Doom9's Forum - View Single Post - BackupHDDVD, a tool to decrypt AACS protected movies

blanchg · 14th January 2007, 15:09

Revocation facts from: http://www.aacsla.com/specifications...ommon_0.91.pdf

MKB has three methods of revocation, two specifically for PC's with separate devices/playback software and is described in detail in Section 4 of above document.

Summary here:

1. Device Revocation List (DRL): Each device (i.e. XBOX360 HDDVD Drive) has an id attached to it in a record that has been signed by AACS_LA private key (Section 4.1) and is verified as having not been modified by the Host using the AACS_LA public key. This is versioned inside the MKB which is also signed by the AACS_LA private key (Section 3.2.5.8) and checked it is not modified before use. This pretty much discounts modifying the device id or setting the version of the DRL to it's maximum. (unless we have the AACS_LA private key which is nearly impossible to get/brute force)

2. Host Revocation List (HRL): This is the software running on the pc i.e. (PowerDVD, WinDVD) has it's own id again in a record that has been signed by the AACS_LA private key (Section 4.2) and prevents the same kind of attacks as per the DRL above.

3. Key revocation via Subset-Difference Tree or NNL-Tree: (Seciton 3) This is used both to calculate the Volume Key used by BackupHDDVD and to revoke DEVICE KEYS. Again this is part of the AACS_LA signed MKB and can't be altered. The interesting part of this is that each device calculates the same Volume Key for each disk with the same MKB (this will usually be the same for each "title" in a particular batch as has been proved).

Hope that dispels some of the incorrect information/questions being posted.

14th January 2007, 15:09	#760 \| Link
blanchg Registered User Join Date: Jan 2007 Posts: 1	Revocation facts from: http://www.aacsla.com/specifications...ommon_0.91.pdf MKB has three methods of revocation, two specifically for PC's with separate devices/playback software and is described in detail in Section 4 of above document. Summary here: 1. Device Revocation List (DRL): Each device (i.e. XBOX360 HDDVD Drive) has an id attached to it in a record that has been signed by AACS_LA private key (Section 4.1) and is verified as having not been modified by the Host using the AACS_LA public key. This is versioned inside the MKB which is also signed by the AACS_LA private key (Section 3.2.5.8) and checked it is not modified before use. This pretty much discounts modifying the device id or setting the version of the DRL to it's maximum. (unless we have the AACS_LA private key which is nearly impossible to get/brute force) 2. Host Revocation List (HRL): This is the software running on the pc i.e. (PowerDVD, WinDVD) has it's own id again in a record that has been signed by the AACS_LA private key (Section 4.2) and prevents the same kind of attacks as per the DRL above. 3. Key revocation via Subset-Difference Tree or NNL-Tree: (Seciton 3) This is used both to calculate the Volume Key used by BackupHDDVD and to revoke DEVICE KEYS. Again this is part of the AACS_LA signed MKB and can't be altered. The interesting part of this is that each device calculates the same Volume Key for each disk with the same MKB (this will usually be the same for each "title" in a particular batch as has been proved). Hope that dispels some of the incorrect information/questions being posted.