A software to backup the HD-DVDs seems to be out. BackupHDDVD is a tool which the author claimes to decrypt the files on a HD-DVD disc. A newer version 1.00 of the software has a Volume key support so it’s much bigger threat to AACS, the copy protection of the HD-DVD. The author, muslix64, did not actually break AACS, but he has find a way to get around it. So how does the future of the AACS protection look like? The author says: “To totally block this attack, they need to put different keys on every disk! Now, they only have different keys for different movies. I don’t know about the manufacturing process of the disk. This solution may not be possible.”.





Affirmation 1: You did not break AACS, just the player

My comment: I did not break AACS, but I find a way to decrypt movies and I have bypassed all the revocation system.
Not that bad…

Affirmation 2: The BackupHDDVD circumvention tool won’t last long

My comment: As long as insecure players will exist, it will last…
And insecure players will always exist, in fact you can extract keys from any player! Some players are just easier to extract the key from. Being lazy, I prefer to extract keys from an insecure player than a secure one.
And the AACS spec says “Device keys must be protected!” but they did not said that about volume key, fatal mistake!

Affirmation 3: The keys can easily be revoked.

My comment: What keys are you talking about?
As I stated before, there is no such thing as “title key revocation” and “volume key revocation”. If someone publishes only volume keys, there is no way to know from which player these keys where extracted from, making the revocation system useless. They can do content revocation, but to revoke what? All movies before 2007? They can do player revocation, so I will just change the player I’m using, big deal…

So what is the AACS revocation system good at?
It is good for that scenario:
Someone post on the net, a tool that do the complete decryption automatically. Off course the program use stolen device keys from an official player. They (AACS and friends) will eventually get their hands on this program, look at the device keys and revoke them. Making that player unable to play new titles. But the author of this program can pre-extract a bunch of devices keys from different players and release them, one at the time, when the previous one have been blacklisted. The AACS spec says “Device keys must be protected!” so I suppose they put more effort in protecting these keys then the volume key in memory.

Affirmation 4: BackupHDDVD is nothing, only one person out of a million have the technical skills to extract keys.

My comment: BackupHDDVD is a proof of concept.

.
.
.

What’s new in this version?

- Volume key support
- Partial resume of an interrupted decryption session
- New file format and file name for key database file.

The key database file is now KEYDB.cfg

Source: Doom9 Forum

Bookmark Now!:
  • E-mail this story to a friend!
  • Facebook
  • Digg
  • Google
  • Live
  • YahooMyWeb
  • del.icio.us
  • Technorati
  • Propeller
  • Reddit
  • Slashdot