Two Stony Brook University computer scientists have released the source code for an application that can be used to encrypt and decrypt HDCP-protected video signals in real time, delivering another blow to a content protection scheme that is used in virtually any new TV set, Blu-ray player and similar home entertainment equipment. The publication of the tool comes just two weeks after someone published HDCP’s master key online.
It’s still unknown who was behind that leak, but one of the scientists behind the decryption tool is actually a well-known critic of HDCP. Rob Johnson was one of the co-authors of a 2001 paper (PDF) that described why HDCP’s approach to content security is fundamentally flawed and how it could be cracked. He told me during a phone conversation today that he didn’t have the means to actually conduct the attack back then, but with plenty of HDCP devices on the market, and much more powerful computers at his disposal, Johnson recently decided to revisit the issue and attack HDCP with the help of his grad student Mikhail Rubnich.
To do so, they borrowed a number of TV screens, which all contain device keys to decrypt HDCP signals. They then observed the handshakes between these screens and other HDCP devices, which are used to establish secure connections, to gather private device keys. With the help of these keys, and the number crunching power of some 128 computers, they eventually were able to reconstruct HDCP’s master key.
Johnson went out of his way to emphasize that this is not actually the same master key that popped up online some two weeks ago. “The master key doesn’t come from us,” he told me. Of course, he compared the two keys. The result? “They are equivalent,” he said. The two keys are slightly different representations, but both capable of generating key pairs used to encrypt and decrypt HDCP.
So who did leak the master key? Johnson could only speculate about this, but he had a hunch: “My guess is that it’s insiders.” Conducting the actual attack takes a lot of resources as well as knowledge, and he didn’t see any chatter in the hacker or security communities about such efforts before the leak.
Intel has threatened anyone who’d attempt to use the key to build circumvention devices. Johnson, however, thinks he’s on solid legal ground. The published code doesn’t actually contain the master key, and neither does his paper. “We just made another lock,” he said, explaining that the code is merely an implementation of HDCP. “You can’t open a lock with another lock.”
Still, Johnson’s tool could have significant implications for the future of HDCP. Intel initially tried to downplay the significance of the master key leak by saying that users would still need specialized chip sets to decrypt HDCP signals. However, Johnson’s tool is capable of decrypting HDCP signals with off-the-shelf PC hardware. In fact, the German IT news site heise.de was able to prove today that a Core i5-equipped PC is capable of decrypting 1080p HDCP video signals when paired up with an HDMI capture card.
That still doesn’t mean that consumers will be available to capture and decrypt HDCP-protected video signals tomorrow, but the eventual availability of rogue technology capable of doing so seems inevitable.
Johnson thinks HDCP could eventually face the same fate as CSS, the DVD copy protection scheme that was broken ten years ago. “Even though HDCP is now technically broken, it is bolstered by the DMCA,” said Johnson. That 1998 copyright law outlaws the sale of tools capable of circumventing copy protection, but that hasn’t stopped offshore companies from marketing tools to copy DVDs. Video capture card makers could eventually also allow their users to combine their products with software to decrypt HDCP. “We could end up in a world where this is an open secret”, he said.