Mister Muffin - I know your posts pertain to both threads, but please be careful about cross posting. You can assume people interested in web access to keys will read that thread.

Wookie Groomer - you've been around long enough to know all about rule 12. Please observe it. Multiple post deleted.

Regards

The more I'm reading the AACS spec, the more I'm confused...

The backuphddvd tool treats packs as NV_PCK and others. For others, the PES flag is checked (Header[20] & 0x30 == 01) to see if the content is encrypted.
If the data is encrypted, it's decrypted with the Title key which is a simple decryption with the Volume Key.

The spec (0.912) however talks about the content key Kc:
Each Encrypted Pack is encrypted by a 128-bit Content Key (Kc). The Content Key (Kc) is calculated
by a 128-bit Title Key (Kt), a 32-bit Title Key Data (Dtk) and the least significant 96 bits of the CPI field in
the GCI_PKT as follows
Kc = AES-G (Kt, Dtk || CPIlsb_96)

from the decryption process:
If the PES_scrambling_control of the current Pack is 01b or if the current Pack is an HL_PCK, the Player calculates a 128-bit Content Key (Kc) using Title Key (Kt)

It's also not clear why they stress the importance for HL_PCK (hightlight) while first they say to use it for all encrypted packs. Could it be that it's only done for HL_PCK with the Kc and otherwise with the plain Title key ? If it's always with the Kc, then how can backuphddvd decrypt any content successfully with the wrong key ?

Also any idea where to find more information about the HD DVD-Video Specifications ? It's not really clear what must be cleared here:
HeaderPart[0x3c]=0; // Clear CPI field
HeaderPart[0x48]=0;

Can anyone tell me what happened to the thread devoted to demuxing/reconcoding hd dvd images to different formats?

Can anyone tell me what happened to the thread devoted to demuxing/reconcoding hd dvd images to different formats?
EVOB De/Multiplexers: http://forum.doom9.org/showthread.php?t=120652

EVOB De/Multiplexers: http://forum.doom9.org/showthread.php?t=120652

Thanks

The more I'm reading the AACS spec, the more I'm confused...

I feel your pain....

At first the more I read the more confused I became, but at least some of it is becoming clearer.

Part of my problem was that I had initially read the HDDVD patent w/o reading the AACS spec, so there were a few details I had confused.

AACS seems to slice up the standard packs at certain points and insert extra information, most notably the key and the 0x20 PES decryption indicator.

According to the decryption part of the spec, you're supposed to decrypt the pack if EITHER the PES bit is set OR it's an HL_PCK. The ADV_PCK stuff I found earlier is something that's forbidden to be encrypted, but it would still be embedded in an "encryption pack" marked either don't encrypt (pes bit not set) or maybe in an HL_PCK, I don't know.

The point is, I'm now trying to figure out how to determine when a pack is an HL_PCK which is kinda hard since I could only find two references to it anywhere and I now think that the ADV_PCK is not (directly) related to the problem.

The more I'm reading the AACS spec, the more I'm confused...

The backuphddvd tool treats packs as NV_PCK and others. For others, the PES flag is checked (Header[20] & 0x30 == 01) to see if the content is encrypted.
If the data is encrypted, it's decrypted with the Title key which is a simple decryption with the Volume Key.

The spec (0.912) however talks about the content key Kc:
Each Encrypted Pack is encrypted by a 128-bit Content Key (Kc). The Content Key (Kc) is calculated
by a 128-bit Title Key (Kt), a 32-bit Title Key Data (Dtk) and the least significant 96 bits of the CPI field in
the GCI_PKT as follows
Kc = AES-G (Kt, Dtk || CPIlsb_96)

Take a look at "Pre-recorded Video Book" - which is a different spec. Specifically chapter 3.

http://www.aacsla.com/specifications/specs091/AACS_Spec_Prerecorded_0.91.pdf

Congratulations!
So now you see BackupHDDVD is not a fake...
Now we have to make movies with the IME feature playable with PowerDVD.

Then, ... BD+!

Hi muslix64 - I'm one of those who thinks that you are doing this as a partisan attack on HD DVD. I suspect that you are going to stall on the Blu-Ray version of this.

Are you going to prove me wrong, or just continue to stall? I suspect you could have the Blu-Ray version working in only a couple of days given the work you have already done here.

It's not fair that you attack only one format - if you are true to what you say you are, you would have already released a Blu-Ray version of this program by now...

Color me skeptical of your true motives at the moment.

@ HD Hell:

dude, most of us can't afford an xbox 360 drive, let alone one of them AND a blu-ray drive.

chill out. the guy gave the community something for free, started the hunt to break AACS.

blu-ray will be broken soon enough. but don't get shirty that an anonymous person isn't giving you what you want. he didn't have to post anything at all, then you'd have nothing to complain about except a pile of HD-DVDs that you can't decrypt.

not a good first first post there...

Hi muslix64 - I'm one of those who thinks that you are doing this as a partisan attack on HD DVD...Geeez...
Talk about not having a clue.

Diogen.

blu-ray will be broken soon enough. :)

http://www.hdtvblogger.com/?p=39

I have received numerous (more than 3) independent reports that an exploit has been found on the PS3 that will reveal the title/volume keys for Blu-ray disks using a PS3. The procedure involves some minor modding of the boot process and Linux.

I have not been told of the exact process but the information makes it seem that the process is not that difficult once you know what you are doing and the lengthy steps are duplicated.

I do not own a PS3 so there is no way for me to deny/verify any of this information.

Hi muslix64 - I'm one of those who thinks that you are doing this as a partisan attack on HD DVD. I suspect that you are going to stall on the Blu-Ray version of this.

Are you going to prove me wrong, or just continue to stall? I suspect you could have the Blu-Ray version working in only a couple of days given the work you have already done here.

It's not fair that you attack only one format - if you are true to what you say you are, you would have already released a Blu-Ray version of this program by now...

Color me skeptical of your true motives at the moment.
Are you kidding me? You are flamming him for not cracking blueray because of his involvement with HDDVD?

As he said, he has no Blueray drive. If you want to send him $500 so that he can buy one, I bet he would really love that.

Seriously, seeing as how you haven't done anything yourself, you have no room to criticize.

Hi muslix64 - I'm one of those who thinks that you are doing this as a partisan attack on HD DVD. I suspect that you are going to stall on the Blu-Ray version of this.

Are you going to prove me wrong, or just continue to stall? I suspect you could have the Blu-Ray version working in only a couple of days given the work you have already done here.

It's not fair that you attack only one format - if you are true to what you say you are, you would have already released a Blu-Ray version of this program by now...

Color me skeptical of your true motives at the moment.What more can I say? Strike issued (R4).

Everybody else - please get back on topic.

Regards

I found the keys for Swordfish and Training Day and was able to decrypt them using BackupHDDVD but when played it's just a black screen with no sound. King Kong is fine and by fine I mean a jittery mess but at least that's what everyone is getting anyways. So what's up with these 2 Warner Brothers movies. Is it cuz of the added stream for In-Movie Experience(IME)?

Is it cuz of the added stream for In-Movie Experience(IME)?

Yes BackupHDDVD doesn't properly handle movies with IME yet.

Is there anyway we can find the spec for the IME?

Not without signing a bunch of NDAs and paying $5000 to the DVD Consortium.

Wonder if that might be their next protection layer - adding IME to everything?

Regards

There are ways to get the raw frames out of IME movies for which graphedit filter graphs are posted in the sister threads to this one but they are not optimal for watching HD DVDs.

Take a look at "Pre-recorded Video Book" - which is a different spec. Specifically chapter 3.

http://www.aacsla.com/specifications/specs091/AACS_Spec_Prerecorded_0.91.pdf

Yes, you're right, there indeed, the Title Key is used as is to decrypt the Content (C) as follows:
C = AES-128CBCD(Kt, Ce) so no talking about content key Kc.

I was referring to the HDDVD AACS prerecorded spec
http://www.aacsla.com/specifications/AACS_Spec_HD_DVD_and_DVD_Prerecorded_0_912.pdf
section 4.3.2 where the pack encryption is described. and where the content is encrypted/decrypted with a variant of the Title key.

But maybe it's only HL_PCK packs that are encrypted with a Kt variant (Kc) and so if such packs are encountered, they won't be decrypted correctly by backuphddvd.

With full respect, apologies to anyone who took that as a personal attack.

Now, doesn't anyone here have a Blu-Ray drive of any sort? Using it with the Power DVD software should allow the keys to be seen in the same way. It seems right that one should be able to back up one's Blu-Ray discs as well.

Let's get a head start until someone releases a mod'ed version of "backup".

Now, doesn't anyone here have a Blu-Ray drive of any sort? Using it with the Power DVD software should allow the keys to be seen in the same way. It seems right that one should be able to back up one's Blu-Ray discs as well.

Let's get a head start until someone releases a mod'ed version of "backup".
Please keep posts about Blu-Ray in the "BackupBluRay" topic instead: http://forum.doom9.org/showthread.php?t=120672

Maybe create somewhere a repository of different encountered packs, to widen our knowledge and help find troublesome ones?

Yes, you're right, there indeed, the Title Key is used as is to decrypt the Content (C) as follows:
C = AES-128CBCD(Kt, Ce) so no talking about content key Kc.

I was referring to the HDDVD AACS prerecorded spec
http://www.aacsla.com/specifications/AACS_Spec_HD_DVD_and_DVD_Prerecorded_0_912.pdf
section 4.3.2 where the pack encryption is described. and where the content is encrypted/decrypted with a variant of the Title key.

But maybe it's only HL_PCK packs that are encrypted with a Kt variant (Kc) and so if such packs are encountered, they won't be decrypted correctly by backuphddvd.

The relationship between "HD DVD and DVD Pre-recorded Book" spec and "Pre-recorded Video Book" spec is somewhat cloudy in my mind (though they reference each other). The later is much easier to read and seems to be written at a much higher level. Take a look at Chapter 4 which appears to be a technical sales pitch to various media conglomerates on how well protected their content will be (and, IMO, in the long run, they are right).

Unfortunately I don't have any of the requisite hardware, software, or content to experiment or I'd be digging in; all I can do is watch from the sidelines and read the publicly available specs and code.

I found the keys for Swordfish and Training Day and was able to decrypt them using BackupHDDVD but when played it's just a black screen with no sound. King Kong is fine and by fine I mean a jittery mess but at least that's what everyone is getting anyways. So what's up with these 2 Warner Brothers movies. Is it cuz of the added stream for In-Movie Experience(IME)?

No, It's because you didn't find the volume key. Or you found a Title key. Backuphddvd will backup the movie with any group of numbers inputed into the Keybd.cfg, but it will be garbage.

No, It's because you didn't find the volume key. Or you found a Title key. Backuphddvd will backup the movie with any group of numbers inputed into the Keybd.cfg, but it will be garbage.

Would it be hard to modify BackupHDDVD so it will (optionally) check the Verify Media Record (see 3.2.5.4 AACS_Spec_Common_0.91)?

i.e. Bytes 4-19 of the MKB (MKBROM.AACS) = Dv and
[AES_128D(Km, Dv)]msb_64 == 0x0123456789ABCDEF

Would it be hard to modify BackupHDDVD so it will (optionally) check the Verify Media Record (see 3.2.5.4 AACS_Spec_Common_0.91)?

i.e. Bytes 4-19 of the MKB (MKBROM.AACS) = Dv and
[AES_128D(Km, Dv)]msb_64 == 0x0123456789ABCDEF

If that formula is correct, and my recollection of the spec is correct (I don't have it in front of me here), then it would be difficult since Km (I think) is the "media key" - which BackupHDDVD doesn't have and cannot get from what it does have (the Title Key and/or the Volume Unique key ). In fact, it's the reverse that happens in a normal player (the media key yields the Kvu and Kt).

Would it be hard to modify BackupHDDVD so it will (optionally) check the Verify Media Record (see 3.2.5.4 AACS_Spec_Common_0.91)?

i.e. Bytes 4-19 of the MKB (MKBROM.AACS) = Dv and
[AES_128D(Km, Dv)]msb_64 == 0x0123456789ABCDEF

For this to work, we'll need to have the Km (Media key) itself, which we don't have. Using the Km, it's simply decrypting the Dv (Verification data from the MKB) and checking if the left part of the decrypted result is 0123456789ABCDEF.

The Volume ID and the Km (media key) are used to create the Kvu (Volume Unique key), but this step is not reversable (AESG)

But if the idea is to check the correctness of the Kvu, another possibility exists using the TKF (Title Key File). The last entry of this file is the TKF MAC:

This field stores the CMAC value of the data ranging from the 0th to
the 2463rd byte of the Title Key File. The key for the CMAC calculation is the Volume Unique Key
(Kvu).

Hi muslix64 - I'm one of those who thinks that you are doing this as a partisan attack on HD DVD. I suspect that you are going to stall on the Blu-Ray version of this.

Are you going to prove me wrong, or just continue to stall? I suspect you could have the Blu-Ray version working in only a couple of days given the work you have already done here.

It's not fair that you attack only one format - if you are true to what you say you are, you would have already released a Blu-Ray version of this program by now...

Color me skeptical of your true motives at the moment.

I'd be more likely to guess he works for the HD-DVD group in an effort to spur sales.

Thanks Muslix64.

It may be that we have to wait for a stand alone BR drive that can be accessed by an operating system before that get's worked around like HD DVD now is.

EDIT: If this is considered off-topic, I am sorry. I'll delete if requested.

anyone put together a howto yet? i have training day, but I didn't see the key posted here, so I'll try to find it myself...

Search the memory for "00 20 00 00 00 3F 00 00 00 80 00 00 00" in the memory dump of WinDVD the key should be right after that.

Also the key is already in this forum @ http://forum.doom9.org/showthread.php?t=120611

The Volume ID and the Km (media key) are used to create the Kvu (Volume Unique key), but this step is not reversable (AESG)

But if the idea is to check the correctness of the Kvu, another possibility exists using the TKF (Title Key File). The last entry of this file is the TKF MAC:

This field stores the CMAC value of the data ranging from the 0th to
the 2463rd byte of the Title Key File. The key for the CMAC calculation is the Volume Unique Key
(Kvu).

My bad! But yes, the idea was just to have a quick check whether the Volume Unique Key in the KEYDB.cfg is indeed correct. This will help make the program a little more robust against fake or wrong keys.

The format of VTKF.AACS file can be found in paragraph 3.4 of AACS_Spec_HD_DVD_and_DVD_Prerecorded_0_912, more specifically in Table 3-5. The TKF MAC field (16 bytes) is bytes 2464-2479.

The CMAC calculation is the one described in NIST SP800-38B, also described RFC 4493 with a C source.
I googled and found Java source (OMAC.java), placed in the public domain by author Paulo Barreto, here: http://www.larc.usp.br/~pbarreto/

Backuphddvd can't handle another HDDVD authoring format-----for Standard Content Authoring.


"Standard Content Authoring DISC" have a VTKF.AACS file in AACS folder(Not a VTKF000.AACS).Backuphddvd can't handle this.

BTW,the DISC without a VPLST000.XPL file, What's a key word by search in the memory dump of WinDVD?

Please test this (http://rapidshare.com/files/12071837/BackupHDDVD-GUI.zip) version BackupHDDVD with simple GUI :)

nomadic, please put up some other mirrors of it like sendspace.com etc etc.

rapidshare is pants and it will prob get deleted.

Mirror (http://www.sendspace.com/file/0722ye)

dude im testing it out right now, gui is working nicely. :D
Thnx!

could there be a status bar, on how much % it has done? but so far its going good.

just tried this and it appeared to work.

1. copy the content of the hddvd to a folder on the harddisk
2. use the subst command to map this folder to a drive letter
3. run backuphddvd on this mapped drive letter as the source

The idea is perhaps to have copies of various hddvds "waiting" on the harddrive until keys are available. Also a batch file can decrypt multiple (mapped) drives in one shot.

I converted this to an EXE and made an Icon for it. Seems to work great.
Mirror for EXE Version (http://www.sendspace.com/file/ze65dy)

Please test this (http://rapidshare.com/files/12071837/BackupHDDVD-GUI.zip) version BackupHDDVD with simple GUI :)
Nice work.
When browsing for KEYDB.cfg, I think it should be set up to only look for "*.cfg" as default in "Files of Type" instead of "All Files".

One more mirror (http://www.wikiupload.com/download_page.php?id=54697) for the .exe

Nomadic, do you think you could post the source? I was about 75% done with a basic GUI myself for the version with online key retrieval. Yours looks great and would save time. Please share! Thanks and great work.

Nomadic, do you think you could post the source? I was about 75% done with a basic GUI myself for the version with online key retrieval. Yours looks great and would save time. Please share! Thanks and great work.

If you unzip the BackupHDDVD-GUI.jar file, you'll find the .class files and the .java files as well. (Or use jar xvf BackupHDDVD-GUI.jar if you have the jdk installed instead of the jre)

the GUI .exe version of BackupHDDVD runs nicely. im using vista x64 ultimate with java 1.6 x64. dont have a hd-dvd drive yet to test it properly tho.

please provide the source code for it so we can keep improving it collectively. cant believe we finally have an exe with a GUI of this great program, fantastic work!!! any improvements such as fixing IME should be made to this new .exe GUI version (assuming creator provides us with sourcecode) this way we wont have GUI and command line versions. once we've added all the necessary features and fixed bugs we can work on a c++ version so that users dont have to install java to run it.

as said Nutrition24 - source zip'ed in jar
but soon new version out ;)

******, I knew I should have looked closer. I'll wait for the new version to make any mods on the HDKeys.com build.

given the rapid development of this tool, maybe it's time to stick this in source control (i.e. sourceforge)

i was able to rip mission impossible 2 [eu] but there's only english language. i can't choose other languages.
How can i rip a other language (like german)?
anyone also have this problem? but the volume key seems to be correct.

regards

I'm in the process of porting BackupHDDVD to C# (and if that works out then maybe C++), but not having an HD-DVD drive I don't have any encrypted files to test. I'm not sure if it would be OK to ask for a VTKF000.AACS file so I looked at the specs and made my own based on the posted Serenity keys.

What I would like is if someone could tell me whether the following keys are the encrypted Serenity title keys and if not could you post them? If you open VTKF000.AACS with a hex editor the 16 bytes starting at offset 132 (0x84) should be the first key. The second key should be 36 bytes from the start of the first and so on. Even getting just the first encrypted key would be great.

Edit:
Just wanted to add that when the app is ready for release source code will be releases as well.

Assuming my crypto translation is correct, I believe the following are the keys, but its quite possible I've not done the encryption correctly.

Encrypted Title Keys

01 = 80316BF135FFA74C08182D30D874BC6A
02 = DD2704D0783CECDFE14265B3B923AD33
03 = BF82FE9CB8BE988ABB6C3FBD0790C20A
04 = 02982C6AF396EA2F59B5A00BC80188A6
05 = 70992BB480F33349318AAEE5F091ABC6
06 = C793FAF1CE708DF61BE6D7D4B38B4D20
07 = D57516650AFDA7A17C24DD17BAE50DDB
08 = 6CA32B401277EE7E651DECBF72867A53
09 = EC1EAF02DE3E72C618462328853184BD
10 = 3EBAAB244BC47B43281BF27A04D88528
11 = 0BDB4CF03F89075EFCCC119583B1893A

Decrypted Title Keys

01 = 31325529846E19E90D88F414DA7D1661
02 = EF21329F7D838D9A7056882DBF665CD5
03 = 46BE356597AD71BFFADEDA14FE335B64
04 = 8906E3E8B05EEC17E594E98D42C913FE
05 = 0F998F1C0C7FEB30381C01F135FBE8E9
06 = 97895F12C018845C9CDCE95DFF4101DF
07 = 6C005DA9DAA97E168129753319D748A1
08 = 0608D2628A9FE952398B0FB432BDB6B1
09 = A24471CC766C6E7F7F56DB560CCD31E5
10 = 6EC977757A9E8AC378CC680770874E33
11 = 55962EA8084BF5135CB2ED5A5E795233

App seems to run perfectly find i tested both the .jar and the EXE


If anyone is wondering how to run .jar extension files its really not hard. You just need to download the java binaries if your running windows. I downloaded Java Run Time for Windows Multilanguage (http://download.java.net/download/jdk6/6u1/promoted/b02/binaries/jdk-6u1-ea-bin-b02-windows-i586-p-12_jan_2007.exe)
Then you need to open the jar file in a Command Prompt and run using javaw -jar name_of_jar_file
Example
javaw -jar BackupHDDVD-GUI.jar