Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

Reply
 
Thread Tools Search this Thread Display Modes
Old 8th January 2007, 20:51   #481  |  Link
tonyp12
Registered User
 
Join Date: Oct 2002
Location: Florida, USA
Posts: 90
Is Bystander = Muslix64.

Just joined and pretty much tells how to get the
keys but without telling all of it.
Sounds like Muslix, and using a second screen name will
lessen the chance of getting traced and sued.

I think Muslix is from Germany, where the cereal is from and a land where Commodore 64 was a hackers first toy.

This is just speculations, and Mods can delete this post if it's
out of bound/irrelevant.

Last edited by tonyp12; 8th January 2007 at 21:03.
tonyp12 is offline   Reply With Quote
Old 8th January 2007, 21:05   #482  |  Link
Isochroma
Registered User
 
Join Date: Mar 2005
Posts: 468
Good morning all! I see there's been much activity since yesterday...

There is no need to bring the keyed but unencrypted files to a licensed HD-DVD replicator to get them encrypted... here is one example of software on the market :

Eclipse Data Releases High-Speed Blu-ray AACS Encryption Software
"We knew that we needed to minimize the impact of moving encryption into the premastering process"
Premastering is what you do with the Sonic package. This means you can get secondary software which will take the fileset made by Sonic and convert it to a fully AACS-encrypted fileset or ISO image.

Sonic only adds AACS information to DDP images, also known as PlantDirect:
"A powerful add-on option for Scenarist Studio (SEN-3101), PlantDirect Tapeless Premastering allows DDP file sets to be written to hard disk, rather than to DLT, enabling delivery of DVD masters for replication via the Internet saving time and money on physical shipments."
DDP is the industry standard for disc imaging, and was established by a company known as DCA Inc. They established the standard, so it should surprise nobody that they also make a product called Blazer:
Blazer is an application designed to encrypt a DDP V3.0 HD ROM image with the Advanced Access Content System (AACS) encryption. Blazer automatically recalculates the HCRC in the AACS encrypted image.
I contacted the company by phone this morning, and found out that the software, while it runs on XP (screenshot), only comes bundled with a workstation machine with RAID, etc. The cost is probably high, I didn't ask, but will do so later today and report my findings.

Other than this it seems the Sonic product "DVDit Pro HD" can author AACS protected Blu-Ray DDP filesets, but it doesn't have HD-DVD functionality.

Finally, an email was sent to Eclipse requesting a price quote for their EclipseSuite + AACS addon software. It runs on any hardware (ie. software-only); the specifications page states that it will run on Windows NT 4.0, 2000 and XP. It also seems to need an Adaptec SCSI controller, but those are cheap.

Last edited by Isochroma; 8th January 2007 at 21:24.
Isochroma is offline   Reply With Quote
Old 8th January 2007, 21:07   #483  |  Link
feizex
Registered User
 
Join Date: Dec 2006
Posts: 11
FYI...
http://www.youtube.com/profile?user=muslix64
muslix64
Age: 26
Country: Canada
feizex is offline   Reply With Quote
Old 8th January 2007, 21:09   #484  |  Link
ron spencer
DVD Magistrate
 
Join Date: Dec 2003
Location: Sodor
Posts: 991
Quote:
Originally Posted by feizex View Post
FYI...
http://www.youtube.com/profile?user=muslix64
muslix64
Age: 26
Country: Canada
I doubt that is true....he (or she) is not that stupid.
ron spencer is offline   Reply With Quote
Old 8th January 2007, 21:11   #485  |  Link
Sy
Registered User
 
Sy's Avatar
 
Join Date: Feb 2002
Posts: 44
Quote:
Originally Posted by tonyp12 View Post
Is Bystander = Muslix64.

Just joined and pretty much tells how to get the
keys but without telling all of it.
Sounds like Muslix, and using a second screen name will
lessen the chance of getting traced and sued.

I think Muslix is from Germany, where the cereal is from and a land where Commodore 64 was a hackers first toy.

This is just speculations, and Mods can delete this post if it's
out of bound/irrelevant.
I don't think it matters who Bystander is. He seems like a knowledgable person and it looks as if he would be an asset to this community. You shouldn't question the identities of people. If they want you to know who they are then they would tell you.

Yes it is speculation and you should use your own judgement and delete it yourself if you think it is out of line.
__________________
Sometimes I sit and think... and sometimes I just sit...
Sy is offline   Reply With Quote
Old 8th January 2007, 21:18   #486  |  Link
CiTay
Registered User
 
CiTay's Avatar
 
Join Date: Jun 2003
Posts: 46
Please, it shouldn't matter who one or the other is. What they post is important.
CiTay is offline   Reply With Quote
Old 8th January 2007, 21:40   #487  |  Link
Borbus
Registered User
 
Join Date: Sep 2006
Posts: 52
There were actually other files with the PlantDirect image, they might be important if anyone manages to get hold of Blazer or an equivalent. Note how small it all is when RARed, I suppose it's the blank revocation files.

http://www.filehost.gr/883400

The IMAGE.DAT is the same as before.

I was going to make a short video with more than just a blank screen and maybe audio too, but, this sounds really stupid, I couldn't think of a way to encode just a few seconds of video with MainConcept... Any idea how to make a short animated clip with AVISynth?
Borbus is offline   Reply With Quote
Old 8th January 2007, 21:54   #488  |  Link
communist
Registered User
 
Join Date: Jul 2003
Posts: 1,152
Simple solution: use Colorbars(width,height) and ShowFrameNumber().
communist is offline   Reply With Quote
Old 8th January 2007, 22:18   #489  |  Link
neviens
Registered User
 
Join Date: Nov 2005
Posts: 6
Some observations for those with HDDVD drive and know, what OllyDbg is.
Seems, HDDVDAdvNav.dll is a module where stuff is located.
Here are all AES function calls:
Code:
;-----------------------------------------------------------
...
.text:100C350F                 push    1               ; crypto mode
.text:100C3511                 lea     ecx, [ebp+var_40]
.text:100C3514                 call    CryptoModeSelector ; 1 == CBC decrypt
.text:100C3519                 mov     [ebp+var_4], 0
.text:100C3520                 lea     eax, [ebp+var_40]
.text:100C3523                 push    80h             ; int
.text:100C3528                 push    [ebp+arg_0]     ; KEY!
.text:100C352B                 push    eax             ; int
.text:100C352C                 call    AES_KeyExpand
.text:100C3531                 mov     ebx, eax
.text:100C3533                 test    ebx, ebx
.text:100C3535                 jl      short loc_100C355F
.text:100C3537                 push    offset CBC_InitVector ; ==0BA0F8DD..
.text:100C353C                 lea     eax, [ebp+var_40]
.text:100C353F                 push    eax             ; int
.text:100C3540                 call    _initCBC
.text:100C3545                 mov     ebx, eax
.text:100C3547                 test    ebx, ebx
.text:100C3549                 jl      short loc_100C355F
.text:100C354B                 push    [ebp+arg_C]     ; data len
.text:100C354E                 push    [ebp+arg_8]     ; output
.text:100C3551                 push    [ebp+arg_4]     ; input
.text:100C3554                 lea     eax, [ebp+var_40]
.text:100C3557                 push    eax             ; expanded switch
.text:100C3558                 call    AES_SwitchFunc2
.text:100C355D                 mov     ebx, eax
.text:100C355F
.text:100C355F loc_100C355F:                           ; CODE XREF: CBC_decrypt+4Dj
.text:100C355F                                         ; CBC_decrypt+61j
.text:100C355F                 mov     [ebp+var_4], 0FFFFFFFFh
.text:100C3566                 lea     ecx, [ebp+var_40]
.text:100C3569                 call    ClearExpandedKey
...
It was CBC mode, most likely content decryption, Title key??

;-----------------------------------------------------------
.text:100C35E8                 push    21h             ; crypto mode
.text:100C35EA                 lea     ecx, [ebp+var_54]
.text:100C35ED                 mov     [ebp+var_14], edx
.text:100C35F0                 call    CryptoModeSelector ; 21== ECB decrypt
.text:100C35F5                 mov     edx, [ebp+var_14]
.text:100C35F8                 mov     [ebp+var_4], 0
.text:100C35FF                 mov     ecx, [ebp+var_1C]
.text:100C3602                 lea     ebx, [ebp+var_54]
.text:100C3605                 push    80h             ; int
.text:100C360A                 mov     [ebp+var_14], edx
.text:100C360D                 push    ecx             ; KEY!
.text:100C360E                 push    ebx             ; int
.text:100C360F                 call    AES_KeyExpand
.text:100C3614                 mov     edx, [ebp+var_14]
.text:100C3617                 mov     ebx, eax
.text:100C3619                 test    ebx, ebx
.text:100C361B                 jl      loc_100C36AE
.text:100C3621                 mov     ecx, [ebp+var_20]
.text:100C3624                 lea     ebx, [ebp+var_54]
.text:100C3627                 push    10h             ; data len
.text:100C3629                 mov     [ebp+var_14], edx
.text:100C362C                 push    ecx             ; output
.text:100C362D                 push    edx             ; input
.text:100C362E                 push    ebx             ; expanded key
.text:100C362F                 call    AES_SwitchFunc2
...
This one was Triple AES Generator (AES-G3)

;-----------------------------------------------------------
.text:100C3C47                 push    21h
.text:100C3C49                 lea     ecx, [ebp+var_40]
.text:100C3C4C                 call    CryptoModeSelector ; 21== ECB decrypt
.text:100C3C51                 mov     [ebp+var_4], 0
.text:100C3C58                 lea     eax, [ebp+var_40]
.text:100C3C5B                 push    80h             ; int
.text:100C3C60                 push    [ebp+arg_0]     ; KEY!
.text:100C3C63                 push    eax             ; int
.text:100C3C64                 call    AES_KeyExpand
.text:100C3C69                 mov     ebx, eax
.text:100C3C6B                 test    ebx, ebx
.text:100C3C6D                 jl      short loc_100C3C82
.text:100C3C6F                 lea     eax, [ebp+var_40]
.text:100C3C72                 push    10h             ; data len
.text:100C3C74                 push    [ebp+arg_8]     ; output
.text:100C3C77                 push    [ebp+arg_4]     ; input
.text:100C3C7A                 push    eax             ; expanded key
.text:100C3C7B                 call    AES_SwitchFunc2
.text:100C3C80                 mov     ebx, eax
.text:100C3C82
.text:100C3C82 loc_100C3C82:                           ; CODE XREF: sub_100C3C20+4Dj
.text:100C3C82                 mov     [ebp+var_4], 0FFFFFFFFh
.text:100C3C89                 lea     ecx, [ebp+var_40]
.text:100C3C8C                 call    ClearExpandedKey
...
ECB stuff

;-----------------------------------------------------------
.text:100DBFE6                 push    21h             ; crypt mode
.text:100DBFE8                 lea     ecx, [ebp+var_54]
.text:100DBFEB                 call    CryptoModeSelector ; 21== ECB decrypt
.text:100DBFF0                 mov     [ebp+var_4], 0
.text:100DBFF7                 mov     eax, [ebp+var_20]
.text:100DBFFA                 lea     edx, [ebp+var_54]
.text:100DBFFD                 push    80h             ; int
.text:100DC002                 push    eax             ; KEY!
.text:100DC003                 push    edx             ; int
.text:100DC004                 call    AES_KeyExpand
.text:100DC009                 mov     eax, [ebp+var_1C]
.text:100DC00C                 mov     edx, [ebp+var_24]
.text:100DC00F                 lea     ecx, [ebp+var_54]
.text:100DC012                 push    10h             ; data len
.text:100DC014                 push    eax             ; output
.text:100DC015                 push    edx             ; input
.text:100DC016                 push    ecx             ; expanded key
.text:100DC017                 call    AES_SwitchFunc
.text:100DC01C                 mov     eax, [ebp+var_1C]
.text:100DC01F                 movzx   edx, byte ptr [eax]
.text:100DC022                 test    edx, 80h
.text:100DC028                 jnz     short loc_100DC084
...

This one looks interesting!
Chapter 3.2.4, Calculation of Processing Key?

;-----------------------------------------------------------
.text:100DC49C                 call    CryptoModeSelector ; 1 == CBC decrypt
.text:100DC4A1                 mov     edx, [ebp+var_18]
.text:100DC4A4                 mov     [ebp+var_4], 1
.text:100DC4AB                 mov     eax, [ebp+var_24]
.text:100DC4AE                 lea     ecx, [ebp+var_C0]
.text:100DC4B4                 push    80h             ; int
.text:100DC4B9                 mov     [ebp+var_18], edx
.text:100DC4BC                 push    eax             ; KEY!
.text:100DC4BD                 push    ecx             ; int
.text:100DC4BE                 call    AES_KeyExpand
.text:100DC4C3                 mov     edx, [ebp+var_18]
.text:100DC4C6                 lea     ebx, [ebp+var_C0]
.text:100DC4CC                 lea     ecx, [ebp+var_78]
.text:100DC4CF                 lea     eax, [ebp+var_68]
.text:100DC4D2                 push    10h             ; data len
.text:100DC4D4                 mov     [ebp+var_18], edx
.text:100DC4D7                 push    eax             ; output
.text:100DC4D8                 push    ecx             ; input
.text:100DC4D9                 push    ebx             ; expanded key
.text:100DC4DA                 call    AES_SwitchFunc
.text:100DC4DF                 mov     edx, [ebp+var_18]
.text:100DC4E2                 mov     [ebp+var_4], 0FFFFFFFFh
.text:100DC4E9                 lea     ecx, [ebp+var_C0]
.text:100DC4EF                 mov     [ebp+var_18], edx
.text:100DC4F2                 call    ClearExpandedKey

CBC decrypt again.

;-----------------------------------------------------------
.text:100DC79C                 call    CryptoModeSelector ; 1 == CBC decrypt
.text:100DC7A1                 mov     eax, [ebp+var_14]
.text:100DC7A4                 mov     [ebp+var_4], 0
.text:100DC7AB                 mov     edx, [ebp+var_24]
.text:100DC7AE                 lea     ecx, [ebp+var_9C]
.text:100DC7B4                 push    80h             ; int
.text:100DC7B9                 mov     [ebp+var_14], eax
.text:100DC7BC                 push    edx             ; KEY!
.text:100DC7BD                 push    ecx             ; int
.text:100DC7BE                 call    AES_KeyExpand
.text:100DC7C3                 mov     eax, [ebp+var_14]
.text:100DC7C6                 lea     ebx, [ebp+var_9C]
.text:100DC7CC                 lea     ecx, [ebp+var_58]
.text:100DC7CF                 lea     edx, [ebp+var_48]
.text:100DC7D2                 push    10h             ; data len
.text:100DC7D4                 mov     [ebp+var_14], eax
.text:100DC7D7                 push    edx             ; output
.text:100DC7D8                 push    ecx             ; input
.text:100DC7D9                 push    ebx             ; expanded key
.text:100DC7DA                 call    AES_SwitchFunc
.text:100DC7DF                 mov     eax, [ebp+var_14]
.text:100DC7E2                 mov     [ebp+var_4], 0FFFFFFFFh
.text:100DC7E9                 lea     ecx, [ebp+var_9C]
.text:100DC7EF                 mov     [ebp+var_14], eax
.text:100DC7F2                 call    ClearExpandedKey
...
CBC decrypt with xoring...

Last edited by neviens; 8th January 2007 at 22:25.
neviens is offline   Reply With Quote
Old 8th January 2007, 22:50   #490  |  Link
Borbus
Registered User
 
Join Date: Sep 2006
Posts: 52
Quote:
Originally Posted by communist View Post
Simple solution: use Colorbars(width,height) and ShowFrameNumber().
Colorbars() makes 1hr of video by default. How can I change that to something shorter?

edit: Nevermind, did it with Trim()

Last edited by Borbus; 8th January 2007 at 22:59.
Borbus is offline   Reply With Quote
Old 8th January 2007, 23:30   #491  |  Link
blutach
Country Member
 
blutach's Avatar
 
Join Date: Sep 2004
Location: is everything!
Posts: 6,499
Quote:
Originally Posted by tonyp12 View Post
Is Bystander = Muslix64.

Just joined and pretty much tells how to get the
keys but without telling all of it.
Sounds like Muslix, and using a second screen name will
lessen the chance of getting traced and sued.

I think Muslix is from Germany, where the cereal is from and a land where Commodore 64 was a hackers first toy.

This is just speculations, and Mods can delete this post if it's
out of bound/irrelevant.
Quote:
Originally Posted by feizex View Post
FYI...
http://www.youtube.com/profile?user=muslix64
muslix64
Age: 26
Country: Canada
Sigh.... Why won't some posters read what we type and read the rules? Strikes issued.

Regards
__________________
Les

Only use genuine Verbatim or Taiyo Yuden media.

Last edited by blutach; 8th January 2007 at 23:47.
blutach is offline   Reply With Quote
Old 8th January 2007, 23:34   #492  |  Link
Borbus
Registered User
 
Join Date: Sep 2006
Posts: 52
Ok, here's another image with Colorbars and a Framecount instead of nothing. Analogue output is now allowed instead of constrained.

http://www.filehost.gr/73129

The volume and title keys are in the discinfo.dat file (volume key first, then title key).

Now there's probably not much else to play around with until someone can get hold of Blazer of figure out how to encrypt the video.
Borbus is offline   Reply With Quote
Old 8th January 2007, 23:39   #493  |  Link
Polly
Registered User
 
Join Date: Dec 2006
Posts: 1
I'm designing a GUI for the HDDVD backup and attempting to make an easy way to enter the keys in as you get them.

Since I don't have an HDDVD player it makes it impossible for me to change any of the source that muslix provides and guarantee it works, and as such I will simply make a wrapping gui for the backup classes. If he continues to put up future releases it should be easy to plug in the new version into the gui.



This is a 30 second design in java, but it makes it easier to use. I'll be posting it soon for those who want an interface rather than command line.
Polly is offline   Reply With Quote
Old 8th January 2007, 23:48   #494  |  Link
Isochroma
Registered User
 
Join Date: Mar 2005
Posts: 468
@Borbus: Thank you!

I haven't yet receive a reply from Eclipse. It seems that for now, the best way to verify BackupHDDVD's functionality is to obtain an HD-DVD drive, AACS-protected HD-DVD disc, and player software.

The Title Key must be available in the clear during the entire playback process, as it is needed to decrypt each chunk of data as it is read.

Keeping the Title Key scrambled using the player software's algorithm or encrypted from disc would place a heavy burden on the CPU during playback, as it would have to be repeatedly decrypted to be used for chunk decryption, throughout playback.

Considering that most machines are only just able to decode 1080p content alone, it seems unlikely that software authors would cripple their product's performance using such a method.
Isochroma is offline   Reply With Quote
Old 9th January 2007, 00:06   #495  |  Link
hajj_3
Registered User
 
Join Date: Mar 2004
Posts: 1,120
if you guys want some hd-dvd's to test you can get 2 for £2.86 delivered from a mis-price on play-asia: http://www.hotukdeals.com/forums/showthread.php?t=42021

@ polly - great work, release the sourcecode when your done. also change the image of the dvd to this:

Last edited by hajj_3; 9th January 2007 at 00:18.
hajj_3 is offline   Reply With Quote
Old 9th January 2007, 00:48   #496  |  Link
calinb
Registered User
 
calinb's Avatar
 
Join Date: Apr 2002
Posts: 306
Quote:
Originally Posted by Isochroma View Post
Keeping the Title Key scrambled using the player software's algorithm or encrypted from disc would place a heavy burden on the CPU during playback, as it would have to be repeatedly decrypted to be used for chunk decryption, throughout playback.

Considering that most machines are only just able to decode 1080p content alone, it seems unlikely that software authors would cripple their product's performance using such a method.
I believe they have, in fact, done so and the title keys may not remain in the clear for long. The player behavior I've seen is consistent with the code snippets Bystander posted. The player accesses the encrypted title keys in memory every few hundred milliseconds or so. I've also seen it clear heap memory.

The CPU load is enormous and regenerating keys whenever necessary, on the fly, could easily be accomplished, within the high load. Besides, compared to decrypting the content, decrypting the keys should not result in much additional load. I have a computer that plays high profile AVC HD with CoreAVC nicely. The computer can't even come close to decoding a VC-1 HD-DVD without dropping frames all over the place. The developers were probably more concerned with implementing DRM than realizing performance.

Bystander's suggestions are useful, based on the behavior I've captured.

Last edited by calinb; 9th January 2007 at 00:55.
calinb is offline   Reply With Quote
Old 9th January 2007, 00:55   #497  |  Link
Jerky_san
Registered User
 
Join Date: Apr 2005
Posts: 18
So basically we can either add the steps in that were suggested or create a breakpoint JUST before the heap clears and instead dump the memory. What are you all using to play this.. My version of WinDVD HD crashes when I load the file..

Last edited by Jerky_san; 9th January 2007 at 01:04.
Jerky_san is offline   Reply With Quote
Old 9th January 2007, 02:05   #498  |  Link
Isochroma
Registered User
 
Join Date: Mar 2005
Posts: 468
I just received an email reply from the folks at Eclipse, regarding the costs for an AACS license (required before Eclipse will sell you their product):

"It's pretty expense. You can find more information at: http://www.aacsla.com/home

I think the adopter agreement costs about $20,000 per year, and then AACS collects about $2,000 per title, and $0.04 per disc.
"

Last edited by Isochroma; 9th January 2007 at 03:46.
Isochroma is offline   Reply With Quote
Old 9th January 2007, 02:57   #499  |  Link
calinb
Registered User
 
calinb's Avatar
 
Join Date: Apr 2002
Posts: 306
Quote:
Originally Posted by Jerky_san View Post
So basically we can either add the steps in that were suggested or create a breakpoint JUST before the heap clears and instead dump the memory. What are you all using to play this.. My version of WinDVD HD crashes when I load the file..
Sounds like a reasonable approach to try. I suspect that most people are following Muslix64's suggestion to use PowerDVD 6.5 but he said other players may yield keys too. Try launching or enabling your debugger after a title is playing and remember that the AACS spec says stuff must be cleared when the player is stopped. I don't know about pausing play.

Last edited by calinb; 9th January 2007 at 05:18.
calinb is offline   Reply With Quote
Old 9th January 2007, 05:08   #500  |  Link
El Toro
Registered User
 
Join Date: Jan 2007
Posts: 6
It seems amazing, on how one posting has created a lot of conversation on the subject in question burning a HD-DVD and yet no one is able to burn one. Will sit in the background and see what this thread leads to.
El Toro is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 22:08.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.