BackupHDDVD, a tool to decrypt AACS protected movies - Page 31

maksa · 12th January 2007, 20:30

@bob0r

Quote:

And proof the people here wrong: http://www.hdnowonline.com/Comment_Who_Is_Muslix.html

If you dont dare posting keys, i am sure you can find a way to do this anonymous

If you have followed, we'vew seen this paranoid article form someone from HD Camp. Of course that it is possible to find the keys. Simple cryptology (w/o knowing programming) principles will tell you that full obfuscation of the code is not possible and could be reverse engineered. AACS knows that and the task is only to make it labour extensive. That is what they did. Unfortunately they are operating with public algorithm, known length of the crypto word and known material to be scrambled.
That is what could help us to reduce number of trials to find a key. This approach is known from WWII as "crib" approach. We assume that parts of the plain text is known and present in scrambled message. We try combination of the keys till we get that text right and easily exclude all the wrong keys. Hashing is complicating things a bit, but I am sure that muslix64 is a smart guy (as all of hackers out there) and will (or allready has) find the way to get all the requred keys.

diogen · 12th January 2007, 20:43

Quote:

Originally Posted by cyberpass

Finding the device keys are useless and a bad idea. If you do get the device keys, there is still way too much coding needed to calculate the title keys. They will just revoke the player for future use.

Finding the title keys is a good idea, even better if small brother doesnt find out which player was used. Let the player calculate the title key and steal it.

It might not be as simple as that, based on Felten's series.

Quote:

Originally Posted by bob0r

...And proof the people here wrong...

It would be nice to have one confirmed case of his methodology working. But doing this only because of that website?
Based on the owner's posts on AVS and on the very page you linked to, it doesn't deserve even being paid attention to, IMHO.

Diogen.

Isochroma · 12th January 2007, 20:45

It seems to me that the best course of action is to find a place in the player code where the key is plaintext, and insert some code to dump it to a file from there. That way, no memory dumps are necessary.

Then, ZIDRAV can be used to produce a difference file, which can be used to patch everyone's player to do the same. Then we can all start publishing keys...

cyberpass · 12th January 2007, 21:22

this better not end up like direct tv... A lot of hype at first on being cracked then nothing shows up, even till today!

Doom9 · 12th January 2007, 22:01

Guys... back to topic please. I'm not gonna say it again.

stormlord · 12th January 2007, 22:30

Why is everybody assuming that the required information is stored in just one location? That would be making it much easier to break then if the key information is located in different locations. I'm not just talking player, database or disc in physical terms - but also why should all of the "key" be in for example just one location in memory, or one register - it could be a combination too. I have no cryptography experience of any kind nor any experience with breaking security on PCs. I do have experience with forms of protection on good old commodore 64 - and I can tell you this: a good protection does not do the obvious, it tempts to misguide you or even relocates or rewrites itself/encrypts itself - i.o.w. much like viral activity of the worst kind. Some protection can be broken by finding one key element (in general the easy ones, like jump to a certain protection routine). In other numerous parts and various types of protection will be scattered through the software, making it much more difficult to find everything. Probably the hardest thing to break if they would do the protection/deprotection through a special circuit in hardware (with write once unique key in every player, no reading possibility). I recall one of the harder protections on C64 made use of the soundchip (!) to generate a random value.

As for HD DVD or Bluray media: there will always be a way to break any form of protection, since it has to be able to be played. The matter is: how difficult do they make it and how easy/obvious is it. The challenge will be greater if they make it more difficult, and many people who try will give up because they lack the patience or the knowledge. There will always be people who have the ability to break it though, if they want.

<< START RANT >>

My largest problem with all of this is that there will be a lot of people who bought discs legitimately and they won't be able to play them with the best quality on each and every hardware due to various forms of UNWANTED copyprotection (DRM, AACS, HDCP, whatever...). When will the MPAA/RIAA finally get it that people do not WANT any of this, nor do they want to pay extra for them (because they definately ARE paying for them). Region coding is bull in this day and age (many movies are released almost simultaneously around the globe), and the industry should be aware of that the plubic thinks about it that way. Do they seriously think the player manufacturers and even dealers WANT all these problems with things like HDCP, region coding (customers nagging about it) etc... I can understand perfectly that the studios want to protect their rights as a copyright holder and want to make a profit on their products so that they can correctly & rightfully pay everybody involved in the production/distribution etc.., but there is such a thing as overpricing and scaring away the customers from buying these new products (that is how good new ideas and new techs fail). When multiple formats are being released, ultimately - there always will be losers -& in general it's the early adopting endusers/consumers (the ones who pay back all the R&D!!!) who end up with hardware or media they cannot use as they would have wanted. They get a beta product that only works half the way it should, they pay far the most and often end up with unusable quickly devaluating material. The industry should REWARD these people for being their guineaupigs!!! Instead they ROB them of any decent userexperience, much like they claim to being robbed by piracy year after year (yet with ever increasing profits... don't they realise there is a ceiling to that??)

If they want piracy out of the world (which they will never be able to do entirely anyway), they 'd be better off taking other measures:
1) lower the price of the media (album CDs often cost more than a full DVD out here - which are much more labourintensive to master, anybody care to explain how that is logical?) Lower price means: more people buy the original. If backing up a disc costs almost as much as the original one - why bother copying? They could start lowering the cost by skipping all kinds of unwanted forms of copyprotection, because all these schemes definately cost money to develop + they cost extra in terms of hardware and hardwareresources.
2) allow people to make a legit copy of their rightfully purchased media or provide cheap replacement themselves if a disc goes bad within a normal lifespan. Here in many European countries people already pay some form of copy tax on blank media any way, why don't they just make that the same for everybody everywhere + return part of the money to the people who really earn it (the artists, NOT the large publishing companies behind them - who rake up all the hard cash in a great many cases!) !!!
3) Persue first and foremost mass piracy through illegit reprints, i.o.w. people who make loads of profit out of piracy. People will always copy for family and friends, you will never get that out. That's a battle lost before it's even started. Hell, even the musicians/artist copy themselves. The ones that claim they don't are usually a bunch of hypocrits or flat-out liars! IMHO, the better way would be to convince people to BUY the product if they think it is WORTH the money!

Nobody wants protected original media that does not play the way it should in EVERY player...

If the industry still doesn't realise people want players that play EVERYTHING: Blu Ray, HD DVD, DVD and CD alike -AND- do not have crap like region coding, HDCP etc.. that prevents them from playing back media they purchased legitimately.

When I buy discs at e.g. amazon.com in the USA and I live in Europe and I PAY for them and I PAY taxes for them - I want to be able to play them everywhere! Why buy them in the USA: there hardly are any titles in Europe available, let alone good ones!!!
(note that to my knowledgde NONE of the blu ray titles listed on Amazon indicates which region they belong to or if they have region coding enabled)
That's doesn't mean I want to fork out the schandalous amount of money for 2 players (let alone 4 if no one makes a hybrid Blu-ray/HD-DVD player) if I want to be able to play discs from the USA and Europe!
Hell, these players do not cost the chinese that much to produce at all (not nearly as much as they are being sold at anyway) - early adopters pay all the R&D + the volumes are just too low.
They should give early adopters a reduction voucher for next generation product as a reward for BETATESTING their early release crap!!!

As for the HD-DVD vs Blu Ray battle, it's all politics that in the end consumers are not served by.
HD DVD's wider acceptance in the USA may have to do with better title releases and better mastering of the specific titles.
Here in Europe neither HD-DVD, nor blu ray have broken through (I guess it hasn't anywhere, but even far less here than in the USA) - and I'd say HD DVD even less!(less players/drives for PC, less titles, less brand recognition!)
Personally, all I care about is that in the end we get good versatile & quality product that works properly and can be played without too much of a hassle or harressment by all kinds of lame protection systems ultimately none of the buyers want.

Haven't they learned their lessons yet from audio cd protection then??? The buying consumers didn't want it there either!

I stress: I'm talking about BUYING customers, not pirates...

And even then: just about everybody has a VCR, dont't they? ALSO the RIAA/MPAA execs? Right: they pirate too! TV shows and movies shown on TV are also copyrighted!
It's the same bunch of hypocrits all over: they release/sell MP3/DIVX players, they release/SELL VCRs, they release/SELL blank media for them, they release HDD recorders?

But hardly anybody can record or use them legitimately? Who are they kidding?

Aren't they making enough money yet by selling both the hardware and the software??? Oh, they would love us to pay for each time we play the media too I suppose?

<< END RANT >>

Mikey10 · 12th January 2007, 23:58

Well, known-plaintext attack worked really well for DeCSS ...

... but ...

wouldn't it be to abasing for the MPAA, if this same lousy method would break these creepy-billion-dollar-concept AACS also?

by the way - muslix ...
... why had the Teaser_1.evo in your really awful^^ YouTube video just a filesize of 4,02 GB?

Mine has 9,2 gig; the 14,4 gig Teaser_2.evo was missing completely ...

LordSloth · 13th January 2007, 00:26

Finally I can post!

I wanted to post this over the weekend but had to wait

Anyway, I can also confirm that BackupHDDVD properly decrypts EVOs when given the correct Title Keys.

I followed this posting http://pastebin.com/853659 for finding one for a movie. And after the lengthy search, interpret, and hex conversion the key actually worked in BackupHDDVD.

~Cheers

13th January 2007, 00:48

Quote:

Originally Posted by LordSloth

I followed this posting http://pastebin.com/853659 for finding one for a movie.

??? Are you sure you gave the right link?

This is the only text I get if I follow your link, it doesn't seem to have any relation HD-DVD encryption:

Quote:

2/Reavers are bad mmmmkay...Google 4TW!

Mark Twain Intermediate School
Restaurant & Lounge
Cent
Celtic Designs Dover Pictorial
Science Online Special Feature
Link Building Strategies
Starlifter
Solar periodicity
Dawson's Creek Music Guide Decisions
Duncan's F
ways to market your small or solo business
WBFF
Olivia Quinn Food Stamp Leaver
Dalmations
CITI FM
Skippyslist

Janvitos · 13th January 2007, 00:52

I think some people are messing around with us.
I followed that link too and get nothing relevant.

Please ban the ignorants.

LordSloth · 13th January 2007, 01:05

Quote:

Originally Posted by He-Man

??? Are you sure you gave the right link?

This is the only text I get if I follow your link, it doesn't seem to have any relation HD-DVD encryption:

Yes the link is correct. It's a scavenger hunt of some sort! And since I had to go through the trouble of following it myself, I'm not going to post the answer directly.

I mean what fun would that be?

Don't get me wrong, I don't take some sick pleasure in making others follow the same path I did. But it did seem the safest way to share the information. Which is probably why the original poster put it in this format.

blutach · 13th January 2007, 01:21

@stormlord - you have just registered 5 days ago and had time to read the rules. This thread is not a place for your rants. Many times, Doom9 and I have asked posters to stay on topic. Strike issued.

@Mikey10 - same comments regarding rules. How does yourt post add to the topic? Strike issued.

Regarding LordSloth's link: I can not get it to load at all. I am loath to issue strikes until I can determine the content for myself. But you are way off topic in your previous post. Strike issued.

Regards

setarip_old · 13th January 2007, 01:26

@LordSloth

As an outside observer, having absolutely no involvement in the activity being pursued in this thread (Although I'm certainly interested in its eventual outcome), I must say it's disconcerting to see you trying to make a "game" out of the loosely cooperative effort the other posters to this thread.

I'd suggest that if you have discovered a legitimate, meaningful "piece of the puzzle", you should simply present it here - so that others can advance their combined efforts...

LordSloth · 13th January 2007, 01:29

Quote:

Originally Posted by setarip_old

@LordSloth

As an outside observer, having absolutely no involvement in the activity being pursued in this thread (Although I'm certainly interested in its eventual outcome), I must say it's disconcerting to see you trying to make a "game" out of the loosely cooperative effort the other posters to this thread.

I'd suggest that if you have discovered a legitimate, meaningful "piece of the puzzle", you should simply present it here - so that others can advance their combined efforts...

I am just passing on the link that I found and indicated that I went through the trouble of following it, that others could too without much difficulty.

That and the result of following that link is a Title Key for the movie hinted at in the top. Posting the answer directly didn't seem wise.

setarip_old · 13th January 2007, 01:32

@Janvitos

I'd speculate you'd have to convert those to hex...

Janvitos · 13th January 2007, 01:38

For the ones interested:

239 -> EF
33 -> 21
50 -> 32
159 -> 9F
125 -> 7D
131 -> 83
141 -> 8D
154 -> 9A
112 -> 70
86 -> 56
136 -> 88
45 -> 2D
191 -> BF
102 -> 66
92 -> 5C
213 -> D5

What movie is this a key for ?

blutach · 13th January 2007, 01:38

Gentlemen - enough of this!

LordSloth - either post your results or do not post at all. Last Warning.

Everybody - there will be no more warnings issued. Posts which can not stay on topic, or do not directly address the issue of decrypting HD-DVD will be struck. These include rants, taunts, accusations, publication of off topic links (including about muslix64's identity), irrelevant numbers which can not possibly be seen as keys and anything else that is not relevant or does not further this discussion.

Please read the above carefully.

Regards

LordSloth · 13th January 2007, 01:42

Quote:

Originally Posted by Janvitos

For the ones interested:

...

What movie is this a key for ?

Serenity

It took me awhile to figure that out from the Reavers comment at the top...

Hope you have a copy.

It's the 2nd Title Key

cyber1 · 13th January 2007, 01:42

Quote:

Originally Posted by Janvitos

For the ones interested:

239 -> EF
33 -> 21
50 -> 32
159 -> 9F
125 -> 7D
131 -> 83
141 -> 8D
154 -> 9A
112 -> 70
86 -> 56
136 -> 88
45 -> 2D
191 -> BF
102 -> 66
92 -> 5C
213 -> D5

What movie is this a key for ?

It's Serenity.

13th January 2007, 01:43

Quote:

Originally Posted by setarip_old

@Janvitos

I'd speculate you'd have to convert those to hex...

Google each of the 16 lines in the text. The first Google hit you get for each text line contains a 2 or 3 digit number in the title.
These decimal numbers probably have to be converted to hex and you get a 64 bit number.

12th January 2007, 22:01	#605 \| Link
Doom9 clueless n00b Join Date: Oct 2001 Location: somewhere over the rainbow Posts: 10,583	Guys... back to topic please. I'm not gonna say it again. __________________ For the web's most comprehensive collection of DVD backup guides go to www.doom9.org

12th January 2007, 22:30	#606 \| Link
stormlord Registered User Join Date: Jan 2007 Posts: 4	Why is everybody assuming that the required information is stored in just one location? That would be making it much easier to break then if the key information is located in different locations. I'm not just talking player, database or disc in physical terms - but also why should all of the "key" be in for example just one location in memory, or one register - it could be a combination too. I have no cryptography experience of any kind nor any experience with breaking security on PCs. I do have experience with forms of protection on good old commodore 64 - and I can tell you this: a good protection does not do the obvious, it tempts to misguide you or even relocates or rewrites itself/encrypts itself - i.o.w. much like viral activity of the worst kind. Some protection can be broken by finding one key element (in general the easy ones, like jump to a certain protection routine). In other numerous parts and various types of protection will be scattered through the software, making it much more difficult to find everything. Probably the hardest thing to break if they would do the protection/deprotection through a special circuit in hardware (with write once unique key in every player, no reading possibility). I recall one of the harder protections on C64 made use of the soundchip (!) to generate a random value. As for HD DVD or Bluray media: there will always be a way to break any form of protection, since it has to be able to be played. The matter is: how difficult do they make it and how easy/obvious is it. The challenge will be greater if they make it more difficult, and many people who try will give up because they lack the patience or the knowledge. There will always be people who have the ability to break it though, if they want. << START RANT >> My largest problem with all of this is that there will be a lot of people who bought discs legitimately and they won't be able to play them with the best quality on each and every hardware due to various forms of UNWANTED copyprotection (DRM, AACS, HDCP, whatever...). When will the MPAA/RIAA finally get it that people do not WANT any of this, nor do they want to pay extra for them (because they definately ARE paying for them). Region coding is bull in this day and age (many movies are released almost simultaneously around the globe), and the industry should be aware of that the plubic thinks about it that way. Do they seriously think the player manufacturers and even dealers WANT all these problems with things like HDCP, region coding (customers nagging about it) etc... I can understand perfectly that the studios want to protect their rights as a copyright holder and want to make a profit on their products so that they can correctly & rightfully pay everybody involved in the production/distribution etc.., but there is such a thing as overpricing and scaring away the customers from buying these new products (that is how good new ideas and new techs fail). When multiple formats are being released, ultimately - there always will be losers -& in general it's the early adopting endusers/consumers (the ones who pay back all the R&D!!!) who end up with hardware or media they cannot use as they would have wanted. They get a beta product that only works half the way it should, they pay far the most and often end up with unusable quickly devaluating material. The industry should REWARD these people for being their guineaupigs!!! Instead they ROB them of any decent userexperience, much like they claim to being robbed by piracy year after year (yet with ever increasing profits... don't they realise there is a ceiling to that??) If they want piracy out of the world (which they will never be able to do entirely anyway), they 'd be better off taking other measures: 1) lower the price of the media (album CDs often cost more than a full DVD out here - which are much more labourintensive to master, anybody care to explain how that is logical?) Lower price means: more people buy the original. If backing up a disc costs almost as much as the original one - why bother copying? They could start lowering the cost by skipping all kinds of unwanted forms of copyprotection, because all these schemes definately cost money to develop + they cost extra in terms of hardware and hardwareresources. 2) allow people to make a legit copy of their rightfully purchased media or provide cheap replacement themselves if a disc goes bad within a normal lifespan. Here in many European countries people already pay some form of copy tax on blank media any way, why don't they just make that the same for everybody everywhere + return part of the money to the people who really earn it (the artists, NOT the large publishing companies behind them - who rake up all the hard cash in a great many cases!) !!! 3) Persue first and foremost mass piracy through illegit reprints, i.o.w. people who make loads of profit out of piracy. People will always copy for family and friends, you will never get that out. That's a battle lost before it's even started. Hell, even the musicians/artist copy themselves. The ones that claim they don't are usually a bunch of hypocrits or flat-out liars! IMHO, the better way would be to convince people to BUY the product if they think it is WORTH the money! Nobody wants protected original media that does not play the way it should in EVERY player... If the industry still doesn't realise people want players that play EVERYTHING: Blu Ray, HD DVD, DVD and CD alike -AND- do not have crap like region coding, HDCP etc.. that prevents them from playing back media they purchased legitimately. When I buy discs at e.g. amazon.com in the USA and I live in Europe and I PAY for them and I PAY taxes for them - I want to be able to play them everywhere! Why buy them in the USA: there hardly are any titles in Europe available, let alone good ones!!! (note that to my knowledgde NONE of the blu ray titles listed on Amazon indicates which region they belong to or if they have region coding enabled) That's doesn't mean I want to fork out the schandalous amount of money for 2 players (let alone 4 if no one makes a hybrid Blu-ray/HD-DVD player) if I want to be able to play discs from the USA and Europe! Hell, these players do not cost the chinese that much to produce at all (not nearly as much as they are being sold at anyway) - early adopters pay all the R&D + the volumes are just too low. They should give early adopters a reduction voucher for next generation product as a reward for BETATESTING their early release crap!!! As for the HD-DVD vs Blu Ray battle, it's all politics that in the end consumers are not served by. HD DVD's wider acceptance in the USA may have to do with better title releases and better mastering of the specific titles. Here in Europe neither HD-DVD, nor blu ray have broken through (I guess it hasn't anywhere, but even far less here than in the USA) - and I'd say HD DVD even less!(less players/drives for PC, less titles, less brand recognition!) Personally, all I care about is that in the end we get good versatile & quality product that works properly and can be played without too much of a hassle or harressment by all kinds of lame protection systems ultimately none of the buyers want. Haven't they learned their lessons yet from audio cd protection then??? The buying consumers didn't want it there either! I stress: I'm talking about BUYING customers, not pirates... And even then: just about everybody has a VCR, dont't they? ALSO the RIAA/MPAA execs? Right: they pirate too! TV shows and movies shown on TV are also copyrighted! It's the same bunch of hypocrits all over: they release/sell MP3/DIVX players, they release/SELL VCRs, they release/SELL blank media for them, they release HDD recorders? But hardly anybody can record or use them legitimately? Who are they kidding? Aren't they making enough money yet by selling both the hardware and the software??? Oh, they would love us to pay for each time we play the media too I suppose? << END RANT >> Last edited by stormlord; 12th January 2007 at 22:33.

13th January 2007, 00:52	#610 \| Link
Janvitos Registered User Join Date: Jan 2007 Posts: 55	I think some people are messing around with us. I followed that link too and get nothing relevant. Please ban the ignorants. Last edited by Janvitos; 13th January 2007 at 00:57.

13th January 2007, 01:21	#612 \| Link
blutach Country Member Join Date: Sep 2004 Location: is everything! Posts: 6,499	@stormlord - you have just registered 5 days ago and had time to read the rules. This thread is not a place for your rants. Many times, Doom9 and I have asked posters to stay on topic. Strike issued. @Mikey10 - same comments regarding rules. How does yourt post add to the topic? Strike issued. Regarding LordSloth's link: I can not get it to load at all. I am loath to issue strikes until I can determine the content for myself. But you are way off topic in your previous post. Strike issued. Regards __________________ Les Only use genuine Verbatim or Taiyo Yuden media. Last edited by blutach; 13th January 2007 at 01:28.

13th January 2007, 01:38	#617 \| Link
blutach Country Member Join Date: Sep 2004 Location: is everything! Posts: 6,499	Gentlemen - enough of this! LordSloth - either post your results or do not post at all. Last Warning. Everybody - there will be no more warnings issued. Posts which can not stay on topic, or do not directly address the issue of decrypting HD-DVD will be struck. These include rants, taunts, accusations, publication of off topic links (including about muslix64's identity), irrelevant numbers which can not possibly be seen as keys and anything else that is not relevant or does not further this discussion. Please read the above carefully. Regards __________________ Les Only use genuine Verbatim or Taiyo Yuden media.

12th January 2007, 20:45	#603 \| Link
Isochroma Registered User Join Date: Mar 2005 Posts: 468	It seems to me that the best course of action is to find a place in the player code where the key is plaintext, and insert some code to dump it to a file from there. That way, no memory dumps are necessary. Then, ZIDRAV can be used to produce a difference file, which can be used to patch everyone's player to do the same. Then we can all start publishing keys...

12th January 2007, 21:22	#604 \| Link
cyberpass Registered User Join Date: Jan 2007 Posts: 15	this better not end up like direct tv... A lot of hype at first on being cracked then nothing shows up, even till today!

12th January 2007, 23:58	#607 \| Link
Mikey10 Registered User Join Date: Jan 2007 Posts: 1	Well, known-plaintext attack worked really well for DeCSS ... ... but ... wouldn't it be to abasing for the MPAA, if this same lousy method would break these creepy-billion-dollar-concept AACS also? by the way - muslix ... ... why had the Teaser_1.evo in your really awful^^ YouTube video just a filesize of 4,02 GB? Mine has 9,2 gig; the 14,4 gig Teaser_2.evo was missing completely ...

13th January 2007, 00:26	#608 \| Link
LordSloth Registered User Join Date: Jan 2007 Posts: 8	Finally I can post! I wanted to post this over the weekend but had to wait Anyway, I can also confirm that BackupHDDVD properly decrypts EVOs when given the correct Title Keys. I followed this posting http://pastebin.com/853659 for finding one for a movie. And after the lengthy search, interpret, and hex conversion the key actually worked in BackupHDDVD. ~Cheers

13th January 2007, 01:26	#613 \| Link
setarip_old Registered User Join Date: Aug 2005 Posts: 16,267	@LordSloth As an outside observer, having absolutely no involvement in the activity being pursued in this thread (Although I'm certainly interested in its eventual outcome), I must say it's disconcerting to see you trying to make a "game" out of the loosely cooperative effort the other posters to this thread. I'd suggest that if you have discovered a legitimate, meaningful "piece of the puzzle", you should simply present it here - so that others can advance their combined efforts...

13th January 2007, 01:32	#615 \| Link
setarip_old Registered User Join Date: Aug 2005 Posts: 16,267	@Janvitos I'd speculate you'd have to convert those to hex...

13th January 2007, 01:38	#616 \| Link
Janvitos Registered User Join Date: Jan 2007 Posts: 55	For the ones interested: 239 -> EF 33 -> 21 50 -> 32 159 -> 9F 125 -> 7D 131 -> 83 141 -> 8D 154 -> 9A 112 -> 70 86 -> 56 136 -> 88 45 -> 2D 191 -> BF 102 -> 66 92 -> 5C 213 -> D5 What movie is this a key for ?

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode