Linked by Thom Holwerda on Tue 14th Sep 2010 21:21 UTC
Multimedia, AV If the rumours are true, and if this Pastebin post (be sure to mirror the key if that won't get you in trouble with your authorities) is legitimate, then it looks like High-bandwidth Digital Content Protection has been cracked so hard its mother's mother felt it. HDCP is a copy protection mechanism which protects the audio and video streams sent over DisplayPort, HDMI, and DVI.
Thread beginning with comment 441054
To read all comments associated with this story, please click here.
Master certificate forever
by wigry on Wed 15th Sep 2010 08:32 UTC
wigry
Member since:
2008-10-09

To me, the most puzzling part of that DRM scheme is the master certificate. Only way to produce compatible hardware is to generate certificates using the same master certificate. To do this over period of time, that master certificate must be still usable. How long is the validity of that master certificate and what happens once it eventually expires? It is not possible to create compatible hardware anymore...

So the whole consumer market is bound to that single certificate? Amazing scheme without any foresight over the timespan of lets say 20 years...

Reply Score: 1

RE: Master certificate forever
by Powelly on Wed 15th Sep 2010 08:57 in reply to "Master certificate forever"
Powelly Member since:
2010-03-25

To me, the most puzzling part of that DRM scheme is the master certificate.


As I understand it; the master key isn't actually a Certificate. It is a symmetric matrix of random numbers, which are then used with a random Key Selection Vector to generate a private certificate.

This is the problem; a private certificate hasn't been leaked (or reverse engineered), the data required to generate your own valid private certificates has been.

The KSVs can be revoked to block a specific private certificate, but the master key can be used to generate as many new ones as required.

This means that a new (unofficial) device could generate a new random KSV and Private Key every time it connects, making blocking it impossible.

Edited 2010-09-15 08:59 UTC

Reply Parent Score: 2

RE: Master certificate forever
by Powelly on Wed 15th Sep 2010 09:31 in reply to "Master certificate forever"
Powelly Member since:
2010-03-25

So the whole consumer market is bound to that single certificate? Amazing scheme without any foresight over the timespan of lets say 20 years...


Forgot to say in my previous reply;
As the Master Key is just a matrix of numbers, it does not expire.

Reply Parent Score: 2