HDCP 'Master Key'Leaked Online
An HDCP 'Master Key' was leaked online earlier this week, which Intel has confirmed to be real.
High-Bandwidth Digital Content Protection (HDCP) is a content protection scheme designed to 'eliminate' the possibility of intercepting encrypted high definition digital data midstream between the source and the display.
Designed by Intel, HDCP makes use of a three-stage content protection process: Device Authentication and Key Exchange, Encryption of Content Key-revocation procedures.
The authentication and key exchange represents the first of a three stage security process used by HDCP to protect the content mid-stream between source and sink. The process has been designed such that it will not allow non-compliant devices to receive HD content. The process makes use of a set of unique 'secret' keys or 'Master keys' as assigned by the HDCP licensing body. During the authentication stage, both parties exchange their keys. The assignment of a unique set of secret keys to a licensee brings with it a number of conditions that need to be satisfied for the licensing body to grant the keys. These conditions are imposed by the licensing body (Intel) to ensure that the integrity of HDCP would not be compromised. The companies should protect the assigned keys since failure to do so may be seen as a violation of the licensing agreement.
It seems that this has happened here, as Intel confirmed to Cnet that the "Master key" code that appeared on the Pastebin.com site on Monday is legit.
"We can use it to generate valid device keys that do interoperate with the HDCP protocol," Intel spokesman Tom Waldrop told CNET.
The leaked keys could be used by hardware manufacturers in order to to build devices that support HDCP content without establishing a licensing agreement with Intel.
However, Intel said that the leak is not very important. Waldrop said that wouldn't be easy to do because the technology would have to be implemented in the chip. "As a practical matter, that's a difficult and costly thing to do," he said.
"We believe that this technology will remain effective," he said. "There's a large install base of licensed devices including several hundred licensees that will continue to use it and in any case, were a (circumvention) device to appear that attempts to take advantage of this particular hack there are legal remedies, particularly under the DMCA (Digital Millennium Copyright Act)."
Designed by Intel, HDCP makes use of a three-stage content protection process: Device Authentication and Key Exchange, Encryption of Content Key-revocation procedures.
The authentication and key exchange represents the first of a three stage security process used by HDCP to protect the content mid-stream between source and sink. The process has been designed such that it will not allow non-compliant devices to receive HD content. The process makes use of a set of unique 'secret' keys or 'Master keys' as assigned by the HDCP licensing body. During the authentication stage, both parties exchange their keys. The assignment of a unique set of secret keys to a licensee brings with it a number of conditions that need to be satisfied for the licensing body to grant the keys. These conditions are imposed by the licensing body (Intel) to ensure that the integrity of HDCP would not be compromised. The companies should protect the assigned keys since failure to do so may be seen as a violation of the licensing agreement.
It seems that this has happened here, as Intel confirmed to Cnet that the "Master key" code that appeared on the Pastebin.com site on Monday is legit.
"We can use it to generate valid device keys that do interoperate with the HDCP protocol," Intel spokesman Tom Waldrop told CNET.
The leaked keys could be used by hardware manufacturers in order to to build devices that support HDCP content without establishing a licensing agreement with Intel.
However, Intel said that the leak is not very important. Waldrop said that wouldn't be easy to do because the technology would have to be implemented in the chip. "As a practical matter, that's a difficult and costly thing to do," he said.
"We believe that this technology will remain effective," he said. "There's a large install base of licensed devices including several hundred licensees that will continue to use it and in any case, were a (circumvention) device to appear that attempts to take advantage of this particular hack there are legal remedies, particularly under the DMCA (Digital Millennium Copyright Act)."
