Finally I'm allowed to post :-)

It will be revoked because AnyDVD is using it. So here it is...

My source http://rapidshare.com/files/18598966/aacsauth.tar.gz.html is mad and works on Linux only (but maybe PS3).

But the important part is 4737676058d7029452514f0ab186dc4cca8c578f anyway.

BTW WinDVD and even AnyDVD is hiding it better than PowerDVD ;-) The point is probably their bignum stuff. Maybe it is a problem of little/big endian, too.

Finally I'm allowed to post :-)

It will be revoked because AnyDVD is using it. So here it is...

My source http://rapidshare.com/files/18598966/aacsauth.tar.gz.html is mad and works on Linux only (but maybe PS3).

But the important part is 4737676058d7029452514f0ab186dc4cca8c578f anyway.

BTW WinDVD and even AnyDVD is hiding it better than PowerDVD ;-) The point is probably their bignum stuff. Maybe it is a problem of little/big endian, too.

OMG! This is great! :D

I've really been struggling with WinDVD. The SHA-1 hash and private key simply don't seem to appear in memory (while Hv, Dv, Hn, Dn, Hpub, Dpub, Hsig and Dsig do). The bignum/endian might indeed be throwing me off.

Anyway. Great work ! One for the history books :)

I will check/confirm this as soon as I've got time.

@jx6bpm
Excellent work! And welcome to the community, great first post by the way! ;)

@jx6bpm

A big welcome to Doom9 with a great 1st post by you!!

Regards

Ok. I can confirm that the public key in your program corresponds to the private key you gave (using my own proggy). Its probably from PowerDVD 7.x or something because it is different from the 6.5 version (the only one I have atm). I haven't got your source working yet on windows but hopefully tomorrow...

Can anybody sniff a PowerDVD 7.x and ascii search (not hex search) for "00000000: 00 72 00 00". There are two of those. The first one should be the one with "02 00 00 5c ff ff 00 00" in it. (careful: do NOT post the other one!)

The Hcert part should look like this:

02 00 00 5c ff ff 00 00 00 0c 00 00 6e 3d eb 67
9b 9a 16 ad fa a8 e3 08 78 76 7b a6 eb 2a 9b 41
53 85 ad 11 81 b4 44 6c 31 e9 a5 dd 2a b8 08 b3
64 ff 15 88 5b ac 49 09 64 31 8c 9b f8 02 9f cf
76 f6 88 a5 4f bd a0 3f 6d 93 32 ef 04 e5 a6 13
12 da 85 88 0a 4d 9c bb 79 d8 60 2e

If that is the same I would call this completely confirmed. :D

Oooh this is so cool :)

It is simply amazing how the keys are falling and falling...

:thanks:

Hcert confirmed for 7.x

Hcert confirmed for 7.x

:D :D :D :D :D :D :D :D :D :D :D

All credits go to jx6bpm. Thank you so much.

Ok. I can confirm that the public key in your program corresponds to the private key you gave (using my own proggy). )

Any chance of releasing your proggy:D

Any chance of releasing your proggy:D

Well that proggy is beyond chaotic ;). But I think I will extend jx6bpm's program so it will produce all aacs keys and ids:

Device Key(s) / uv(s)
Processing Key
C-Value
Media Key
Media Verify Data
Decrypted Media Verify Data

Hpriv
Hcert (Hpub + Haacs_sig) / Hn
Dcert (Dpub + Daacs_sig) / Dn
Hk / Hv / Hsig
Dv / Dsig
BK

Volume ID / Hm / Dm

Volume Unique Key / TKF Mac
Title Keys / CPS Unit Keys
That would be sweet :D

@jx6bpm: can we assume your source is public domain?

What does this private key finding mean? With it, what can be done, that wasn't possible before?

What does this private key finding mean? With it, what can be done, that wasn't possible before?
We don't have to sniff/snoop Volume IDs anymore.

We can create a program that can decrypt (or play if you will) a disc without any need for WinDVD or PowerDVD. So no sniffing/extracting of keys anymore. And more over: it can work on all platforms...

In other words: we can make our own independent, user friendly player (or decrypter).

Searched it on PowerDVD 7.1 HD... with V for Vendetta playing, looks similar to the one you posted arnezami...

I just thought I'd post it just so you can see the difference (if there is any)

0200005CFFFF0000000C00006E3DEB67
9B9A16ADFAA8E30878767BA6EB2A9B41
5385AD1181B4446C31E9A5DD2AB808B3
64FF15885BAC490964318C9BF8029FCF
76F688A54FBDA03F6D9332EF04E5A613
12DA85880A4D9CBB79D8602E

Searched it on PowerDVD 7.1 HD... with V for Vendetta playing, looks similar to the one you posted arnezami...

I just thought I'd post it just so you can see the difference (if there is any)

0200005CFFFF0000000C00006E3DEB67
9B9A16ADFAA8E30878767BA6EB2A9B41
5385AD1181B4446C31E9A5DD2AB808B3
64FF15885BAC490964318C9BF8029FCF
76F688A54FBDA03F6D9332EF04E5A613
12DA85880A4D9CBB79D8602E
Thanks for the additional confirmation :).

We don't have to sniff/snoop Volume IDs anymore.

We can create a program that can decrypt (or play if you will) a disc without any need for WinDVD or PowerDVD. So no sniffing/extracting of keys anymore. And more over: it can work on all platforms...

In other words: we can make our own independent, user friendly player (or decrypter).
That's impressive! :D

So what is the status now? What needs to be done now?

Well that proggy is beyond chaotic ;). But I think I will extend jx6bpm's program so it will produce all aacs keys and ids:

Device Key(s) / uv(s)
Processing Key
C-Value
Media Key
Media Verify Data
Decrypted Media Verify Data

Hpriv
Hcert (Hpub + Haacs_sig) / Hn
Dcert (Dpub + Daacs_sig) / Dn
Hk / Hv / Hsig
Dv / Dsig
BK

Volume ID / Hm / Dm

Volume Unique Key / TKF Mac
Title Keys / CPS Unit Keys
That would be sweet :D

@jx6bpm: can we assume your source is public domain?

Great...Great.
Now what charity do you guy's want me to send my $35.00 to..(my cost to purchase one HD DVD here)

ie Cancer Research ...Diabeties Research...Jerry Lewis fund...
Anyone here who has helped in the diagnostic of this DRM disease can pm me their charity of choice.

PS.. I have sending a check to THE Tom Baker Cancer Centre here for the original work (muslix64) and now I will send in $35.00 to the Canadian Heart and Stroke fondation, for (jx6bpm) and an additioal $35.00 to the Canadain Diabeties Fondation for (arnezami) work.

Disclaimer: These donation are expression given by me without any prior conversion to any of the above parties.

Again great work.

We don't have to sniff/snoop Volume IDs anymore.

We can create a program that can decrypt (or play if you will) a disc without any need for WinDVD or PowerDVD. So no sniffing/extracting of keys anymore. And more over: it can work on all platforms...

In other words: we can make our own independent, user friendly player (or decrypter).

So that means a mounted encrypted .iso will work also?

So what happens when the key gets revoked? If someone writes a custom player, and the key gets revoked, will that player stop working?

Yes, but only for newer disks. Old disk will still play fine.
and we will have to find a new key for the newer disks

So what happens when the key gets revoked? If someone writes a custom player, and the key gets revoked, will that player stop working?


It will only stop working for the new disc which has that "device key" revoked. But it will still work for the 100s of titles already out.

Yes, but only for newer disks. Old disk will still play fine.
and we will have to find a new key
From what I understand, old disks may still work as long as you do not play newer disks on any software player that supports revocation. However, the moment you play a newer disk on a player that supports revocation while using your drive, the older host private key will not work with the drive (I.E. the drive will no longer give out volume IDs when using the older host private key).

That is, if the player has to do something to tell the drive about the revocation. If the drive detects it by itself, then attempting to play a newer disc will result in the drive refusing to work with the older host private key.

Assuming that the player does need to tell the drive about the revocation, then an older host private key could theoretically be used in a non-revocation-compliant player even on newer discs and then only a newer device key or processing key would be needed. However, I'm sure AACS LA would not have left such a big hole open, meaning that the host key revocation is probably an automatic thing on the drives (for example, if the drive checks the host signature against something on the disc).

Of course, older discs will still be able to be decrypted, as the volume unique keys or volume IDs for the discs will have likely already been published.

I believe this was already clear but I will explain it very clearly now:

When a new disc is inserted the drive is told not to give Volume IDs to the Software Player with the now found Private Key. It will remember this in its permanent memory.

This means that from that moment: old and new discs will not work anymore (because of the missing Volume ID). Until we find a new Private Key that is.

Of course if you store (or we let the program automatically store) all VUKs for all old discs you inserted before putting in the new disc in the drive these old discs can still be decrypted based on the VUKs.

The reason: VUKs are not revokable (as muslix64 already pointed out).

Thats why we always have to keep collecting VUKs. This is just an easier way and a program can do it automatically.

When a new disc is inserted the drive is told not to give Volume IDs to the Software Player with the now found Private Key. It will remember this in its permanent memory.

This means that from that moment: old and new discs will not work anymore (because of the missing Volume ID). Until we find a new Private Key that is.


Hi arnezami,

Then how will you explain this:

http://forum.slysoft.com/showthread.php?p=15247#post15247

Slysoft developers say AnyDVD HD will not be affected by this scenario...

@supergoof

A one line answer with no technical theory to back it up? Just sounds like "trust me, I'm a salesman" to me. I suppose they are inferring that they'll find a kludge when the time comes (as they do for regular DVDs that AnyDVD has problems with).

Regards

This is for those eagerly awaiting a proggy:

http://www.sendspace.com/file/g6vuw3

Its just a windows ported version of the program made by jx6bpm (which was written for linux). So it will "only" give you the Volume ID. But thats pretty cool by itself :D. (combining it with evdberg's mkb.exe program you can in fact already retrieve VUKs this way).

Please test it on different machines etc to see if there are any problems.

I will extend this program, clean up the source and will then release all. This will take at least several days given my available time.

Regards,

arnezami

This is for those eagerly awaiting a proggy:

http://www.sendspace.com/file/g6vuw3

Its just a windows ported version of the program made by jx6bpm (which was written for linux). So it will "only" give you the Volume ID. But thats pretty cool by itself :D. (using evdberg's mkb.exe program you can in fact already retrieve VUKs this way).

Please test it on different machines etc to see if there are any problems.

I will extend this program, clean up the source and will then release all. This will take at least several days given my available time.

Regards,

arnezami


I really don't want to sound like a suck up Arnezami but you really are awesome bro. The wealth of knowledge you have brought to this forum (not to mention the time you have devoted) is truly amazing. Keep up the terrific work.

g

@guile - :goodpost:

@arnezami and everyone - :thanks: for all your hard work.

Regards

Thanks for all those kind words :thanks:.

You guys just promise one thing: if something would ever happen to me (or for some reason I will go silent) you will double your own efforts and never stop at trying to defeat DRM!

Then will my mission would have really been worth it ;).

But I know you will :).

My intend has always been to inspire other people to let the big (movie) industries know we will buy their stuff gladly. But we will not tolerate them to restrict our fair use rights and if they try we will embarras them while trying. Until they realize its pointless.

The really determined people are not the pirates: its the people who feel unjustified and will do everything in their power to regain their own fair use rights. Honest people will and should always fight unjust laws and policies.

Regards,

arnezami

Agreed. Your dedication and information you have provided are invaluable to the community.

I wonder how long it will be until someone releases an open sourced HD/BD player that uses these keys.

Agreed. Your dedication and information you have provided are invaluable to the community.

I wonder how long it will be until someone releases an open sourced HD/BD player that uses these keys.

I'm eager to see an open source player as well - but I must admit, given the recent trouble with BackupHDDVD on Sourceforge, coupled with the high probability of new keys to be needed in the future (revocation is inevitable), it might be better to implement a program that uses a user-definable device key that wouldn't be distributed with the program itself.

Aside from this small point, I imagine development is about to pick back up.

I'm eager to see an open source player as well - but I must admit, given the recent trouble with BackupHDDVD on Sourceforge, coupled with the high probability of new keys to be needed in the future (revocation is inevitable), it might be better to implement a program that uses a user-definable device key that wouldn't be distributed with the program itself.

Aside from this small point, I imagine development is about to pick back up.

I was thinking the same thing but with a user definable "device key" database that the program uses to test to see if a key works for the movie and if it does not then it trys the next one. This could also incorporate BackupHDDVD/BlRay into it under a tools tab to allow an all-in-one application.

And yes, thank you arnezami for imparting your knowledge.

Corrected: Link does work. Too many pop ups and adverts to see the wood for the trees:-)

Link is fine here.

Regards

Congrats to arnezami and all here! Keep up the good work! I am now backing up my BDs and am very happy.

Congrats to arnezami and all here! Keep up the good work! I am now backing up my BDs and am very happy.

You're welcome :).

(although I'm not sure how my program I released above can help you decrypt BDs. But you may not referring to that specifically. Or are you?)

and if arnenzami makes the program to produce all keys?

either way.. this looks like one more step off the flow chart in the aacs topic ^^

given the recent trouble with BackupHDDVD on Sourceforge,

I remember the excuse they gave on the news sites i was reading..

apparently they clamed the keys being used were copywritten themselves? how the heck do you copyright a number?:confused:

I remember the excuse they gave on the news sites i was reading..

apparently they clamed the keys being used were copywritten themselves? how the heck do you copyright a number?:confused:

Far good point ;-DDDDDD

They are trying to copyright random numbers ;-DDDDDD

I remember the excuse they gave on the news sites i was reading..

apparently they clamed the keys being used were copywritten themselves? how the heck do you copyright a number?:confused:

These numbers are secret so cannot be copyrighted. In order to copyright something you have to publish it. Check the copyright law, the copyright starts from the moment something is published.
And I bet no court would ever say that a random number can be copyrighted

@supergoof

A one line answer with no technical theory to back it up? Just sounds like "trust me, I'm a salesman" to me. I suppose they are inferring that they'll find a kludge when the time comes (as they do for regular DVDs that AnyDVD has problems with).

Regards

No, the way it sounds, AnyDVD is really not going to shut down, when the keys get revoked.
"No technical theory to back it up": they will do a damn to reveal their mechanisms, after all they do this for a living, there's no reason to make it easier for the competitors (which so far are nowhere to see)... :)

I've heard Pentium was named Pentium because it was ruled Intel couldn't copyright 80586, because it's just a number. This does raise an interesting point. Where does something stop being a number and start being a piece of data that can be copyrighted? The Windows XP install CD, for example, really just holds a very big number...

@Fahzuu

Their competitors abound in the various programmers and freeware developed by our members, who, thankfully, do openly discuss the technical aspects of AACS and advance all our learning.

Regards

@Fahzuu

Their competitors abound in the various programmers and freeware developed by our members, who, thankfully, do openly discuss the technical aspects of AACS and advance all our learning.

Regards

Yes, sure you're right in principal, but I don't see these various programmers being a real competition yet.
Even though they probably outnumber the Slysoft developers by far - they still aren't there, where AnyDVD already was weeks ago.
Slysoft started working on Bluray and - bang, 1 week later also hat cracked the region code.
So far - being interested in that myself - I could only find one thread here, where some people started digging into this and sometime later silently gave up.
AnyDVD was a "hands-off" utility from the start, while BackupHDDVD/Bluray now slowly is getting there (at least should - now that the player key is available, haven't checked yet whether this has been incorporated into the tools).

Don't get this the wrong way: the "various programmers, who openly discuss the technical aspects" are doing great. But I see SlySoft doing even greater. So all I'm saying is: that is no real competition at this point (personally, having been given the choice between the free stuff from here and the payware from SlySoft, I clearly don't regret having payed for AnyDVD).

But you are well right about the learning part. I found the discussion about the subset-difference stuff very enlightening - though I still didn't get it all :-)

Now we'll have to see, what happens, when the first set of keys gets revoked and WinDVD and PowerDVD start hiding the new keys better. I'm pretty sure, that it's going to be over with dumping them from memory...

Yes, sure you're right in principal, but I don't see these various programmers being a real competition yet.
Even though they probably outnumber the Slysoft developers by far - they still aren't there, where AnyDVD already was weeks ago.
Slysoft started working on Bluray and - bang, 1 week later also hat cracked the region code.

(lots of SlySoft fanboyism snipped)

Fahzuu: You are welcome to use the tools you want. Now we all know that you like AnyDVD - no shame in that. Go ahead, and keep on using it - no goon squad from doom9 forums will come at your door forcing you to use DumpHD or BackupBluRay. Further discussion of the "competition" is not productive - we don't care about "competition" because we don't see AnyDVD as competition. I suspect that members of this forum are alot more interested in making their software better, easier to use and more feature-full, then in trying to change your opinion about things.

(lots of SlySoft fanboyism snipped)

well, you did in fact leave most of my fanboyism there after all, thanks :)

Further discussion of the "competition" is not productive - we don't care about "competition" because we don't see AnyDVD as competition.

I was merely explaining, why I think that SlySoft did not tell exactly why their product will not suffer from key revocation. This argument was used to - in my eyes, being a SlySoft fanboy :) - miscredit this statement as marketing blabla. I tend to believe, that what they say is true, so I just couldn't leave that uncommented.
I also explained, why Slysoft also probably doesn't think of you as a competition, I never wanted to start a discussion about competition at all. With competitors I meant other commercial products that might come in the future.

So these are two different things in my opinion: Slysoft created a tool that can be very easily used to backup discs or play them on non-HDCP equipment, while your work here is more of an educational sort.

Irrespective, we here at Doom9 work to disclose things and learn. What other spin can you put on it except marketing blah when a company says "trust us, it'll be OK and we don't wanna tell you why, just hand over the bux".

Thanks, but no thanks, I'll stick with the stuff in these 2 threads.

http://forum.doom9.org/showthread.php?t=123282
http://forum.doom9.org/showthread.php?t=123311

Now, I'd prefer not to have to go back and forwards with the Kool Aid Club (aka Fanatic Any DVD users) and we are getting OT. So, let's end it by saying, "each to his own" and "live and let live".

Regards

I've heard Pentium was named Pentium because it was ruled Intel couldn't copyright 80586, because it's just a number. This does raise an interesting point. Where does something stop being a number and start being a piece of data that can be copyrighted? The Windows XP install CD, for example, really just holds a very big number...

You are confusing copyright with trademark - a very common mistake. Numbers cannot be registered as trademarks, as in case of 486 or 4711 (the original Eau de Cologne from Cologne - today only the "4711" picture is registered as trademark, but not the number itself).

However, numbers can very well be copyrighted, as long as as they represent meaningful and creative content. Of course, the question of whether an encryption key indeed represents meaningful and creative content is highly controversal.

...Slysoft started working on Bluray and - bang, 1 week later also hat cracked the region code...If SlySoft would do it before Muslix's first post, your argument would hold.
Since it's not the case - it doesn't.

Now it's more like Rambus in the RAM market...

Diogen.

If SlySoft would do it before Muslix's first post, your argument would hold.
Since it's not the case - it doesn't.

Ok, that might be a point.

Whoever has been following the our progressive understanding about AACS must know by now that in order to decrypt AACS protected content (like AnyDVD does) you need Device/Processing Keys and a Host Private Key.

Now if they claim they will be able to do this in the future this can only mean they feel confident they will be able to get these keys in time (before discs get released that revoke stuff). Whether they will be able to do this is a different matter. They were first at finding Processing/Device Keys and a Host Private Key (there is no point denying that, they earn that credit) so they might feel very confident now. Of course muslix64 started it all and probably inspired us and the creators of AnyDVD.

The only thing I care about is that we continue to focus on being a step ahead of the AACS LA and that everybody is going to be and will stay well informed about all that is involved regarding the encryption schemes used in aacs.

So can we please leave the AnyDVD issue for now :). I'm getting a little bored by it. Its a pretty good program (especially the integration into the drive communication and ability to change files etc) but its closed source and that settles it for me.

Regards,

arnezami