Soooo, after a few evenings of work, I've 100% broken Widevine L3 DRM. Their Whitebox AES-128 implementation is vulnerable to the well-studied DFA attack, which can be used to recover the original key. Then you can decrypt the MPEG-CENC streams with plain old ffmpeg...
-
-
What about changing the lookup tables(lut) constantly to enforce attackers to automate DFA? Additionally, distributing binary merged with luts? If this is done, you can add random countermeasures every time you bundle a wbox binary...
-
My attack was already automated and ran in under a second. The LUTs are already bundled with the binary, so I'm not quite sure what you mean by that?
- 4 more replies
New conversation -
-
-
You only think that because the clear text, the cipher text and the encryption key are part of the payload.
-
Isn't that how DRM is structured (ergo, "by design")?
- 6 more replies
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.