AACS seems to be cracked (see cdf news). Does that mean that there will be a aacs- implementation in anydvd in the near future? Or do they wait till the new formats get more public?
Here’s a video of AACS being cracked.
No, it is not cracked. The hack uses stolen title keys to decrypt specific HD-DVDs where the keys are now known.
Correct, it’s not cracked (yet) but it does seem to have weaknesses that might be exploitable depending on how easy it is to find those keys in the future. For the record, this hack will be fixed easily as they’ll simply revoke that key on future HD-DVD titles. BUT, if it’s academic to find the keys then any future version of the software that is released with a new key might also be exploited in a never ending battle of wills. We’ll have to wait and see how this chess game plays out, but, at the moment there is nothing to add to AnyDVD that would be useful in this game.
Revoke what key? The compromised title keys? Hardly.
No player keys have been stolen, the AACS chain of trust has not been cracked.
That has plenty of information on cracking AACS. In fact, it’s where the whole thing started.
I was under the (possibly mistaken) impression that he used the key from PowerDVD HD-DVD? And if that’s the case, I would assume that key would be revoked. Maybe I misread what he did…if so, my mistake.
No, the title keys were read from memory while PowerDVD was running. Poor PowerDVD must have the keys somewhere in memory while decrypting, they really can’t do much about it.
The program simply uses these keys to decrypt titles. It does not authenticate and it does not crack. It doesn’t even use a stolen player key. It can only work if you know the title keys of the disc you want to copy (or watch on your big non-HDCP capable Apple Cinema Display). It has no automatic mode to reveal the title keys while PowerDVD is running, so you need to start a debugger and look for them yourself.
Ahhh, ok, so I did misread it then. Nice. It’s a valid way to do it, I suppose, at least for now. You can be rest assured that the title keys will be posted all over the Net now. However, one could argue that they’d still revoke PowerDVD’s player key so that future titles will be “safe” from this attack, no? Even if the player key itself is not to blame, the player could be deemed too insecure until it’s patched(although, how to fix that issue is highly problematic…you kinda need the title key in memory at some point to decrypt the content). In any case, it’s nice to see that they’re actively working away on AACS. Less DRM, not more…