Quote:
Originally Posted by geekmaster
EDIT: Again, I do not know how the kindle DRM does it. I suspect that generating keys for all possible kindle serial numbers would be very slow. Using a fast hash for key generation would be vulnerable to brute-forcing the much smaller serial-number space instead of the full 12-bit encryption keyspace, so it would be foolish to use a fast hash for DRM key generation. After you have the right key, decryption is fast. But FINDING the right key is slow, which is why you need to know the serial number of the kindle that owns the DRMed media, or otherwise extract its key from it.
|
So, I just tried it. This is the result of a quick & dirty test, using the actual implementation that is running on the Kindle. In fact, the search space is even less, it actually only consists of
seven alphanumeric characters. Testing 1,000,000 different keys takes about 35 seconds - and that is completely unoptimized code, which can certainly be made faster by at least an order of magnitude.
So if I was using that unoptimized program to brute-force the key for a book, it would take pretty much exactly one month to go through the entire keyspace. Parallelize this to 100 quad-core machines using AWS, and you have it cracked in at most 2 hours.
