DECRYPTION
Today's assignment: Descramble a DVD in less than seven lines of Perl. The lesson? Something this simple is more like a recipe for chicken soup than a circumvention device, says Keith Winstein, who solved this brainteaser with Marc Horowitz back in December.
Their efforts, called qrpff, have been copied from .sig files and Web posts worldwide, and the duo – members of the MIT Student Information Processing Board – have been pegged as mischief makers ready to take on the Motion Picture Association of America. Winstein, however, would like to set the record straight: "We're not saying, 'Screw you, MPAA; all intellectual property should be free.' We wanted to add to the public debate about whether or not six lines of text can become a circumvention device, and we wanted to see how neatly we could do it."
To keep the discussion balanced, Winstein invited industry execs to his MIT seminar, "Decrypting DVD." David Barr, lead engineer at C-Cube Microsystems, a member of the DVD Copy Control Association, gave an independent overview about US copyright law. Jack Valenti, president and CEO of the MPAA, replied with regrets. "Valenti sent me a nice RSVP saying he likes 'entering the lion's den' but that he couldn't make it," explained Winstein.
s''$/=2048;while(<>){G=29;R=142;if((@a=unqT="C*",)[20]\&48){D=89;=unqb24,qT, b=map{ord qB8,unqb8,qT,$a[–D]}@INC;s/…$/1$&/;Q=unqV,qb25,_;H=73;O=$b[4]|256|$b[3];Q=Q>>8(P=(E=255)&(Q>>12Q>>4Q/8Q))>8(E&(F=(S=O>>14&7^O) S*8S(map{U=%16orE=R=110&(S=(unqT,"xbntdxbzx14d")[/16%8]);E =(72,@z=(64,72,G=12*(U-2?0:S&17)),H=%64?12:0,@z)[%8]}(16..271))[_]((D>>=8 )+=P+(~F\&E))for@a[128..$#a]}print+qT,@a}';s/[D-HO-U]/$$&/g;s/q/pack+/g;eval
Here's Perl master Mark-Jason Dominus' dissection of the contentious qrpff script:
The name itself – qrpff – is "deCSS" encoded with the well-known rot-13 function. The script decodes the content scramble system (CSS), thanks to an Achilles' heel – the linear feedback shift register (LFSR), which produces data that looks random but isn't. CSS uses two LFSRs, and their output, combined with the encrypted data on the DVD, produces the original video data.
Each 2-Kbyte sector contains a key to initialize the LFSRs. This code extracts the sector key and decrypts it by combining it with a title key. A DVD player has a secret player code that lets it read the title key. The qrpff user must supply the title key on the command line, represented by @INC.
This sets up the LFSRs with sector-key data.
This section gathers the outputs of the two LFSRs.
The decryption process also involves replacing certain bytes with others, according to a table. This code computes the table.
The result from the table is combined with the LFSR output to decode the original byte value of the video data.
The table lookup and LFSR step are performed for each byte of data in the sector, and the result is output as the original video data. The main loop of qrpff repeats the decryption for each 2-Kbyte sector of video data.
| MUST READ
| Come In, Sit Down, You’re Fired
| P2P Talk: Thanks for Not Sharing
| The MS Federation: Join or Be Assimilated
| DVD Hacking for Dummies
| People
| Raw Data
