facebook rss twitter

AACS high-def-disc copy-protection cracked already?

by Bob Crabtree on 28 December 2006, 12:42

Quick Link: HEXUS.net/qahk2

Add to My Vault: x

BackupHD-DVD FAQ


What is "Backup HDDVD" for?
It can do backup copies of HD DVD movies that YOU OWN! I don't want anyone to do piracy here! This software is a good way to protect your investment, because I have notice that this type of media seems very fragile, if it's scratched a little or dirty, it won't play. It seems less tolerent than DVD format. (Higher density!)


What "Backup HDDVD" is doing exactly?
This is a java based command line utility that decrypt video files (.evo) from a HD DVD disk that you own, to your hard drive and you can play them back with a HD DVD player software.


What are the system requirements to use "Backup HDDVD"

1 - A Windows based system
2 - A HDDVD disk drive
3 - A HDDVD player software (like PowerDVD)
4 - A HDDVD movie(s)
5 - Java rutime 1.5
6 - The possibility to access the content of the disk with a drive letter under windows. (you may need UDF 2.5 file system driver for this)
7 - A lot of free hard disk space to backup your movies!


Was your first HDDVD movie hard to decrypt?
It took me around a week to do. But I have wasted few days trying to work on too complicated approach. In fact, it is very simple.


How do you do that?
The program itself has nothing special. It simply implement the AACS decyption protocol. I have followed the freely available documents about AACS
Have a look at: http://www.aacsla.com

The trick, is to find what they call the "Title keys". So I figure out how to extract them.


How do you extract the "Title keys"?
I won't explain it in detail. Read the AACS doc first. You will understand. The title keys are located on the disk in encrypted form, but for a content to be played, it has to be decrypted! So where is the decrypted version of the title key? Think about it...


What kind of crypto algorithms are involved?
Standards algorithms:
ECC-160
AES-128

Look in the AACS doc for more details.


What is the TKDB.cfg file?
This is the Title key Database file. It holds the decryption keys for the movies.


What is the format of this file?
Field 1: SHA1 Hash of the VTKF000.AACS file on your HDDVD disk.

Next fields are pipe "|" delimited.

-Movie Title
-A variable number of Title key, pipe delimited

You have a key number followed by the key value like:

12-08A3DC61910280F2...

Key values are 128 bits long, so 16 bytes, or 32 hexadecimal characters long.

The TKDB.cfg file provided with your program is empty or incomplete, what can I do?
Well, you are on your own.


What do you think of the technical aspects of AACS?
The design is not that bad, but it's too easy to have an insecure player implementation somewhere. And just one bad implementation is all it needs to get the keys! There will always be insecure implementations of a player somewhere! And the "Revocation system" is totaly useless if you use the Title key directly.


Is there any known problems with the decryption?

Yes. I call this problem the "Nav chain" bug. I realize that I have a lot of frame skipping at playback after the decryption, so I hunted down the problem.

To avoid the frame skipping, I patch the video file. This fix allows smooth playback of the movie, but there are some side effects.


What are the side effects of the "Nav chain" bug fix?
You cannot do fast forward, or backward using the round dial, but you can still use the progress bar to navigate through the film. So it's not that bad...

For some reason, the sub-titles don't seems to work anymore. It may be a side effect of the nav chain bug. But may be not...


Why the "Nav chain" bug is called the "Nav chain" bug?
Well, it has something to do with the chaining of navigation pack.

Look at some doc about standard DVD VOB file, you will see.

If someone wants to help me with that bug, please do!


Are you going to support Blu-Ray?
I don't own a Blu-Ray drive!


Do you plan to do a user interface version?
No, other people will do. You have the source code, so enjoy it!


Do you plan to do a Linux version?
See the previous answer. I don't use any windows specific API and this is a java application!
A port to Linux will be easy.


Can you send me some decryption keys? PLEASE!
No.


I have a question for you, can I send you an e-mail?
If you have something like, a technical problem using the software, look in the forums talking about Backup HDDVD first. There will be a lot of information and everyone will help each other out. If there is a major flaw in the program, I will post another version, but honestly I realy want people to bring Backup HDDVD to a higher level without me!



HEXUS Forums :: 13 Comments

Login with Forum Account

Don't have an account? Register today!
It's not so much cracked, rather Cyberlink left a window open with the title keys (and evidently the VUK) present in memory, and muslix64 found them. His app basically takes the data from the HD-DVD, along with the key (that it must be given, I *think*, I obviously can't run it) and uses the standard AES methods in the java libraries to decrypt it. It must, of course, be output in the right format so that it's still playable, but that's no biggy in big scale of things.

Still, great to see just how weak all this copy protection ultimately is. It'd also be nice if muslix64's reasoning for doing it is genuine. I hope it is, as it constitutes a 1-up for consumers told they can't watch particular content unless they fork out yet more cash.
lol

:bowdown:
according to a couple of comments ive read in other places, PowerDVD having the keys in memory is perfectly acceptable according to the standard.
Funkstar
according to a couple of comments ive read in other places, PowerDVD having the keys in memory is perfectly acceptable according to the standard.
If that's so, then it's completely useless protection. It's my system RAM, I can look at what's in it if I like, and I'll be damned if anything's going to stop me… oh wait, a TPM probably will.
It was inevitable that AACS would get cracked. Just as any future encryption method will be.