[FFmpeg-devel] Using decryption keys in a decoder

[Maxim]

Michael Niedermayer schrieb:
> On Tue, Apr 07, 2009 at 11:20:03AM +0200, Maxim wrote:
>   
>> Hello guys,
>>
>> I need to specify a decryption key for some Indeo5 video clips in order
>> to play them back. The indeo5 keys are just numbers used to perform
>> frame data encryption. I know about the FFmpeg's ability to specify keys
>> for file formats but how it's about decoders?
>> Please give me an example how such keys could be specified and retrieved
>> by a decoder...
>>     
>
> What kind of encryption does indeo5 use?
>   

simple XOR...
The encryption key is derived from the password named "AccessWord"
entered by the user as follows:

uint32_t   k1 = (AccessWord >> 1) + 16384;
uint32_t   k2 = (k1 / 200) * 200 + 21;
uint32_t   k3 = (~AccessWord) >> 16;

for (i = 0; i < size; i++) {
   k3 = (k3 * k2 + 1) & 0xFFFF;
   dataPtr ^= k3;
   dataPtr++;
}

I don't know if it may be any kind of known encryption algorithm but
it's how it works...

> And is it correct that the binary decoder also needs these keys manually
> provided by the user?
>   

Yes, otherwise the protected clip cannot be played back. Indeo5 uses a
special hashing function to check if the password provided by user is
correct before decoding. This check is achieved by calculating a hash
from the provided password and comparing that against the hash received
with the bitstream header. If they mismatch the decoder refuses to
decode the clip...

Indeo4 uses almost the same protection scheme but without encryption of
the frame data. It just check if the hashes match... This one can be
easiliy cancelled, so it's not a big problem...

Regards
Maxim