Blu-ray Protection Bypassed

ReluctantRefactorer writes with an article in the Register reporting that Blu-ray copy-protection technology has been sidestepped by muslix64, the same hacker who bypassed the DRM technology of rival HD DVD discs last month. From the article: "muslix64's work has effectively sparked off a [cat]-and-mouse game between hackers and the entertainment industry, where consumers are likely to face compatibility problems while footing the bill for the entertainment industry's insistence on pushing ultimately flawed DRM technology on an unwilling public." WesleyTech also covers the crack and links the doom9 forum page where BackupBluRayv021 was announced.

This won't kill DRM

[suv4x4]

Microsoft and Apple are smart. Disk based DRM is doomed since you can't actually upgrade disk drives and disk media that easily, even with encryption programs written dynamically on the disk.

So as disk-based DRM is consistently wrecked, but can't be updated until the next hardware cycle (~7-8 years at least), which alternative becomes obvious?

Software based DRM via network downloads. You can update the DRM-ed player in the next software patch, automated via Internet distribution. Apple is covered with their iTunes store, and Microsoft has been working frantically on heavy DRM in Vista and WMP.

Now you know why.

It's not cracked, not yet at least

[FlunkedFlank]

Again, as with HD-DVD, all that's happened so far is: - he has implemented decryption using the fully public specs - he has recovered some per-disk keys (using a clever technique) by finding them in the memory of software players Neither format should be considered cracked until a standalone software player could play all disks (independent of an online key database) a la DeCSS. That said, major props to him for actually getting done what he got done. The plaintext attack he used to recover the software keys, as described in one of the forum posts, was a nice touch.

Re:Here's what will kill DRM...

[User 956]

Honey, I have to reboot the TV because it's just gotten a security bios update and TiVo won't record until it sees the update.

Your post is more true than you realize. [popularmechanics.com]

something useful?

[Anonymous Coward]

Maybe muslix can fix the HDDVD and bluray players so they don't downgrade component outputs.

Re:This won't kill DRM

[hawkbug]

You're right. But from what I understand you don't have to for an update - the movies themselves now include them I think. I think the Xbox 360 works the same way with games updating the system. Very sneaky.

The drawback people have spotted here

[goldcd]

is that you can't just run the program to decrypt all your Blu-Ray(or HD-DVD) disks, you need to locate the key and use that to get the unprotected data.
This sounds like a right pain in the arse. I'm used to buying DVDs willy-nilly and just shoving films onto servers, PSPs, iPods, XBMC etc as the mood takes me. It always works, I just press a couple of buttons and away I go.
Reading these stories have made me think - I'm now even less likely to buy a HD disk than I am a standard DVD. I buy a HD disk in the shop and I've now got to worry, can I get the key for this disk? will it be for the right region? will it be the right version (you can be sure once a disk is cracked they'll shove new keys on all future pressings).
I don't think I can be arsed with all this really.. much easier just to download un-encrypted and know it'll work on everything I own, forever. FFS I'd pay more for the pirate version than the legit one given the chance.
My next prediction is the appearance of a site that'll serve keys. You put your HD disk in your machine, run a util that gets a hash from it, searches online and decrypts the disk automatically.
*scampers off to register hd-keys.com*

Re:Oh well...

[Ryan Amos]

I'm always curious though... DVD never really took off (it was popular, but not in-every-living-room popular) until CSS was cracked and people could copy their own DVDs (or rather buy copied DVD movies for $5 from the kid down the hall.) That was the real death knell for VHS.

But which comes first? The widespread adoption of a format or the ability to easily copy the format's content? I have a feeling it's the latter; which is why strong DRM provides not only a false sense of security, but may actually be the single biggest reason customers choose to shun a format.

Yes it IS a crack

[ratboy666]

The crypto is only as strong as the algorithm, and the method used for key management.

The argument that DRM is "workable" breaks down because the encrypted message is delivered to a party who is expected to BOTH decrypt the message, and NOT know the keys. But the keys had to be used to effect the decryption!

Basically, it makes very little sense.

The only way that DRM can work is if the playback device does not trust its user. Which means that it CANNOT be a general purpose computer.

The next generation of "DRM Operating Systems" cannot support general purpose computing. Pretty much the only way to guarantee that DRM will work is for such a computer to not allow ANY non-DRM compliant software while DRM content is playing.

In other words, while the DRM movie is playing, your spreadsheet won't.

But, since music playback while working is common, we can safely predict that DRM restrictions will be lifted from music. Movies? The next generation may well support "single tasking while movie is playing" mode.

If this is not done (as well as locking out all non-DRM approved drives and kernel extensions), the keyset can be recovered from the player software.

This crack just demonstrates this particular weakness. When I probe a cryptosystem, I look at the algorithm used (are there errors in the implementation? is it a good crypto algorithm? etc.), the keys (key length, is brute force possible or is the key recoverable from a known encyrpted plaintext, was the key produced by someone sane, or an idiot, etc.) and key management (where and how are keys stored and published etc.).

Remember "Spaceballs": the code is: "1", "2", "3", "4".

It is also good to remember that once a single digital copy is "cracked", the work doesn't have to be done for that title again.

Re:Oh well...

[MoxFulder]

I figure I could get say, $100,000 consulting fee out of it, right? And it'd be well worth it to any company planning to introduce a really retarded DRM scheme.

Remember SunComm, which saw its stock price fall by $10million when someone figured out they could bypass its DRM by holding down the shift key? http://news.com.com/2100-1025-5089168.html [com.com] If only they'd hired a geek to give it the idiot test...

Re:He didn't crack Blu Ray or HD DVD

[Anonymous Coward]

muslix64 explained how he do it at doom9 forum: http://forum.doom9.org/showthread.php?p=941095#pos t941095 [doom9.org]

Many people ask me more details about the known-plaintext attack. This is a very basic, but powerfull crypto attack that I have used to decrypt both format.

After reading posts of people trying to get the keys in memory, I realized, I have a different way of looking into the problem.

A lot of people try to attack the software, I'm attacking the data!

So I spent more time analysing the data, to look for patterns or something special to mount my known-plaintext attack. Because I know the keys are unprotected in memory, I can skip all the painfull process of code reversal.

I don't have any Blu-Ray equipment but I was able to recover the keys anyways... because I had access to a memory dump file and a media file.


To give you an example, let's take the Blu-Ray case.

First, I had to read the documentation about the media file format.

In the case of Blu-Ray, the media files are divided in blocks called "Aligned unit". Let's simply call them "Unit" for short. A Unit is a block of 6144 bytes. The first 16 bytes are unencrypted, and the rest are encrypted using AES in CBC mode.

A unit is composed of 32 blocks called "MPEG source packet". Each packet is 192 bytes long. The first 16 bytes of the first MPEG source packet of a Unit are decrypted.

Just to see the decrypted part of the packet, I have printed a few. Have a look:

D13BF428474000100000B0110000C100
D13C5DE84710111C6E3468D1861B8D1A
D13CC7A84710111CE3468D1861B8D1A3
D13D31684710111C1A346186E3468D18
D13D9B284710111C6186E3468D1861B8
D13E04E84710111C8D1861B8D1A34618
D13E6EA84710111CD1861B8D1A346186
D13ED8684710111C186E3468D1861B8D
D14D57924710111CFCC810FE80107F08
D14DC1524710111C1007647E401C002E
D14E2B124710111C8001880350400300
D14E94D24710111C007690DE581426A3
D14EFE924710111C80800E8081F9E081
D14F68524710111CA01300C007408C00
D14FD2124710111C005200B002E00D49

Do you see something special? Do you see any pattern?

The first byte is always D1 and the 5th byte is always 47. Can we use that to mount the known-plaintext attack? Of course!

Because we know we have multiple MPEG source packet inside a Unit, we know the decrypted version of the unit at position 192 will probably look like the sequences shown above.

In most cases, the know-plaintext attack is in fact a guessed-plaintext attack. We "assume" the data will look like something we "guessed" when decrypted. Most of the time, it works!

Knowing that, all you have to do, is to write a small program that scan a memory dump file, that comes from of a software player while it was playing the movie. The key is in that file, you have to locate it.

You just have to decrypt the first 2 MPEG source packets of the first unit until, you find a key that decrypt to something like:

D1??????47?????????????????????? at position 192.

That's it!

I also do something similar for the HD-DVD format.

Once you know the value and the position of the key in memory, you can do like people are doing here. Use "memory landmark" to locate the key.

Any questions?

Re:Oh well...

[Dogtanian]

I'm always curious though... DVD never really took off (it was popular, but not in-every-living-room popular) until CSS was cracked and people could copy their own DVDs (or rather buy copied DVD movies for $5 from the kid down the hall.) That was the real death knell for VHS.

I can only add to what others have said about the implausibility of this. I got my first DVD player (or rather, a drive for my PC) in 2002. The format was already well-established by then and there were many DVDs available at pretty decent prices (I got my first couple of DVDs from a Fopp [fopp.co.uk] retail store for £7).

Yet writable DVD drives were still in the £300-£400 range at that time.

And while we're on the subject, I used to subscribe to a Netflix-style service. I'd intended copying the discs, and whilst I was able to do this, it wasn't worth the hassle; averaging out the rental cost, plus the price of the disc, plus the time taken to rip and compress the DVD onto a single layer disc..... I realised that I could buy the complete box set at a decent price and said "sod it...."

The size of the discs probably made it possible to sell complete season/series box-sets widely. This never happened on VHS; although the tapes were bulkier, they also seemed to want to milk the buyer with 1h-2h content on a tape, when they could have fitted more. Possible result? Too expensive, too bulky; so how often did anyone buy complete runs? Not often.

I guess with DVD someone twigged that countless people buying the complete series at a third of the price equated to far more profit than four nerds who shelled out for a couple of seasons of ST:TNG at two episodes per tape...

Re:This won't kill DRM

[camperdave]

you don't have to for an update - the movies themselves now include them

That won't work, though. Think about it. You can put an update for either the decryption keys, or the decryption software on the disk. Let's say you put the software on the disk. Well, that means that Awai, Emmerson, Sony, Philips, Sanyo, Tandy, and countless others have to use identical computing engines in their equipment. If that's the case, we merely emulate the engine, and the security is cracked.

Let's say you put the decryption keys on the disk. Well, in order for the various equipment manufacturers to be able to read the movie, there would have to be a standard method for finding the decryption keys. We reverse engineer the standard, and our player software can update itself right from your disk.

Re:Oh FFS

[Cheesey]

We are probably going to find out that posting a 32 byte encryption key for a movie on your website does count as a DMCA violation, even though the key is only useful to people who own the disc.

Common sense be damned. Could an encryption key be the world's shortest copyrighted work?

Re:One can hope.....

[Fozzyuw]

maybe consumers should start lobbying or just stop buying..

I already did. I rent through Blockbuster online and/or Netflix. I'm catching up on all my TV shows I missed on Cable (which is also too expensive due to no competition) and the occasion film. DRM be dammed. I would buy DVD's if...

1. If they cost about $1-5 to buy (Wal-Mart has some double/triple feature DVD's for $10).
2. They didn't include the hard boxes. It's a waist for me. I'm moving towards just storing all my DVD's into a DVD book and getting ride of all the DVD towers taking up space in my apartment.
3. Let me do what I want with it, without hassle. It's crazy enough to have to download software to backup my discs to bypass the encryption.

If they could do that, I would probably buy every DVD I watched. It would probably also kill rental companies. hehe It would be nice if I could walk into my favorite (see most convenient) store, go to the movie desk and ask for a film. They could just push a button, and a few minutes later, a hot-off-the-press DVD is burned (with cover art), tossed into a nice recycle friendly paper protector slip and for a Lincoln($5) or less, I can be out the door. At home, I can rip it to my iPod, computer, or PSP, depending on my needs and home theater setup(no sharing).

I can file the disc into my DVD binder, tear off the corners of the slip it came in, which doubles as a background art in the DVD binder holder, and I'm set.

The benefits? Well, the stores would get a digital copy downloaded into their machines. No longer do they need large store displays or floor space. They can burn their disc at the customers desire. The movie companies don't have to mass produce a ton of products, ship them, and go through all the safety tests to make sure their packing meets standards and regulations. They just download their copy to the store on release day (or before and restrict it's sale until release day to avoid blasting their pipeline). They could save loads on production costs. If you happen to have a coaster, just bring it back to the store and trade it in for a new one.

It's all about the price being right. Of course, some people like the plastic case and jacket, no problem, the machine can print that off too, on high quality glossy paper, toss it in a plastic case, and pay an extra $1-2. It's more a-la-cart. And you toss out the "we don't stock that title" occurrence, where you want that older DVD (like say, Star Trek: Deep Space Nine Season 1-5), but it's not available at the local retailer, who only has Season 6 and 7.

Of course, one day, they just might do that... only they'll still charge $15 for the DVD and $5 for the plastic case. People will still rent it, copy it, for $2 ($1 for the rental and $1 for the DVD) and the movie companies will still cry that no one is buying their DVD's even when they give them what they ask for! Of course, it's the fact that they need to get DVD's to people for the price that makes the effort of pirating the movie more hassle than it's worth. That price? $1-$5.

Of course, I'm not familiar enough with the costs associated with such a setup, but I think it seems in the ballpark of reasonable.

Well, that's my dream. It's reasonable... to consumers. =P

Cheers,
Fozzy

Re:Oh well...

[ZorinLynx]

I have "The Lion King" on VHS. There's about 15 minutes of CRAP at the beginning of the tape before the movie start. Even using the search forward function it takes about two minutes to get through it all, which is longer than it takes to get past the title screen on even the worst DVDs.

So this abuse has existed before with VHS. I do think UOP (User Operation Prohibition) is the STUPIDEST feature in the DVD format, though.

-Z