Hacker News new | past | comments | ask | show | jobs | submit login
Apple AirTunes private key extracted (mafipulation.org)
371 points by PascalW on Apr 11, 2011 | hide | past | favorite | 94 comments

Hah, awesome. Many years ago, I patched iTunes to use my own public key, so I could stream to an AirTunes server I ran on another machine. I had intended to pull the firmware off the Airport Express, but didn't have the hardware skills at the time. It's awesome to see this happen.

Could someone explain the implications of this?

edit: it looks like it would allow another software to show up as an Airport Express in iTunes, thus becoming the potential target of streaming audio over WiFi from iTunes. But am I right?

The Airport Express public key was previously known, which allowed anyone to write a program to stream audio to an Apple Airport Express. Now that the private key is known, anyone can write a program to receive audio from iTunes, or from another program that sends to Airport Express.

This means you will be able to easily send audio to other rooms in your house with something like XBMC running on a PC, nettop, or netbook.

edit: Just to clarify - previously you could do this:

iTunes -- stream to --> Apple Airport Express

3rd party software -- stream to --> Apple Airport Express

Now you can do this:

iTunes -- stream to --> 3rd party software/hardware

Speculation: If iTunes plays the role of the Fairplay DRM decoder and relied on the channel between iTunes and the Airplay device being encrypted to secure content would it now be possible to use the private key to masquerade as a capable Airplay device and dump a the stream pure and DRM free? Would this work for video enabled Airplay devices?

If so, Apple and this hacker are about to be lawyered hard by the MPAA.

AFAIK, very little iTunes music is DRMed these days anyway.

It doesn't. The Airplay device receives ALAC (Apple lossless audio) data, so this doesn't get you anything that wasn't already easily available by other means.

Yes, provided you were the MitM, you could capture every song streamed. However, Apple is far more likely to be worried about someone writing an AirPlay emulator that keeps perfect copies on it's local hard drive. They probably built encryption in just to satisfy any possible media company objections about the copying of streamed media.

Airport Express only streams audio out (no movies/tv/video), so it would be the RIAA, not the MPAA.

Apple TVs work similarly now for video streamed from iPhone/iPad/iPod Touch devices since iOS 4.2. Might they use the same private key?


Now you can do this: iTunes -- stream to --> 3rd party software/hardware

How is this all that ground breaking from what you've been able to do with Rogue Amoeba apps for a while now?


From the Rogue Amoeba website:


"Airfoil Speakers works pretty much like an AirPort Express from the point of view of Airfoil. It advertises its services over Bonjour, then uses the same AirTunes 2 protocol that Apple uses. However, despite using the same protocol, iTunes won’t talk to Airfoil Speakers. iTunes uses cryptographic authentication to ensure that it only talks to real AirPort Expresses, and we weren’t able to mimic that. Until Apple removes those checks, Airfoil Speakers will only work with Airfoil 3 and Airfoil for Windows."

And I doubt this will change, as Rogue Amoeba adopting Apple's private key would be a huge DMCA violation.

In fact, I don't see how this private key getting "outed" is going to hurt Apple at all in any countries where things like DMCA exist.

IIRC, the traditional way around such legal ambiguity is for the project to offer a configuration variable akin to "input your favorite private key here." If the user is in a country which permits use of the AirPlay key, great, if not then the project can continue to operate as before. Either way, the project is indemnified because /they/ didn't provide the key.

IIRC, one of the few exemptions to DMCA is interoperability. That, and this circumvention does literally nothing to aid piracy.

It's dead, Jim!

"Now that the AirTunes private key is known, it could allow for 3rd party software to act like AirTunes devices. If this for example would be implemented in XBMC, Plex, Boxee etc you could send audio from your IOS device straight to XBMC using IOS built-in Airplay support."

Can someone explain to me why this comment was deaded?

I'd like to know this as well.

ASCII key, from the source: http://pastebin.com/raw.php?i=RFeUcdXd

The whole source: http://pastebin.com/raw.php?i=mXVK93sY (edit: updated with 0.03)

Already out of date - 0.03 fixes IPv6. Please, get it from the site (if it hasn't been Slashdotted or something yet :/)

The first time I tried it was slashdotted so I pastebin'd. Thank you for your work!

What are the legal implications of selling a small unit that acts as an airport express, then? And what if you didn't ship the key, but it was obvious to users where to get it?

"Wink wink" has been long dealt with in law. If it's a device that is useless without the key, it'd wind up as a distinction without a difference if Apple really chased this down rather than hiring the devs. "Substantial non-infringing use" is the bar to clear in patent terms.

Except, streaming music you own to a computer you own is legal regardless of whether or not some piece of propietary software you use has a private key that you aren't supposed to know. The key is out. Using it for anything is legal.

Uh, I'm not so sure about that. The DMCA makes circumventing a copyright protection measure illegal unless you fall into one of the very narrow exemptions.

How is this circumventing a copyright protection measure?

This is like opening the hood of a car that requires a key that the manufacturer will only give to authorized dealers. If you figure out how to open the hood, the government is not going to stop you from messing around with the stuff in your car. It's yours, after all.

Here's what's happening here. Apple wants you to buy Apple hardware, so they cripple iTunes such that it will only speak with devices that know a secret password. Now, with the secret out, it will talk to any device.

This has absolutely nothing to do with copyright infringement.

This is like opening the hood of a car that requires a key that the manufacturer will only give to authorized dealers.

Yes, that's exactly what it's like. Indeed, auto manufacturers have already been abusing the DMCA to prevent independent repair shops from accessing computer diagnostic codes.

https://www.eff.org/deeplinks/2009/05/right-repair-law-pro (The bill mentioned in that article that would have addressed this died in committee, by the way)

Wow. That's nasty on the auto makers' part.

"(c) Other Rights, Etc., Not Affected. — (1) Nothing in this section shall affect rights, remedies, limitations, or defenses to copyright infringement, including fair use, under this title."


IANAL, but that would not protect you from the DMCA provisions that make it a crime to distribute tools designed for breaking DRM, even if you intend such tools to be used for fair use purposes.

I mentioned that in relation to using the software, not distributing it.

You aren't familiar with the DMCA, then. It's true that §1201(a)(2) and §1201(b)(3) restrict distribution, not personal use.

§1201(a)(1) does restrict personal use. That's what makes the DMCA really insidious.

Then you should probably ship a small device that a general computer, and there just happens to be some firmware / software floating around on the internet for it.

I doubt you'd fare much better than running a P2P service that could be used for anything, but was obviously intended for copyright infringement. And that doesn't seem to be doing so hot for Limewire.

I know the OP probably isn't reading this, but I'd be curious to know what OS the Airport Express runs.

I always wondered. My guess is maybe a proprietary RTOS to perform its simple functions?

Back in the day I figured it'd make a great OpenWRT Linux box, although now boxes with those features/size/price-point are much more common.

I asked the OP and they responded to me offline and confirmed vxWorks.

Hadn't heard of vxWorks before. Did a quick googling, it's been used in a huge array of products: Boeing aircraft, industrial robots, Apache attack helicopters, BMW iDrive, Linksys routers, even spacecraft!


The Acknowledgements.pdf file on the software CDROM says NetBSD.

That could mean they're using any amount of NetBSD code, from the networks stack to a single application.

nmap OS detection says NetBSD too.

I think I read somewhere that it uses vxWorks.

Works great! Even supports multiple audio streams!

For Debian/Ubuntu users, I had to do a few things to get it to compile: 1. sudo apt-get install libcrypt-openssl-rsa-perl libao2 libao-dev 2. comment out line 642 in hairtunes.c 3. 'make'

Fixed the code bug in 0.02, and added this to the documentation. Thanks!

And libssl-dev for me on lucid

I wonder if people will get their IPs subpoenaed for looking at that link, as was the case with the Sony keys?

I'm pretty sure Sony's goal there was to gather information to support their argument that a California court is the right venue and generally to intimidate geohot. Not to sue anyone who merely viewed the page.

Meh, they can sue me. I don't think they'll get very far.

Sony was using IPs to establish jurisdiction because they have a fairly weak case. AFAIK, you can't be sued for reading/looking at something.

This is awesome! I know many have tried before, but have not been successful.

Also, I thought i would put this out there: As with the creation of the new AirPlay protocol, the RAOP (AirTunes) protocol was also changed (to support album art and other metadata, I assume). My proof of this lies in the Apple TV. If you analyze network traffic between iTunes and the ATV's airtunesd daemon, you can see that the initial pairing does not have the 'rsaaeskey' field but instead a 'fpaeskey' field. So instead of a RSA public/private scheme, it uses something else to encrypt the session keys. I found this out when trying to reverse the airtunesd binary, trying to get the key that way. :P

So, are there no alternatives to embedding a single private key across multiple hardware devices?

You could store the key in a TPM, which would at least require carefully applied stong acids and an electron microscope to dump them.

You'd want a combination of storing the keys in tamper-resistant/tamper-responding FIPS 140-2 smartcard module (like a TPM), and some kind of certificated key architecture (where each mac and each airport have a key signed by Apple, but where breaking a single device and extracting the key isn't a class break -- it only provides the ability for everyone to stream to or from that one physical device. That way the Apple Signing Public Key can be in everything, but the Apple Private Key can be kept offline in Cupertino. You could even do a multi-level system where there are manufacturing keys signed by Apple's key so the contract manufacturers don't steal things.

Combine that with a way to update and blacklist keys and devices, and you have the state of the art DRM type system. The cryptography used in the BluRay format is probably about the best currently deployed in that application, and can just be bypassed. The same people (Paul Kocher's Cryptography Research; IMO the top cryptography consultancy in the world) who developed that developed the original Divx system (video rental at Circuit City) did the crypto for BD+. http://en.wikipedia.org/wiki/DIVX

TPMs are unfortunately usually only FIPS 140-2 level 2 or 3, and not THAT hard to break a single instance of. The TCG's TPM architecture is such that compromising one TPM doesn't class break everything. If you naively put a global key into a low-security module like that, and put millions of them in enemy hands, you will get screwed by someone with some acids and an electron microscope at college (or a competitor leaking it anonymously)

Interesting. So why didn't they use a TMP? Cost savings? International distribution constraints? (I see TPMs are illegal in China -http://en.wikipedia.org/wiki/Trusted_Platform_Module.) It is somewhat peculiar given Apple's known DRM policies.

Probably cost and lack of effort. Just look at the iTunes / App Store DRM. It can be removed quite easily, it's mostly there for deterrence. As soon as Apple could, they dropped DRM on iTunes audio files by switching to iTunes Plus (and before that, you could burn the songs to a CD and import it back).

You'll find a quite different story when Palm made the Pre compatible with iTunes through reverse engineering. The certainly didn't want non-Apple devices in the iTunes ecosystem and spent quite some effort to put a stop to that, even though it had nothing to do with DRM.

The source code is very cool. I'd encourage everyone to skim through it.

The rate synchronization code is interesting. Is that what you were referring to?

Could you provide a mirror? The link seems to be dead.

I uploaded it to Github here in case anyone wants to hack on it: https://github.com/bbhoss/shairport

I had trouble with DNS not resolving mafipulation.org (without the www). Try http://www.mafipulation.org/static/shairport-0.01.tar.gz

Oops, my bad - one of my DNS mirrors was out of date. Thanks for the heads up...

Just worked for me.

This is very cool. Do you know if this would work with AirPlay video streaming as well as audio? I can imagine it would be pretty cool to display video on any PC monitor.

Is AirPlay encrypting streams though? There are a few apps that can playback AirPlay videos. Recently, I started to use a script that made Plex show up as an AirPlay target and it worked fine.

edit: NB: I'm not sure "encrypting" is the right word here… do not hesitate to correct me

I'm not sure - I've heard of an Android app that can send video to an AppleTV, but I haven't heard of an app that can receive video from an iOS device. If you know of one, I'd appreciate a link.

AirPlayer from Erica Sadun would work: http://ericasadun.com/ftp/AirPlay/

However, she mentions that you can't stream music to AirPlayer due to RAOP: http://en.wikipedia.org/wiki/Remote_Audio_Output_Protocol

which, I guess is not true anymore due to the parent link :)

But it does seem to show that iTunes was indeed checking keys before sending to an Airport Express, but that AirPlay (for video) wasn't affected. As far as I know, AirPlay is not much more than HTTP Live Streaming.

Also of interest in the same area (though this is an iOS app, so could technically include some key checking without knowing it): https://github.com/nto/AirView

Here's one: http://bananatv.net/

A couple years ago I unsuccessfully tried to extract the keys from the AppleTV version of OS X (which provides the same functionality).

The binaries were heavily obfuscated, and I couldn't get the IDA Pro remote to run on the AppleTV, nor could I port the binaries to run on normal OS X. Gave up after a week or so. I figured that some pro reverser would get the keys eventually that way, but I never expected that anyone would find success cracking open an Airport Express!

cool story bro

There have been a number of manufacturers implementing 'airplay' devices that support being airtunes speakers but it's great to see this making it possible to do with open source. It would be nice to see airtunes added to some of the cheap linux wall warts on the market.

Has someone tried it and was able to play something?

I tried it and iTunes lists it as a device but I cannot activate it in iTunes (if I select it, it immediately unselects itself). From the console output, I see that iTunes even does not try to connect to it (to TCP Port 5000).

I am currently on a Mac so I needed to do some porting (https://github.com/albertz/shairport/) but I think this shouldn't have an impact on the behavior I am getting.

I got the same result at first. But after trying to play from my iPod touch, it worked.

I guess running the server and iTunes client on the same machine caused the problem.

My config: MBP on 10.6.7

And thank you for your dns-sd patch on https://github.com/albertz/shairport/

Sweet, thanks for your port! I just got everything working on my iMac. It shows up as an AirSpeaker from my iPhone on the same network and I can stream music from the iPhone to my iMac!

With 0.03 and some further fixes, it also works on localhost now.

Author states this is broken on a Mac.

That is why I have patched it. For example, it uses `dns-sd` instead of `avahi-publish-service`. Registering seems to work, at least iTunes shows it. But there is no single connection attempt, so everything else (all the C-code etc.) is anyway unrelated because it doesn't even get there.

Maybe it refuses to connect because it is the same (localhost) machine? I don't have another machine at hand to try out right now.

Is your firewall blocking the port?

If you disable the IPv6 address on the linux server it works.

Which you can do via, for example

sudo /sbin/ip addr del <ipv6address>/<prefixlength> dev ethX

Works great! Many thanks for the port.

For those who might not know this, you can stream the audio from one mac to another.


I use it to move music streams to the other computers in the house.

Does Apple use the same protocol for streaming video to an Apple TV? If so, is the key from an Apple TV needed to emulate a video endpoint, or is just some tweaking required (presumably to the MDNS service data) to identify it as video-enabled?

Video is seemingly not encrypted, only pure audio streams required the key. See Airplayer (http://ericasadun.com/ftp/AirPlay/) and apparently Airfoil Video Player (http://www.rogueamoeba.com/airfoil/mac/) for example.

Video is also an entirely different protocol.

wasn't this done before, years ago, by Jon Lech Johansen? he wrote justeport - http://nanocr.eu/software/justeport/ (and i rewrote that in java as jjuste, but no longer have the code...)

here are the keys he found - http://nanocr.eu/2004/08/11/reversing-airtunes/ and http://nanocr.eu/sw/justeport/itunesrsakeys.txt

Johansen found the public keys to allow you to stream music to an Airport Express... now we are talking about the private key, which lets you emulate an Airport Express with any hardware that is capable.

ah! thanks! (the idea that someone had to "find" the public keys seems a bit odd, but i guess it was obfuscated?)

Totally want to try this, but my Snow Leopard won't install Crypt::OpenSSL::RSA via cpan, any ideas? http://pastie.org/1783565

Try this:

ARCHFLAGS="-arch i386 -arch x86_64" perl -MCPAN -e 'install Crypt::OpenSSL::RSA'

i am trying to use the hairport (on apple tv1 running ubuntu hardy)... i am getting the following error:

atv@appletv-ubuntu:~/scripts/bbhoss-shairport-31cf954$ make gcc hairtunes.c alac.c -D__i386 -lm `pkg-config --cflags --libs ao openssl` -o hairtunes hairtunes.c: In function âinit_outputâ: hairtunes.c:642: error: âao_sample_formatâ has no member named âmatrixâ

Could someone help me with this matter :) ?

awesome!, now only if we can get forked-daapd to show up under home sharing we'd be set!

I wonder if another aacs controversy is going to rise.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact