Blu-ray Volume Unique Keys leaked on the internet

Hmmmm, well, I have the block of AACS keys in a fresh KEYDB.cfg in my MakeMKV data directory and still not working. What the hell am I doing wrong?

:sigh: I’m on 2.2.6. Gotta downgrade.

Did you close and re-open MakeMKV? I can’t remember which drive you’re using - is it a UHD “friendly” drive (not a UHD certified drive. Apparently those won’t work).

Ahhh, so I am currently trying to use my LG drive which is certified. I’ll try the Asus.

BINGO! That did it. Thanks @ccutrer. That’s an important distinction.

Ripping Ghostbusters now. Way faster than DeUHD. I am seeing 21M/s on my Asus drive.

I just downgraded. I can’t get VLC to work with a regular blu-ray whose Unit_Key_RO SHA1 is definitely in the keydb.cfg I have. So… I can’t tell you if it works with UHD discs.

I don’t think it’s relevant for your post what these keys do.

But in short, these VUK allow decryption of the encrypted “unit keys” in the file Unit_key_ro.inf. The SHA-1 hash of this file is used as identification in the DEUHD supported titles list thread (and also in keydb.cfg for VLC libaacs). The unit keys can be used to decrypt the actual video files on the disc. However, in case bus encryption is enabled on the disc, also a valid host certificate is required. Since no valid AACS2 certificate is yet known, it is not possible to use a AACS2 certified drive. But by using a UHD-friendly drive and a valid AACS1 host certificate, this protection can be circumvented. It looks like they put this loophole on purpose for some reason. It’s impossible they did not anticipate someone finding out. So buy these drives before there firmware is updated :slight_smile:

Also, the VUK is calculated from VID (VolumeID) and MK (MediaKey). While VUK is unique per disc, it is much better to actually have the MK and VID since these are shared across multiple discs (at least in AACS1) and can be re-used.

2 Likes

Thank you @candela! I do understand better now what these keys do. Will update the article accordingly!

1 Like

How long did your rip take? Mine got a whole lot slower all of a sudden. Went from 20M/s to 6.5M/s. Layer change perhaps?

Perhaps. Mine stayed consistent over the whole disc that I happened to be paying attention to. I think it was ~40 minutes total. And I was ripping Ghostbusters II, not the original, so different disc than you.

Oh. Gotcha. Yeah, I am doing the first one right now and the total rip time is at ~1 hour 20 minutes. I seem to be stuck at 2.0x ripping so it could be a speedlock problem suddenly with the Asus drive. They are known to be a PITA about that.

what’s the error message? make sure to play the discs WITHOUT menu

I’m opening the m2ts file directly. It just doesn’t do anything. Should I be playing something else?

If I do Open Disc, choose Blu-ray, and check No Menus, the drive spins for a few seconds, and VLC just hangs chewing up a bunch of CPU (this is on the regular blu-ray still).

not sure why that is, works fine for regular blurays for me.

maybe try the 32 bit or 64 bit version of vlc and corresponding libaacs

I got it to work with the regular blu-ray using the 32 bit version. But the UHD disc does not work. The UI says:

Your input can't be opened:
VLC is unable to open the MRL 'bluray:///G:/'. Check the log for details.

The log says:

core debug: no access_demux modules matched
core debug: creating access 'bluray' location='/G:/', path='G:\'
core debug: looking for access module matching "bluray": 21 candidates
core debug: no access modules matched
core error: open of `bluray:///G:/' failed
core debug: dead input
core debug: changing item without a request (current 2/3)
core debug: nothing to play
qt4 debug: IM: Deleting the input

It will be interesting to see if the Audio issues with Pirates are there…

ok thanks, the error does not seem related to the encryption though. possible vlc itself requires changes to support 4k discs

Pirates isn’t on the list.

Looks like my copy of Oblivion is a no-go. Bummed.

you just killed my buzz with this.

what is your Asus drive? I only have the LG certified drive.

why would the drive matter?

Because an AACS 2.0 certified drive “hides” the AACS 2.0 info from regular applications, unless you’re a certified app like PowerDVD. But the UHD “friendly” drives let you see it with just a leaked AACS 1 host certificate. Or something like that.