Weekly Edition
Return to the Security page
| |||||||||||||
Felten: Understanding the HDCP Master Key Leak
Ed Felten comments
on the apparent release of the HDCP master key. "Now we can
understand the implications of the master key leaking. Anyone who knows the
master key can do keygen, so the leak allows everyone to do keygen. And
this destroys both of the security properties that HDCP is supposed to
provide. HDCP encryption is no longer effective because an eavesdropper who
sees the initial handshake can use keygen to determine the parties' private
keys, thereby allowing the eavesdropper to determine the encryption key
that protects the communication. HDCP no longer guarantees that
participating devices are licensed, because a maker of unlicensed devices
can use keygen to create mathematically correct public/private key
pairs. In short, HDCP is now a dead letter, as far as security is
concerned." One thing he doesn't mention is that this key might
make it possible to create open video components based on free software.
(Log in to post comments)
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 15:35 UTC (Thu) by rvfh (subscriber, #31018) [Link]
> One thing he doesn't mention is that this key might make it possible to create open video components based on free software.
But would this be legal? Is it like DVD protection?
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 15:40 UTC (Thu) by corbet (editor, #1) [Link] The DMCA has not gone away, alas, so such code would face the same sorts of obstacles as decss. That said, anybody who wants to build a system using decss can easily do so; one would expect the same to happen with HDCP.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 16:18 UTC (Thu) by ken (subscriber, #625) [Link]
well decss is a bit easier as the data that is protected is easily available. hdmi input is not something that really exist on every pc so there needs to be some hardware invented here first before anybody can just rip media from that source.
on the other hand if you have the money xilinx may have the solution.
maybe, maybe not Posted Sep 17, 2010 17:54 UTC (Fri) by drag (subscriber, #31333) [Link]
It would probably be a bit better then that.
You have:
blueray drive <---{encryption}---> HDCP hardware <---{encryption}---> television
Right? The key that has been leaked is used as the basis for both forms of encryption.
Well Linux-KVM, for example, has the ability to assign some types PCI Express devices to a virtual machine. That instead of depending on the Linux storage stack to create a virtual drive for VMs to use, you just hand over the storage and network hardware to the VM as if it was a real machine and let them use it directly. This provides a big win for efficiency.
Well I figure the same thing for this could be possible. That by leveraging this capability it should not be exceptionally difficult to make a media player with a paravirtualized 'video card' that does nothing but pretend to be a HDCP compliant device and pipes the output to a file or standard out to ffmpeg or something like that.
Or maybe it would easier to make a Linux kernel driver that says to the blueray player: "Hay thar sexy! I is a HDCP compliant hardware device. Give me all ur data. kthxby." and outputs to a /dev file
maybe, maybe not Posted Sep 17, 2010 18:12 UTC (Fri) by sfeam (subscriber, #2841) [Link]
Well, yes. But I thought the problem was that the signal from the blueray device is delivered via a physical connector that is not typically matched by a physical input port on the computer. Dummying up the software to mimic the encrypted handshake may be straightforward, but you still need some new dongle or other hardware gizmo or non-drm input card in order to see the signal in the first place. Right? Or are there blueray devices that will happily deliver the full, even though encrypted, signal over something generic like usb?
maybe, maybe not Posted Sep 17, 2010 19:31 UTC (Fri) by drag (subscriber, #31333) [Link]
I assumed that it was possible to connect a blueray disk to a computer over a SATA connection.
I also assume that it's possible to have the kernel configure a segment of real memory to pretend to be a real hardware device. I know that it's possible, with newer standards of PCI Express to have the kernel redirect output from some types of PCI-E devices to a VM.
But yeah, I may have been confused about how the protocols worked.
I thought that the Blueray drive would decrypt the content protection, establish a secure link to your video card over SATA/PCI-E, then to HDCP.
I was thinking that the key used in the HDCP process was also used to secure the signal coming from your blueray player over your computer's PCI bus.
maybe, maybe not Posted Sep 17, 2010 18:17 UTC (Fri) by Kit (guest, #55925) [Link]
>blueray drive <---{encryption}---> HDCP hardware <---{encryption}---> television
>Right? The key that has been leaked is used as the basis for both forms of encryption.
Nope. HDCP only protects what goes over the HDMI cable (and DisplayPort) when required by the source device. BluRays use AACS and BD+ (both cracked, AACS more so). The only use case for this for Linux that I can see is DVR software that captures data via a HDMI link to another device (it'd require specialized hardware on the Linux side, as well). Not much practical benefit.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 16:26 UTC (Thu) by mosfet (guest, #45339) [Link]
Can someone please explain how the HDCP master key is useful for software players? I have a hard time imagining, even for set-top box os/firmware.
OK, you can now eave drop on the encrypted data stream between a BluRay-Player and a HDTV set and thus create appliances that enable you to watch said streams on a non HDCP screen (or capture the raw data).
Am I missing some big point?
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 16:37 UTC (Thu) by jonabbey (subscriber, #2736) [Link]
It's the latter. You could in principle, with adequate hardware, capture the full digital stream from a Blu-Ray player as it plays.
It wouldn't enable high-speed disc ripping the way decss did for DVDs, no.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 17:51 UTC (Thu) by blitzkrieg3 (subscriber, #57873) [Link]
Some TV manufacturers are looking to run Android in the near future. While not a magic bullet (the HDMI input driver will have to be reversed), it does at least provide a baseboard running linus with HDMI input. From there connect it to some backend storage, and you have a perfect 1:1 copy.
The thing I wish for was linux Blu-Ray, since I don't especially like the idea of playing a movie all the way through just to rip it.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 16:59 UTC (Thu) by jimwelch (guest, #178) [Link]
Are there any displays (TV/monitor) that this will allow me to talk higher resolution with say, a laptop running Linux with an HDMI output?
I.E., Are TVs downgraded on HDMI inputs without encryption?
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 17:17 UTC (Thu) by cesarb (subscriber, #6266) [Link]
AFAIK, it is the output that is degraded, not the input. So, if your display does not have HDCP but your laptop requires it (some other operating systems seem to require it on some situations), it would not work. If your display has HDCP but your laptop doesn't, it simply will not use HDCP at all and work perfectly without any of the HDCP-related glitches I have heard about.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 17:32 UTC (Thu) by jonsmirl (guest, #7874) [Link]
HDCP has forced me to do several absolutely pointless equipment upgrades. Audio is the worst offender. I had to replace a couple of amps because multi-channel audio was HDCP encrypted. The non-encrypted outputs were stereo only. My perfectly good, older amps did not have HDMI inputs so I had to replace them.
I can't wait for the FCC to mandate the AllVid box. AllVid makes HDMI/HDCP pointless for television. Send the compressed MPEG straight into the HDTV/amp and decode it internally. You only need to switch the 20Mb stream, not 2Ghz HDMI. No more trying to figure out where to put a STB with a wall hung TV and then trying to get an HDMI signal routed.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 17:49 UTC (Thu) by martinfick (subscriber, #4455) [Link]
Funny, I see it the other way. HDCP has prevented me from upgrading my hardware. Why would I want to buy hardware that is designed to be crippled and noninteroperable? Surely you knew this when you purchased your HDMI devices, didn't you?
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 17:54 UTC (Thu) by jonsmirl (guest, #7874) [Link]
You probably don't live in an area where cable has gone all digital and the analog system has been turned off. Now I have the fun requirement of a STB on every TV too. Or maybe you don't care about multi-channel audio.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 18:06 UTC (Thu) by felixfix (subscriber, #242) [Link]
I have a bit of a different attitude. No matter where I go or what I do, I could have gone someplace else or done something else. There is no shortage of places to go or things to do. When these clowns wall themselves off from the rest of the world with their CSS and HDCP, I leave them inside their pens and go about my business elsewhere. They have such a little percentage of all the things to do in this world that they make very little difference in my life; in fact, they may be said to improve it, in that other people talk about this stuff while I have done other things, and we have a conversation from which all of us learn something new.
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 20:53 UTC (Fri) by misiu_mp (guest, #41936) [Link]
I totally agree, although my aversion to television has a different ground. Television programs are mostly just stupid and projecting stupidity on whoever is seeing them. Not only that. Whatever fun there might be on, it will be interrupted 3 times an hour or more with long commercials, constantly making you change channels (and missing the continuation of the program) or lowering the volume (commercials are much louder). At some point, few years ago, I just realized what an annoyance and a total waste of time it is, got fed up and never had a tv since. There are so many other, sensible things to do instead.
Whenever i have occasion to watch somebody else's tv, I get curious but quickly get hit by it and grow even stronger in my hatred.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 18:13 UTC (Thu) by job (guest, #670) [Link]
I did it the other way around. I stopped using broadcast TV. My TV is now only used as a computer screen. Most of the things I want to watch are available on the computer anyway, and it's way more flexible and convenient.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 18:15 UTC (Thu) by martinfick (subscriber, #4455) [Link]
No, I just care more about not feeding those who attempt to coerce me into decisions. i.e. I don't want to have to make the claim that you did: that I was forced to do something against my will, especially if I chose to spend money! So, instead, I simply do not participate in the entertainment industry's racket as much as you do. And to be honest, my life feels much better because of it. Instead of being "forced" to do something, I can chose to do more pleasant and productive things than to be brain washed. It might be hard to imagine, but there is a whole world outside of Hollywood. :)
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 21:54 UTC (Thu) by dskoll (subscriber, #1630) [Link] +1 We live in Canada, where analog TV still works, so my 29-year-old TV works fine. (We do not have cable.) When analog TV stops here, we'll simply do without a TV. There's really nothing compelling enough from the entertainment industry to make me give up freedom so I can watch a show.
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 0:17 UTC (Fri) by clugstj (subscriber, #4020) [Link]
No argument from me that TV is mostly not worth watching, but I don't see where your would be giving up your freedom by having to buy a $40 converter box to watch digital broadcast TV on your old TV.
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 11:10 UTC (Fri) by dskoll (subscriber, #1630) [Link] Yes, a converter is probably innocuous. But in addition to advocating freedom, I'm also very cheap. :) (Why else would I have a 29-year-old TV? :))
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 17:47 UTC (Fri) by clugstj (subscriber, #4020) [Link]
Technology marches on. Analog TV has remained compatible since 1941. I think it was high time to shoot NTSC in the head.
Digital broadcast TV is not a freedom issue, it is not encrypted - at least not in the US. I would assume Canada would be planning to use the same system, right?
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 19:59 UTC (Fri) by dskoll (subscriber, #1630) [Link] Technology marches on. Alas, entertainment quality does not. The junk that's on the airwaves now isn't motivation enough for me to spend even $40 for a converter. I suppose we will eventually get a digital TV when Canada goes all-digital and my kids cry foul. :) Digital broadcast TV is not a freedom issue, it is not encrypted - at least not in the US. I would assume Canada would be planning to use the same system, right? I assume so, but I pay almost no attention to TV, so I couldn't say for sure. If the political situation in Canada stays about what it is now, I don't think it'd take long for broadcasters to start putting "no-copy" bits in their data stream, nor for the government to allow it.
Felten: Understanding the HDCP Master Key Leak Posted Sep 23, 2010 16:44 UTC (Thu) by Tet (subscriber, #5433) [Link] Digital broadcast TV is not a freedom issueAgreed. It is, however, a quality issue. In poor reception areas, analogue TV is quite watchable, where digital TV is unusable. Thus I've gone from having 4 and a half channels available to having none. Ho hum. There was nothing worth watching on anyway.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 19:02 UTC (Thu) by trasz (guest, #45786) [Link]
Analog multi-channel audio cannot be encrypted by definition. HDCP doesn't apply to Toslink (which is capable of multi-channel audio) either. The only thing HDCP does apply is audio embedded in the stream transmitted over HDMI - and HDMI-capable amplifiers are HDCP capable. In other words, I'm sorry but your story doesn't hold water.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 19:29 UTC (Thu) by jonsmirl (guest, #7874) [Link]
The boxes only send unencrypted stereo over the TOSLINK. They don't put the compressed multi-channel audio signal out over the TOSLINK. Stereo is also available on normal audio jacks.
The multi-channel is only in the HDMI stream. You need an HDMI/HDCP capable amp to pick off the HDCP encrypted multichannel stream.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 19:50 UTC (Thu) by tuna (guest, #44480) [Link]
So basically you are upset that your cable box can't convert the provided audio to DTS or Dolby 5.1 and push that through the optical cable?
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 1:06 UTC (Fri) by jmorris42 (subscriber, #2203) [Link]
> So basically you are upset that your cable box can't....
No, he is upset that no device is permitted to do that. Once an audio or video stream is 'protected' it is illegal to output it unprotected except downconverted to two channel analog. It gets more stupid. Seems most TV sets won't even pass DTS out from the HDMI inputs. Source to my set shows most (all?) of the code to deal with DTS is there but taken out with a lot of #if 0 crud, probably a licensing issue.
What I'd like to see appear now is the device they created HDCP to prevent, an HDMI to MPEG4 capture device. That would restore us back to where things stood pre-digital conversion. MythTV could then easily record HD content but it would be a 2nd generation encoding just like when recording from analog TV.
Better would be finding a way to marry a CableCard to a MythTV. Don't want to steal the cable company's stuff without paying, just want to keep the easy ability to record/timeshift I have now with a PVR-350 card.
Best would be a change in the law to force CableCards to be pairable with any device.
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 1:55 UTC (Fri) by kot (guest, #70117) [Link]
I didn't know it was illegal. The broadcast TV channels seem to happily feed my amp the 5.1 signal through the optical cable (I guess they're not encrypted). Not so with the blu-ray player connected to the TV with an HDMI cable (I guess it tells the TV to downgrade the audio to stereo on the non-HDCP outputs) - I had no idea that was an issue until I got the blu-ray player (the last component I got in this particular loop). Not a single DVD player that I have owned has had that problem so I was quite surprised. As to being upset, of course I am - I paid for the equipment and the content, why don't I have access to it?
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 13:32 UTC (Fri) by mpr22 (subscriber, #60784) [Link] Basically, standard-compliant gear won't let you get at the undegraded HD signal, so HDCP is an effective technical measure, meaning that gear that lets you get at the undegraded HD signal constitutes a probably-illegal circumvention device.
Felten: Understanding the HDCP Master Key Leak Posted Sep 18, 2010 20:59 UTC (Sat) by tuna (guest, #44480) [Link]
My PS3 seems quite happy to convert DTS-MA and other high resolution audio formats on Blu-ray discs to DTS and push it through the optical output.
Felten: Understanding the HDCP Master Key Leak Posted Sep 21, 2010 7:56 UTC (Tue) by jamesh (guest, #1159) [Link]
By the time HDCP is applied to the signal, the content has been decoded to the framebuffer. If you want the original MPEG4 content (rather than a re-encoding of the content), you'd want to extract it from an earlier section of the pipeline.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 21:21 UTC (Thu) by ikm (subscriber, #493) [Link]
From the article:
> I don't know if the key is genuine, but let's assume for the sake of discussion that it is.
Felten: Understanding the HDCP Master Key Leak Posted Sep 16, 2010 22:37 UTC (Thu) by agrover (guest, #55381) [Link]
hasn't anyone verified this yet???
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 6:06 UTC (Fri) by zdzichu (subscriber, #17118) [Link]
Intel confirmed: http://www.wusa9.com/news/local/story.aspx?storyid=111403...
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 2:34 UTC (Fri) by miguelzinho (subscriber, #40535) [Link]
Indeed. What is the point of this conversation if no one knows if that monster number is actually THE master key?
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 5:17 UTC (Fri) by branden (subscriber, #7029) [Link]
It's a matrix, not a number. :)
Felten: Understanding the HDCP Master Key Leak Posted Sep 17, 2010 13:09 UTC (Fri) by jzbiciak (✭ supporter ✭, #5246) [Link] "I'm not a number, I'm a free man!" "You're in the Matrix, Neo."
|
|||||||||||||