Basic tech stuff

Programming and Linux administration

Archive for the ‘encryption’ Category

This is NOT the HD-DVD key

Posted by Daniel Brahneborg on 2007 May 2

Just as normal DVD’s are encrypted, so are HD-DVD’s. In the latter case both a global key and a bunch of player specific keys are used. First the latter ones were found for a particular player, and a while ago the global key was found. Using this, and some software, any HD-DVD can be played and copied to a hard drive for later viewing.

Today Slashdot has an article about the censoring of this number. Writing it seems illegal, but I ought to be able to write that it is NOT f6 06 ee fd 62 8b 1c a4 27 be a9 3a 9c a9 77 3f. (Thanks to AJVM for the tip.)

Damn, the movie industry is stupid.

Andra bloggar om: , .

Posted in encryption | Leave a Comment »

Blowfish decryption in Ruby, revisited

Posted by Daniel Brahneborg on 2007 March 14

I wrote earlier about my struggles to get decryption to work in Ruby. Today I got it working, with good performance.

The solution was to write a Ruby extension in C, calling the Blowfish and AES functions in the OpenSSL library directly. Converting from Ruby types to C types and back is easy, so the process of figuring out how to do it, writing the code and tweaking it until the test suite passed again, took less than a day. Now time is measured in seconds again.

The thing that surprised me the most was when I changed decryption of file names and other short strings, to also use the C version. This gave yet another performance boost, cutting the time for the test suite from 5-6 seconds to less than 1. If nothing else, it shows that Ruby needs to get faster.

Andra bloggar om: , , .

Posted in encryption, programming, ruby | 10 Comments »

Blowfish decryption in Ruby

Posted by Daniel Brahneborg on 2007 March 9

For a project that will soon be released as Open Source, I need to decrypt blowfish encrypted data in Ruby. There are several ways, none of which makes me happy.

1. The Crypt library in pure Ruby. The current version has a few bugs, but after adding a couple of patches, it decrypts the data perfectly. Downside? It’s slow. Slow as hell. Data that takes 3 seconds to decode in C takes 300 with this library.

2. The EzCrypto library. It’s a frontend for the OpenSSL libraries, and should therefore be quite a bit faster. I don’t know, because I simply can’t get it to work. I’ve followed all the descriptions, but it never manages to decrypt the data correctly. My code looks something like this, assuming that the IV is in the beginning of the encrypted data:

def decrypt(key, data)
    @driver =, :algorithm => "bf-cbc")

3. Using the Ruby OpenSSL libraries directly. This doesn’t work either. Here I do like this:

def decrypt(key, data)
    @driver ="BF-CBC")
    @driver.key = @key
    @driver.iv = data[0..7]
    clear = @driver.update(data[8..-1])
    clear <<

4. Using a shell escape to the openssl binary, using the flags -K and -iv to set the encryption parameters. Doesn’t work either.

5. Using a shell escape to my own binary, which uses the BF* functions in OpenSSL directly. Works like a charm, even if the 900 fork/exec/wait calls bring up the total time to 13 seconds. And of course, it doesn’t work with other encryption algorithms unless I add those explicitly.

So now I have the choice between five versions that all suck. Or rather two, if I only count the versions that actually work. Life is fun.

Andra bloggar om: , , ,

Posted in encryption, programming | 7 Comments »