Jump to content

High-bandwidth Digital Content Protection: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
VolkovBot (talk | contribs)
m robot Adding: cs:HDCP
I613 (talk | contribs)
Line 83: Line 83:
== External links ==
== External links ==
* [http://www.digital-cp.com Digital Content Protection homepage]
* [http://www.digital-cp.com Digital Content Protection homepage]

{{broadcast encryption}}


[[Category:High-definition television]]
[[Category:High-definition television]]

Revision as of 00:40, 8 January 2009

High-bandwidth Digital Content Protection (HDCP) is a form of digital copy protection developed by Intel Corporation to prevent copying of digital audio and video content as it travels across DisplayPort, Digital Visual Interface (DVI), High-Definition Multimedia Interface (HDMI), Gigabit Video Interface (GVIF), or Unified Display Interface (UDI) connections, even if such copying would be permitted by fair use laws. The specification is proprietary, and implementing HDCP requires a license.[1]

For DVI interfaces, HDCP is optional.[2][3]

HDCP is licensed by Digital Content Protection, LLC[4], a subsidiary of Intel. In addition to an annual fee, licensed adopters agree to the conditions set forth in the HDCP License Agreement.[5] For example, high-definition digital video sources must not transmit protected content to non-HDCP-compliant receivers. Additionally, DVD-Audio content is restricted to CD-audio quality or less[6] on non-HDCP-digital audio outputs (analog audio outputs have no quality limits). Licensed adopters cannot allow their devices to make copies of content, and must design their products in ways that "effectively frustrate attempts to defeat the content protection requirements."[7] The technology sometimes causes handshaking problems, especially with older high-definition displays.[8][9][10]

Specification

HDCP's stated purpose is to protect high definition content during transmission from a source device to a display device. Three systems were developed to achieve that goal:[1]

  1. Authentication process prevents non-licensed devices from receiving content.
  2. Encryption of the actual data sent over DisplayPort, DVI, HDMI, GVIF, or UDI interfaces prevents eavesdropping of information and man-in-the-middle attacks.
  3. Key revocation procedures ensure that devices that have been compromised and cloned can be blocked from receiving data.

Each HDCP-capable device has a unique set of keys; there are 40 keys, each 56 bits long. These keys are confidential and failure to keep them secret may be seen as a violation of the license agreement. For each set of values, a special public key called a KSV (Key Selection Vector) is created. Each KSV consists of 40 bits (one bit for each HDCP key), with exactly 20 bits set to 0 and 20 bits set to 1.

During the authentication process, both parties exchange their KSVs. Then each device adds (unsigned addition modulo 256) its own secret keys together according to a KSV received from another device. Depending on the order of the bits set to 1 in the KSV, a corresponding secret key is used in the addition, otherwise it is ignored. Keys and KSVs are generated in such a way that during this process both devices get the same 56-bit number as a result. That number is later used in the encryption process.

This key exchanging procedure is known as Blom's scheme.

Encryption is done by a stream cipher. Each decoded pixel is encrypted by applying an XOR operation with a 24-bit number produced by a generator. The HDCP specifications ensure constant updating of keys (after each encoded frame).

If a particular set of keys is compromised, the keys' corresponding KSV is put into a revocation list, which is written on newly-produced discs, examples of such discs include DVD and Blu-ray. Each revocation list is signed with a digital signature using the DSA algorithm; this is designed to prevent malicious users from revoking legitimate devices. During the authentication process, if the receiver's KSV is found by a transmitter in the revocation list, then the transmitter considers the receiver to be compromised and it fails to authenticate with the revoked device, and does not send protected content to the revoked device.

Uses

HDCP-protected systems may include three types of devices: sources, sinks, and repeaters. HDCP protects data as it is transmitted between each of these devices when they are connected via HDMI or other HDCP-protected digital interfaces. Each device contains one or more HDCP transmitters or receivers, or it may contain both receivers and transmitters. Sometimes HDCP and HDMI functionality are combined into a single transmitter or receiver chip.[11]

Source
The source sends the content to be displayed. Examples include set-top boxes, DVD and Blu-Ray players, and computer video cards. A source has only an HDCP/HDMI transmitter.[11]
Sink
The sink renders the content for display so it can be viewed. Examples include TVs and digital projectors. A sink has one or more HDCP/HDMI receivers.[11]
Repeater
A repeater accepts content, decrypts it, then re-encrypts and retransmits the data. It may perform some signal processing, such as upconverting video into a higher-resolution format, or splitting out the audio portion of the signal. Repeaters have both HDMI inputs and outputs. Examples include home theater audio-visual receivers that separate and amplify the audio signal, while re-transmitting the video for display on a TV. A repeater could also simply send the input data stream to multiple outputs for simultaneous display on several screens.[11]

HDCP protects content using authentication and encryption. Before sending HDCP-protected data, the transmitting device initiates an authentication process to confirm that the receiver is authorized to receive the data. Once the receiver has been authenticated, the transmitter encrypts the data stream to prevent eavesdropping and sends it to the receiver.[11]

In the United States, the Federal Communications Commission approved HDCP as a "Digital Output Protection Technology" on August 4, 2004.[12] The FCC's Broadcast flag regulations, which were struck down by the United States Court of Appeals for the District of Columbia Circuit, would have required DRM technologies on all digital outputs from HDTV signal demodulators. Congress is still considering legislation that would implement something similar to the Broadcast Flag. The HDCP standard is more restrictive than the FCC's Digital Output Protection Technology requirement. HDCP bans compliant products from converting HDCP-restricted content to full-resolution analog form, presumably in an attempt to reduce the size of the analog hole.

On January 19, 2005, the European Information, Communications, and Consumer Electronics Technology Industry Associations (EICTA) announced that HDCP is a required component of the European "HD ready" label.[13]

Microsoft Windows Vista utilizes this technology in the context of computer graphics cards and monitors.[14][15]

Circumvention

Prior to HDCP, digital interfaces provided the same digital content without content protection between the player and display. As HDCP was introduced as a content protection standard, many non-HDCP-compliant devices were rendered unable to display HDCP-protected content unless fitted with a device to circumvent HDCP content protection, often referred to as "HDCP strippers" These are devices that remove the HDCP information from the video signal, leaving the video playable on non-HDCP-compliant displays.[16]

Cryptanalysis

Cryptanalysis researchers demonstrated flaws in HDCP for the first time in 2001, prior to its adoption in any commercial product. Scott Crosby of Carnegie Mellon University authored a paper with Ian Goldberg, Robert Johnson, Dawn Song, and David Wagner called "A Cryptanalysis of the High-bandwidth Digital Content Protection System". This paper was presented at ACM-CCS8 DRM Workshop on November 5, 2001.[17]

The authors conclude:

HDCP's linear key exchange is a fundamental weakness. We can:
  • Eavesdrop on any data
  • Clone any device with only their public key
  • Avoid any blacklist on devices
  • Create new device keyvectors
  • In aggregate, we can usurp the authority completely

For this attack you first have to break Blom's scheme (the linear algebra-based key-exchange system). In the case of HDCP, you need a minimum of 39 device keys in order to reconstruct the secret symmetrical master matrix that has been used to compute all device keys.

Around the same time that Scott Crosby and co-authors were writing this paper, Niels Ferguson independently claimed to have broken the HDCP scheme, but he did not publish his research, citing legal concerns arising from the controversial Digital Millennium Copyright Act.[18]

The most well-known attack on HDCP is the conspiracy attack, where a number of devices are compromised and the information gathered is used to reproduce the private key of the central authority.

Interface support per version

HDCP revision Supported interfaces
1.0 DVI
1.1 DVI, HDMI
1.2 DVI, HDMI
1.3 DVI, HDMI, UDI, GVIF, DP
2.0 [Interface Independent Adaptation, Any IP based interface, compressed or uncompressed]

(page 6 in 1.3 standard) [1]

References

  1. ^ a b c "HDCP v1.3 specification" (pdf). Digital Content Protection. 2006-12-21. Retrieved 2008-05-08.
  2. ^ HDCP specification 1.3. Page 31 0x15, Page 35
  3. ^ "HD DVD Glossary". 080509 hddvd-faq.com
  4. ^ "Digital Content Protection LLC". Retrieved 2008-01-24.
  5. ^ "HDCP License Agreement" (PDF). Digital Content Protection, LLC. 2008-01-16. Retrieved 2008-01-24. {{cite news}}: Cite has empty unknown parameter: |coauthors= (help)
  6. ^ "HDCP License Agreement" (PDF). Digital Content Protection, LLC. 2008-01-16. p. 39. Retrieved 2008-01-24. {{cite news}}: Cite has empty unknown parameter: |coauthors= (help)
  7. ^ "HDCP License Agreement" (PDF). Digital Content Protection, LLC. 2008-01-16. p. 43. Retrieved 2008-01-24. {{cite news}}: Cite has empty unknown parameter: |coauthors= (help)
  8. ^ PS3 Blinking Mystery Deepens—Westinghouse: "Our TVs Not the Problem" - Popular Mechanics
  9. ^ HDCP "Handshake" A Big Problem For Many Legacy DVI-Based HDTVs
  10. ^ Digital TV DesignLine | HDMI/DVI HDCP handshake problems & how to avoid them
  11. ^ a b c d e (2008, July). HDCP deciphered: white paper. Retrieved July 22, 2008, from DCP, LLC. Web site: http://www.digital-cp.com/files/documents/04A897FD-FEF1-0EEE-CDBB649127F79525/HDCP_deciphered_070808.pdf
  12. ^ "FCC Approves Digital Output Protection Technologies and Recording Method Certifications" (PDF) (Press release). Federal Communications Commission. 2004-08-04. Retrieved 2006-12-28.
  13. ^ "EICTA announces "Conditions for High Definition Labelling of Display Devices" (PDF) (Press release). EICTA. 2005-01-19. Retrieved 2006-12-28.
  14. ^ Output Content Protection and Windows Vista
  15. ^ The Clicker: Microsoft's OPM for the masses - Engadget
  16. ^ Ryan Block (2005-07-21). "The Clicker: HDCP's Shiny Red Button". Engadget. Retrieved 2006-12-28.
  17. ^ Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, Davic Wagner (2001-11-05). "A Cryptanalysis of the High-bandwidth Digital Content Protection System". ACM-CSS8 DRM Workshop. Retrieved 2006-12-28. {{cite conference}}: Unknown parameter |booktitle= ignored (|book-title= suggested) (help)CS1 maint: multiple names: authors list (link)
  18. ^ Niels Ferguson, DMCA Censorship, August 15, 2001