> Article "AACS cracks cannot be revoked, says hacker" > > http://arstechnica.com/news.ars/post/20070415-aacs-cracks-cannot-be-revoked-says-hacker.html > > Excerpt: "The latest attack vector bypasses the encryption performed > by the Device Keys -- the same keys that were revoked by the WinDVD > update -- and the so-called 'Host Private Key,' which as yet has not > been found. This was accomplished by de-soldering the HD DVD drive's > firmware chip, reading its contents, and then patching it. Once that > was done, the firmware was soldered back onto the drive."
This article was not too accurate, and further progress has been made. At this point it is possible to remotely patch the firmware of a particular kind of HD-DVD drive so that it will provide certain information without the usually required authentication. This makes it easy to retrieve the per-disk "Volume ID", which must be combined with the widely-published Processing Key to generate the media keys that can decrypt content. If this Processing Key is invalidated on future releases, this hack will not be useful until new keys are discovered. It provides only part of the picture. The hack was a real accomplishment because firmware updates had to be authenticated with what was apparently something like an AES-based CBC-MAC. The hackers had to figure this out without much background in cryptography and working only with dumps of the firmware that used a somewhat obscure embedded CPU. They had to figure out what CPU was being used, find a disassembler for it, and examine assembly language dumps to deduce that crypto was involved, recognize AES, and see how to create their own checksums that would make their firmware updates succeed. Just goes to show the motivation and hard work that hackers bring to these efforts, largely for the love of the challenge. It's possible that the ability to modify firmware will lead to more successes for the hackers in the future, perhaps helping them to break into future versions of software players to extract their embedded keys. I peruse the doom9.org forums from time to time, where this work took place right out in the open, before the public eye. Definitely some smart people involved there. Hal Finney --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]