Re: The Fallacy of Cracking Contests

Andreas Bogk (ich@andreas.org)
Wed, 16 Dec 1998 15:44:57 +0100

• Next message: Andreas Bogk: "DVD Content Scrambling System"
• Previous message: JPeschel@aol.com: "Re: The Fallacy of Cracking Contests"
• Maybe in reply to: Bruce Schneier: "The Fallacy of Cracking Contests"
• Next in thread: Jesús Cea Avión: "Re: The Fallacy of Cracking Contests"

On Tue, Dec 15, 1998 at 08:25:03PM -0600, Bruce Schneier wrote:
> Most contests don't disclose the algorithm. And since most cryptanalysts
> don't have the skills for reverse-engineering (I find it tedious and

Reverse-engineering is a field of it's own, and COMP128 has shown how
reverse-engineering and cryptanalysis can work hand in hand.

> boring), they never bother analyzing the systems. This is why COMP128,
> CMEA, ORYX, the Firewire cipher, the DVD cipher, and the Netscape PRNG were
> all broken within months of their disclosure (despite the fact that some of

This is interesting. I haven't heard of the DVD cipher (which is called CSS)
being disclosed, or broken. I've found a reference to a software called
softDVDcrack, at

http://www.techweb.com/se/directlink.cgi?EET19971124S0013

but no explanation of CSS anywhere.

My only slightly educated guess is that someone cracked a software DVD
player (thus the name) to save the MPEG2 stream to disk, instead of
playing it on the screen. But this is no attack against CSS, as the
key which is used to scramble the contents is stored on the DVD, and
the DVD drive uses an bi-directional authentication and key exchange
to prevent against eavesdropping on the way between drive and decoder.
If the DVD decoder is in hardware, you cannot access the point between
decryption and decoding, while with a software decoder, you can, all
without knowing the slightest about CSS.

Not that I believe CSS to be a strong algorithm, after all, it has to
cope with data rates up to 10 Mbit/second with a CPU utilization of
less than 5%.

I've also been unable to find anything on the Firewire encryption.

Andreas

-- 
"Java requires the programmer to declare types and exceptions, simply to
make the compiler's job easy.  Which just seems like the wrong approach
to me:  CPU-cycles we have plenty of, good programmer cycles we don't."
  -- P T Withington <ptw@callitrope.com> in comp.lang.dylan

• Next message: Andreas Bogk: "DVD Content Scrambling System"
• Previous message: JPeschel@aol.com: "Re: The Fallacy of Cracking Contests"
• Maybe in reply to: Bruce Schneier: "The Fallacy of Cracking Contests"
• Next in thread: Jesús Cea Avión: "Re: The Fallacy of Cracking Contests"