Josh the Aspie’s Blog

HDCP

1. Officially: High-Bandwidth Digital Content Protection
2. A form of DRM invented by Digital Content protection LLC, a subsidiary of Intel.
3. Technology used to block people from displaying “HDCP” protected digital content on media described as being insecure. The technology will either completely block, or blur the content, unless all devices in the chain are equipped with HDCP technology. It is purportedly designed as a form of “copy protection” but has wound up becoming a form of “access prevention.”

What HDCP was designed to do

According to the HDCP standard:

HDCP 1.3 is designed for protecting Audiovisual content over certain high-bandwidth interfaces, referred to as HDCP-protected Interfaces, from being copied.

How does HDCP do what it was designed to do?

If you connect two HDCP compliant devices together, they first check with each other to make sure that both are HDCP compliant. They do this using a set of encryption keys which are created and assigned by DCP-LLC. Each device has a private key which is made up of 40 numbers, each of which is 56 bits long. Each device also has a unique identifier, which is 40 bits long. This identifier, called a Key Selection Vector (KSV) is also used as a public key.

As a part of the Authentication, a sending device (device A) sends a psudo random number to a recieving device (device b).

Then device A sends it’s KSV to device B, and device B sends it’s KSV to device A. Each bit in the KSV corresponds to one of the 56 bit numbers in the private key. Device A uses device B’s KSV to select some of it’s own 56 bit numbers. For each bit that is a 1 in device B’s KSV, the corresponding 56 bit number is selected. All selected numbers are added together, and anything above the 56 bits is discarded.

For those of you more mathematically inclined: You perform bitwise addition on the 56 bit numbers selected, modulo 2^56.

At the same time, device B performs the same calculation that device A is performing. The key sets handed out by DCP-LLC is are designed so that these numbers should always match.

The devices then initialize encryption between the two devices based on these calculated values, and the psudo-random value that device A sent to device B. They then use this encryption to communicate with one another.

If two devices are hooked together, and one of them supports HDCP and one of them does not, then the one that does not support HDCP cannot understand the encryption. The HDCP device will then take one of the following measures in communicating with the device that does not support HDCP.

1. The device will refuse to communicate with the non-participating device at all. If it is a receiver, it will do one of two things.
   1. Display, or pass on a message saying that the source device transmitting to it does not support HDCP.
   2. Send or display no signal at all.
2. The participating device will communicate with the non-participating device, but will force the resolution of the original content down to 480, which is a much lower resolution than 720, or 1080.

These solutions will also present themselves in any device that is fully HDCP compliant that uses analog outputs such as component. Analog inputs are considered to be inherently insecure, and thus in order to be HDCP compliant, any source device that outputs through any analog components is required to down-res the output.

If a device is hacked, and Intel’s DCP-LLC company finds out, the public key of the hacked device will be distributed over air waves and through HD-DVDs / BlueRay Disks to other HDCP devices. Updated devices will henceforth refuse to communicate with any device that claims to be the hacked device, including those devices that actually were legitimately purchased with that key, in good faith.

This entry was posted on Tuesday, July 31st, 2007 at 5:06 am and is filed under Technology, Entertainment, Political, Current Events, Terms. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.