Intel's HDCP video encryption reportedly cracked
Developed by Intel for copy protection, High-bandwidth Digital Content Protection (HDCP) seems to have been cracked now that the "HDCP master key" has apparently been published anonymously at pastebin.com. HDCP encrypts the transmission of video signals via DVI, HDMI, DisplayPort and other digital interfaces.
If the master key – a 40 × 40 matrix consisting of 56-bit hexadecimal numbers – turns out to be genuine, HDCP would no longer provide any protection because any HDCP key could be generated from the master key. In this case, a Key Selection Vector (KSV) can be used to select 20 lines from this matrix, which are then used to calculate a private key for an HDCP source, such as a Blu-ray player or a set-top box, based on a certain algorithm; the transposed matrix can then be used to create keys for HDCP sinks, such as displays and projectors.
The obvious weaknesses of the authentication and encryption process developed by Intel were revealed back in 2001. Then, Dutch cryptography expert Niels Ferguson claimed that he had calculated the HDCP master key. Ferguson provided his findings to Intel and assured the company he would not publish them. Although Intel did not threaten to press charges, he nonetheless felt publication would be too risky if he ever entered the US because of the Digital Millennium Copyright Act (DMCA).
A significant amount of data travels along the HDMI / DVI connection from player to display. For instance, traffic reaches some 2.23 gigabits per second for the transmission of a 1080p24 signal (24 full frames per second at a resolution of 1920 by 1080 pixels). Copiers, however, need not worry about recording that large amount of data, for AACS copy protection for the Blu-ray disc and the additional BD+ Blu-ray protection mechanism were themselves cracked long ago, so that the compressed data streams can simply be copied off the disks. Likewise, there are unofficial solutions that allow non-certified receivers to be used for pay TV shows via satellite and cable.
A few years ago, there were devices available that got around HDCP protection. For instance The H's German associates at c't magazine published details of an HDMI-DVI adapter that allowed Blu-ray playback in full resolution on a display without HDCP support. The adapter manufacturer had obtained HDMI receiver chips that should have been reserved for displays. Chip manufacturer Silicon Image, the main driver behind HDMI, reacted by announcing closer monitoring of the distribution of its processors.
Those probably most interested in the HDMI master key are companies that want to get around paying HDCP license fees or plan to equip devices with functions not allowed by HDCP licensing. Copiers (and pirates), in contrast, will probably continue to focus on the other parts of transmission chain mentioned above.
- Linux and Digital Rights Management (DRM), a feature from The H.