backtop


Print 58 comment(s) - last by wallijonn.. on Jan 30 at 5:15 PM


Lord of War gets defeated by high-definition hackers
The hacker who cracked HD DVD strikes again by defeating Blu-ray Disc encryption

Late last year, a crafty individual who goes by the name “Muslix64” circumvented the copy protection scheme used to protect HD DVD. Given the similarities between the copy protection methods used in the high-definition optical formats, it was only a matter of time before Blu-ray Disc’s protections would be bypassed. However, Muslix64 has no access to Blu-ray hardware, limiting his exploit methods to HD DVD. That is, until Muslix64 came across some specific data for Blu-ray Disc, allowing him to apply his methods to the yet-uncracked format.

Another individual interested in Blu-ray’s protection scheme, “Janvitos,” who also participates in the same online forum where Muslix64 revealed his HD DVD work, posted a message showing the directory structure from a Lord of War Blu-ray Disc movie. Janvitos extracted the information by going through his system’s memory with WinHEX after playing the movie on his computer using WinDVD.

The memory dump information caught the attention of Muslix64, who replied to the thread saying, “In less [than] 24 hours, without any Blu-Ray equipment, but with the help of Janvitos, I managed to decrypt and play a Blu-Ray media file using my known-plaintext attack.” Muslix64 then posted a file as an example of his decryption work, though he did say that his method does not address BD+.

Muslix64 then went on to explain how he was able to accomplish this feat with his plaintext attack method. “This is a very basic, but [powerful] crypto attack that I have used to decrypt both [HD DVD and Blu-ray] formats,” he wrote. “After reading posts of people trying to get the keys in memory, I realized, I have a different way of looking into the problem…A lot of people try to attack the software, I'm attacking the data!”

“So I spent more time analysing the data, to look for patterns or something special to mount my known-plaintext attack,” Muslix64 explains. “Because I know the keys are unprotected in memory, I can skip all the [painful] process of code reversal.”

Although Muslix64 did not have any Blu-ray equipment at his disposal, he was still able to recover the keys with the help of Janvitos’ memory dump file and media file. Blu-ray media files are divided into individual aligned units. The first 16 bytes of each unit are not encrypted, with the rest being encrypted using AES in CBC mode. Muslix64 examined the non-encrypted portions of the data and found a reoccurring pattern, which he used to mount his known-plaintext attack.

Muslix64 goes on: “In most cases, the know-plaintext attack is in fact a guessed-plaintext attack. We ‘assume’ the data will look like something we ‘guessed’ when decrypted. Most of the time, it works! Knowing that, all you have to do, is to write a small program that scan a memory dump file, that comes from of a software player while it was playing the movie. The key is in that file, you have to locate it.”

Once the value and position of the key is in memory, all one has to do is to use a memory landmarking function to locate the key and defeat the encryption. The method discovered by Muslix64 and Janvitos is specific to Blu-ray, though similar means were used to decrypt HD DVD. This hack was made possible by the fact that the keys were not protected in memory when running video-playing software on the PC.

Even without any Blu-ray hardware at his disposal, Muslix64 shortly followed his findings reveal with the alpha release of BackupBluRay V.0.21, software he wrote to decrypt Blu-ray Discs. Limitations to his software at this time are that it doesn’t support BD+ or volume unique keys and that it only supports one CPS key per disc. Users wishing to utilize the software will also have to provide their own CPS unit key.

Those who have tried the software report that they have successfully been able to decrypt and copy their own Blu-ray Discs for playback on both PC software and set-top players. If the cracking of HD DVD and the release of pirated files is of any indication, however, Blu-ray may soon see illegal copies hitting the black market and parts of the Internet.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: good job hollywood!
By masher2 (blog) on 1/24/2007 10:01:56 AM , Rating: -1
> "Guess who pays for all this...You, me, and every other end-user on the planet. ie: Get the consumer to pay!"

The consumer pays for everything, in every industry. That's an invariant. If you don't like the terms, don't buy the product. Freedom is a wonderful thing, is it not?


RE: good job hollywood!
By stmok on 1/24/2007 4:10:59 PM , Rating: 5
What you're saying is that its OK to charge customers, and corner them into features and functions they didn't ask for.

If you want to view Blu-ray or HD-DVD on your PC in full resolution glory, you have buy a new video card AND a display that supports HDCP. What if I don't need a video card or display as my existing ones are perfectly fine? What do you call that? I call that blackmailing the end-user into paying for DRM technology.

You pay them to control you.
ie: You pay to lose your freedom on YOUR PC.


Freedom (in the sense of freedom to choose) is what Dell is currently doing with their n-series desktops. Pre-install with FreeDOS, and let the user decide if they want to install whatever OS they please. I don't care if its Windows, Linux, or whatever. That's choice.

Anyway, its none of their friggin business what I do on my PC, as long as I paid for the content I'm viewing, and circumventing protection mechanisms only to make a backup of the content I paid for. (Not to share or distribute for profit, but to store or transfer to another device that I own, say a portable media player).


RE: good job hollywood!
By SunAngel on 1/24/07, Rating: 0
RE: good job hollywood!
By Lazarus Dark on 1/25/2007 10:48:56 AM , Rating: 2
quote:
I actually like HDCP because it is a standard. All equipment must adhere to the standard. Knowing that I will not have any problems because all equipment is supported takes one consideration I had to worry about away.


Umm... have you not heard of the numerous 'handshake' issues of hdcp. Even if you have all hdcp hardware its basically a crapshoot as to whether it works. Lots of hdcp devices are in fact incompatible, despite being a 'standard'. Just look around for the many ps3 handshake issues. Sony's ps3 isn't even compatible with some of its own tv's because the hdcp is faulty!


RE: good job hollywood!
By SunAngel on 1/25/07, Rating: 0
RE: good job hollywood!
By Pandamonium on 1/25/2007 12:58:01 PM , Rating: 2
HDCP isn't a standard- it's a specification. HDMI is a standard. HDMI is what makes it easier for the consumer. HDMI is what reduces cable clutter. HDMI is DVI with audio in a different shape. (Which is why DVI>HDMI and HDMI>DVI adapters are literally cables that rewire HDMI pins to DVI pins)

HDCP exists to benefit the entertainment industries. It does not bring any added benefit to consumers. It *costs* consumers more than anything else.


RE: good job hollywood!
By SunAngel on 1/25/07, Rating: 0
RE: good job hollywood!
By Steve Guilliot on 1/25/2007 12:56:42 PM , Rating: 2
The "features and functions" you mention are only required for playing protected HD content. Guess what? You don't have the god-given right to view that HD content in any way you please. The IP (intellection property) rights belong to the studios. They own it. It's theirs. They can place any desired conditions on it's use.

So, the logical progression is that anyone who wants to participate in the HD-love-fest has to do business with the studios, including MS and Apple. You imply incorrectly that the software companies are part of some DRM conspiracy, but that only highlights your misunderstanding.

If you don't like the current copyright laws, then lobby your congressman to change them. That's the way democracy works. Of course, the general public loves their $300M blockbusters, which the studios fund with licensing fees and royalties, so you would be in a very small minority.


"There is a single light of science, and to brighten it anywhere is to brighten it everywhere." -- Isaac Asimov

Related Articles
First Pirated HD DVDs Released
January 17, 2007, 4:30 PM
Hackers Claim HD DVD Encryption Circumvented
December 28, 2006, 12:24 PM













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki