Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Making and Breaking HDCP Handshakes 144

Posted by CmdrTaco from the only-a-matter-of-time dept.
Cadre writes "Ed Felten describes the handshaking routine used by HDCP and how if any 40 devices conspire together, they can break the security of the system."
This discussion has been archived. No new comments can be posted.

Making and Breaking HDCP Handshakes More

Making and Breaking HDCP Handshakes

Comments Filter:

  • American Hero. (Score:5, Interesting)

    by Whiney Mac Fanboy ( 963289 ) * <whineymacfanboy@gmail.com> on Sunday April 16, 2006 @10:56AM (#15138002) Homepage Journal
    Ed Felten is a true American hero - he's:
    * Convinced the Music Industry watermarking is unworkable (saving us from poor quality files)

    * Testified against predatory monopolists as a witness for the US govt.

    * Exposed holes in Sony's "fix" for XCP malware CDs (that turned out to be almost as dangerous as the original rootkit)

    * Given us the memorable quote Given a choice between dancing pigs and security, users will pick dancing pigs every time.
    (gleaned from wikipedia) [wikipedia.org]

    Also - anyone thinking the 40 'conspiring' devices makes it impractical to break HDCP/HDMI - think again. It just means 40 (or less) like minded hackers have to get together - not particularly hard to imagine these days.

  • A little tougher than that... (Score:5, Interesting)

    by weetjerm ( 637949 ) on Sunday April 16, 2006 @11:10AM (#15138049)
    His attack methodology is correct, but it will take more than 40 devices to break the system. The chances are very low that all 40 devices being linearly independent, and therefore each one offering non-duplicate information about the system. If you read the comments, he actually inadvertantly ran into this problem with his small example of 4 keys.

    However, in writing this, I realize that I do not know how many keys you would need to present a good probability of solving the system of equations. Anyone want to run a simulation?

  • Why Reveal this Now? (Score:3, Interesting)

    by PingXao ( 153057 ) on Sunday April 16, 2006 @11:18AM (#15138074)
    As a poster said at TFA, why did they reveal this attack so soon? It would have been much better to wait another few months until HDCP displays and video cards were shipping in larger numbers. That being said, who's comes up with these lame cryptosystems anyway? First CSS, which was a joke, now this, and you know the Advanced CSS will have holes in it big enough to drive a truck through. The bad news is that some day they will start hiring people who know what they're doing with cryptosystems and then we're all screwed.

  • Re:Why Reveal this Now? (Score:5, Interesting)

    by Anonymous Coward on Sunday April 16, 2006 @11:50AM (#15138197)
    The bad news is that some day they will start hiring people who know what they're doing with cryptosystems and then we're all screwed.


    Rather unlikely. The whole concept of DRM is bankrupt as a cryptographic concept because you are handing over the ciphertext, the plaintext and last but not least the key over to your adversary (usually called "consumer" or "hacker"). Sure you can try to make it hard for him to actually get them but you already handed them over and it just remains a question of time until they are recovered.
    Meanwhile, a single break is a class break for at least all the content released up to the point of the break (even with "revokable" keys). Also, once a broke the system once, the content is freed forever and can be distributed at leisure (darknet hypothesis), which means even some small quality loss may be acceptable to the attacker since that loss would only occure once.

    In short, DRM is a DReaM indeed.

  • In a related question... (Score:3, Interesting)

    by dpilot ( 134227 ) on Sunday April 16, 2006 @11:54AM (#15138213) Homepage Journal
    I was checking the Sunday advertising fliers this morning, and see that many of the new TVs are advertising HDMI as well as PC connections. Can someone please explain my limitations?

    1: Can I hook up my current VGA or DVI to one of these, and display the content I can currently display?

    2: Is the only limitation/constraint the new HD/BlueRay DVDs with "double-plus-good super-duper copy-protection, put there to protect me AND the children"?

    3: Related to both, assume I have MythTV running with an HD capture card. (I don't yet, but plan to, before they become illegal. What's the latest status?) Can I run my captured content out through one of these new displays?

  • One thing I hate worse ... (Score:3, Interesting)

    by Midnight Thunder ( 17205 ) on Sunday April 16, 2006 @11:59AM (#15138231) Homepage Journal
    There is one thing I hate worse than this DRM (Draconian Rights Management) crap: region encoding. DRM only effects me if I want to make a backup or play a disk I bought with Linux. Now if I buy a disk in Europe and want to play it in Canada it is not doable, officially. Unofficially I have to get a DVD player with a backdoor, or a PC DVD player with the Firmware hacked or rip the DVD - all this for a DVD I bought legitimately!?

    And then there is something that scares me: how unaware of this many people I speak to are, even some people working in IT!

  • Re:In a related question... (Score:3, Interesting)

    by frzndrag ( 252873 ) on Sunday April 16, 2006 @12:45PM (#15138481) Homepage
    HDMI compliance is not required, you just need a DVI to HDMI is just a rework of the DVI cable to allow for easier consumer connections and include audio.
    from http://www.ramelectronics.net/ [ramelectronics.net] "HDMI - Digital connection for Video and 8-channels of Digital Audio as well as device control features. Electronically better potential for supporting longer cable lengths than DVI for digital video.
    Specification supports up to 12 bit Y-Pr-Pb video (rarely implemented on equipment) as opposed to 8 bit limit of DVI RGB."
    I've used them before for other AV media conversion products and they make pretty good stuff.

    also see the HDMI FAQ at http://www.hdmi.org/about/faq.asp [hdmi.org]
    which states "Is HDMI backward-compatible with DVI (Digital Visual Interface)?
    Yes, HDMI is fully backward-compatible with DVI using the CEA-861 profile for DTVs. HDMI DTVs will display video received from existing DVI-equipped products, and DVI-equipped TVs will display video from HDMI sources."

  • One attack in many (Score:5, Interesting)

    by bhima ( 46039 ) <Bhima.Pandava@DE ... com minus distro> on Sunday April 16, 2006 @01:12PM (#15138596) Journal
    Wow so many folks sort of missed the point here...

    Felton's description of the weaknesses of DHCP handshakes is of only one potential attack. Combined with other attacks and it's entirely possible that a group effort could crank out new secret vectors faster than the M.A.F.I.A.A. could revoke known compromised ones.

    For example: If more was known (than I know) about the encryption algorithm used (AKA "the hdcpRngCipher") work could be started on creating dense & smart Time-Memory Trade-Off tables. This is a non-trivial task involving tens of thousands of CPU hours... a perfect thing for a validating distributed computing application (oh. this. has. so. been. done. before).

    Also a HDMI repeater or splitter isn't very far from being a sniffer... I think all it lacks is a little I2C to USB help. This, the tables above, & a HDCP device will net you all the vectors you need to employ Felton's attack. Once one set has been compromised and the methodology worked out it's just a matter of turning the crank to get more and potentially very, very quickly.

    The utility of these attacks goes well beyond being able to view 1080p on a non DHCP device... one could render revocation useless be attacking high-end components sold by M.A.F.I.A.A. members (i.e. Sony). This eventually must lead hardware devices running out of un-revoked vectors and becoming inoperable... an untenable situation for the M.A.F.I.A.A.

    Now, if such a concerted attack is organized on the hi-def media... I feel that we will be right where we are now... a reasonably astute person can watch any DVD wherever they want and they can retain a backup of that media in a format of their choosing.

  • Re:Region Coding vs. Fair Use (Score:2, Interesting)

    by ClamIAm ( 926466 ) on Sunday April 16, 2006 @04:32PM (#15139374)
    Sorry, but in the age of global trade, nobody has a "right" to the type of region-controlling the media cartels do. In fact, this type of collusion is most likely illegal under lots of treaties and jurisdictions.

  • New business-model: Blackmail your competitor! (Score:3, Interesting)

    by tlk nnr ( 449342 ) on Monday April 17, 2006 @03:59AM (#15141099) Homepage
    The handshake algorithms allows a cool new business-strategy:

    - get 40 secret vectors
    - use these 40 vectors to recover the secret vector of a well-selling HD-DVD TV screen
    - approach the vendor, and threaten to release the secret vector
    - profit!: The vendor will have to pay, otherwise the TV screen will end up on the blacklist, and the owners won't be able to play HD-DVD's anymore.

Slashdot Top Deals

Math is like love -- a simple idea but it can get complicated. -- R. Drabek

Close