Processing Key, Media Key and Volume ID found!!!

[KenD00]

Quote:

Originally Posted by arnezami

I would like to concentrate on making the AACS-auth (+Host Cert/private key) work.

I think you need two things to do that:

1.) A Host Certificate. This can be revoked so it won't work forever. But until they enforce bus encryption everyone can get a new one

Because of that

Quote:

AACS_Spec_Common_0.91_.pdf

....

12. The drive generates 160 bits random number as nonce Dn
13. The drive sends the nonce Dn generated in step 11 and the Drive Certificate to the host.

...

25. The host creates a digital signature of the concatenation of the nonce Dn received in step 12 and the point
on the elliptic curve Hv calculated in step 22.
Hsig = AACS_Sign(AACS_Hostpriv, Dn || Hv)
26. The host sends the point on the elliptic curve Hv calculated in step 22 and the digital signature Hsig created
in step 23 to the drive.
27. The drive verifies the signature of the concatenation of the nonce Dn and the point on the elliptic curve Hv.
AACS_Verify(AACS_Hostpub, Hsig , Dn || Hv)
If the verification fails, the drive shall determine the host is not compliant and shall abort the drive
authentication procedure.

you need

2.) A Host Private Key. This is hard to get because it does not travel on the bus. But, correct me if i'm wrong, i don't see a mechanism for revoking a Private Key, so this will work forever?

The rest is sending the right commands to the drive.