High-bandwidth Digital Content Protection
From Wikipedia, the free encyclopedia
High-bandwidth Digital Content Protection (HDCP) is a form of digital copy protection developed by Intel Corporation to prevent copying of digital audio and video content as it travels across DisplayPort, Digital Visual Interface (DVI), High-Definition Multimedia Interface (HDMI), Gigabit Video Interface (GVIF), or Unified Display Interface (UDI) connections. The specification is proprietary, and implementing HDCP requires a license.[1]
For DVI interfaces, HDCP is optional.[2][3]
HDCP is licensed by Digital Content Protection, LLC[4], a subsidiary of Intel. In addition to an annual fee, licensed adopters agree to the conditions set forth in the HDCP License Agreement.[5] For example, high-definition digital video sources must not transmit protected content to non-HDCP-compliant receivers. Additionally, DVD-Audio content is restricted to CD-audio quality or less[6] on non-HDCP-digital audio outputs (analog audio outputs have no quality limits). Licensed adopters cannot allow their devices to make copies of content, and must design their products in ways that "effectively frustrate attempts to defeat the content protection requirements."[7] The technology sometimes causes handshaking problems, especially with older high-definition displays.[8][9][10]
Contents |
[edit] Specification
HDCP's stated purpose is to protect high definition content during transmission from a source device to a display device. Three systems were developed to achieve that goal:[1]
- Authentication process prevents non-licensed devices from receiving content.
- Encryption of the actual data sent over DisplayPort, DVI, HDMI, GVIF, or UDI interfaces prevents eavesdropping of information and man-in-the-middle attacks.
- Key revocation procedures ensure that devices that have been compromised and cloned can be blocked from receiving data.
Each HDCP-capable device has a unique set of keys; there are 40 keys, each 56 bits long. These keys are confidential and failure to keep them secret may be seen as a violation of the license agreement. For each set of values, a special public key called a KSV (Key Selection Vector) is created. Each KSV consists of 40 bits (one bit for each HDCP key), with exactly 20 bits set to 0 and 20 bits set to 1.
During the authentication process, both parties exchange their KSVs. Then each device adds (unsigned addition modulo 256) its own secret keys together according to a KSV received from another device. Depending on the order of the bits set to 1 in the KSV, a corresponding secret key is used in the addition, otherwise it is ignored. Keys and KSVs are generated in such a way that during this process both devices get the same 56-bit number as a result. That number is later used in the encryption process.
This key exchanging procedure is known as Blom's scheme.
Encryption is done by a stream cipher. Each decoded pixel is encrypted by applying an XOR operation with a 24-bit number produced by a generator. The HDCP specifications ensure constant updating of keys (after each encoded frame).
If a particular set of keys is compromised, the keys corresponding KSV is put into a revocation list, which is written on newly-produced discs, examples of such discs include DVD and Blu-ray. Each revocation list is signed with a digital signature using the DSA algorithm; this is designed to prevent malicious users from revoking legitimate devices. During the authentication process, if the receiver's KSV is found by a transmitter in the revocation list, then the transmitter considers the receiver to be compromised and it fails to authenticate with the revoked device, and does not send protected content to the revoked device.
[edit] Uses
HD DVD, Blu-ray Disc and DVD players (with HDMI or DVI connectors) use HDCP to establish an encrypted digital connection. If the display device—or in the case of using a PC to decrypt and play back HD DVD or Blu-ray media, the graphics card (hardware, drivers and playback software)—does not support HDCP, then a connection cannot be established. As a result, a black picture and/or error message will likely be displayed instead of the video content.
Content providers for HD DVD and Blu-ray media can set an Image Constraint Token (ICT) flag that will only output full-resolution digital signals using a digital HDCP connection.
In the United States, the Federal Communications Commission approved HDCP as a "Digital Output Protection Technology" on August 4, 2004, despite its known flaws.[11] The FCC's Broadcast flag regulations, which were struck down by the United States Court of Appeals for the District of Columbia Circuit, would have required DRM technologies on all digital outputs from HDTV signal demodulators. Congress is still considering legislation that would implement something similar to the Broadcast Flag. The HDCP standard is more restrictive than the FCC's Digital Output Protection Technology requirement. HDCP bans compliant products from converting HDCP-restricted content to full-resolution analog form, presumably in an attempt to reduce the size of the analog hole.
On January 19, 2005, the European Information, Communications, and Consumer Electronics Technology Industry Associations (EICTA) announced that HDCP is a required component of the European "HD ready" label.[12]
Microsoft Windows Vista, utilizes this technology in the context of computer graphics cards and monitors.[13][14]
[edit] Circumvention
Prior to HDCP, digital interfaces provided the same digital content without content protection between the player and display. As HDCP was introduced as a content protection standard, many non-HDCP-compliant devices were rendered unable to display HDCP-protected content unless fitted with a device to circumvent HDCP content protection, often referred to as "HDCP strippers." These are devices that remove the HDCP information from the video signal, leaving the video playable on non-HDCP-compliant displays.[15]
[edit] Cryptanalysis
Cryptanalysis researchers demonstrated flaws in HDCP for the first time in 2001, prior to its adoption in any commercial product. Scott Crosby of Carnegie Mellon University authored a paper with Ian Goldberg, Robert Johnson, Dawn Song, and David Wagner called "A Cryptanalysis of the High-bandwidth Digital Content Protection System". This paper was presented at ACM-CCS8 DRM Workshop on November 5, 2001.[16]
The authors conclude:
- HDCP's linear key exchange is a fundamental weakness. We can:
- Eavesdrop on any data
- Clone any device with only their public key
- Avoid any blacklist on devices
- Create new device keyvectors
- In aggregate, we can usurp the authority completely
For this attack you first have to break Blom's scheme (the linear algebra-based key-exchange system). In the case of HDCP, you need a minimum of 39 device keys in order to reconstruct the secret symmetrical master matrix that has been used to compute all device keys.
Around the same time that Scott Crosby and co-authors were writing this paper, Niels Ferguson independently claimed to have broken the HDCP scheme, but he did not publish his research, citing legal concerns arising from the controversial Digital Millennium Copyright Act.[17]
The most well-known attack on HDCP is the conspiracy attack, where a number of devices are compromised and the information gathered is used to reproduce the private key of the central authority.
[edit] Interface support per version
HDCP revision | Supported interfaces |
---|---|
1.0 | DVI |
1.1 | DVI, HDMI |
1.2 | DVI, HDMI |
1.3 | DVI, HDMI, UDI, GVIF, DP |
(page 6 in 1.3 standard) [1]
[edit] References
- ^ a b c HDCP v1.3 specification (pdf). Digital Content Protection (2006-12-21). Retrieved on 2008-05-08.
- ^ HDCP specification 1.3. Page 31 0x15, Page 35
- ^ HD DVD Glossary. 080509 hddvd-faq.com
- ^ Digital Content Protection LLC. Retrieved on 2008-01-24.
- ^ "HDCP License Agreement", Digital Content Protection, LLC., [2008-01-16]. Retrieved on 2008-01-24.
- ^ "HDCP License Agreement", Digital Content Protection, LLC., [2008-01-16], pp. 39. Retrieved on 2008-01-24.
- ^ "HDCP License Agreement", Digital Content Protection, LLC., [2008-01-16], pp. 43. Retrieved on 2008-01-24.
- ^ PS3 Blinking Mystery Deepens—Westinghouse: "Our TVs Not the Problem" - Popular Mechanics
- ^ HDCP "Handshake" A Big Problem For Many Legacy DVI-Based HDTVs
- ^ Digital TV DesignLine | HDMI/DVI HDCP handshake problems & how to avoid them
- ^ Federal Communications Commission (2004-08-04). "FCC Approves Digital Output Protection Technologies and Recording Method Certifications" (PDF). Press release. Retrieved on 2006-12-28.
- ^ EICTA (2005-01-19). "EICTA announces "Conditions for High Definition Labelling of Display Devices" (PDF). Press release. Retrieved on 2006-12-28.
- ^ http://www.microsoft.com/whdc/device/stream/output_protect.mspx
- ^ The Clicker: Microsoft's OPM for the masses - Engadget
- ^ Ryan Block (2005-07-21). The Clicker: HDCP's Shiny Red Button. Engadget. Retrieved on 2006-12-28.
- ^ Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, Davic Wagner (2001-11-05). "A Cryptanalysis of the High-bandwidth Digital Content Protection System". ACM-CSS8 DRM Workshop. Retrieved on 2006-12-28.
- ^ Niels Ferguson, DMCA Censorship, August 15, 2001