View Single Post
Old 13th February 2007, 17:47   #7  |  Link
FoxDisc
Registered User
 
Join Date: Jan 2007
Posts: 274
Quote:
Originally Posted by arnezami View Post
That basicly means that having a Volume ID (IDv) and a Media Key (Km) you can calculate the Volume Unique Key (Kvu).

Or to illustrate it (I removed the currently unused parts):



The red part is the hard part: getting the Media Key** (usually from a software player by debugging/memory snooping). But this only has to be done once per MKB and can be done by a pro.

The yellow part is what I described above: we either can (nearly) predict the Volume ID or we can get it via simple USB sniffing (the software player can't do much about that apart from bus encryption which is not implemented yet).

The blue part is the easiest: if we have the Volume ID (also called IDv) and the Media Key (Km) we can calculate the Volume Unique Key (Kvu) and then the Title Keys (Kt). This of course enables us to decrypt the content itself.

Hope that clarifies a bit.

Regards,

arnezami

** Later in this thread it became clear we need a Processing Key. But it amounts to basicly the same thing.
I would appreciate a summary/restatement/explanation of this. I've looked at some of the AACS source documents, but I still don't understand where the "processing key" fits into the picture. Specifically, it looked to me like the player stores a device key (in the player or player software) that was created from some master key in the secret possession of the AACS licensing authority. The device key is used to decrypt the MKB (on the disk) to get the media key (Km). The device key is subject to revocation by the AACSLA by changing the MKB on future disks such that the old revoked device key no longer works with the new MKB on the new disks to get a valid media key.

The media key is used with the volume ID (stored on the disk) to get the volume unique key (Kvu) After processing, this decrypted Kvu volume unique key is in the memory of WinDVD and can be grabbed by other tools developed here. It is specific to the disk. The volume unique key can be used to decrypt an encrypted title key (stored on the disk) to get the decrypted title key Kt which is now in memory of WinDVD and can also be grabbed by tools here when decrypted and being used in the memory.

If we had the device key, then the disk could be read directly to obtain the final decrypted title key without any of the memory reading. Memory reading to find title key/volume unique key is subject to attack by making it more difficult to find in memory simply by updating software players, without changing any issued device keys or MKBs. Knowledge of the device key makes it easy to write a decrypting program and is only subject to revocation using the MKB changing - device key revocation process, something the AACS LA may not be really anxious to do on a regular basis.

Where does the "processing key" of the title of this thread fit into this picture? Is it the same as the device key or am I missing an important piece of this puzzle and the decrypting process? Thanks for filling in any gaps/errors in my summary above.
FoxDisc is offline   Reply With Quote