[FFmpeg-devel] Using decryption keys in a decoder

Maxim max_pole
Mon May 18 13:03:06 CEST 2009


Uoti Urpala schrieb:
> [...]
>> Depends on how you define "known", it is "xor by pseudo-random number
>> generator", should be brute-forceable easy enough (about 24 bit key
>> strength I think), though probably not easy enough to do it in realtime.
>>     
>
>   

Good news: I did some research and found out that it's possible to find
the key from its hash (stored in the bitstream) by doing brute-force
search. For the 24-bit keys my computer requires approx. 1,5 sec. For
the 32-bit ones it will compute for minutes. It's quite unlikely that a
real key will take 32 bits because it's needed to enter more than 8
digits...

Bad news: Theoretically there are several combinations of check_sum and
access_key giving the same hash value but only one will decrypt the
bitstream correctly! This  would require the user to try out several
combinations in order to find one that works. Practically I've seen only
two encrypted videos but its hashes/checksums gives only unique
access_values...

I could supply a script that searches for unknown access_keys but it's
needed to have a possibility to supply the key to the decoder.
Searching for keys in realtime without user intervention seems to be
unpossible IMHO...

> For that kind of algorithm you could do much better than brute force. If
> there's some known plaintext you can solve the k values directly without
> much computation.
>   

Unfortunately I wasn't able to find any place in the encrypted part of
the header which content would be expectable. The encryption is applied
on the huffman encoded block coefficients so it's unpossible to know any
value...
We need to know at least four bytes in order to be able to solve the key...

Regards
Maxim



More information about the ffmpeg-devel mailing list