Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

Reply
 
Thread Tools Search this Thread Display Modes
Old 15th February 2007, 13:23   #1  |  Link
evdberg
Registered User
 
Join Date: Dec 2006
Posts: 202
AnyDVD method of operation

I already suggested this in another thread, but I had to make sure ... and indeed: AnyDVD is using the Host Certificate of PowerDVD (V6.5) to communicate with the drive. This means they follow the complete AACS protocol, at least starting at the Processing Key, but most likely starting with the Device Key, and they read the Volume ID from the drive using the appropriate MMC commands (after they authenticated and put the drive in Bus Key state).
evdberg is offline   Reply With Quote
Old 15th February 2007, 15:35   #2  |  Link
ron spencer
DVD Magistrate
 
Join Date: Dec 2003
Location: Sodor
Posts: 988
does this mean you need powerDVD 6.5 to run AnyDVD HD?
ron spencer is offline   Reply With Quote
Old 15th February 2007, 16:39   #3  |  Link
mb2696
Registered User
 
Join Date: Jan 2007
Posts: 39
Quote:
Originally Posted by ron spencer View Post
does this mean you need powerDVD 6.5 to run AnyDVD HD?
no.


however, i'm interested in how evdberg came to this conclusion
mb2696 is offline   Reply With Quote
Old 15th February 2007, 16:43   #4  |  Link
ron spencer
DVD Magistrate
 
Join Date: Dec 2003
Location: Sodor
Posts: 988
as am I since he mentined it....
ron spencer is offline   Reply With Quote
Old 15th February 2007, 16:47   #5  |  Link
evdberg
Registered User
 
Join Date: Dec 2006
Posts: 202
The Host Certificate is a set of private and public keys (+ signature of the public key) issued by the AACS-LA. With this a Host (in this case HD-DVD player software) can setup a 'trusted' connection with a drive (which has its own Drive Certificate) to exchange key data for the AACS decryption protocol (in this case the Volume ID).

Quote:
however, i'm interested in how evdberg came to this conclusion
Quite simple: I sniffed the data exchange with the drive as Arnezami did for the Volume ID. I checked first which certificate PowerDVD and WinDVD used, and then I looked what AnyDVD did ... and as I expected, the certificate of PowerDVD came by.
evdberg is offline   Reply With Quote
Old 15th February 2007, 17:17   #6  |  Link
ron spencer
DVD Magistrate
 
Join Date: Dec 2003
Location: Sodor
Posts: 988
ok I get it....can this trusted certificate thing be revoked...and if so will AnyDVD HD still run ? I guess this certificate is embedded in the proggy somehow...interesting
ron spencer is offline   Reply With Quote
Old 15th February 2007, 18:50   #7  |  Link
noclip
Registered User
 
Join Date: Dec 2006
Posts: 154
Ugh, so there still isn't a reliable way to create a multiplatform open source player.
noclip is offline   Reply With Quote
Old 15th February 2007, 19:08   #8  |  Link
evdberg
Registered User
 
Join Date: Dec 2006
Posts: 202
Quote:
Originally Posted by noclip View Post
Ugh, so there still isn't a reliable way to create a multiplatform open source player.
What does this have to do with the topic?
evdberg is offline   Reply With Quote
Old 16th February 2007, 06:13   #9  |  Link
ShadowFlare
Registered User
 
Join Date: Jan 2007
Posts: 11
I think noclip is referring to the fact that AnyDVD HD is using a part of an existing closed-source app, which means that it would not be something that an open-source app could use. noclip was probably hoping it was something that could actually be used in an open-source app (I.E. HD-DVD player for Linux, which does not need a pre-decrypted disc).
ShadowFlare is offline   Reply With Quote
Old 16th February 2007, 09:10   #10  |  Link
evdberg
Registered User
 
Join Date: Dec 2006
Posts: 202
A certificate is no code, it is just some data, so I do not see why this method can not be used on another OS. More so, you could even use it on the PS3.
evdberg is offline   Reply With Quote
Old 16th February 2007, 11:28   #11  |  Link
BoMbY
Registered User
 
Join Date: Jan 2007
Posts: 8
Quote:
Originally Posted by ron spencer View Post
ok I get it....can this trusted certificate thing be revoked...and if so will AnyDVD HD still run ? I guess this certificate is embedded in the proggy somehow...interesting
Since AnyDVD will not support the revoking process, it will still work with older discs, but it will need a key update to decrypt new ones.
BoMbY is offline   Reply With Quote
Old 16th February 2007, 11:28   #12  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Quote:
Originally Posted by evdberg View Post
I already suggested this in another thread, but I had to make sure ... and indeed: AnyDVD is using the Host Certificate of PowerDVD (V6.5) to communicate with the drive. This means they follow the complete AACS protocol, at least starting at the Processing Key, but most likely starting with the Device Key, and they read the Volume ID from the drive using the appropriate MMC commands (after they authenticated and put the drive in Bus Key state).
I think it would be great if somebody would build a small program that is capable of issuing these commands to the drive. If this works (not the authentification itself but simply being able to send and receive these types of commands) somebody who finds (or has found) the private host key could release it so we have can make a completety independent decrypter/player ourselves.

Just my thoughts .

Regards,

arnezami

PS. evdberg: I'm not sure if I missed the source of your mkb proggy. Could you release it? That would be nice.

Last edited by arnezami; 16th February 2007 at 11:56.
arnezami is offline   Reply With Quote
Old 16th February 2007, 11:40   #13  |  Link
honai
Guest
 
Posts: n/a
Hmm, normally I would side with the crowd looking for a more convenient way to access content that you paid for, but in this case - assuming that evdberg's findings are correct - it just oozes of piracy, i.e. that SlySoft illegally acquired proprietary files from a third-party software, shipped it with their own commercial (!) software as an integral part, and used them to circumvent certain measures in a way that is commonly refered to as an exploit.

So effectively - still assuming that evdberg is correct - they are in breach of (1) IP laws of almost any jurisdiction in the Western hemisphere, (2) EULAs of Cyberlink, (3) license agreements of the AACS-LA. I seriously think that mods here should take a good hard look at the way SlySoft's software operates, especially concerning point (2). Cyberlink's Host Certificate is by no means in the public domain. If evdberg is right then SlySoft is doing something that is clearly prohibited on this board, i.e. distributing proprietary (i.e. copyrighted) files without express permit from the copyright owner.

And please note that I'm not alluding to the aim of accessing your purchased content, but to the way that AnyDVD HD allegedly works, which is in very close proximity to piracy itself. Which, actually, is quite ironic since SlySoft themselves go to great lengths to secure their products or parts thereof against illegal distribution.

Last edited by honai; 16th February 2007 at 13:35. Reason: clarified issues
  Reply With Quote
Old 16th February 2007, 13:50   #14  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Quote:
Originally Posted by honai View Post
Hmm, normally I would side with the crowd looking for a more convenient way to access content that you paid for, but in this case - assuming that evdberg's findings are correct - it just oozes of piracy, i.e. that SlySoft illegally acquired proprietary files from a third-party software, shipped it with their own commercial (!) software as an integral part, and used them to circumvent certain measures in a way that is commonly refered to as an exploit.

So effectively - still assuming that evdberg is correct - they are in breach of (1) IP laws of almost any jurisdiction in the Western hemisphere, (2) EULAs of Cyberlink, (3) license agreements of the AACS-LA. I seriously think that mods here should take a good hard look at the way SlySoft's software operates, especially concerning point (2). Cyberlink's Host Certificate is by no means in the public domain. If evdberg is right then SlySoft is doing something that is clearly prohibited on this board, i.e. distributing proprietary (i.e. copyrighted) files without express permit from the copyright owner.

And please note that I'm not alluding to the aim of accessing your purchased content, but to the way that AnyDVD HD allegedly works, which is in very close proximity to piracy itself. Which, actually, is quite ironic since SlySoft themselves go to great lengths to secure their products or parts thereof against illegal distribution.
I would like to know from the mods/doom9 whether retrieving and posting a Private Host Key (+cert) is any different from posting Processing Keys/VUKs/Title Keys etc. What kinds of keys do you allow to be posted on the forum. Do you draw some kind of line? Or is a key simply a key?

I ask this because it is the only way to make an independent player/decrypter and would therefore like to know whether I should pursue this or not.

Regards,

arnezami

Last edited by arnezami; 16th February 2007 at 13:57.
arnezami is offline   Reply With Quote
Old 16th February 2007, 14:06   #15  |  Link
honai
Guest
 
Posts: n/a
Such a sequence of numbers is typically encountered in the form of "serial numbers", and trading/distributing/posting those is most likely illegal. To further the analogy, many badly-programmed applications already come with a list of valid serial numbers buried deep in the application/installer code. Does that make the retrieval and distribution legal only because the manufacturer already kind of distributed the serial numbers of their own, or wrote sloppy code to protect them? No.

The main characteristic of a serial number is that it is bound and customized to a single client, and that it may only be used by that client. And that is exactly the nature of Cyberlink's host keys/certificates. These files were only meant to be internally used by their player applications. If you buy HD-DVD media you acquire the fair use rights to said media, but certainly not distribution rights for parts of a totally different application. The host keys/certificates don't originate from the HD-DVD that you purchased.

Also, by way of making AnyDVD-HD available to you via evaluation or purchase Slysoft is distributing an integral part of another application which you may or may not have licensed, and there doesn't seem to be any form of cross-licensing agreement between Slysoft and Cyberlink - which would be invalid, anyway, under the terms of the AACS-LA.

Let me put it in other terms: How would SlySoft react if I wrote a tool that incorporated a serial number for AnyDVD, with said tool then being used by n users for whichever purpose? Why, they'd blacklist that serial number and, in case of the tool being distributed by a forum such as Doom9, ask the maintainers to take it offline.

EDIT:

Quote:
Do you draw some kind of line? Or is a key simply a key?
The big difference is that a VUK is typically being used to access the content of a HD-DVD that you already own, whereas (as I already pointed out above) Slysoft is illegally distributing a "key" from a third-party software which you may or may not have licensed.

And Slysoft, perhaps unintentionally, already recognizes that their approach is illegal since they didn't go the intuitive way of applying for their own host key/certificate at the AACS-LA but instead reverse-engineered a third-party software.

Last edited by honai; 16th February 2007 at 14:51.
  Reply With Quote
Old 16th February 2007, 16:16   #16  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Quote:
Originally Posted by honai View Post
The host keys/certificates don't originate from the HD-DVD that you purchased.
Nor do the Processing Key or Device Keys. I hope you realize that.

My idea about this is this: you buy a movie and a drive. You should be able to watch it. Since you paid for it. Using Device Keys/Processing Keys is one way of retrieving VUKs. But these Device and Procssing Keys come directly out of a Software player (just like the host private key). If this is not what we want on this forum then so be it. I just want to know (for the moment I don't care about AnyDVD). I care about what doom9 will allow and will not allow.

I'll just wait and see.

Regards,

arnezami

Last edited by arnezami; 16th February 2007 at 16:34.
arnezami is offline   Reply With Quote
Old 16th February 2007, 16:49   #17  |  Link
honai
Guest
 
Posts: n/a
That's not exactly a valid comparison. Processing keys are inherent properties of the media, whereas the private host certificate is a document issued to Cyberlink by the AACS-LA. But I agree on the device key, it's also a proprietary entity that belongs to Cyberlink, and you should have a valid, licensed copy of PowerDVD in order to use it.

Quote:
You should be able to watch it. Since you paid for it.
But if you buy the media, the drive, and AnyDVD-HD, but you don't have a license for Cyberlink's PowerDVD, why should you be able to use Cyberlink's IP without paying to assist you in ripping/playing the media? You do realize that Cyberlink doesn't offer the host certificate file on any of its servers for public usage, do you?

My point is simply that Slysoft crossed a line by pirating Cyberlink's IP. As Felten and others have already demonstrated, AACS can be defeated as a system by exploiting its weak properties rather than going the cheap route and simply mimicking a valid endpoint by way of packaging copyrighted material with your tools. The latter is definitely a dead-end, even if it weren't for legal ramifications.

Last edited by honai; 16th February 2007 at 17:03. Reason: clarified
  Reply With Quote
Old 16th February 2007, 17:08   #18  |  Link
xyz987
Registered User
 
Join Date: Dec 2006
Posts: 142
Quote:
Originally Posted by honai View Post
And Slysoft, perhaps unintentionally, already recognizes that their approach is illegal since they didn't go the intuitive way of applying for their own host key/certificate at the AACS-LA but instead reverse-engineered a third-party software.
Not an strong point. AACS LA won't give keys for a copying tool. AACS LA is not a parliament, it does not determine what is lawful or not.
xyz987 is offline   Reply With Quote
Old 16th February 2007, 17:22   #19  |  Link
arnezami
Registered User
 
Join Date: Sep 2006
Posts: 390
Quote:
Originally Posted by honai View Post
That's not exactly a valid comparison. Processing keys are inherent properties of the media, whereas the private host certificate is a document issued to Cyberlink by the AACS-LA. But I agree on the device key, it's also a proprietary entity that belongs to Cyberlink, and you should have a valid, licensed copy of PowerDVD in order to use it.



But if you buy the media, the drive, and AnyDVD-HD, but you don't have a license for Cyberlink's PowerDVD, why should you be able to use Cyberlink's IP without paying to assist you in ripping/playing the media? You do realize that Cyberlink doesn't offer the host certificate file on any of its servers for public usage, do you?

My point is simply that Slysoft crossed a line by pirating Cyberlink's IP. As Felten and others have already demonstrated, AACS can be defeated as a system by exploiting its weak properties rather than going the cheap route and simply mimicking a valid endpoint by way of packaging copyrighted material with your tools. The latter is definitely a dead-end, even if it weren't for legal ramifications.
Ok. I think I understand where you're getting at.

But then I believe there won't be a problem with the following:

1 - We build a program the has as input an Host Private Key (+Cert) and Device Keys which can decrypt/play a movie. But it doesn't contain these keys. Just basic AACS implementation.
2 - We build a Device Key finder and a Host Private Key finder so anybody who legally owns a software player can extract these two things.

If somebody has a disc, a drive and a software player he can extract (using prog 2) the Keys from his software player (once) and use it in our prog 1.

Regards,

arnezami
arnezami is offline   Reply With Quote
Old 16th February 2007, 22:11   #20  |  Link
honai
Guest
 
Posts: n/a
@xyz987

The point was rather that Slysoft isn't cheating so much the AACS-LA than Cyberlink.

@arnezami

Exactly.
  Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 17:28.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2019, vBulletin Solutions Inc.