Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

Reply
 
Thread Tools Search this Thread Display Modes
Old 26th August 2016, 15:10   #1  |  Link
Dandu
Registered User
 
Join Date: Feb 2014
Posts: 14
Ultra HD Blu-ray

Hi,

I have a question, is there a way to decrypt Blu-ray Ultra HD on a PC ?

Actually, i have a Blu-ray Player who read Ultra HD Blu-ray (LG BH16NS55) but there is no software to read the content (i use a Xbox One S to watch it).

The structure seems the same as classic Blu-ray, i suppose that with the key, it's possible to decrypt the content.
Dandu is offline   Reply With Quote
Old 26th August 2016, 15:21   #2  |  Link
Music Fan
Registered User
 
Join Date: May 2009
Location: Belgium
Posts: 1,743
Are you sure the LG BH16NS55 is UHD compatible ? I don't find any mention of that about this model.
AACS 2.0 hasn't been cracked yet ;
https://www.reddit.com/r/Piracy/comm...k_bluray_rips/
http://arstechnica.com/gadgets/2016/...d-for-a-while/
Music Fan is offline   Reply With Quote
Old 26th August 2016, 16:18   #3  |  Link
Dandu
Registered User
 
Join Date: Feb 2014
Posts: 14
Yep, i can read a Ultra HD Blu-ray (see the content) on my Mac without problem

Dandu is offline   Reply With Quote
Old 26th August 2016, 16:30   #4  |  Link
Music Fan
Registered User
 
Join Date: May 2009
Location: Belgium
Posts: 1,743
Interesting, was this skill written on the box ?
I wonder if others pc's BD players can play UHD discs without mentioning it.
Music Fan is offline   Reply With Quote
Old 26th August 2016, 16:33   #5  |  Link
sneaker_ger
Registered User
 
Join Date: Dec 2002
Posts: 5,565
This isn't new. In the avsforum there are other reports of LG drives who could also "read" the discs. But "read" only means showing the title and size. The encryption is not broken so you cannot do anything useful.
sneaker_ger is offline   Reply With Quote
Old 26th August 2016, 22:14   #6  |  Link
Sparktank
47.952fps@71.928Hz
 
Sparktank's Avatar
 
Join Date: Mar 2011
Posts: 940
According one professor here, you only need AACS 2.0 for decrypting audio only.
Quote:
Originally Posted by musicvideos4k View Post
The AACS 2.0 is a protection that does not let you to RIP THE AUDIO , yet. You can do it with video and in 10bit "precision" , with HEVC 10bit, just fine. You cannot rip the audio in multi channel because of the protection, just stereo.
__________________
Win10 (x64) build 19041
NVIDIA GeForce GTX 1060 3GB (GP106) 3071MB/GDDR5 | (r435_95-4)
NTSC | DVD: R1 | BD: A
AMD Ryzen 5 2600 @3.4GHz (6c/12th, I'm on AVX2 now!)
Sparktank is offline   Reply With Quote
Old 26th August 2016, 23:19   #7  |  Link
Music Fan
Registered User
 
Join Date: May 2009
Location: Belgium
Posts: 1,743
Quote:
Originally Posted by Sparktank View Post
According one professor here, you only need AACS 2.0 for decrypting audio only.
I already imagine what will do most of people : rip UHD discs for video, Blu-ray for audio then mux both.
Music Fan is offline   Reply With Quote
Old 27th August 2016, 02:47   #8  |  Link
qyot27
...?
 
qyot27's Avatar
 
Join Date: Nov 2005
Location: Florida
Posts: 1,419
Blu-ray Discs use UDF 2.5 as their filesystem. That's not the problem, and it's not really related to the optical drive. You could probably put one of the UHD Blu-rays in a first-generation BDXL-capable drive accessed by Windows Vista with stock drivers and it'd show the contents of the disc just fine. It'd probably even be fine if the filesystem on UHD Blu-ray is UDF 2.6 (still >10 years old) rather than 2.5.

The problem is AACS 2.0 not being broken. It's not inconceivable that studios could face such a backlash or early implementation problem from AACS 2.0 that they might issue some discs with the first version of AACS like with regular Blu-ray. I just highly doubt that. Highly.

Quote:
Originally Posted by Sparktank
According one professor here, you only need AACS 2.0 for decrypting audio only.
Quote:
Originally Posted by musicvideos4k
The AACS 2.0 is a protection that does not let you to RIP THE AUDIO , yet. You can do it with video and in 10bit "precision" , with HEVC 10bit, just fine. You cannot rip the audio in multi channel because of the protection, just stereo.
I'm gonna need some ibuprofen.
qyot27 is offline   Reply With Quote
Old 27th August 2016, 11:06   #9  |  Link
dizzier
Registered User
 
Join Date: Jan 2010
Posts: 74
I've spent some time digging through Sony WikiLeaks stash, here's what I've found.

UHD Bluray-Discs are basically BDXL discs, so some drives might read them. It is not official though and not mentioned on the box or in the specs. Note that not all BDXL drives are capable of this, I'm not sure why.

AACS 2.0 has some similarities with AACS 1.0. It obviously encrypts all the audio and video content on the disc. Problems:
- host/drive certificates and any kind of device/processing key are completely separate, keys/certs from AACS 1.0 will not work
- AACS 2.0 discs can be either offline or online, offline let's you play the disc in a usual way if you have device keys, online discs require Internet access to get proper decryption keys (I have no idea what kind of discs are currently available)
- they've made some attempts to secure the online protocol, it probably will not be sufficient to just replay the request sent by legitimate player
- since drive/host certs are separate (and in different format, with longer key and signature) this probably means that a new method of retrieving VID must be implemented by the drives; this means that while BDXL drives can read UHD discs, they will not be able to perform AACS 2.0 auth and retrieve VID (this obviously might be possible with a firmware upgrade, but I guess drive manufacturers will prefer to sell you a new drive)
- there are no PC software players capable of AACS 2.0 yet, so there is no place to try to extract any keys/certs
- there is no public specification (unlike AACS 1.0) and there won't be one

All of this is based on various drafts and presentations, so it might as well all work differently. Unfortunately it seems that there won't be any progress with AACS 2.0 until official UHD supporting PC drives and software players are available. Unless you can reverse engineer hardware players
dizzier is offline   Reply With Quote
Old 27th August 2016, 12:15   #10  |  Link
SeeMoreDigital
Life's clearer in 4K UHD
 
SeeMoreDigital's Avatar
 
Join Date: Jun 2003
Location: Notts, UK
Posts: 12,219
Okay...

If you put aside the data decryption side of things. Can people extract all the data from UHD disc's with one of these LG BH16NS55 drives?


Cheers
__________________
| I've been testing hardware media playback devices and software A/V encoders and decoders since 2001 | My Network Layout & A/V Gear |
SeeMoreDigital is offline   Reply With Quote
Old 27th August 2016, 12:25   #11  |  Link
Dandu
Registered User
 
Join Date: Feb 2014
Posts: 14
Quote:
Originally Posted by qyot27 View Post
Blu-ray Discs use UDF 2.5 as their filesystem. That's not the problem, and it's not really related to the optical drive. You could probably put one of the UHD Blu-rays in a first-generation BDXL-capable drive accessed by Windows Vista with stock drivers and it'd show the contents of the disc just fine. It'd probably even be fine if the filesystem on UHD Blu-ray is UDF 2.6 (still >10 years old) rather than 2.5.
No.

I have tried with many BD-XL drive and they can't read Ultra HD BLu-ray. It's a new generation.

There is difference between Ultra HD BLu-ray and BDXL, this paper explain that : http://www.blu-raydisc.com/Assets/Do...0817_clean.pdf

Actually, a drive compatible with BD-ROM4 (https://www.blu-raydisc.info/content...ction-rom4.php) is an obligation, and LG is the only manufacturer who made that.
Dandu is offline   Reply With Quote
Old 27th August 2016, 12:27   #12  |  Link
Dandu
Registered User
 
Join Date: Feb 2014
Posts: 14
And i can try to read files on the disc today (and try to obtain the video).

But it's complicated to send the files on the net, it's very big (98 GB for Batman v Superman)
Dandu is offline   Reply With Quote
Old 27th August 2016, 13:04   #13  |  Link
sneaker_ger
Registered User
 
Join Date: Dec 2002
Posts: 5,565
Quote:
Originally Posted by Dandu View Post
And i can try to read files on the disc today (and try to obtain the video).

But it's complicated to send the files on the net, it's very big (98 GB for Batman v Superman)
No one asked for it.
sneaker_ger is offline   Reply With Quote
Old 27th August 2016, 13:32   #14  |  Link
dizzier
Registered User
 
Join Date: Jan 2010
Posts: 74
Quote:
Originally Posted by sneaker_ger View Post
No one asked for it.
And sharing the whole disc would be really pointless. You need to get a working player and observe how it interacts with a original disc to try to do anything about AACS 2.0.
dizzier is offline   Reply With Quote
Old 4th September 2016, 11:27   #15  |  Link
dizzier
Registered User
 
Join Date: Jan 2010
Posts: 74
I've also found an interesting presentation: http://www.cptwg.org/assets/2015/201...esentation.pdf
dizzier is offline   Reply With Quote
Old 15th September 2016, 19:17   #16  |  Link
dizzier
Registered User
 
Join Date: Jan 2010
Posts: 74
I have bought BH16NS55 and Deadpool UHD Blu-Ray disc.

First, some impressions about the drive. Yes, it can read UHD Blu-Ray. Deadpool is a two layer UHD disc with 33GB per layer. There are also three layer discs, with the same data density, like Batman vs. Superman, but I haven't tested that (will not spend money on that piece of crap). While it reads UHD discs, it is kinda unreliable. From time to time it simply refuses to work and returns various errors. Usually reloading the disc fixes the problem, but one time I had to power it down, otherwise it refused to work at all. I was able, on the second try, to make image of Deadpool disc with data transfer not leaving 10-20MB/s range. It might be just an unreliable disc, I don't have a second one yet. The drive does not support AACS 2.0, so it almost surely will not work with software players, if they become available.

Now onto AACS 2.0, which is more interesting. The overall disc structure seems the same. UHD disc does not contain BD+ (normal Blu-Ray counterpart is BD+). It does have bus encryption enabled, which seems mandatory for AACS 2.0.
The MKB file has the same basic structure like those from AACS 1.0. It reports itself as a MKBv60. It has a new type and several new record types with unknown purpose. It is signed with a different AACS LA certificate, which was expected. Host and driver revocation lists are exactly the same like those found on normal Blu-Ray MKBv60 discs. This makes sense, as drives would need to maintain only a single list of host certs to revoke (AACS 2.0 certificates use longer keys, but the certificate ID space seems shared). The subset-difference tree seems to be much larger, instead of usual 562 entries there are now 181250 (number of C-values record entries to be precise).

I've tried running AACS 1.0 auth for this disc. Surprisingly... it was successful. I was able to read VID, PMSN and Read Data Key (used by bus encryption). Now, onto some speculation why it works and what does it mean.
My guess is that AACS 1.0 drives are not supposed to read UHD discs. Both VID and PMSN are simply some values store on disc, that are not accessible in normal way. Drive is perfectly able to read them, but reading is protected by AACS-authentication process, which requires host certificate. If we assume that AACS 2.0 stores those values at the exactly the same place as AACS 1.0, then AACS 1.0 drive, capable of reading UHD discs, will gladly read them, provided AACS 1.0 host certificate. Bus encryption is somewhat different, (some) disc sectors have some low level markers that tell the drive to encrypt them on the fly. Getting the decryption key from the drive also requires AACS-authentication. If the same markers are used by AACS 2.0 (I don't see why not, it is kinda low level thing) then AACS 1.0 drive will handle this perfectly fine, if it can read the disc. Which we know it can
If the above is correct, then it means that this kind of drive kinda defeats part of AACS 2.0. But, don't get your hopes too high. The values (VID, etc.) I was able to retrieve could be completely bogus. Also, to fully decrypt AACS 2.0 we would need device/processing/volume key. There were no new device/processing keys available even for AACS 1.0 for a few years and we don't have any player/ripper to extract volume key from.

Disc information:
Code:
Disc ID: F58AA868C40D5894C332F9BDB978522432D5CC82
VID    : 55F4D4B1F77D26D0E7A9D55DA5599AA7
MKBv   : 60
PMSN   : will not provide for obvious reasons, but was able to read it
Bus encryption:
  Device support:   yes
  Enabled in media: yes
Content Certificate ID: 006F8005EF00
BD-J Root Cert hash:    0000000000000000000000000000C73B53981817
Device binding ID:      some random value generated by my PC
Host Revocation List  (MKB version 60):
  000000000001 - 0000000003e8
  000080000001 - 0000800080e8
  270f80000001 - 270f80000bb8
  ff2210100001 - ff221010001f
  ff2210400001 - ff221040001f
  ff2220000001 - ff22200000ff
  ff2290100001 - ff229010001f
  ff2290400001 - ff229040001f
  ff22a0000001 - ff22a00000ff
  ff2318000001 - ff231800001f
  ff2318100001 - ff231810001f
  ff2318400001 - ff231840001f
  ff2340000001 - ff23400000ff
  ff2710000001 - ff271000001f
  ff2790000001 - ff279000001f
  ffff0000000b - ffff00000014
  ffff00000016
  ffff00000021 - ffff0000002a
  ffff00000035 - ffff00000038
  ffff0000004e - ffff00000052
  ffff00000054 - ffff00000057
  ffff0000005d - ffff00000066
  ffff00000080
  ffff00000088 - ffff00000091
  ffff00000094
  ffff000000ae
  ffff000000b2 - ffff000000bb
  ffff000027db
  ffff00002817
  ffff00002820
  ffff00002834 - ffff0000283d
  ffff00002846
  ffff0000284b
  ffff80000001 - ffff80000024
  ffff80000029
  ffff8000002f
  ffff80000039
  ffff80000045
  ffff80000071
  ffff80000079
  ffff8000007c - ffff8000007e
  ffff800000ad
  ffff800000c4 - ffff800000c6
  ffff800000d0
  ffff800000f4 - ffff800000fd
  ffff80000146
Drive Revocation List  (MKB version 60):
  000000000001 - 0000000003e8
  000080000001 - 0000800055f0
  270f20000001 - 270f20000514
  270f80000001 - 270f800007d0
  ff2600000001 - ff2600000096

Last edited by dizzier; 15th September 2016 at 19:48.
dizzier is offline   Reply With Quote
Old 15th September 2016, 21:06   #17  |  Link
candela
Registered User
 
Join Date: Jun 2005
Posts: 259
Quote:
Originally Posted by dizzier View Post
There were no new device/processing keys available even for AACS 1.0 for a few years and we don't have any player/ripper to extract volume key from.
Do you have any idea why no PS3 bluray keys have leaked? The device keys of the original hacked PS3 firmware are available (they work with AACSKeys). Then I read here PS3 Bluray player can be updated on hacked firmware. So can't they use the same method to get the keys from this updated player or is this player better protected?
candela is offline   Reply With Quote
Old 15th September 2016, 21:17   #18  |  Link
Dandu
Registered User
 
Join Date: Feb 2014
Posts: 14
For information, the player can read Batman vs. Superman, i have tested with this disc.
Dandu is offline   Reply With Quote
Old 15th September 2016, 21:31   #19  |  Link
dizzier
Registered User
 
Join Date: Jan 2010
Posts: 74
Quote:
Originally Posted by candela View Post
Do you have any idea why no PS3 bluray keys have leaked? The device keys of the original hacked PS3 firmware are available (they work with AACSKeys). Then I read here PS3 Bluray player can be updated on hacked firmware. So can't they use the same method to get the keys from this updated player or is this player better protected?
Not really sure, however PS3 encryption was defeated only because of a stupid mistake. The cryptography behind PS3 security itself was not defeated, Sony just screw up by using it incorrectly (using constant 'k' in ECDSA algorithm instead of cryptographicly secure random number). They have fixed it, however I am not really exactly how, I was not following that. Some ideas why there are no new processing keys:
- processing keys are present in the firmware, however, as I've said, the cryptography of PS3 was not broken; they fixed their usage of cryptography and then released a new firmware, using it correctly with new keys; while you can update it you cannot decrypt it and thus you cannot get hold of the new processing keys
- after PS3 screw up AACS discs were switched to use different processing key for each disc; there is nothing in the spec that forbids it and it was even noticed on this forum
- they've fixed it by making the MKB treatment online; PS3 sends MKB file to Sony servers, they provide VUK in response, that way no processing or device key is present on the console
- nobody skilled looked at it for a while
dizzier is offline   Reply With Quote
Old 6th December 2017, 20:03   #20  |  Link
candela
Registered User
 
Join Date: Jun 2005
Posts: 259
Quote:
Originally Posted by dizzier View Post
I have bought BH16NS55 and Deadpool UHD Blu-Ray disc.

If the above is correct, then it means that this kind of drive kinda defeats part of AACS 2.0. But, don't get your hopes too high. The values (VID, etc.) I was able to retrieve could be completely bogus. Also, to fully decrypt AACS 2.0 we would need device/processing/volume key.

According to this post on the MakeMKV forum the VID retrieved using the AACS1 cert is valid. Therefore it should be possible to play the discs for which a VUK is known. So if there is anyone that has one of these AACS1 UHD-friendly drives and also has one of the discs for which a VUK has been posted here , please try to play it in VLC and post the results
candela is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 14:11.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.