HDCP master-key leaks, possible to make unrestricted Blu-Ray recorders

Discuss

48 Responses to “HDCP master-key leaks, possible to make unrestricted Blu-Ray recorders”

  1. hallam says:

    As a principal in the cryptographic security world, I seriously, seriously doubt that the speculation on the cause of the leak is correct.

    I did not design that particular system, but I know the people who did and the type of approach that they would have taken. I do not believe that they would have designed the system so that it relied on someone typing in the master secret written down on a scrap of paper.

    The way we design cryptographic security systems is that we protect the highest value key material with multiple physical, hardware and operational controls. If you look at the VeriSign Certificate Practices Statement you will find a description of some of the criteria: six tier physical separation, separation of duties, key splitting. Most of these controls are taken directly from military practice.

    One of the core principles is that no single person can use the crypto key by themselves. Nor can the crypto be used without creating an audit trail.

    I would expect that the master secret was generated in cryptographic hardware that can only ever share its contents with other cryptographic hardware initialized with specific cryptographic keys.

    This is all fairly standard stuff. I can’t imagine a reason why the Blu-Ray people would not have used it.

    Bottom line here is that it is much more likely that the master secret leaked because people reverse engineered the hardware.

    Content Rights Management is actually quite easy if you only want to distribute the content to a small number of tightly controlled devices. There is no particular difficulty in preventing leakage of spreadsheets, corporate reports and such if the right approach is taken.

    The problem is much harder when you have millions of devices and only a limited degree of control. Breaking Satellite TV systems is quite feasible, all it takes is reverse engineering one set of hardware. The security controls are designed to stop someone from exploiting that information commercially by selling access.

    The problem is hardest of all where you have no control over the hardware and all the parameters of the hardware are fixed. Like in DVD and BluRay.

    • Anonymous says:

      About probable cause of the leak, just thinking,
      both media and/or hardware industry might come
      to the idea to leak the key (or fake it) in order
      to boost BR and/or HDCP equipment sales.

      Just the news about leaked key make investment
      in BR and HDCP equipment seem more valuable.

      Imagine what would happen if a company selling
      broadly used software would prevent unlicensed
      use of their products.

    • Rob says:

      Yet despite what Verisign says, they issued a certificate in Microsoft’s name.

      • hallam says:

        I have not worked for VeriSign for quite a while, I now work for a competitor.

        The event you are referring to happened over a decade ago. They changed their processes in response.

  2. Anonymous says:

    This means we’ll have ssoon a dongle for hdcp stripping? Horray!

  3. bardfinn says:

    In response to those who responded to me:

    One-time-pad keys are indeed the same length as the input; Encryption with a OTP key is a computational operation of linear complexity (it grows linearly with the size of the input). In practical use, the clear text can be reversibly mangled, padded, and divided into manageable chunks (64-bit words, 128-bit words, etcetera) for a smaller key to encrypt.

    Such a key is usually some key between 40 and 128 bits long; 128 bit keys, while being considerably shorter than this sentence, would require a multiple of the current age of the universe to try every possible value to brute-force the key — and computationally expensive to attack via cryptoanalytic methods. Encryption with a one-time-pad key is computationally inexpensive. Decryption is computationally inexpensive. A short-key OTP-like encryption is slightly less expensive in terms of computational cycles and storage, and it’s further a well-characterised computation expense value and well-characterised operation, and can be implemented easily in silicon without large (or even medium) amounts of memory on the chip, and that makes it less fiscally expensive and less risky for revealing keys — which is what every DRM purveyor wants.

    Public-key encryption becomes more and more (exponentially) computationally expensive the larger the input is. It is absolutely infeasible to use a public-key private-key system such as the one in PGP to encrypt a 3 megabyte MP3 directly – it would take a large amount of compute cycles, and a large amount of data storage and retrieval. Such an operation cannot be implemented on silicon and have the entire operation stay on the same chip.

    That’s why you have the public key encrypting the one-time-pad-like key (hard to crack, one known size, one known computational expense) which in turn is encrypting the email or media file (hard to crack, one known size, one known computational expense).

    Please forgive me for calling it an OTP key; I ought to know better and dashing off a quick-and-dirty explanation, I ought to know, will get me corrected every time.

    iTunes uses a public/private key scheme to encrypt protected media from their servers to the iTunes host, because otherwise someone could simply turn on the packet forwarding of their LinkSys router and capture every “protected” media they bought in the clear. Or another man-in-the-middle attack could happen. They did, at one time, send the media in the clear, and then they sent the media over an SSL link which was separate from the iTunes product and which put “in the clear” data into memory, interceptable by other programs.

    Such is indeed a computational expense; however, a large amount of the media they now sell is not protected (encrypted).

    They do still use a public key system to generate OTP keys unique to each iTunes store account (created during account creation) for the sake of protected media, and iTunes and iPod devices (and the Apple TV) use public-key methods for retrieving and storing those OTP keys to “authorise” devices to play protected material from a given account, and for activation. The firmware of the iPhone and iPod devices that are being released nowadays use a public-key / private-key method to be “signed” — if the firmware doesn’t hash out to what the hardware is told, upon manufacture or activation, is a valid hash, then the device will not boot.

  4. Anonymous says:

    Huzzah!

  5. Anonymous says:

    Awesome if true! Hollywood, you can now stop including ‘digital copy’ discs with my Blu-Rays. I’m actually paying for your product, I’ll manage my own copies, thanks! Take the money you currently spend on the extra disc, the more expensive packaging to hold the extra disc and managing internet servers to dole out the DRM and buy yourself something nice.

  6. Roger Strong says:

    Good. There are many perfectly legal and ethical uses for this.

    It means that people can make much-needed backups of their very expensive investment in movies – an investment that many insurers won’t cover.

    It means that people can play movies that they’ve purchased on the device of their choice, including tablets and laptops.

    It means that when Blu-Ray disappears – like HD-DVD, VHS, cassette, 8-Track, PlaysForSure and several other recording industry-backed DRM’d standards, you can move your paid-for movies to new media.

    It means that you can watch movies on large HD TVs and monitors that don’t support HDCP.

    It means that you won’t lose your investment – due to circumstances entirely beyond your control – when a encryption key gets revoked.

    • Anonymous says:

      All of these things can already be done today, but it’s not as easy or quick a process as it could (should) be. This will hopefully make things easier and more accessible for folks though, and that’s always a win.

    • AirPillo says:

      …PlaysForSure…

      Hahahaha…

  7. vetnoir says:

    All things considered, I’m a bit surprised that this hasn’t been published sooner. Any Crypto based DRM because of the fact that it must be so widely distributed must eventually be cracked. Unless you are creating a one time key for every single device which is not very practical…

    • bardfinn says:

      “Unless you are creating a one time key for every single device which is not very practical”

      On the contrary – that is precisely what Apple’s iTunes does for every iPod device and every user who buys content, and it’s what PGP and public-key encryption schemes are based upon — because encrypting a large email (or any non-trivial media file) with a one-time-pad key is pretty much a linear operation for calculation and storage, but encrypting that same email (or media file) with the public or private key directly is incredibly expensive in calculation time (and storage during the calculation) for any non-trivially-sized data — but encrypting the message with the one-time-pad key and then encrypting that key with the public or private key is quite manageable.

      • jgs says:

        “Unless you are creating a one time key for every single device which is not very practical”

        On the contrary – that is precisely what Apple’s iTunes does for every iPod device and every user who buys content

        IIRC the way iTunes does this is to ship the data in the clear from the iTMS to the host, and have iTunes itself uniquely encrypt it. Or at least, it did it that way a few years ago which is the last time I paid attention. This approach has obvious advantages in terms of reducing load on the server, and obvious disadvantages in terms of strength of security. Then again, Apple seems to be a lot more interested in providing the appearance of security (to its media partners) than actual security. (This is probably the right choice on their part.)

  8. Church says:

    Oh nice! I can start buying Blu-Ray discs soon. At least, once I figure out how to build a recorder…

  9. bersl2 says:

    Has anyone been able to confirm this yet?

  10. KeithIrwin says:

    As the author of the first paper released which demonstrated the possibility of extracting a master key through device analysis, I would not be surprised if it were leaked, but I suspect that what’s happened is actually a mixed attack. Due to the details of the scheme, the master secret does not need to be released to the manufacturers, and, as such I’m sure it never is. It’s controlled by the licensing authority, Digital Content Protection, LLC. I’m sure that it’s know to at most a very, very small number of employees at that company, and they would risk losing their jobs, being sued, and completely undermining the revenue stream of the company they work for if they leaked it. So I think that this is probably unlikely to have occurred.

    What I think is more likely is that someone downstream did a hybrid attack where they got the secret material of a bunch of devices and then used that to calculate the master secret. If you know the secrets of fifty-or-so devices, then the odds are good that you can find the master key. It could be done with less, if chosen appropriately. The tricky and time-consuming part about the process as outlined in the papers is getting the initial set of secrets. That would require building specialized equipment and then running that equipment for a month and a half or so on average. If, however, you had the key material through another source, you could skip all of that and just go straight to the calculations (which would take almost no time and could be done in any language or math environment which supports 128-bit integers). So, my suspicion is that someone at one of the consumer electronics companies who had access to the secrets of their devices was able to collect enough of them (possibly cooperating with someone working for another manufacturer) to be able to calculate the master secret.

    It’s also possible that people could have extracted the keys directly from the devices either using logic probes or if the secret material was stored in flash memory.

    All four methods of getting the secret material ( 1) birthday paradox probing attack + calculation as outlined in the paper 2) DCP LLC insider leaks complete master secret 3) manufacturer insider get devices secrets + calculation 4) direct probing for device secrets + calculation ) work and are possible. But of these, I think that 3 and 4 are the most likely and that 1 is more likely than 2.

  11. Anonymous says:

    The way I look at it, the universe that occupies the space downstream of the common backbone of the various utilities is my own.
    If I buy something I should be able to enjoy it, not be cheated out of my money by some sort of bait and switch scam…
    I am looking forward to an inline recorder.

  12. teapot says:

    So good!

    Jackasses.

  13. Anonymous says:

    Cory, just as the most important consequence of the automobile wasn’t to put horsewhip manufacturers out of business, the most important consequence of the leaked key isn’t to make copies of Blu-Ray disks; think of all the ‘fun’ one could have disabling everyone’s home A/V equipment with a HDCP virus!

    I’m sure the A/V electronics manufacturers wouldn’t mind either…

  14. rwmj says:

    This is supposedly the master key …

    http://pastebin.com/kqD56TmU

    Of course, it might be just an elaborate hoax.

  15. shadowfirebird says:

    So if this is true, and I’ve understood correctly, I might soon be able to back up TV (that I’ve legitimately recorded via MythTV) to a blueray disc and have it readable by a blueray player?

    That would be excellent news.

  16. PathogenAntifreeze says:

    I didn’t let DVD into my home until the Apex player with its “You should not be here” menu gave control to the owners and purchasers of the devices and media. I turned off Macrovision and Region checking day 1.

    First sale, etc… Once I buy it, it is mine and I will do as I please with it in my home. I held off on the entire HDMI-based level of goods due to this HDCP garbage. That means I made zero Blue-Ray anything purchases, and zero new TV purchases, etc, directly because of their insistence on controlling items in my home. No. Now, I’d consider it, but I tend to be careful that not a single penny of my money go to the industries who buy laws and strong-arm tech manufacturers to usurp the rights of everyone else. I might buy the TV. I won’t buy a single Blue Ray disc new… *maybe* used. Good day today!

    • Ito Kagehisa says:

      Mr. Freeze, that’s exactly my situation, right down to the brand name!

      Cory, I think you meant “has” not “have” been compromised, neh? There’s some singular/plural confusion in the first couple lines of your post. I believe it’s a single key.

  17. a_user says:

    Don’t start celebrating yet, at this point the interested parties will add pressure to make it illegal for anyone to use.

    Seriously just vote with your cash – boycott blue-ray.

  18. TooGoodToCheck says:

    I seem to recall that once you have the keys to the HDCP kingdom, you can issue revocations for legitimate devices too. Hijinks ensue?

  19. echidnay says:

    “a one-time-pad key is pretty much a linear operation for calculation and storage, but encrypting that same email (or media file) with the public or private key directly is incredibly expensive in calculation time (and storage during the calculation) for any non-trivially-sized data — but encrypting the message with the one-time-pad key and then encrypting that key with the public or private key is quite manageable.”

    You don’t mean a one-time pad as one-time pads are the same size (or larger) than the message they encrypt, so encrypting a OTP key takes as long as encrypting the message, broadly.
    I thought you usually use a strong but fast encryption algorithm with a small symmetric key, and encrypt that key with your public key algorithm.
    Note that a one-time pad is not the same thing as a small key you use one time.

  20. acb says:

    Don’t start celebrating yet, at this point the interested parties will add pressure to make it illegal for anyone to use.

    If the key has leaked, isn’t using and/or distributing it already a serious crime under the DMCA and other WIPO legislation?

    • a_user says:

      “If the key has leaked, isn’t using and/or distributing it already a serious crime under the DMCA and other WIPO legislation?”

      The problem is that while there was a ruling made recently in the US where intentionally breaking or circumventing encryption was considered punishable, this isn’t, yet, globally enforcable.

      Essentially the Blu Ray format was created because the original DVD encryption format had been completely defeated, the extra features Blu Ray boasts were added to entice people to move off the original DVD MPEG2 encoding and adopt the new tougher crypo system.

      So here we are at the crossroads again – the current system will be cracked so how will the content publishers react:
      (a) create a new system that they will then have to sell to hardware manufactures and Joe Public or (b) spend their time and money on lobbying for hardened copy right law.

      They tried (a) already and found themselves back at square one in a fairly short time, I imagine draconian copyright laws look a lot cheaper to make right now.

    • Ugly Canuck says:

      “Serious”? Or perhaps “ridiculous”?

  21. toyg says:

    If there’s one positive effect of this “cat vs mouse” fight between industry and consumers, it’s how it managed to effectively portray all the most common pitfalls of cryptographic systems.

    1 – “We’ll encrypt data with a common key!”
    “Ok, let’s reverse-engineer it, or wait for an inevitable leak…”
    2 – “We’ll encrypt data with device-specific keys!”
    “Ok, let’s emulate devices and figure out how you calculate those keys…”
    3 – “We’ll encrypt data with keys obtained from a server!”
    “Ok, let’s sniff the traffic and/or emulate the server… Oh, and what happens when the server goes down?”
    4 – “We’ll limit the number of times you can decrypt this data!”
    “Ok, let’s find out where you keep your local software counter…”
    5 – “We’ll encrypt data with subkeys, keeping the common master key secret!”
    “Ok, let’s get the subkeys and then go back to step 1…”

    Crypto has no place in the media landscape. Any DRM scheme is unenforceable in the long term. Hell, any crypto system is unenforceable in the (very) long term, nevermind one in which most involved parties have an interest in breaking it (and yes, device manufacturers are among them).

    If only media companies could get back all the money wasted on building DRM “solutions” and put it together to create Teh Easiest And Most Aw3some Media-selling Website Evar, they’d make bazillions.

  22. Ugly Canuck says:

    Here it be:

    http://pastebin.com/kqD56TmU

    Thanx to Cryptome for the link:

    http://www.cryptome.org/

  23. eviladrian says:

    I was really excited when I got a laptop with a blu-ray drive, and started buying blu-ray movies instead of DVDs.
    This went OK until I bought “District 9″ which refused to play. It would just say “You need to download an update” but the update wouldn’t download.
    The people at the store were nice enough to swap it for a DVD version the next day, and even gave me the four bucks difference in cash, but I’ve stopped buying blu-rays.
    I could handle there being some kind of version number or something that I’d check before purchasing, but it’s just “suck it and see” which isn’t worth the hassle when I just want to watch a movie.

    • Ugly Canuck says:

      I crossed over to buying ONLY blu-rays a couple of years ago (unless something is released DVD-only ; something which is becoming rarer, except for select vintage titles), and the frustration which you felt with your D-9 disc was common enough for me to finally cause me to throw up my hands and buy a PS3 (although it has NEVER been, nor ever will, be used to play even a single game):
      just so I could be assured of being able to play any Blu-ray discs in the future.
      I keep the PS3 updated, and I’m very very happy with its playback quality, not just for Blu-rays, but for my DVDs as well.
      The comments as to sound quality above ring true for me at least: if the alternative or back-up does not provide ALL of the audio tracks, etc, which the purchased Blu-ray provides, I just am not interested.
      I’d rather pay the “full freight” for my hobby, than suffer a diminution of quality – but then again, I can recall a time when the P & S videotapes of movies were sold by the Studios at a cost of over $100 at retail!
      As to that, I have also found that Blu-ray prices are becoming much more reasonable, and that counts for a lot, on my books.
      In other words, when it comes to movies, I’ve found that copying is simply not worth the time or effort to me. I’ll buy, if the price is reasonable to me.

      • mdh says:

        how does fully digital content suffer or degrade in a 100% copy? I do not disagree with your approach or media choices, not at all, but your given reasoning for your choices makes no sense to me.

        • Axe7540 says:

          I’m no expert but I’ve been looking into this because I’d like to have a HTPC or similar setup to play all my content including digital copies of Blu-Ray discs. There are 2 main problems. One – What files do you get when you rip the disc and two – what software is used to play the media back. The discussion above doesn’t address problem one. Even if your BD player attached to your PC makes an exact copy with all the files intact you need to play that digital file back with multi channel sound. I’m not aware of any software/hardware combination that can do that today. The hardware would require HDMI video output and optical or HDMI audio output to connect to your receiver. The software needs to decode multi channel sound. For example I think Windows Medial Player will only play back 2.1 channels. I’d love to know if anyone here thinks differently. This is a problem I’ve been wrestling with for a while.

          • bcsizemo says:

            http://www.doom9.org

            I’m not seeing the problem here at all?

            Most motherboards have 5.1 audio built in, a lot have digital out. So using something like Power DVD that has 5.1 DTS capability with digital output to the receiver should allow you to have your audio.

            Now if you are talking about the different audio tracks, then it might be best to rip the BD into an iso format and simply mount it like a real blu-ray disc. That should allow any blu-ray player to allow you to select the correct audio tracks.

            Isn’t this all just like 5.1/7.1 DVD’s?

      • sporkinum says:

        In regards to a PS3 for bluray playback. A coworker has Avatar in bluray and can’t get it to play. We are guessing it won’t play due to the fact that he had to replace a bad laser assembly. The PS3 is updates to the latest and greatest firmware, and play his other discs fine.

  24. Xenu says:

    If you just want to decrypt a Blu-Ray disc, there’s always AnyDVD HD. Great program.

  25. Axe7540 says:

    I’m with Cax6ton. I thought this was already possible if you own a Blue Ray drive. This does seem to eliminate the need to own said drive though. I’m curious though about the play back of the copied files. My understanding is it is difficult if not impossible to play back the audio from a digital copy in anything more than 2 channel sound. Does anyone know if there is a way to play back the rip with full 1080p and the audio in say 5.1?

  26. Anonymous says:

    Heh, I don’t do blue-ray because all the featureful players I’ve seen have bragged about being java-based.

    I work with java apps every single day and have for many years. My employers pay me to deal with that nightmare. Java programmers love the language because it’s easy to code in – no great intellect required – and any single java app (or set of java apps built by a single programmer) works fine. But since java-based applications in real use each require a different, conflicting and mutually interfering execution environment, two or more java apps on the same system is a guaranteed clusterfuck.

    Some shops, such as NASA Goddard, maintain complete separate systems so that one employee can run two java apps simultaneously. Really! IT management of course knows nothing since the workers would be punished for management’s poor decisions if they were not shielded from reality.

    I sure as hell don’t want any java code in my personal life, so I’m not buying anything that has a java logo on it. Ever. Find me a blue-ray with netflix and no java and I’ll consider buying it.

Leave a Reply