View Single Post
Old 12th July 2009, 18:50   #428  |  Link
KenD00
Registered User
 
Join Date: Jan 2007
Location: Internet
Posts: 378
Quote:
Originally Posted by drkrvn32 View Post
openSSL .98k via MacPorts[only way I have gotten this to install correctly]

When I try and compile libaacskeys I run into the same error that everyone else does with EACS?? extensions to openSSL. I'm cluless where to begin to fix it.
The macports version of openssl contains everything that the original tarball does, at least the version i have installed (don't remember which), including ECDSA. That was the reason i used this version, because the OSX included one wasn't complete. Post the error message the compiler spits out, maybe i can help.

Quote:
Correct me if I'm wrong, but isnt the MKBV info inside the same file as the version header? Obviously its stored on disc somewhere near the AACS files.How difficult is it to use the discs auth against itself? Thats how we managed to break CSS, and usually that's how crypto stuff is cracked.

I'm hardly an expert in drive auth,but the ceasar cypher was broken by the number of occurances [uses per letter]of the english alphabet.Also,once you bust a hash, anything that uses that hash is now cracked. [xb-360 forums]

I hear someone says that only Volume/disc/title keys are in this file, but the MVKB has to be close to these or the set-top boxes couldn't decode the disc.
Maybe we need to start looking at firmwares and set-top firmwares.....
Honestly, i don't understand what you are saying here. Of course, the MKB file on the disc contains the version number, thats what aacskeys reads and displays. However, this information is only informative for us, it doesn't add anything to the decryption process. Inside the MKB there are the encrypted Media Keys, one of these has to be decrypted with a Processing Key. Every new version of the MKB encrypts the Media Keys with new keys so that we can't decrypt them with our known Processing Keys. So there is no other way then finding new Processing Keys to decrypt new MKBv's.

Second problem is the revokation of certificates, there the version number is important because the drive reads this out to decide if it has to update its revokation lists or not. But this does the drive itself, there is nothing we can do about it.

KenD00 is offline   Reply With Quote