More AACS Cracking

Slowly, AACS -- the security in both Blu-ray and HD DVD -- has been cracked. Now, it has been cracked even further:

Arnezami, a hacker on the Doom9 forum, has published a crack for extracting the "processing key" from a high-def DVD player. This key can be used to gain access to every single Blu-Ray and HD-DVD disc.

Previously, another Doom9 user called Muslix64 had broken both Blu-Ray and HD-DVD by extracting the "volume keys" for each disc, a cumbersome process. This break builds on Muslix64's work but extends it -- now you can break all AACS-locked discs.

As I have said before, what will be interesting to watch is how well HD DVD and Blu-ray recover. Both were built expecting these sorts of cracks, and both have mechanisms to recover security for future movies. It remains to be seen how well these recovery systems will work.

Posted on February 19, 2007 at 1:28 PM • 29 Comments

Comments

LeeFebruary 19, 2007 1:50 PM

The user has to be able to decrypt the content in order to watch the film. Given enough time the codes will be discovered, the mechanism to update the codes and deactivate compromised devices will just inconvenience paying customers instead.

reyitoFebruary 19, 2007 2:23 PM

Hopefully "recovery" will mean that the movie studios and distributers will no longer be infecting the DVDs that we buy with their DRM viruses.

AnonymousFebruary 19, 2007 2:35 PM

@pc-doctor: according to the doom9-forum anydvd does not have a tool that defeats aacs on hd-dvd. they just have a list of keys that gets updated every couple of days.

JimFebruary 19, 2007 2:35 PM

Wikipedia says, "Blu-ray Disc has an experimental digital rights management (DRM) feature called BD+ which allows for dynamically changing keys for the cryptographic protections involved."

"BD+ allows for a dynamic encryption scheme, meaning that if the protection were to be cracked, manufacturers could simply change the encryption scheme on new discs, so one single crack could not open up all BD-ROM discs."

"Little is publicly known about the actual capabilities and specifications of BD+,"
http://en.wikipedia.org/wiki/Blu-ray_Disc
http://en.wikipedia.org/wiki/BD%2B

Search Results 1 - 10 of about 213,000 for BD+. (0.12 seconds)
News Results 1 - 10 of about 32 for BD+. (0.18 seconds)
Why do 213,000 results take less time than 32 and why isn't BD+ newsworthy?
What is "experimental Digital Rights Management (DRM) mechanism"? Does that mean it operates outside of the law? I could see them in court. "Yeah judge it was experimental. You get the rights we decide on with our top secret code." The public is being experimented on. It sounds like a virus platform, that isn't well documented.

LogiFebruary 19, 2007 2:46 PM

Veering slightly off-topic:

"Why do 213,000 results take less time than 32[...]?"

Probably because after having estimated that there are 213,000 and 32 results respectively for the two queries, the scan to find 10 matches to show on the first result page needs to examine much more potential matches before finding 10 actual matches when there are only 3 than it does when there are 213,000.

AnonymousFebruary 19, 2007 2:47 PM

BD+ documentation
How Blu-Ray can hose your machine
The B-Line
"In other words, Sony Rootkit Part 2. Basically if a Blu-Ray disc detects something it doesn't like and can't get rid of it, it can run native code of its choosing (a la rootkit) on your Blu-Ray player/machine and possibly even permanently disable it. Something good to know if you are on the fence between the two formats - note that HD DVD does not include this "feature."
__________________
We're all in it together."
http://www.beyond3d.com/forum/showthread.php?t=32665

I guess that is why they don't want too many people to know much about it.

Paul CrowleyFebruary 19, 2007 4:31 PM

I still don't quite follow what's been cracked and what the consequences are. Is there anywhere I can find a high-level overview for cryptographers?

Is this a single secret key that's been extracted from perhaps a software player? Is this software that runs on the VM on your high-street HD-DVD or Blu-Ray player, that extracts the secret key it uses to play disks? Is this software that examines a disk and directly discovers the keys needed to play it, without needing a player secret key? or what?

And where can I find out more about these sinister BD+ countermeasures?

Fred F.February 19, 2007 4:55 PM

From what I understand, there are many keys involved. One is the per disk key which is needed to read the disk itself. That was the first break (muslix's I think). Actually there are more than one volume keys, so if one gets discovered I think they can invalidate it and you can still see the content in other devices.

Then there is the device key which is what got broken now. You use the device key to unencrypt the disk key. This key (the device key) can be invalidated but I think at that point all devices with that key will not be able to play newer disks pressed without that key. This is a software device I think so no biggie distributing a new key to their users as longs as the device manufacturer is given a new key of course.

There may be other layers of keys though I don't know about them.

Even though on the surface this is not a class brake, it is close to it. What happens is that for new disks that don't include this particular key, what they can do is put an old disk on the new player and since they know what the volume key is (the decrypt it with the old device key), they can easily search it in the memory. Then it is trivial (to them) to get the new device key which sets the wheels in motion again.

I suspect the company making this software will have to get better at protecting the key in memory. I just don't know how they can even begin to do that since even if they could do the whole process involving the key in registers (hard to do with non x64 cpus) that can still be looked at with debuggers.

The only solution I see is not actually allowing the user that much control over their computer. Maybe start tracking debuggers like dangerous items (dynamite, guns (well maybe not guns), spray paint, etc.)

Ctrl-Alt-DelFebruary 19, 2007 6:30 PM

@ Fred F.:

"The only solution I see is not actually allowing the user that much control over their computer."

That is the slippery slope to which Microsoft have committed themselves with Vista.

At the bottom of that slide is a so-called "PC" that is little more than an expensive multi-media player, games box and internet advertising platform, where the user is treated with suspicion but any code from Microsoft or their partners is allowed to run with impunity.

Timm MurrayFebruary 19, 2007 7:03 PM

I wrote a bit about this when it hit Slashdot:

http://slashdot.org/comments.pl?sid=222224&cid=18001066

IMHO, AACS is sophisticated enough that we may not see a total breakdown the way DeCSS did. However, that added sophistication also gives more points of attack. You can break the protected key, the device key, the title key, or a few others. In the long run, this will likely have the same practical effect as DeCSS.

Media SlaveFebruary 19, 2007 9:10 PM

@Ctrl-Alt-Del:
At the bottom of that slide is a so-called "PC" that is little more than an expensive multi-media player, games box and internet advertising platform, where the user is treated with suspicion but any code from Microsoft or their partners is allowed to run with impunity.

Unfortunately, this is exactly what the market for media is demanding. The suppliers are willing to supply the media "under certain conditions" and the consumers appear to be willing to buy the media under those conditions.

My greatest fear is that our freedom to tinker will become a casualty in the legislative side that is sure to get worse than it already is. I'm not talking about breaking-and-entering hacking, I'm talking about programmer hobbyists, hardware hackers, anyone with enough technical knowledge and the desire to "crack open the box" (it IS their property, isn't it?) and learn what they can make it do. _That_ freedom is being eroded by the media fascists (c.f. Moussolini's definition of "fascism") whose only concern is feeding the Addiction to Media that profits them so well. And because it's only a vanishingly small minority of us who actually care about that freedom, the Media Slave generation will fail to see the problem with abolishing it.

Matt PalmerFebruary 20, 2007 4:45 AM

"Both were built expecting these sorts of cracks, and both have mechanisms to recover security for future movies"

So this has nothing to do with preventing piracy and illegal downloading then? Each key gets cracked in turn, and all of that prior content is then free to be ripped and distributed. At best, it delays the time that the content is cracked by... errr... not very much time at all. Even if they revoke these particular keys, the same crack will work for the next lot of keys, no?

In any case, I seem to remember reading that the in the vast majority of film piracy cases (ie. large scale copying and distribution, not you making a copy for Granny), the illegal copies originate from *within* the film industry.

Seems more like this model exists to ensure that honest customers have to keep repurchasing digital content as the hardware evolves.

AlanFebruary 20, 2007 10:35 AM

Anything that a consumer DVD player can do, can be done in software on a PC--including their schemes to recover from a break. If all they do is to deliver replacement keys on the DVD, that will be easily overcome. Overcoming delivery of software updates to the DVD players might be more difficult, depending on the architecture of the DVD players... but only incrementally more difficult.

sargonFebruary 20, 2007 11:45 AM

FYI Mr. Schneier is on the Advisory Board of a company that came up with some of the Blue-Ray and HD DVD protection mechanisms.

http://www.cryptography.com/company/advisoryboard.html

My understanding is that the mechanism they have designed, SPDC, acts as a layer over AACS and has not been implemented (and therefore cracked) yet.

Not sure if anyone cares to comment or has anymore information.

JimFebruary 20, 2007 12:29 PM

Sargon,
Bruce had his doubts.
"One security expert, Mountain View author and consultant Bruce Schneier, counts himself among Kocher's friends and admirers, but has his doubts about his Blu-ray gambit.

"That's untested stuff," Schneier said. "I'm not convinced it'll work."
AND IT DIDN'T!
February 8, 2007
http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2007/02/08/BUG8UO0IN01.DTL&type=business

It's not his fault. It's experimental and experiments often go wrong. People are going to copy entertainment. No matter what the corporations think up, somebody out there will break it. I guess the lesson here is, if it's not cracked sooner it will be later.

sargonFebruary 20, 2007 2:05 PM

I’m not suggesting that its Bruce’s fault or that he helped design the system. It was just a full discloser kind of thing.

Also it’s my understanding that cryptography research did not design the current system, but their design will soon be implemented.

JohnFebruary 20, 2007 5:42 PM

All I can say is that it'll be funny when they crack the PS3.

It would poetic justice if Sony is stuck with the quandry of having to revoke all of their PS3s vs. having the reference driver for de-AACS emulating a PS3.

ThomasFebruary 21, 2007 12:39 AM

@Fred F.
"""This is a software device I think so no biggie distributing a new key to their users as longs as the device manufacturer is given a new key of course."""

Ok, so someone recovers the secret key that allows a software player (MyPlayer.exe) to work.

The way to recover from the loss of a secret key is to disable the old key and distribute a new secret key.

How do you securely distribute the new secret key?

Do you encrypt it with yet another secret key? If so, what happens when the secret-key-encrypting-key is compromised?

Even if you do manage to distribute a new key, MyPlayer.exe will (most likely) still be vulnerable to having it's shiny new key stolen!

The only answer I see is to totally replace MyPlayer.exe and hope that the new version hides (security by obscurity!) its key better.

This, by the way, is the _easy_ scenario. It gets much harder when a hardware player is compromised (hardware being more expensive per unit to replace than software).

X the UnknownFebruary 21, 2007 10:47 AM

@Matt Palmer: "So this has nothing to do with preventing piracy and illegal downloading then?"

Clearly, it has NOTHING to do with preventing "professional" piracy. A mass-produced bit-copied disk will run just fine on any DRM-equipped player that the original would run on. It just makes it more difficult to extract a decent-sounding/looking copy for playing WITHOUT using the DVD, such as through your iPod.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..