AnyDVD method of operation

[evdberg]

I already suggested this in another thread, but I had to make sure ... and indeed: AnyDVD is using the Host Certificate of PowerDVD (V6.5) to communicate with the drive. This means they follow the complete AACS protocol, at least starting at the Processing Key, but most likely starting with the Device Key, and they read the Volume ID from the drive using the appropriate MMC commands (after they authenticated and put the drive in Bus Key state).

[ron spencer]

does this mean you need powerDVD 6.5 to run AnyDVD HD?

[mb2696]

Quote:

Originally Posted by ron spencer

does this mean you need powerDVD 6.5 to run AnyDVD HD?

no.


however, i'm interested in how evdberg came to this conclusion

[ron spencer]

as am I since he mentined it....

[evdberg]

The Host Certificate is a set of private and public keys (+ signature of the public key) issued by the AACS-LA. With this a Host (in this case HD-DVD player software) can setup a 'trusted' connection with a drive (which has its own Drive Certificate) to exchange key data for the AACS decryption protocol (in this case the Volume ID).

Quote:

however, i'm interested in how evdberg came to this conclusion

Quite simple: I sniffed the data exchange with the drive as Arnezami did for the Volume ID. I checked first which certificate PowerDVD and WinDVD used, and then I looked what AnyDVD did ... and as I expected, the certificate of PowerDVD came by.

[ron spencer]

ok I get it....can this trusted certificate thing be revoked...and if so will AnyDVD HD still run ? I guess this certificate is embedded in the proggy somehow...interesting

[noclip]

Ugh, so there still isn't a reliable way to create a multiplatform open source player.

[evdberg]

Quote:

Originally Posted by noclip

Ugh, so there still isn't a reliable way to create a multiplatform open source player.

What does this have to do with the topic?

[ShadowFlare]

I think noclip is referring to the fact that AnyDVD HD is using a part of an existing closed-source app, which means that it would not be something that an open-source app could use. noclip was probably hoping it was something that could actually be used in an open-source app (I.E. HD-DVD player for Linux, which does not need a pre-decrypted disc).

[evdberg]

A certificate is no code, it is just some data, so I do not see why this method can not be used on another OS. More so, you could even use it on the PS3.

[BoMbY]

Quote:

Originally Posted by ron spencer

ok I get it....can this trusted certificate thing be revoked...and if so will AnyDVD HD still run ? I guess this certificate is embedded in the proggy somehow...interesting

Since AnyDVD will not support the revoking process, it will still work with older discs, but it will need a key update to decrypt new ones.

[arnezami]

Quote:

Originally Posted by evdberg

I already suggested this in another thread, but I had to make sure ... and indeed: AnyDVD is using the Host Certificate of PowerDVD (V6.5) to communicate with the drive. This means they follow the complete AACS protocol, at least starting at the Processing Key, but most likely starting with the Device Key, and they read the Volume ID from the drive using the appropriate MMC commands (after they authenticated and put the drive in Bus Key state).

I think it would be great if somebody would build a small program that is capable of issuing these commands to the drive. If this works (not the authentification itself but simply being able to send and receive these types of commands) somebody who finds (or has found) the private host key could release it so we have can make a completety independent decrypter/player ourselves.

Just my thoughts .

Regards,

arnezami

PS. evdberg: I'm not sure if I missed the source of your mkb proggy. Could you release it? That would be nice.

Hmm, normally I would side with the crowd looking for a more convenient way to access content that you paid for, but in this case - assuming that evdberg's findings are correct - it just oozes of piracy, i.e. that SlySoft illegally acquired proprietary files from a third-party software, shipped it with their own commercial (!) software as an integral part, and used them to circumvent certain measures in a way that is commonly refered to as an exploit.

So effectively - still assuming that evdberg is correct - they are in breach of (1) IP laws of almost any jurisdiction in the Western hemisphere, (2) EULAs of Cyberlink, (3) license agreements of the AACS-LA. I seriously think that mods here should take a good hard look at the way SlySoft's software operates, especially concerning point (2). Cyberlink's Host Certificate is by no means in the public domain. If evdberg is right then SlySoft is doing something that is clearly prohibited on this board, i.e. distributing proprietary (i.e. copyrighted) files without express permit from the copyright owner.

And please note that I'm not alluding to the aim of accessing your purchased content, but to the way that AnyDVD HD allegedly works, which is in very close proximity to piracy itself. Which, actually, is quite ironic since SlySoft themselves go to great lengths to secure their products or parts thereof against illegal distribution.

[arnezami]

Quote:

Originally Posted by honai

Hmm, normally I would side with the crowd looking for a more convenient way to access content that you paid for, but in this case - assuming that evdberg's findings are correct - it just oozes of piracy, i.e. that SlySoft illegally acquired proprietary files from a third-party software, shipped it with their own commercial (!) software as an integral part, and used them to circumvent certain measures in a way that is commonly refered to as an exploit.

So effectively - still assuming that evdberg is correct - they are in breach of (1) IP laws of almost any jurisdiction in the Western hemisphere, (2) EULAs of Cyberlink, (3) license agreements of the AACS-LA. I seriously think that mods here should take a good hard look at the way SlySoft's software operates, especially concerning point (2). Cyberlink's Host Certificate is by no means in the public domain. If evdberg is right then SlySoft is doing something that is clearly prohibited on this board, i.e. distributing proprietary (i.e. copyrighted) files without express permit from the copyright owner.

And please note that I'm not alluding to the aim of accessing your purchased content, but to the way that AnyDVD HD allegedly works, which is in very close proximity to piracy itself. Which, actually, is quite ironic since SlySoft themselves go to great lengths to secure their products or parts thereof against illegal distribution.

I would like to know from the mods/doom9 whether retrieving and posting a Private Host Key (+cert) is any different from posting Processing Keys/VUKs/Title Keys etc. What kinds of keys do you allow to be posted on the forum. Do you draw some kind of line? Or is a key simply a key?

I ask this because it is the only way to make an independent player/decrypter and would therefore like to know whether I should pursue this or not.

Regards,

arnezami

Such a sequence of numbers is typically encountered in the form of "serial numbers", and trading/distributing/posting those is most likely illegal. To further the analogy, many badly-programmed applications already come with a list of valid serial numbers buried deep in the application/installer code. Does that make the retrieval and distribution legal only because the manufacturer already kind of distributed the serial numbers of their own, or wrote sloppy code to protect them? No.

The main characteristic of a serial number is that it is bound and customized to a single client, and that it may only be used by that client. And that is exactly the nature of Cyberlink's host keys/certificates. These files were only meant to be internally used by their player applications. If you buy HD-DVD media you acquire the fair use rights to said media, but certainly not distribution rights for parts of a totally different application. The host keys/certificates don't originate from the HD-DVD that you purchased.

Also, by way of making AnyDVD-HD available to you via evaluation or purchase Slysoft is distributing an integral part of another application which you may or may not have licensed, and there doesn't seem to be any form of cross-licensing agreement between Slysoft and Cyberlink - which would be invalid, anyway, under the terms of the AACS-LA.

Let me put it in other terms: How would SlySoft react if I wrote a tool that incorporated a serial number for AnyDVD, with said tool then being used by n users for whichever purpose? Why, they'd blacklist that serial number and, in case of the tool being distributed by a forum such as Doom9, ask the maintainers to take it offline.

EDIT:

Quote:

Do you draw some kind of line? Or is a key simply a key?

The big difference is that a VUK is typically being used to access the content of a HD-DVD that you already own, whereas (as I already pointed out above) Slysoft is illegally distributing a "key" from a third-party software which you may or may not have licensed.

And Slysoft, perhaps unintentionally, already recognizes that their approach is illegal since they didn't go the intuitive way of applying for their own host key/certificate at the AACS-LA but instead reverse-engineered a third-party software.

[arnezami]

Quote:

Originally Posted by honai

The host keys/certificates don't originate from the HD-DVD that you purchased.

Nor do the Processing Key or Device Keys. I hope you realize that.

My idea about this is this: you buy a movie and a drive. You should be able to watch it. Since you paid for it. Using Device Keys/Processing Keys is one way of retrieving VUKs. But these Device and Procssing Keys come directly out of a Software player (just like the host private key). If this is not what we want on this forum then so be it. I just want to know (for the moment I don't care about AnyDVD). I care about what doom9 will allow and will not allow.

I'll just wait and see.

Regards,

arnezami

That's not exactly a valid comparison. Processing keys are inherent properties of the media, whereas the private host certificate is a document issued to Cyberlink by the AACS-LA. But I agree on the device key, it's also a proprietary entity that belongs to Cyberlink, and you should have a valid, licensed copy of PowerDVD in order to use it.

Quote:

You should be able to watch it. Since you paid for it.

But if you buy the media, the drive, and AnyDVD-HD, but you don't have a license for Cyberlink's PowerDVD, why should you be able to use Cyberlink's IP without paying to assist you in ripping/playing the media? You do realize that Cyberlink doesn't offer the host certificate file on any of its servers for public usage, do you?

My point is simply that Slysoft crossed a line by pirating Cyberlink's IP. As Felten and others have already demonstrated, AACS can be defeated as a system by exploiting its weak properties rather than going the cheap route and simply mimicking a valid endpoint by way of packaging copyrighted material with your tools. The latter is definitely a dead-end, even if it weren't for legal ramifications.

[xyz987]

Quote:

Originally Posted by honai

And Slysoft, perhaps unintentionally, already recognizes that their approach is illegal since they didn't go the intuitive way of applying for their own host key/certificate at the AACS-LA but instead reverse-engineered a third-party software.

Not an strong point. AACS LA won't give keys for a copying tool. AACS LA is not a parliament, it does not determine what is lawful or not.

[arnezami]

Quote:

Originally Posted by honai

That's not exactly a valid comparison. Processing keys are inherent properties of the media, whereas the private host certificate is a document issued to Cyberlink by the AACS-LA. But I agree on the device key, it's also a proprietary entity that belongs to Cyberlink, and you should have a valid, licensed copy of PowerDVD in order to use it.



But if you buy the media, the drive, and AnyDVD-HD, but you don't have a license for Cyberlink's PowerDVD, why should you be able to use Cyberlink's IP without paying to assist you in ripping/playing the media? You do realize that Cyberlink doesn't offer the host certificate file on any of its servers for public usage, do you?

My point is simply that Slysoft crossed a line by pirating Cyberlink's IP. As Felten and others have already demonstrated, AACS can be defeated as a system by exploiting its weak properties rather than going the cheap route and simply mimicking a valid endpoint by way of packaging copyrighted material with your tools. The latter is definitely a dead-end, even if it weren't for legal ramifications.

Ok. I think I understand where you're getting at.

But then I believe there won't be a problem with the following:

1 - We build a program the has as input an Host Private Key (+Cert) and Device Keys which can decrypt/play a movie. But it doesn't contain these keys. Just basic AACS implementation.
2 - We build a Device Key finder and a Host Private Key finder so anybody who legally owns a software player can extract these two things.

If somebody has a disc, a drive and a software player he can extract (using prog 2) the Keys from his software player (once) and use it in our prog 1.

Regards,

arnezami

@xyz987

The point was rather that Slysoft isn't cheating so much the AACS-LA than Cyberlink.

@arnezami

Exactly.