Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

Reply
 
Thread Tools Search this Thread Display Modes
Old 11th January 2007, 15:09   #561  |  Link
DerKönig
Registered User
 
DerKönig's Avatar
 
Join Date: Jan 2007
Posts: 6
Continuing CowBell's line of thought with what I understood from feizex's post:

Wouldnt it be, in theory, possible to create an HD-DVD image like the one Borbus created, with an MKB file that has empty DRL and HRL but a very high version number. Burn that image and play it in the HD-DVD drive (probably the XBOX drive as this is most popular). This would force the authentication process to be skipped in future as the system now thinks it has the highest versions of the DRL and HRL (but they are empty)???

@IsoChroma:

Since you are the one who contacted Eclipse... would the above idea need a license from the AACS LA (to create a "valid" HD-DVD image I mean)??
DerKönig is offline   Reply With Quote
Old 11th January 2007, 15:11   #562  |  Link
DerKönig
Registered User
 
DerKönig's Avatar
 
Join Date: Jan 2007
Posts: 6
BackupHDDVD requires either the Volume Key or Title Keys... is having a player key of any use??? I mean, if I had a player key, where is the encrypted Volume Key on the Disc? so that it can be decrypted using the Player Key...
DerKönig is offline   Reply With Quote
Old 11th January 2007, 16:37   #563  |  Link
cyber1
Registered User
 
Join Date: Dec 2006
Posts: 13
Quote:
Originally Posted by DerKönig View Post
BackupHDDVD requires either the Volume Key or Title Keys... is having a player key of any use??? I mean, if I had a player key, where is the encrypted Volume Key on the Disc? so that it can be decrypted using the Player Key...
You can read the specs at www.aacsla.com.
At this point the player key is not interesting.
Its only AACS LA that can create signed MKBs.
cyber1 is offline   Reply With Quote
Old 11th January 2007, 16:39   #564  |  Link
ilaps
Registered User
 
Join Date: Jan 2007
Posts: 2
read chapter 3 of AACS_spec_common_0.91: they describe the algo Kd (you call it player key) , MKB (you read it on the dvd)-->Km: media key ; there is an example in java!

then you go to AACS-spec_prerecorded_0.91 and in §3.3 you see how to compute from media key the volume key and title key

Have you got Kd keys?
ilaps is offline   Reply With Quote
Old 11th January 2007, 17:16   #565  |  Link
evdberg
Registered User
 
Join Date: Dec 2006
Posts: 202
Hi Neviens,

I have made a program which can log the input and output of any function in PowerDVD. I now used it to monitor the function you disassembled and commented in post #490. These are the results of the 4 input parameters:
33d1e40 300a520 30061dc 2190
33d1e40 30125e8 7e002e4 2190
33d1e40 301b008 2fd72cc 2190
33d1e40 2ff4148 2fefe04 2190
33d1e40 7eeb1e0 2fc77c4 2190
33d1e40 2ff1b38 2fed7f4 2190
33d1e40 2fc51e0 2fed7f4 2190

Obviously the 1st 3 parameters are pointers, so I might log the memory to which they point. Is this of any use to you? Do you want to see other results or logs of different function calls?

P.S.: I can not play HD-DVD on my system, so these are the calls to the point that PowerDVD displays the error message that my system is not sufficient to play HD-DVD.

Last edited by evdberg; 11th January 2007 at 19:27.
evdberg is offline   Reply With Quote
Old 11th January 2007, 18:45   #566  |  Link
Syris2k4
Registered User
 
Join Date: Oct 2006
Posts: 12
Rather off topic, but I thought a nice thing to... share.

"Many media content owners believe web surfers should pay to watch their material, just like other audiences, and protect their files with digital rights management (DRM) constraints that prevent people making copies. A recent Treasury report on intellectual property concluded that this kind of protection actually encourages innovation and creates the next big thing that consumers seek."

Source : http://tinyurl.com/yxyoxq

Please could I have some DRM, ohh please?

And good job so far on the hunt, I'm enjoying the reading so far, wish I could join in. I do like the idea of re-writing the stored cache of banned keys - perhaps check with "the dangerous brothers" if they could look at a firmware hack?
Syris2k4 is offline   Reply With Quote
Old 11th January 2007, 22:26   #567  |  Link
neviens
Registered User
 
Join Date: Nov 2005
Posts: 6
Quote:
Originally Posted by evdberg View Post
Hi Neviens,

I have made a program which can log the input and output of any function in PowerDVD. I now used it to monitor the function you disassembled and commented in post #490. These are the results of the 4 input parameters:
33d1e40 300a520 30061dc 2190
33d1e40 30125e8 7e002e4 2190
33d1e40 301b008 2fd72cc 2190
33d1e40 2ff4148 2fefe04 2190
33d1e40 7eeb1e0 2fc77c4 2190
33d1e40 2ff1b38 2fed7f4 2190
33d1e40 2fc51e0 2fed7f4 2190

Obviously the 1st 3 parameters are pointers, so I might log the memory to which they point. Is this of any use to you? Do you want to see other results or logs of different function calls?

P.S.: I can not play HD-DVD on my system, so these are the calls to the point that PowerDVD displays the error message that my system is not sufficient to play HD-DVD.
1. Unfortunately, it's useless to hook AES functions in program
that actually don't play a content. You see, there isn't any call
with fourth argument = 10h, but most (all ?) AES operations on
keys are exactly with 10h bytes of data.
We need to cooperate with somebody who can play a HD-DVD.

2. What data output from your program is necessary.
a) the key. Pointer to AES key is a 2nd argument of AES_KeyExpand(),
and key length allways is 10h (16 decimal).
b) input buffer (for operations with keys only). Pointer to
input buffer is a 2nd arg of AES_SwitchFunc*()
c) output buffer (for operations with keys only). Pointer to
output buffer is a 3rd arg of AES_SwitchFunc*()
length of buffers = 10h

If we want to begin with title key, then it's necessary to hook
the CBC decrypt function @100C34E8, I think. One call to this
function decrypts device keys file 001.fcl with hexadecimal key
00010203000102030001020300010203
One of two remaining calls must be content decyphering!
We need only 2nd arg of AES_KeyExpand(), the title key.
Oh, it's so difficult to live without debugger ):
neviens is offline   Reply With Quote
Old 11th January 2007, 22:52   #568  |  Link
Janvitos
Registered User
 
Join Date: Jan 2007
Posts: 55
Just a little comparison i made between PowerDVD and WinDVD,
i noticed the contents of the VTKF000.AACS file is there a few times in PowerDVD's memory,
but it isn't at all in WinDVD's memory. I'm not sure if this means anything, just a thought.
Janvitos is offline   Reply With Quote
Old 11th January 2007, 23:20   #569  |  Link
evdberg
Registered User
 
Join Date: Dec 2006
Posts: 202
I prepared below log earlier this evening. It is the 32 bytes of each of the 3 argument pointers before (Input) and after (Output) the function call. You can clearly see the key you mentioned in the 1st argument.

I will see tomorrow if I can log what you asked for ...
What do you mean with your last sentence? Don't you have a debugger?


Input:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00 GenuineIntel

43 2c e9 fe 25 1c a3 0f bb 80 27 e9 8b 19 8c c4
a4 d4 f4 91 ad c3 43 a2 8b db 29 52 d5 79 3f 07

34 33 32 63 65 39 66 65 32 35 31 63 61 33 30 66 432ce9fe251ca30f
62 62 38 30 32 37 65 39 38 62 31 39 38 63 63 34 bb8027e98b198cc4

Output:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

a0 e0 12 00 dc 03 2f 03 01 00 00 00 ac e0 12 00
5c 0f 2f 03 00 00 00 00 00 00 00 00 90 2d 00 03

46 43 4c 46 49 45 4c 44 78 4c f5 c3 63 97 a4 39
04 06 a4 9f 78 00 c7 7d e9 0c b3 4c 00 1d f3 6b

Input:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

43 2c e9 fe 25 1c a3 0f bb 80 27 e9 8b 19 8c c4
a4 d4 f4 91 ad c3 43 a2 8b db 29 52 d5 79 3f 07

34 33 32 63 65 39 66 65 32 35 31 63 61 33 30 66
62 62 38 30 32 37 65 39 38 62 31 39 38 63 63 34

Output:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

ac df 12 00 dc 03 2f 03 01 00 00 00 b8 df 12 00
5c 0f 2f 03 00 00 00 00 00 00 00 00 88 ee 00 03

46 43 4c 46 49 45 4c 44 78 4c f5 c3 63 97 a4 39
04 06 a4 9f 78 00 c7 7d e9 0c b3 4c 00 1d f3 6b

Input:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

43 2c e9 fe 25 1c a3 0f bb 80 27 e9 8b 19 8c c4
a4 d4 f4 91 ad c3 43 a2 8b db 29 52 d5 79 3f 07

34 33 32 63 65 39 66 65 32 35 31 63 61 33 30 66
62 62 38 30 32 37 65 39 38 62 31 39 38 63 63 34

Output:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

60 db 12 00 dc 03 2f 03 01 00 00 00 6c db 12 00
5c 0f 2f 03 00 00 00 00 00 00 00 00 90 2d 00 03

46 43 4c 46 49 45 4c 44 78 4c f5 c3 63 97 a4 39
04 06 a4 9f 78 00 c7 7d e9 0c b3 4c 00 1d f3 6b

Input:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

43 2c e9 fe 25 1c a3 0f bb 80 27 e9 8b 19 8c c4
a4 d4 f4 91 ad c3 43 a2 8b db 29 52 d5 79 3f 07

34 33 32 63 65 39 66 65 32 35 31 63 61 33 30 66
62 62 38 30 32 37 65 39 38 62 31 39 38 63 63 34

Output:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

6c da 12 00 dc 03 2f 03 01 00 00 00 78 da 12 00
5c 0f 2f 03 00 00 00 00 00 00 00 00 70 d9 00 03

46 43 4c 46 49 45 4c 44 78 4c f5 c3 63 97 a4 39
04 06 a4 9f 78 00 c7 7d e9 0c b3 4c 00 1d f3 6b

Input:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

43 2c e9 fe 25 1c a3 0f bb 80 27 e9 8b 19 8c c4
a4 d4 f4 91 ad c3 43 a2 8b db 29 52 d5 79 3f 07

34 33 32 63 65 39 66 65 32 35 31 63 61 33 30 66
62 62 38 30 32 37 65 39 38 62 31 39 38 63 63 34

Output:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

a0 db 12 00 dc 03 2f 03 01 00 00 00 ac db 12 00
5c 0f 2f 03 00 00 00 00 00 00 00 00 90 2d 00 03

46 43 4c 46 49 45 4c 44 78 4c f5 c3 63 97 a4 39
04 06 a4 9f 78 00 c7 7d e9 0c b3 4c 00 1d f3 6b

Input:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

43 2c e9 fe 25 1c a3 0f bb 80 27 e9 8b 19 8c c4
a4 d4 f4 91 ad c3 43 a2 8b db 29 52 d5 79 3f 07

34 33 32 63 65 39 66 65 32 35 31 63 61 33 30 66
62 62 38 30 32 37 65 39 38 62 31 39 38 63 63 34

Output:
00 01 02 03 00 01 02 03 00 01 02 03 00 01 02 03
47 65 6e 75 69 6e 65 49 6e 74 65 6c 00 00 00 00

ac da 12 00 dc 03 2f 03 01 00 00 00 b8 da 12 00
5c 0f 2f 03 00 00 00 00 00 00 00 00 e8 2f 00 08

46 43 4c 46 49 45 4c 44 78 4c f5 c3 63 97 a4 39
04 06 a4 9f 78 00 c7 7d e9 0c b3 4c 00 1d f3 6b
evdberg is offline   Reply With Quote
Old 12th January 2007, 02:40   #570  |  Link
muslix64
Registered User
 
Join Date: Dec 2006
Posts: 35
Problem with "In movie experience" (IME) feature

There is a problem with the playback of movies having the
"In movie experience" (IME) feature. This is not a BackupHDDVD problem but a PowerDVD problem

PowerDVD cannot play decrypted content having the extra streams required for the IME feature.
It simply Crash...

In order to play the content, you have to remove these extra streams. I have identify:

Audio substream 0xc8 and video substream 0xd3
I manage to get smooth audio playback, but not smooth video playback so far...

If you want to experiment with BackupHDDVD, make sure your movie don't have the IME feature.

or just use one of the movies I have listed I my first post.

I hope we will have an open source player to play decrypted evob file soon. (VideoLan!)
muslix64 is offline   Reply With Quote
Old 12th January 2007, 02:45   #571  |  Link
muslix64
Registered User
 
Join Date: Dec 2006
Posts: 35
Hint

Do you know about "known-plaintext attack"?
It takes only few seconds to my keyfinder tool to locate the key in the memory dump file using the known-plaintext attack.

You don't have to mess with tracing/debugging the code. Just dump the memory...
muslix64 is offline   Reply With Quote
Old 12th January 2007, 02:51   #572  |  Link
muslix64
Registered User
 
Join Date: Dec 2006
Posts: 35
Anyone have the BD+ SPDC virtual machine specifications?
This one will be a real challenge...
muslix64 is offline   Reply With Quote
Old 12th January 2007, 03:13   #573  |  Link
Warren
Registered User
 
Join Date: Dec 2002
Posts: 68
Hrm which known plaintext attack are you referring to muslix? What information do we have that when encrypted could lead us to the key?

Last edited by Warren; 12th January 2007 at 03:17.
Warren is offline   Reply With Quote
Old 12th January 2007, 03:25   #574  |  Link
muslix64
Registered User
 
Join Date: Dec 2006
Posts: 35
Warren...

Do you know what is the structure of an encrypted PACK?
Take a look at that first and think about it.
If I have figure it out, anyone can...
muslix64 is offline   Reply With Quote
Old 12th January 2007, 03:42   #575  |  Link
DanITman
Registered User
 
Join Date: Dec 2006
Posts: 16
Welcome back muslix I hope you vacation went well
DanITman is offline   Reply With Quote
Old 12th January 2007, 03:53   #576  |  Link
noclip
Registered User
 
Join Date: Dec 2006
Posts: 154
Quote:
Originally Posted by muslix64 View Post
Do you know about "known-plaintext attack"?
It takes only few seconds to my keyfinder tool to locate the key in the memory dump file using the known-plaintext attack.

You don't have to mess with tracing/debugging the code. Just dump the memory...
All the AACS constants appear at least half a dozen times in memory.

On a different note, are the keys padded with 00 00 00?

Are you talking about taking a some data from an unencrypted EVOB that is constant for all EVOBs and bruteforcing memory for a key that yields a result which contains that data?

Last edited by noclip; 12th January 2007 at 04:00.
noclip is offline   Reply With Quote
Old 12th January 2007, 04:23   #577  |  Link
muslix64
Registered User
 
Join Date: Dec 2006
Posts: 35
Yes my vacation went well, thanks DanITMan.
Ok, let's call it "guessed-plaintext attack" if you want.
Get it?
Take a look at actual packs in the stream. Anything special?

Last edited by muslix64; 12th January 2007 at 04:29. Reason: Typo
muslix64 is offline   Reply With Quote
Old 12th January 2007, 04:41   #578  |  Link
noclip
Registered User
 
Join Date: Dec 2006
Posts: 154
Quote:
Originally Posted by muslix64 View Post
Take a look at actual packs in the stream. Anything special?
The packs in the encrypted EVOBs on the HD-DVD? The packs of the unencrypted EVOB as it's decrypted for playback?

Is the known (guessed) data in the unencrypted portion of each pack?

Edit: Also, could you please come to the #doom9 channel on efnet?

Last edited by noclip; 12th January 2007 at 05:19.
noclip is offline   Reply With Quote
Old 12th January 2007, 05:33   #579  |  Link
Janvitos
Registered User
 
Join Date: Jan 2007
Posts: 55
Muslix64, without disrespect, i would like to know why you are giving us everything but precise information and how you believe this might help us out in the long run.

I am no assembly programmer myself, and have been following this thread since the beginning, but have found little if no help with the "clues" you have been providing. In my understanding, you are trying to make a riddle out of this, which is, in my opinion, throwing people on different tracks and not necessarily "helping" out.

If you are trying to help with good intentions though, then i am simply not "wise" enough to connect with your clues or sayings. Memory locations, constants and key locations are what everybody is seeking here. I think many have been working really hard on this, but it seems to be going round and round for most.

Furthermore, i do appreciate the work you have put in writing the code for BackupHDDVD and it will surely serve a purpose some day when we hopefully, and finally, get our hands on the keys.

Last edited by Janvitos; 12th January 2007 at 05:35.
Janvitos is offline   Reply With Quote
Old 12th January 2007, 06:34   #580  |  Link
feizex
Registered User
 
Join Date: Dec 2006
Posts: 11
Uh... Plausible deniability.

As for the known plaintext, perhaps some header info? "The HD DVD-Video format is licensed by the DVD Forum, which publishes the HD DVD-Video Specifications." I haven't found that yet. Anyone want to post a link?

Besides that, the same aproach could be used to find the volume key once you have the title key.
feizex is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 13:10.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.