM that's used to play BD+ Blu-Ray discs on the PS3.
It certainly wasn't the best move. This is just going to further encourage someone to take the time to break the format. When will these companies learn to not make silly statements like this?
Eh, PGP threw down the gauntlet a long time ago, and as far as I know it still remains uncracked. Just because CSS was cracked doesn't mean BD will necessarily be.
This is a perfectly possible crack; I've defeated stronger stuff than this myself. You'd be amazed what determined shareware authors put out on occasion.
Smartcards? Dongles? I've seen them using stuff like this, and it didn't help them. You forget; we do have tunneling electron microscopes. Why would any serious reverse-engineering lab not?
- The value of the signing keys is very high, to the extent they cannot be sufficiently protected from a well-resourced attacker. They have to be used regularly, and keys that have to be used can be stolen. If leaked, we have a permanent, low-effort, easy crack.
- Not all the cryptographic primitives used in AACS are well-tested; some are unproven and potentially troublesome. It may be possible to bypass BD+ completely.
- The virtual machine is a simple variant of Java ME, but it is possible to reverse-engineer a virtual machine from nothing but its instructions given enough effort.
- It's impossible to verify a virtual machine from within that virtual machine if you can implement the virtual machine using more memory (swap, or otherwise) than available from within the physical machine.
- Despite its name, VMWare is not a virtual machine. It is a hypervisor designed for performance, not a virtual machine coded explicitly for security and stealth.
- Oh, what's that? You need a key to pretend to be the virtual machine? Give me a soldering iron, and a PS3; I'll be right back.
- The trouble with challenge-response, is that the more general you make the key, the easier it is to steal, but the more general you make the key, the harder it is to actually derive key material from that response. It comes down to a branch, a yes/no, a this is good/this isn't.
- The trouble with that is the code is being executed entirely under the control of the attacker.
- Native code makes it both harder and easier. Harder because you need to write more code. Easier because the platforms for "native code" vary enough you'll know when you're doing things right. (Particularly because native code will be used mainly for destructive logic bombs.)
- It only takes one release for everyone to get any one movie.
- An entire little "industry" of software cracking sprang up. There's nothing to stop the movie distro crews getting crackers too.
- Crackers have never seemed to have a problem keeping up with, and surpassing, the software industry before. Why would they now?
- The crack might need updating from time to time, but what crack doesn't?
Meh. Any system where the ciphertext and the key is in the attacker's hands is a broken one.
From the briefing provided by your link: "A strong identity card program is built on sound business practices -including strong authentication of identity and digital authentication at all portal points"
Until there is a CAC card requirement at EVERY portal point, CAC cards are merely an inconvenience to legitimate users. Like somebody else said, "it only takes one copy of a movie". In this case, it only takes one non-CAC card DoD computer...I've been working for the DoD since the advent of the CAC program, and still have never used my CAC card for anything other than an id card.
i've read your post in detail, and i understand it. you have a series of prerequisites, and then a series of conclusions from those. none of your conclusions are wrong, and they are derived from your expertise. however, your prereqs do not match the facts. i have contained an explanation, and an exercise you can go through to learn more.
that is not what inspector is. the tool i linked to attempts to trace all possible code flow paths for all possible inputs, in an attempt to highlight code flow paths that could be exploitable or contain hidden malicious functionality. the problem of all possible code flow paths for all possible inputs is EXACTLY what is at issue here. read on.
the cryptosystem involved does not function as you have stated it does.
the content stream cipher will be known. it will probably be AES. it doesn't matter.
the cryptosystem works like this:
there is a massive, symmetric cipher key which encrypts each disc. it may be a different symmetric cipher each time, implemented in the VM, or it may be a hardware symmetric cipher. it doesn't matter. the point is that for each disc, there is a different key. so getting a "disc key" is not a break for bluray.
what protects the "disc key"? the dynamic execution path of the virtual machine code stored in the protection area of the bluray disc. when it executes, it will follow some execution path based on tests of its environment. who knows what these will be. one of these will be a CHALLENGE to a cert stored in the bluray player chips. the way public key crypto works is this: the challenge is signed by the bluray chip, which contains a private key, and then that signature is verified by the player code, which has a copy of the public key. when the virtual machine issues its challenge, it will use the public key to verify that the execution environment has a legitimate cert, or private key data, embedded within it. due to the nature of public key crypto, and the size of the search space in all possible challenges (probably 512 bytes), replay will be completely impossible.
lessons:
- if you break the "disc key" which encrypts the content, you have not broken any other bluray titles
- if you intercept the challenge from the vm code to the bluray chip, and intercept the response, you will not be able to reuse this information, because the search space is so vast
- at no point is the private key data in the bluray chip ever revealed during this conversation
- no api into the bluray chip exists to ask for this private key information (cert) - it can only sign challenges with its key, not reveal its key. there is no chip instruction to do so!
- at