High-bandwidth Digital Content Protection (HDCP)
is currently the most common form of digital transmission protection for high definition digital multimedia, requiring an unbroken chain of licensed products for content to play back for TV systems
. A possible "master key" was posted online
earlier this week, and created quite a stir around the potential of this leak or reverse engineering. Intel, who developed the initial specification
, has confirmed the validity of the "master key"
, but instead of coming up with a new protection scheme, will use "legal remedies, particularly under the DMCA (Digital Millennium Copyright Act)." In essence, the threat of legal action, rather than cryptography, is [Intel and the media companies] real tool against unapproved uses of digital content.
Media copy protection has been around, and circumvented, for quite a while. Content Scrambling System (CSS) is a relatively weak form of protection found on most DVDs
, introduced in 1996 and the first tool to descramble the content was released in late 1999 by the Russian warez group DoD
, though it couldn't copy all discs. A different group
, including then 15-year-old "DVD Jon" (Jon Johansen)
, were also working towards the same goal at the same time. A few weeks after the first DVD ripper was released, Johansen's group shared their code with the Linux community
, as there was no software to play DVDs on Linux. When the DeCSS code was released to the public, numerous lawsuits were filed including the first test of the controversial Digital Millennium Copyright Act (DMCA)
, cease and desist letters were sent
to users who posted the code, and a lot of DeCSS artwork
(covered bunches previously
Round 2: Advanced Access Content System (AACS)
, a more complex encryption specification, was publicly released in April 2005. In December 2006, a HD-DVD backup tool was posted in an online forum
. The program author's stated intent was to be able to play movies he bought on his non-HDCP HD monitor
. Processing keys are the new DeCSS code
, complete with Digg user revolt
. The cat-and-mouse game of AACS revocations
and media key blocks being discovered
Round 3: BD+
, which has a virtual machine as an intermediary between the disc and the player. The closed-source software company SlySoft were the first to crack BD+
, resulting in a tug-of-war between BD+ revisions and SlySoft updates
Unlike the previously covered specifications, HDCP is a transmission encryption, not a storage encryption. Instead of protecting the content of a disc, it ensures that all steps from the disc, digital TV, or streaming movie
make it to the display through authorized components, preventing the content from being captured in the process. Though weaknesses in HDCP have been known for a while
, there has not been a (publicly discussed) attempt to break HDCP. First mentioned on Twitter by "Intel Global PR,"
the new Twitter account sent out a single link to an anonymous post on Pastebin
. In an online discussion, one of the HDCP flaw researchers commented
that he thought it was probably the work of reverse engineering, as the master key is only known by a few individuals at the licensing authority, not manufacturers who would receive individual keys for products. Before the validity of the key was confirmed, Ed Felten posted a good write-up on Freedom To Tinker
, where he summarized the potential impact by saying:
The impact of HDCP's failure on consumers will probably be minor. The main practical effect of HDCP has been to create one more way in which your electronics could fail to work properly with your TV. This is unlikely to change. Mainstream electronics makers will probably continue to take HDCP licenses and to use HDCP as they are now. There might be some differences at the margin, where manufacturers feel they can take a few more liberties to make things work for their customers.
There are already manufacturers "at the margin" who make HDCP filters that allow incomplete HDCP chains. Some obtain HDMI receiver chips that should have been reserved for other products
, while others might find other ways to copy single HDCP keys. With the master key in the wild, the doors are wide open for new products from the margins.