Slashdot Mirror
HDCP Break Proven
zavyman writes: "I just noticed at Cryptome that the flaws in HDCP posted to Slashdot earlier this year, which one person refused to disclose due to possible threats from the DMCA, have been made public by different authors. Scott Crosby of Carnegie Mellon University, Ian Goldberg of Zero Knowledge Systems, and Robert Johnson, Dawn Song, and David Wagner of UC Berkeley have published a formal cryptanalysis of the High-bandwidth Digital Content Protection System that proves its fatal flaws. Interesting reading for those with some background with cryptanalysis."
(This is the author of the slides, BTW)
Intel wanted a scheme that could be implemented in under 10,000 gates. IMHO, the designers were aware of the flaw, though not necessarily of the full impact of the flaw. Some of the attacks are subtle.
I broke it over 6 months ago, go look at the cryptome archives, where its been sitting since May 9th.
:)
I know of at least 4 researchers who have independently discovered the flaws. (See my other slashdot post).
After Skylarov and Ferguson, I was reluctant to point out that my work had been sitting around on cryptome since May. I suspect Keith Irwin felt similarily.
Neils wasn't the first to go public or even second, though he did raise a wonderful stink.
This is pretty basic, but for those who don't know, HDCP is the encryption scheme of choice for HDTV video signals. This is fairly huge news that it has been broken since all TV's and broadcasts in the US will supposedly eventually switch to the HDTV standard. Unless they pull a fast one and switch the standard (which would alienate everyone who has already bought expensive HDTV equipment), this means that DMCA or not, people are going to have guaranteed access to plaintext HDTV signals for as long as the standard is in use. Of course, I'm personally hoping that the DMCA is at least re-written, preferrably scuttled altogether.