Page 1 of 1

Problem with Razorback AU UHD?

Posted: Sun Jul 30, 2023 12:51 am
by NoseClams
I submitted dump files over 3 days ago, is there a problem with the disc?

MKB20_v77_Razorback_UHD_CF0E

Re: Problem with Razorback AU UHD?

Posted: Sun Jul 30, 2023 1:12 am
by Woodstock
It seems to be a problem with the program author (Mike) not being available for this past week. He's the one that generate program keys for disks.

Re: Problem with Razorback AU UHD?

Posted: Sun Jul 30, 2023 2:48 am
by Radiocomms237
This may be a silly question (and has no doubt been asked before) but...

Why can't the key generation method by automated and added to the program itself so we don't have to rely on these HK downloads?

The idea of having just one person generating all these keys by hand is kinda ludicrous:

a) If they happen to be away or busy then nobody gets the necessary keys; and/or

b) The workload must be time consuming and most likely hinders work needed on the multitude of program improvements that seem to be continually going unanswered; and

c) It'd be nice to be able to spin-up a brand new title and NOT have to wait days (or weeks) to add it to the library!

Re: Problem with Razorback AU UHD?

Posted: Sun Jul 30, 2023 3:15 am
by SamuriHL
The alternative is waiting forever. I'll come back to this in a moment.

It requires understanding how aacs works at least from a basic level to know why the program is not going to do that for uhd. Unlike bluray there are no public host certs, device keys, and processing keys. Libredrive makes the host cert and device keys mostly irrelevant, but you're always going to need a processing key or device key in order to decrypt the title keys from the disc.

If makemkv included the processing or device keys that are used to decrypt the title keys, how quickly do you think those would be exposed and then revoked? There's a reason there aren't any publicly available for aacs 2.x. They're very difficult to procure. So if they get revoked there's a good chance the wait for new keys would be marked in months or never instead of days or weeks.

This is a much better process than playing cat and mouse with the keys. Yes it takes a bit sometimes but better to be able to decrypt them eventually than never.

Sent from my SM-G998U1 using Tapatalk


Re: Problem with Razorback AU UHD?

Posted: Sun Jul 30, 2023 3:30 am
by Radiocomms237
You are correct in that I have no clue how AACS works, but the thing that gets me is...

If I purchase a brand new (possibly even pre-ordered pre-release) UltraHD title and slip it into my home LG player, it plays!

It doesn't need to send a file dump anywhere and it doesn't say "Please wait three days before you can play this disc"!

Surely whatever method is used to decrypt these discs in a home player could also be applied to MakeMKV?

Re: Problem with Razorback AU UHD?

Posted: Sun Jul 30, 2023 3:37 am
by MartyMcNuts
Radiocomms237 wrote:
Sun Jul 30, 2023 3:30 am
You are correct in that I have no clue how AACS works, but the thing that gets me is...

If I purchase a brand new (possibly even pre-ordered pre-release) UltraHD title and slip it into my home LG player, it plays!

It doesn't need to send a file dump anywhere and it doesn't say "Please wait three days before you can play this disc"!

Surely whatever method is used to decrypt these discs in a home player could also be applied to MakeMKV?
No, it can't. As SamuriHL said, there aren't any AACS 2.x keys publicly available as yet. Your LG UHD player has it's own set of device keys stored within thus it can decrypt and play them immediately.

Re: Problem with Razorback AU UHD?

Posted: Sun Jul 30, 2023 4:06 am
by Radiocomms237
And so we've come full circle...

Why can't MakeMKV have its own set of "device keys" stored within?

Surely there is some computer whizkid somewhere who is able to access these keys from one of the many UHD players on the market today?

Re: Problem with Razorback AU UHD?

Posted: Sun Jul 30, 2023 4:15 am
by SamuriHL
Yup. And we've vastly oversimplified this to illustrate why it's not possible. There are many layers of encryption involved. Those standalone players have their own host certificate, device key, processing key, etc. And they are required by the aacs la to secure those things. You may ask why they haven't tried to get them from something like powerdvd, a software player. That's using intel's sgx to protect access to those keys in protected memory space. It actually doesn't have keys embedded. It uses a secure encrypted connection to their server to get the host cert, device keys, etc. Someone did in fact hack it and managed to retrieve all of that. They then fixed some implementation issues in libaacs and were able to play all uhds in vlc on Linux. Including aacs 2.1.

That sounds great right? Just do that! Yeah no. It's exceptionally difficult to break sgx. These were security researchers investigating weaknesses in the system and decided to target powerdvd as an academic exercise. They didn't leak any of the keys they managed to jack. And here's the issue... if they did the keys would get revoked. All future titles no workie. So it's very short lived. That's why I called it a cat and mouse game. You'd then need to wait til new keys are hacked. Aacs 2.x made that more difficult. No one wants to be spending months to compromise a player only to have it get revoked in weeks.

So yes your player is officially licensed and has proper keys. Makemkv does not. That is the difference.

Sent from my SM-G998U1 using Tapatalk



Re: Problem with Razorback AU UHD?

Posted: Sun Jul 30, 2023 4:16 am
by SamuriHL
Good thing l anticipated your likely response. Lol

Sent from my SM-G998U1 using Tapatalk



Re: Problem with Razorback AU UHD?

Posted: Tue Aug 01, 2023 4:09 am
by flashback8
Yeah, SamuriHL pretty much nailed it. I will say that the researchers who poked at PowerDVD did write an academic paper on the exercise, and on AACS 2.x in general. I'd imagine a direct link is fine but I'll leave the research as an exercise. :)

In any event, if you have any technical prowess, feel free to read the paper and see just how complex AACS 2.x can be. This includes revoking compromised keys within weeks. (AACS 1 is the same but key protection isn't/wasn't as robust as is required for 4K setups.) Any compromises are going to be few and far between. With hardly any new players being built, that doesn't leave many avenues for retrieving the "root" keys required to make MakeMKV work.

Re: Problem with Razorback AU UHD?

Posted: Thu Aug 03, 2023 10:20 pm
by Krawk
MartyMcNuts wrote:
Sun Jul 30, 2023 3:37 am
No, it can't. As SamuriHL said, there aren't any AACS 2.x keys publicly available as yet. Your LG UHD player has it's own set of device keys stored within thus it can decrypt and play them immediately.
Or the world has not determined how to read the key from the disc like a set top player does. But I know you know that.
We know an LG made 3 years ago will not have the keys to a disc created today.

In either case, people need to be a little patient. There is no arbitrary "3 days" solution to any of this.

Re: Problem with Razorback AU UHD?

Posted: Thu Aug 03, 2023 11:30 pm
by SamuriHL
Krawk wrote:
Thu Aug 03, 2023 10:20 pm

Or the world has not determined how to read the key from the disc like a set top player does. But I know you know that.
We know an LG made 3 years ago will not have the keys to a disc created today.

In either case, people need to be a little patient. There is no arbitrary "3 days" solution to any of this.
That's not really how it works. The LG does NOT "have the keys to a disc" but it can open a disc created today. Look, this is the overly simplified version of how it all works:

The player has a device key and a host certificate. The host certificate is used to access protected parts of the disc. So-called UHD friendly drives were able to read the protected parts of the disc using an AACS 1.x host certificate but a UHD official drive requires a valid non-revoked AACS 2.x host certificate. Which is what the LG player has.

The player then reads the Volume ID (VID) from the protected area of the disc. It then uses a processing key, that is not revoked in the MKB on the disc, to generate a media key that is then combined with the VID to create a Volume Unique Key (VUK). The VUK is the key that is able to decrypt the 1 to many CPS Unit Keys on the disc. IOW, the player does NOT have the disc keys, they are encrypted on the disc itself. The MKB is what determines if the device keys, processing keys, media keys, and host certificate are revoked. Once you play a disc with a higher MKB, then all revoked keys/certs are no longer valid for any previous title, as well. If a player gets compromised, it'll require a firmware update to get a new device key and host certificate. As long as the player remains uncompromised, its device key and host certificate are still valid and they can decrypt all discs using the method I just outlined.

LibreDrive, for us, throws a little wrinkle in all this. It allows the drive to ignore the MKB which is kuel. It also disables bus encryption and allows the drive to access protected parts of the disc (i.e. the Volume ID) without needing a valid host certificate. But it still needs a device key, processing key, or media key in order to generate the VUK. Those are what have not been publicly disclosed. And those are what programs like MakeMKV, DVDFab, and others will not embed in their software. This prevents them from being revoked because the AACS LA doesn't know which keys they're using from what player.

Re: Problem with Razorback AU UHD?

Posted: Fri Aug 04, 2023 12:13 am
by Coopervid
They don't care. They want their UHD discs decrypted.

Re: Problem with Razorback AU UHD?

Posted: Fri Aug 04, 2023 12:19 am
by Radiocomms237
Okay, so it can't be done locally (at the end-user level) because the keys would be identified and revoked, so the next best thing is surely to automate the process on a remote server somewhere?

As much as I hate it when programs need to 'dial home' to work, couldn't MakeMKV contact this server itself, upload the necessary info, and receive the automatically generated keys almost instantly (within minutes at least)?

Re: Problem with Razorback AU UHD?

Posted: Fri Aug 04, 2023 1:20 am
by SamuriHL
I'm not sure it can be fully automated. DVDFab, as an example, does have a cloud server that it gets uploaded to but it still takes multiple days before the keys are available. So even in that case it's not "a few minutes". There's likely some manual process behind all of it that's required.