Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion. Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules. |
![]() |
#1 | Link |
Registered User
Join Date: Sep 2006
Posts: 390
|
Processing Key, Media Key and Volume ID found!!!
Wooow!
I think I just found the Volume ID of King Kong. ![]() But I'm shocked! It doesn't appear to be anywhere near random as I expected it to be!! This could mean (just maybe) its guessable/computable... If so then if we find the Media Key** we wouldn't have to use WinDVD to grab keys anymore ![]() I don't want to get ahead of things but if this is true this could be very deadly for AACS. I wonder if this is due to some technical limitation. I will tell more later. Have to go to work now ![]() Oh yeah here it is: Code:
00000000: 00 22 00 00 40 00 09 18 20 06 08 41 00 20 20 20 00000010: 20 20 00 00 xx xx xx xx xx xx xx xx xx xx xx xx 00000020: xx xx xx xx Regards, arnezami PS. For some reason (even though i'm pretty sure this is the volumeid) I just can't believe it. But it really seems like the id is split in two parts of 64 bit: one part only 00's and 20's while the other part is a little more "random" (which to some degree would make sense seeing its also split in half on the disc). ** Later in this thread it became clear we need a Processing Key. But it amounts to basicly the same thing. Update: The Media Key of King Kong has been found now ![]() Update 2: The Processing Key has been found too ![]() Last edited by arnezami; 11th February 2007 at 15:40. |
![]() |
![]() |
![]() |
#2 | Link |
Registered User
Join Date: Dec 2006
Posts: 202
|
According to section 2.3.3 of "HD DVD and DVD Pre-recorded Book" the above might indeed be the Volume ID.
struct VolumeID { uchar MediaType; // 0x40 uchar Reserved; uchar UniqueNumber[12]; uchar Reserved[2]; }; Reserved fields are always filled with 0x00. You are also right about the ID split in 2 parts. One half is stored in the BCA (Burst Cutting Area) and the other half in the Control Data Zone (whatever that may be). Last edited by evdberg; 5th February 2007 at 11:39. |
![]() |
![]() |
![]() |
#3 | Link |
Registered User
Join Date: Sep 2006
Posts: 390
|
Thanks evdberg. That confirms this is in fact the Volume ID.
![]() Its incredible how not random this Volume ID is. I just figured out what these "unique" 6 bytes are: Code:
09 18 20 06 08 41 Code:
King Kong |V|09/18/06| What does this mean? This means that (especially for future software player updates) there would be no need for anyone to do a memdump/debug or anything. Only once per Media Key Block Version does the Media Key have to be extracted by one person in the world. If this is released everyone can decrypt any disc!! ![]() This is opposed to having to design a reliable and working keyfinder program for a new version of a software player which may not be possible. And that would mean that everyone who would want to retrieve a volume key would have to be pretty savvy (using a real debugger etc) and this would limit the amount and speed of volume key discovery. What the above (date/time) essentially does is vaporize the whole Host and Drive revocation scheme. Have they gone mad? Even if they do use proper unique Volume IDs from now on it will still be possible (using a very simple USB software sniffer I used) for less savvy people to get Volume IDs. And having Volume ID + Media Key equals to Volume Unique Keys ![]() To confirm the above it would be nice if we had some more Volume IDs. Maybe this date/time thing is only done by one distributer or something. Don't know. We have to figure it out. Since I only have one movie others would have to extract the Volume ID. Finding the Volume ID How did I find the Volume ID? There are essentially two ways (now). I used the USB sniffer (with the xbox 360 HD DVD) because I knew I didn't have to bother with the (possibly obscured/wiped) memory of the software player.
Btw: I used WinDVD but the above should also work for other players. A different method (but less reliable I think) is to use WinDVD's memdump.
I'm going to try to extract the media key. I have no idea how difficult that will be (if at all). But if we have that we could make a program that decrypts all discs without needing any keys (apart from the one media key). ![]() I hope we can find at least a few Volume IDs. If you retrieve one please also check the creation dates of the files/dirs on the disc and post it aswell. Greetz, arnezami PS. Almost forgot: make sure you remove the last 16 bytes from the Volume ID log (which is the MAC) like I did in my first post. This is because in theory they might be able to track down your drive with that part... (you don't want that). The Volume ID itself is for everybody the same (with the same movie) so that won't reveal anything about yourself ![]() ** See this post for more Blu-Ray instructions. Last edited by arnezami; 10th February 2007 at 09:44. |
![]() |
![]() |
![]() |
#8 | Link | ||
Registered User
Join Date: Sep 2006
Posts: 390
|
Quote:
Here is the part from the Pre-recorded Video Book section 3.3: Quote:
Or to illustrate it (I removed the currently unused parts): ![]() The red part is the hard part: getting the Media Key** (usually from a software player by debugging/memory snooping). But this only has to be done once per MKB and can be done by a pro. The yellow part is what I described above: we either can (nearly) predict the Volume ID or we can get it via simple USB sniffing (the software player can't do much about that apart from bus encryption which is not implemented yet). The blue part is the easiest: if we have the Volume ID (also called IDv) and the Media Key (Km) we can calculate the Volume Unique Key (Kvu) and then the Title Keys (Kt). This of course enables us to decrypt the content itself. Hope that clarifies a bit. Regards, arnezami ** Later in this thread it became clear we need a Processing Key. But it amounts to basicly the same thing. Last edited by arnezami; 11th February 2007 at 15:40. |
||
![]() |
![]() |
![]() |
#9 | Link |
Registered User
Join Date: Dec 2006
Posts: 154
|
We can get the media keys now the same way muslix got the VUKs. We get a memory dump, take the first 16 bytes and the volume ID to decrypt, and see if the result is the VUK. If not, increment the offset by 1 and try again, it should be a very quick attack.
|
![]() |
![]() |
![]() |
#10 | Link | |
Registered User
Join Date: Sep 2006
Posts: 390
|
Quote:
![]() So far every key (title/volume key/volume id) has been in WinDVD's memory so I don't see why the Media Key wouldn't be in it... |
|
![]() |
![]() |
![]() |
#11 | Link |
Registered User
Join Date: Dec 2006
Posts: 202
|
OK, I already wondered that I missed something, because I was sure we also need a device key. But if I am correct, PowerDVD keeps its device keys (although in encrypted form) in a file (001.fcl) ...
Last edited by evdberg; 5th February 2007 at 21:23. |
![]() |
![]() |
![]() |
#13 | Link |
Registered User
Join Date: Dec 2006
Posts: 202
|
Reading the media key from memory is not really useful: in that case you can better grab the volume unique key as we do now ... the whole point of this exercise is that we want a method for decrypting without reading program memory, because this will most likely get harder in the future.
|
![]() |
![]() |
![]() |
#17 | Link | |
Registered User
Join Date: Sep 2006
Posts: 390
|
Quote:
I do however (in principle) agree with you that it is not better (or worse) to go for the media in the memory of a player instead of the device keys. However its right now probably easier to retrieve the media key from memory than it is to extract a Device key (although technically we only need a process key but thats a different matter). Btw I believe we should never (keep) releasing Device Keys. Its much better to release Media Keys. Unless somehow one version of an MKB can have multiple Media Keys (and as far as I understand that is not the "rule"). Last edited by arnezami; 6th February 2007 at 08:15. |
|
![]() |
![]() |
![]() |
#18 | Link | |
Registered User
Join Date: Dec 2006
Posts: 154
|
Quote:
Last edited by noclip; 5th February 2007 at 22:38. |
|
![]() |
![]() |
![]() |
#20 | Link | |
Registered User
Join Date: Dec 2006
Posts: 154
|
Quote:
They may be able to change the MKB so that all current device keys are still valid, but then they risk an easy attack on their root key, which will have them running for the hills. |
|
![]() |
![]() |
![]() |
Thread Tools | Search this Thread |
Display Modes | |
|
|