HDCP Could Have Been Better

April 18th, 2006 · No Comments

I wrote Friday about weaknesses in the HDCP handshake protocol that is being used to set up encryption of very high-def TV content that is in transit from devices like next-gen DVD players to television monitors. This was not news to those who follow the area. The ideas in my post came from a 2001 paper by Crosby, Goldberg, Johnson, Song, and Wagner — all I did is abstract away some of the mathematical detail to simplify the explanation.

As far as I can tell, the publication of the Crosby paper, and the spread of the news about HDCP’s flaws, did not trigger any change in Hollywood’s plans for next-gen TV. They’re still relying upon HDCP, in the same way they seemed to be planning five years ago. As far as I can tell, HDCP’s vulnerability hasn’t changed anything — yet.

This is quite interesting, when we consider that the system as designed is almost certain to be completely broken. The security of the design relies entirely on the secrecy of 1600 special numbers (which form a 40-by-40 matrix), whose disclosure to the public would release the knowledge to build a device that could do absolutely everything that HDCP is supposed to prevent. It is well known how to extract these numbers — though it requires some technical effort — but once the numbers are published, HDCP’s security is shot forever. This is virtually certain to happen in the next few years. Freedom to Tinker » Blog Archive » HDCP Could Have Been Better

From around the Web

0 comments for this entry ↓

There are no comments yet for this entry.

You must log in to post a comment.

The Network Security. Org