David Anderson
Member
Thread Starter
- Joined
- Feb 13, 2007
- Messages
- 7
- Likes
- 0
Previous posts by SlySoft members seem to indicate AnyDVD-HD can decrypt all HD-DVDs, not just the ones in which the title or volume keys are already known (the BackupHDDVD approach).
If the title key is not already known, then there is only one other way to decrypt the content; a device key must be used to decrypt the title key. Once you have the title key, you can decrypt the content.
CSS decrypters (AnyDVD, DVD Decrypter, DVD43, etc) use one of two methods to decrypt: either a brute force attack on the key (not too hard when the key is only 40 bits) or cycle through a list of known compromised device keys.
To decrypt AACS, a brute force attack is not feasible due to the size of the key (128 bits). That leaves only one option - a device key must be obtained from either a compromised software DVD player or hardware DVD. Given the difficulty in reverse engineering hardware and the limited amount of time hardware DVD players have been available, it's a safe bet to assume AnyDVD-HD uses a device key obtained from a compromised software DVD player.
One of the key security features of HD-DVD is the ability to revoke device keys. One can assume that if and when the device key used by AnyDVD-HD is revoked, it will no longer be able to decrypt new DVD releases. Unless SlySoft has an unlimited source of compromised device keys, I fail to see how this product will remain viable once the device key used by AnyDVD-HD has been revoked.
HD-DVD was designed to stop this well known technique of using device keys, as it’s the basis for present day CSS decrypters. I’m assuming SlySoft knows all about device key revocation, yet they are still willing to release AnyDVD-HD. What I’d like to know is if I purchase AnyDVD-HD when it's released, will SlySoft reimburse me if the device key is revoked a few days or weeks later, rendering the product useless for all future DVD releases?
David.
If the title key is not already known, then there is only one other way to decrypt the content; a device key must be used to decrypt the title key. Once you have the title key, you can decrypt the content.
CSS decrypters (AnyDVD, DVD Decrypter, DVD43, etc) use one of two methods to decrypt: either a brute force attack on the key (not too hard when the key is only 40 bits) or cycle through a list of known compromised device keys.
To decrypt AACS, a brute force attack is not feasible due to the size of the key (128 bits). That leaves only one option - a device key must be obtained from either a compromised software DVD player or hardware DVD. Given the difficulty in reverse engineering hardware and the limited amount of time hardware DVD players have been available, it's a safe bet to assume AnyDVD-HD uses a device key obtained from a compromised software DVD player.
One of the key security features of HD-DVD is the ability to revoke device keys. One can assume that if and when the device key used by AnyDVD-HD is revoked, it will no longer be able to decrypt new DVD releases. Unless SlySoft has an unlimited source of compromised device keys, I fail to see how this product will remain viable once the device key used by AnyDVD-HD has been revoked.
HD-DVD was designed to stop this well known technique of using device keys, as it’s the basis for present day CSS decrypters. I’m assuming SlySoft knows all about device key revocation, yet they are still willing to release AnyDVD-HD. What I’d like to know is if I purchase AnyDVD-HD when it's released, will SlySoft reimburse me if the device key is revoked a few days or weeks later, rendering the product useless for all future DVD releases?
David.