If a particular set of keys is compromised, their corresponding KSV is added to a revocation list burned onto new discs in the DVD and Blu-ray formats. The HDCP specifications ensure constant updating of keys after each encoded frame. Each decoded pixel is encrypted by applying an XOR operation with a 24-bit number produced by a generator. The generation of keys and KSVs gives both devices the same 56-bit number, which is later used to encrypt data.Įncryption is done by a stream cipher. Depending on the order of the bits set to 1 in the KSV, a corresponding secret key is used or ignored in the addition. Each device adds its own secret keys together (using unsigned addition modulo 2 56) according to a KSV received from another device. Each KSV consists of 40 bits (one bit for each HDCP key), with 20 bits set to 0 and 20 bits set to 1.ĭuring authentication, the parties exchange their KSVs under a procedure called Blom's scheme. For each set of values, a special private key called a KSV (Key Selection Vector) is created. Failure to keep them secret violates the license agreement. Key revocation prevents devices that have been compromised and cloned from receiving data.Įach HDCP-capable device has a unique set of 40 56-bit keys.Encryption of the data sent over DisplayPort, DVI, HDMI, GVIF, or UDI interfaces prevents eavesdropping of information and man-in-the-middle attacks.Authentication prevents non-licensed devices from receiving content.Intel threatened to sue anyone producing an unlicensed device. In practical terms, the impact of the crack has been described as "the digital equivalent of pointing a video camera at the TV", and of limited importance for consumers because the encryption of high-definition discs has been attacked directly, with the loss of interactive features like menus. Intel has confirmed that the crack is real, and believes the master key was reverse engineered rather than leaked. In September 2010, an HDCP master key that allows for the generation of valid device keys was released to the public, rendering the key revocation feature of HDCP useless. If the device has a feature like Intel Management Engine disabled, HDCP will not work.Ĭryptanalysis researchers demonstrated flaws in HDCP as early as 2001. For example, the device cannot be designed to copy it must "frustrate attempts to defeat the content protection requirements" it must not transmit high definition protected video to non-HDCP receivers and DVD-Audio works can be played only at CD-audio quality by non-HDCP digital audio outputs (analog audio outputs have no quality limits). In order to make a device that plays HDCP-enabled content, the manufacturer must obtain a license for the patent from Intel subsidiary Digital Content Protection LLC, pay an annual fee, and submit to various conditions. If so, the transmitter encrypts the data to prevent eavesdropping as it flows to the receiver. Before sending data, a transmitting device checks that the receiver is authorized to receive it. The system is meant to stop HDCP-encrypted content from being played on unauthorized devices or devices which have been modified to copy HDCP content. Types of connections include DisplayPort (DP), Digital Visual Interface (DVI), and High-Definition Multimedia Interface (HDMI), as well as less popular or now deprecated protocols like Gigabit Video Interface (GVIF) and Unified Display Interface (UDI). High-bandwidth Digital Content Protection ( HDCP) is a form of digital copy protection developed by Intel Corporation to prevent copying of digital audio and video content as it travels across connections.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |