HD DVD's AACS Protection Bypassed

Mr. BS writes "Playfuls.com is running a story how HD DVD's AACS protection has been compromised. Although the video of the hack leaves much to be desired, the source code has already been made available. Feel free to start backing up your HD DVD's whenever you feel the need."

Dupe

[rrohbeck (944847)]

http://hardware.slashdot.org/article.pl?sid=06/12/ 28/0259244 [slashdot.org]

Re:

[nacturation (646836)]

Half-dupe. The last story said source coming in January. This one provides source.
 

Actually...

[raehl (609729)]

This was just a backup of the last article.

Re:

[evilviper (135110)]

The last story said source coming in January.

You should pay more attention before you "correct" other people...

The source was linked in the Doom9 thread the /. story linked to. I have the zipfile on my hard drive to prove it, and a large number of the comments in that thread revolve around a review of the source.

Re:

[Aladrin (926209)]

While this is partly a dupe, at that time, the source code had not been released. It has now. So the headline really should have reflected that, instead.

Dupe

[dominick (550229)]

This also just in...

slashdot seems to be posting stories more than once to demonstrate
the real effect of deja vu on the jolt drinking, halo playing, pornography
downloading whacked out crowd it caters to.

Re:

[i_should_be_working (720372)]

It also caters to my insanely short attention span (brought on by the jolt/halo/porn):

"hey, cool, the new-fangled dvds have been cracked, I'll read about it now.. Oh wait, the youtube video in the next tab is starting"

(2 minutes later)

"That sure was funny, now back to the porn"

(two days later)

"hey, cool, the new-fangled dvds have been cracked..."

And the winner is..

[by Anonymous Coward]

I guess HD DVD just won the war against blu-ray!

Re:

[Joe The Dragon (967727)]

And it will be locked out of many things forcing Blu-ray to the top.

Re:

[Workaphobia (931620)]

Why?

http://en.wikipedia.org/wiki/AACS [wikipedia.org]

"The specification was publicly released in April 2005 and the standard has been adopted as the access restriction scheme for HD DVD and Blu-ray Disc."

Blu-ray IIRC had room for additional DRM methods as well.

The source is not for the "break"

[plover (150551)]

The source code provided is simply code to decrypt the stream. It's an implementation of the AACS published standard for decrypting a stream. What it does not do is provide a way to extract the keys from the disks.

The author is waiting till some time in the new year to reveal how he got the keys, but the evidence suggests to me that he used some kind of debugging hook into Power HD-DVD.

Even Worse

[Frans Faase (648933)]

It does not even contain the actual decripting code, but simply calls some system routines.

Re:The source is not for the "break"

[Gyorg_Lavode (520114)]

Pretty simple. He identified the encrypted key. He probably debugged the player and looked for routines that accessed that part of thefile. When he found them he ran the routine and pulled it's output out of memory.

Dance Dance Revocation

[tepples (727027)]

Pretty simple. He identified the encrypted key.

Which will be the first revoked key.

Re:

[Workaphobia (931620)]

This point has been mentioned a lot in this article's comments and the last one on this topic, but I'll karma whore and reiterate it:

There's a difference between the title key and the player key. The title keys are used to directly decrypt the contents of the dvd (or hddvd or blu-ray), and differ between discs. They are not revoked because they are never reused to begin with. The player key is what's licensed to the companies and stored in players. This is the key that allows access to the title key, and if

Re:

[tepples (727027)]

But if that were not the case, wouldn't it be trivial to make an image and distribute this rather than the unencrypted movie data, since people can just burn the image illegally and play it in a liscensed player to accomplish the same goal?

Even in DVD-R, the consumer burners can't burn the player key block, which is preset to the unencrypted state on all consumer blanks. Special "authoring" burners are prohibitively expensive for the typical low-scale pirate's business model.

It needs a name...

[jakedata (585566)]

How about AACS-Hole?

Should read:

[Swimport (1034164)]

Feel free to back up your hd-dvds once you get some.

To be honest, I've missed the dupes

[by Anonymous Coward]

When you have Alzheimer's, dupes are fantastic!

Re:

[miyako (632510)]

Hey! I may have Alzheimer's, but at least I don't have Alzheimer's.

Ironically.. probably a boost for the format

[Maxo-Texas (864189)]

the mfg's won't understand of course.

Par for the course

[fireproofjew (1042650)]

Every encryption/DRM scheme that the companies think up will inevitably be cracked/hacked. All they need to do is realize that and then they can save money instead of pursuing a futile effort. I, for one, would buy the stuff if it was worth the money they charge.

Maybe they could charge less if they didn't take the time or spend the money developing newer DRM?

Re:Par for the course

[arminw (717974)]

.....Maybe they could charge less if they didn't take the time or spend the money developing newer DRM........

Maybe the movie and music moguls are duped by the inventors and purveyors of these harebrained copy protection schemes. The latter KNOW that the laws of physics and mathematics GUARANTEE that *any* copy protection scheme WILL be broken. After all, in order to use the content, the key has to be given to the consumer in order to play it. There is NO way to hide a key, if it is needful to be able to use it at some point in order to view the movie or play the music. Perhaps some sane crypto expert can convince the content producers that they have been lied to by these crooked, money grabbing "experts" who know deep down that none of their schemes can ever work for long. The hollywood and the music industry have been sold the equivalent of a certain bridge labeled DRM by these companies who make money selling their DRM schemes to the content producers. Content makers would likely make more money if they did NOT pay these liars a dime.

Re:

[rob_squared (821479)]

The point has never been to make an unbreakable DRM scheme. The point is to use in in conjunction with the DMCA to get more control. DRM and the DMCA go together like bullets and handguns. The bullets (DRM) are useless themselves, but with the handgun (DMCA) they can get you to follow any restrictions they want.

DirecTV

[tepples (727027)]

There is NO way to hide a key, if it is needful to be able to use it at some point in order to view the movie or play the music.

Tell that to people trying to pirate DirecTV signals. Have the P4, D1, and D2 access cards [wikipedia.org] been broken yet?

Re:

[gutnor (872759)]

"The latter KNOW that the laws of physics and mathematics GUARANTEE that *any* copy protection scheme WILL be broken."

Ah, they don't want the protection to be completely unbreakable. They just want to make breaking the protection costing too much for average Joe to make copy of DVD to his friends.

The real value of a DVD for Joe user is something along the line of 20-50$ to purchase and will cost probably around 5$ to rent. If the protection is worth more than 5$ of pain for Joe user, then the mission is alr

Hello? Article submitter?

[Jugalator (259273)]

Feel free to start backing up your HD DVD's whenever you feel the need

Not only do we skip RTFA quite often, the article submitters seem to as well.

What he says in that quote is simply not possible; you still need the keys, and that hack doesn't cover that problem.

We may have something for that too in the future, but this is not the hack for piracy-at-will.

Re:

[ortholattice (175065)]

We may have something for that too in the future, but this is not the hack for piracy-at-will.

You mean this is not the hack for extracting your legally purchased content into a sensible format that allows you to skip all the mandatory previews etc. and actually watch it without shackles.

Re:

[shaneh0 (624603)]

Actually, FWIW, an HD-DVD starts playing the movie immediately. You can then, if you wish, access the menu features.

Re:

[nacturation (646836)]

What he says in that quote is simply not possible; you still need the keys, and that hack doesn't cover that problem.

Any software player also needs keys in order to play it. Until the time comes that hardware decryption is done in the video card itself, it'll always be possible to hack the software and get the required decryption keys.
 

PVP-UAB

[tepples (727027)]

Until the time comes that hardware decryption is done in the video card itself, it'll always be possible to hack the software and get the required decryption keys.

Windows Vista has a mechanism where media files can request decryption in the video card. See Protected Video Path User Accessible Bus [wikipedia.org].

yes, it's a dupe...

[Bullfish (858648)]

But sometimes people miss stories. Now, if it is a dupe of a dupe, then that's something else (it does happen). It should be no surprise the copy protection is broken. For every team of programmers coming up with this stuff, there are 40 million teenagers in basements hacking it. Law of averages says someone will stumble on to something. The crack is not very good right now. So what? Someone else will refine it. The chain gun was once a flintlock. If the associated groups were smart, they would do away wi

Hey MPAA/RIAA cretins!

[kimvette (919543)]

Now that it's cracked, I might consider buying your media in HD-DVD and Blu-Ray formats, since now I can take care of Fair Use when it comes to format shifting and making backups. Until it was cracked there was absolutely ZERO possibility that I would ever consider purchasing HD-DVD and Blu-Ray media.

Don't you think it's high time that you quit trying to block Fair Use now, especially since the real pirates in China are totally unaffected by DRM in the first place?

Thanks for listening.

Signed,
A paying customer

Re:

[bky1701 (979071)]

It did - before the DMCA - and should still.

Re:

[fourchannel (946359)]

Fair use doesn't give you the right to break the encryption on copyrighted works.

Sure doesn't. But did you also know that copyright restrictions don't even apply in the first place if you are using the media for private use. Copyright only comes into play if someone is trying to publish the work of someone else. It's not even fair use to be able to do what you want to with your legally purchased DVD in your own home, in fact, that's just called plain old use.

No matter how much bullshit these companies try to control your every move, realize that once I purchase that little plastic d

Re:

[dryeo (100693)]

Perhaps the one that will get passed if Harper wins a majority in the next election. Also in the case of a conservative majority expect a rewrite of the copyright laws to harmonize with the USA.

Re:

[kimvette (919543)]

Actually, if format-shifting for the purpose of interoperability or even bypassing for viewing on Linux, it (the DMCA) absolutely DOES specifically allow exemption for interoperability purposes.

Re:

[dryeo (100693)]

In Canada all blank CDRs include the levy. Also DLing music is legal though I don't think uploading is.

Because 1201 nullifies 107, 108, 109, and 117

[tepples (727027)]

Unfortunately, there are any number of people in the world who feel perfectly empowered to illegally copy and distribute whatever material they want. What, exactly, are these people - who spend millions upon millions of dollars to generate this content (well, at least in the case of movies - music, apart from marketing, has relatively low overhead) - supposed to do to try to prevent this?

Unfortunately, there any number of people in the world who feel perfectly empowered to use litigation against others who reuse their material in critical ways, to withdraw material from distribution, and to make material that has been distributed useless. What, exactly, is the public - who spends millions upon millions to preserve this content - supposed to do to try to prevent this?

A problem occurs when the conditions imposed by digital restrictions management interfere with the public's right to mak

HD-DVD is -NOT- cracked

[derrickh (157646)]

Unlike DVDs, HD-DVD's have dual keys, 1 for the title, and 1 for the player. At the most, this guy has managed to make 3 titles playable on a single player. What will happen next is Cyberlink will have it's PowerDVD keys revoked and new keys will be provided with a patch.

So at most, you'll be able to 'back up' (or Pirate) the current batch of Full Metal Jacket HD-DVD's to play on an older version of PowerDVD.

So dont go around yelling about how HD-DVD is cracked, cuz it's not.

Here's an article that has a few more facts and less sensationalism.
http://videobusiness.com/article/CA6403011.html [videobusiness.com]

D

Re:

[Utopia (149375)]

Actually DVDs also have title keys and player keys.

Re:HD-DVD is -NOT- cracked

[DamnStupidElf (649844)]

Unlike DVDs, HD-DVD's have dual keys, 1 for the title, and 1 for the player. At the most, this guy has managed to make 3 titles playable on a single player. What will happen next is Cyberlink will have it's PowerDVD keys revoked and new keys will be provided with a patch.

And when PowerDVD is re-released it will have to load its brand new decryption key into memory and use it to decrypt the data from the disk. If they're smart-asses, they'll only use the decryption key for key setup or even completely skip the AES 128 key and directly build the AES decryption key schedule by some other obfuscated process. If they really want to get wild, they'll continually decrypt and reencrypt the key schedule so that its never fully intact in memory at any given point in time, and integrate the last decryption steps into the first huffman decoding steps for the mpeg process (since it's just a bunch of XORs) to further annoy crackers. Unfortunately, the fact that unencrypted material ever exists in PowerDVD proves that they must have the entire AES decryption key schedule available for any given decryption, and it will be relatively trivial for crackers to pull the key schedule out and just pick the first 128 (or 192 or 256) bits of the key schedule which is the original AES key. Trying to hide encryption keys within an executable's memory space is probably one of the silliest ever conceived. All an attacker has to do is try every K-bit (K is the size of the key) sequence of memory as a test key at several points in the program. That is in fact what this article's attack accomplished. The key schedule can be dynamically encrypted and decrypted as each word is required, but this is just a stopgap measure and slows encryption down significantly.

Re:

[supersat (639745)]

That article is wrong is one regard: "CSS relied on a single set of keys that were used to encrypt every DVD and were provided to every DVD player, both hardware and software."

CSS also uses different player keys. The three big differences between AACS and CSS is that AACS has many more player keys (CSS only had ~400), once one player key was discovered, you could easily discover all of the other player keys, and weaknesses in the encryption algorithm made it possible to discover the title keys without any p

bogus reasoning

[oohshiny (998054)]

The article in Videobusiness is correct in what can be done to revoke keys, but it's wrong in what that means.

It only takes a single compromised player to copy content, and once compromised, that player can be used in perpetuity to rip any and all disks published up to that point. There is no way to undo that.

Furthermore, if players like this get compromised every few months, we know that it's a fairly high probability event. Together with the previous observation, that means that pretty much every disc w

Cost Effectiveness?

[I'll Provide The War (1045190)]

Feel free to start backing up your HD DVD's whenever you feel the need.

Is it really cost-effective to do so at this point? HDDs seem to be at around $0.25/GB best case, so we are talking about $7+ per movie. That means 1/3 of your collection would have to be destroyed just to break even, assuming you value your time outside the office at $0/hr.

Maybe people are backing these up for other reasons such as skipping the 10 second FBI warning or saving the 20 seconds it takes to locate a disc and physically place it in the player?

I really don't see the utility, especially when

Re:

[CastrTroy (595695)]

You could just back them up to regular DVD. Given that BluRay is better quality than DVD, you could probably reencode it to DVD size without losing much over the DVD. You could even use MPEG4 to back it up, and store HD content on the DVD, you would probably have better quality than the DVD. You can't back up to BluRay for a good price, but a back up to DVD is better than no back up at all.

Re:

[donaldm (919619)]

If you can see it and hear it you can copy it, however the copied result may not have the same quality which may not be an issue to some people.

Since HD-DVD and Blueray are proposed for High Definition TV's (720 and 1080 using interlace or progressive scan) you will notice the difference between Standard Definition TV and HDTV. Consider a small HDTV (normally 720i,p) at approx 12in (30cm) you can hardly tell the difference between SD and HD content but now consider a 40in (101cm) and above HDTV (720p,i or 1

Universal availability

[symbolset (646467)]

If I paid for the content, I feel I'm entitled to play it when and where I want. That includes on my cell phone, my mp4 video player, streaming onto one of my pc's from my server, or even on a monitor that's attached with a VGA cable instead of a HDRM cable. And I feel I'm entitled to keep it safe from harm, watching the related movie while the shipping container disc is secure in its plastic box. I'm also entitled to watch just the content and skip the advertising, FBI threats, extras, menus and other c

Re:

[westlake (615356)]

No excuse for the Big Media companies not to know - DRM will not work!

because this so-called "hack" is based on the published algorithm for AACS decryption? what matters is where and how he got the keys.

Patience, young Jedi.

[tepples (727027)]

because this so-called "hack" is based on the published algorithm for AACS decryption? what matters is where and how he got the keys.

That will come later. Each piece of AACS shall be disclosed and disseminated in its own time, on a schedule that limits the ability of the MAFIAA to enforce the standard form contracts [wikipedia.org] encoded in the DRM system against customers.