posted by Thom Holwerda on Tue 14th Sep 2010 21:21 UTC
IconIf the rumours are true, and if this Pastebin post (be sure to mirror the key if that won't get you in trouble with your authorities) is legitimate, then it looks like High-bandwidth Digital Content Protection has been cracked so hard its mother's mother felt it. HDCP is a copy protection mechanism which protects the audio and video streams sent over DisplayPort, HDMI, and DVI.

HDCP is an invention from Intel, which secures the data path between playback device (source) and receiver (sink). Each source and sink device has its own private key, generated in such a way that each pair can decrypt the data sent from source to sink without revealing the actual keys in use. To achieve this, each key - source and sink - has to be generated from the same master key.

As early as 2001 people warned that it would only take about 50 source/sink keys to be able to generate the master key, and if the rumours are indeed true, then this has finally happened over the past few weeks. There's also the possibility that the key has been leaked instead of generated, but the author of a 2001 paper warning about the possibility to generate the key doesn't think this is the case.

The master key is a a 40×40 matrix of 56-bit numbers. While the web has been buzzing about this one for a few days now, it's a little difficult to ascertain the validity of the claims made. Assuming the master key is indeed legitimate, it wouldn't be of much use for average consumers at this point, as Ars Technica's Peter Bright explains.

"This is unlikely to be of much interest to the typical consumer - most people don't have digital capture devices anyway - but it does mean that someone suitably motivated could build an HDCP sink device that could decrypt incoming HDCP data and produce full fidelity digital streams, and that this device could never be blocked," Bright argues, "Such a system would be of interest both to pirates and those with legitimate data archival needs."

Still, if the master key is real, it could start to bring an end to the myriad of incompatibility issues people encounter when mixing and matching HDMI/DVI/etc. devices - such as a PS3 not being able to use a certain monitor, or a Blu-Ray disc not playing in your player.

There isn't a whole lot the HDCP licensing company, Digital Content Protection, can do about this, save for starting over with a brand new master key. However, this is not a likely course of action since it would be incompatible with all devices still using the old master key. On top of that - such a possible new master key would be cracked in the same way eventually.

So, yet another epic fail on the DRM front, proving once again that DRM is a total and utter waste of money, and that the concept only serves to encumber legitimate consumers. I guess the content industry hasn't been beaten hard enough just yet.

e p (11)    45 Comment(s)

Technology White Papers

See More