Digital Video Forums

Go Back   Digital Video Forums > Disc Formats > Blu-ray

Reply
 
LinkBack Thread Tools Rating: Thread Rating: 2 votes, 5.00 average. Display Modes
Old 29 Dec 2006, 05:56 AM   #1
Junior Member
Junior Member
 
Join Date: Nov 2006
Posts: 12
Default Encryption for HD-DVD cracked

This could get interesting..

http://www.dailytech.com/article.aspx?newsid=5498
diesel350 is offline   Reply With Quote
Old 16 Jan 2007, 07:43 AM   #3
nwg
Left *****
 
Join Date: Jun 2003
Posts: 5,196
Default

Technically, it hasn't been cracked but a bug in the PowerDVD. It also decrypts only present discs. Future discs and a patched PowerDVD could put the whole thing back to square one. However, it seems to moving fast.
nwg is offline   Reply With Quote
Old 17 Jan 2007, 10:53 AM   #4
nwg
Left *****
 
Join Date: Jun 2003
Posts: 5,196
Default

Looks like Cyberlink is already working on a patch/update and the old version will not work anymore.

Taken from Digitalbits.com

Quote:
Well, we've been doing a bit of research on the reported AACS crack this afternoon... and we've learned that there's good news and (just maybe) bad news. Our old friend Andy Patrizio sent over some links for further reading (thanks, Andy!), and it seems that the whole system hasn't been cracked... just a tiny part of it. According to tech blogger Chris Lanier, this all started because the current version of Cyberlink's PowerDVD player leaves the title keys for individual HD-DVD titles unprotected for a short time during the playback operation. A memory dump allows those keys to be revealed, and then the keys must be fed into the BackupHDDVD utility in order to allow those specific discs to be copied. Cyberlink is expected to release a patch/update which will end this vulnerability. The newly-updated software will likely use new device keys, and the old version's device key will likely be revoked, meaning that the old version of the software won't work anymore (after it receives the revocation orders, which would arrive on new HD-DVD movie software). So AACS itself hasn't been compromised - just the title keys to select titles.

Here's the bad news... those select titles (which so far include Warner's Full Metal Jacket, The Last Samurai and The Fugative, Paramount's Tomb Raider, and Universal's Apollo 13 and Van Helsing) could now be considered open and unprotected. The studios involved COULD decide to revoke the title keys on those specific unprotected HD-DVD discs, rendering them unplayable on all HD-DVD players, both software and hardware. Doing so would mean that those of you who already own the discs would have to work with the studios somehow to obtain replacement discs with new (and still valid and protected) title keys. The market is certainly small enough that the studios could do this without TOO much problem, though I don't imagine anyone involved would relish the hassle. We're making inquiries now to see what happens next and hopefully, we'll know more next week.
nwg is offline   Reply With Quote
Old 17 Jan 2007, 10:56 AM   #5
Not a god of digital video
 
blutach's Avatar
 
Join Date: Oct 2004
Location: is everything!
Posts: 24,628
Default

New Volume Unique keys are being published every day. IME seems to be a hassel for the moment.

Regards
blutach is offline   Reply With Quote
Old 24 Jan 2007, 01:08 AM   #6
Imperfect
 
Join Date: Jan 2007
Posts: 1
Default

BackupHDDVD was prematurely released! Big mistake...
azumi_mm is offline   Reply With Quote
Old 24 Jan 2007, 01:32 AM   #7
nwg
Left *****
 
Join Date: Jun 2003
Posts: 5,196
Default

Quote:
Originally Posted by azumi_mm View Post
BackupHDDVD was prematurely released! Big mistake...
What do you mean? It will be ages before a proper crack is available if it ever is. It a a lot more secure than DVD CSS. At least people can decrypt their current discs (until the software is updated).
nwg is offline   Reply With Quote
Old 28 Jan 2007, 11:50 PM   #8
Member
Member
 
Join Date: Sep 2004
Posts: 89
Default

Quote:
Originally Posted by azumi_mm View Post
BackupHDDVD was prematurely released! Big mistake...
False.

There is never going to be a problem harvesting the title keys. The first hole is in xp software players, but that has only become obvious because it was comparable easy for every user. The problem for AACS is that every user doesn't need to harvest the key. It only needs to be done once per pressing.

Given that there are easily ten thousand or more persons with the knowledge and hardware to harvest the title keys off of stand alone units, all you need is 1% of them with the interest (and more than that have it), is no way on earth to keep the keys from propagating across the net.

Quote:
Originally Posted by nwg View Post
What do you mean? It will be ages before a proper crack is available if it ever is. It a a lot more secure than DVD CSS. At least people can decrypt their current discs (until the software is updated).
I would say the opposite is true and hd and blue ray cracking is well ahead of sd css cracking!

1) When I got my first dvd and player I was an early adopter wit a state of the art 128k ISDN connection. My $30 a month connection is 30 times that yet hd/blu ray resoluton means file size is only five times the size. In terms of propagation over the internet of an entire title, SD and Blu ray are already well behind.

2) Device revocation is a red herring. They will have to completely revoke xp. nada. vista key harvesting is just a mater of time no matter what countermeasures. But even if that were not true standalone harvesting is all that is needed since the keys can be published in near real time rendering open each pressing. Even draconian standalone revocation policies, which would be very hard and expensive to enforce won't keep up.

3) BD+ implimentation suffers many costs and has equal vulnerabilities.
driver8 is offline   Reply With Quote
Old 29 Jan 2007, 04:25 AM   #9
nwg
Left *****
 
Join Date: Jun 2003
Posts: 5,196
Default

They can stop the current hacks for both HD DVD and Blu Ray just by updating the software, Once that is done, the old software will not work. Cyberlink are already working on a solution.
nwg is offline   Reply With Quote
Old 29 Jan 2007, 05:07 AM   #10
Member
Member
 
Join Date: Sep 2004
Posts: 89
Default

Quote:
Originally Posted by nwg View Post
They can stop the current hacks for both HD DVD and Blu Ray just by updating the software, Once that is done, the old software will not work. Cyberlink are already working on a solution.
I don't think you are keeping up at all on what is going on. Every piece of software running on a pc is going to have to give up the key. They can update everyday. the ability to get the key out of memory is a permanent flaw.

Getting the title keys out of stand alone boxes is not going to be hard anyway. remember only one person has to do it for any given title!

you are also confused about whether the old software will work. it will on every dvd published to date.

The exploit is 100% permanent (it isn't a hack anyway it is a side attack bypass).
driver8 is offline   Reply With Quote
Old 29 Jan 2007, 06:41 AM   #11
nwg
Left *****
 
Join Date: Jun 2003
Posts: 5,196
Default

Quote:
Originally Posted by driver8 View Post
I don't think you are keeping up at all on what is going on. Every piece of software running on a pc is going to have to give up the key. They can update everyday. the ability to get the key out of memory is a permanent flaw.

Getting the title keys out of stand alone boxes is not going to be hard anyway. remember only one person has to do it for any given title!

you are also confused about whether the old software will work. it will on every dvd published to date.

The exploit is 100% permanent (it isn't a hack anyway it is a side attack bypass).

I am not confused and it is not a permanant exploit.
nwg is offline   Reply With Quote
Old 29 Jan 2007, 08:21 AM   #12
Member
Member
 
Join Date: Sep 2004
Posts: 89
Default

Quote:
Originally Posted by nwg View Post
I am not confused and it is not a permanant exploit.
It is permenent. the title keys can be read out of memory on xp vista and without a doubt almost every stand alone box. you do realize the problem with the stand alone boxes? reading the memory off the chips is doable on 100% pf the players on the market. no one has bothered because you can pull it with simple debug on the pc.
driver8 is offline   Reply With Quote
Old 29 Jan 2007, 08:35 AM   #13
Not a god of digital video
 
blutach's Avatar
 
Join Date: Oct 2004
Location: is everything!
Posts: 24,628
Default

The question is whether they will revoke all software players that work on XP and mandate them to only work with Vista, where things are reputedly "more secure".

However, as one poster on Doom9 said, "memory is memory is memory". The keys gotta get in there eventually.

Some proposals are even circulating to reading the keys off the various pins in chips in hardware players.

My view: Whatever industry throws up, some enterprising people will destroy and quickly. Witness the lack of success that ARccOS has due to advanced rippers.

Funny thing is that the whole thing started cos one bloke simply wanted to watch his legally purchased disk on another device. The industry is too intent on stopping people from doing this. In doing so, it is shooting itself in the foot, IMHO.

Regards
blutach is offline   Reply With Quote
Old 30 Jan 2007, 12:58 PM   #14
Member
Member
 
Join Date: Sep 2004
Posts: 89
Default

Quote:
Originally Posted by blutach View Post
The question is whether they will revoke all software players that work on XP and mandate them to only work with Vista, where things are reputedly "more secure".

However, as one poster on Doom9 said, "memory is memory is memory". The keys gotta get in there eventually.

Some proposals are even circulating to reading the keys off the various pins in chips in hardware players.

My view: Whatever industry throws up, some enterprising people will destroy and quickly. Witness the lack of success that ARccOS has due to advanced rippers.

Funny thing is that the whole thing started cos one bloke simply wanted to watch his legally purchased disk on another device. The industry is too intent on stopping people from doing this. In doing so, it is shooting itself in the foot, IMHO.

Regards
Yes. The title keys passed in the large amount of devices are the weak link. The number of makes and types of devices will have to increase. How many DVD players do you have? In your PC, laptop, set boxes, portables, gaming rigs, etc. how many combinations of makers, chips and firmware? This is a very weak link in the chain.
driver8 is offline   Reply With Quote
Old 3 Feb 2007, 04:23 AM   #15
Member
Member
 
Join Date: Sep 2004
Posts: 89
Default

Quote:
Originally Posted by blutach View Post
[color=blue]The question is whether they will revoke all software players that work on XP and mandate them to only work with Vista, where things are reputedly "more secure".
Quote:
Originally Posted by nwg View Post
They can stop the current hacks for both HD DVD and Blu Ray just by updating the software, Once that is done, the old software will not work. Cyberlink are already working on a solution.
Just as an update, they will have to kill xp AND vista -- not likely:
http://www.alex-ionescu.com/?p=24
driver8 is offline   Reply With Quote
Reply

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On




All times are GMT +10. The time now is 09:42 PM.

Kirsch designed by Andrew & Austin


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.6.0
Copyright © 1999 - 2011 Digital Digest

Visit DivXLand   Visit dvdloc8.com