DTV Content Protection (fwd from cripto at ecn.org)
David Wagner
daw at cs.berkeley.edu
Sat May 21 17:53:20 EDT 2005
Anonymous wrote:
>DTV Content Protection
>
>[...] Similar concepts are presented in
>http://apache.dataloss.nl/~fred/www.nunce.org/hdcp/hdcp111901.htm by
>Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song and David Wagner.
>This paper assumes (unlike Irwin) that attackers have access to the
>private keys of chosen devices. This is a questionable assumption [...]
The final version of that paper is at
http://www.cs.berkeley.edu/~daw/papers/hdcp-drm01.ps
Quoting from the paper's conclusion section:
To recover the center's master secret, an attacker needs 40 key pairs,
and we point out a variety of ways to get them. An attacker can reverse
engineer 40 different HDCP video software utilities, he can break open
40 devices and extract the keys via reverse engineering, or he can
simply license the keys from the trusted center. According to the
HDCP License Agreement, device manufacturers can buy 10000 key pairs
for $16000. Given these 40 spanning keys, the master secret can be
recovered in seconds. So in essence, the trusted authority sells a
large portion of its master secret to every HDCP licensee.
The $16,000 figure is taken from page 21 of
http://www.digital-cp.com/data/hdcp_license_agreement.pdf
Of course, you have to sign an NDA, too, but I'm not sure whether
that would deter a serious bad guy.
So, in effect, the trusted center has agreed to sell its master secret
for $16,000 and a promise.
Thank you for your post. It was chock-full of interesting information --
particularly the bits about DTCP, which I had never seen before.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list