Slashdot Mirror

← Back to Stories (view on slashdot.org)

HDCP Break Proven

Posted by timothy on Monday November 19, 2001 @03:29PM from the importance-of-honesty-in-a-relationship dept.

zavyman writes: "I just noticed at Cryptome that the flaws in HDCP posted to Slashdot earlier this year, which one person refused to disclose due to possible threats from the DMCA, have been made public by different authors. Scott Crosby of Carnegie Mellon University, Ian Goldberg of Zero Knowledge Systems, and Robert Johnson, Dawn Song, and David Wagner of UC Berkeley have published a formal cryptanalysis of the High-bandwidth Digital Content Protection System that proves its fatal flaws. Interesting reading for those with some background with cryptanalysis."

3 of 220 comments (clear)

Min score:

Reason:

Sort:

Again... by Guillaume+Ross · 2001-11-19 15:32 · Score: 0, Redundant

It seems every day we hear about yet another thing that has been cracked...boring :(
Paraphrased: by Daniel+Wood · 2001-11-19 15:41 · Score: 0, Redundant

High-bandwidth Digital Content Protection System is flawed beyond repair and would have to be completely reworked.
In Summary... by FreezerJam · 2001-11-19 15:42 · Score: 2, Redundant
In summary...
Conclusion
HDCP's linear key exchange is a fundamental weaknesses. We can:
- Eavesdrop on any data
- Clone any device with only their public key
- Avoid any blacklist on devices
- Create new device keyvectors.
- In aggregate, we can usurp the authority completely.
Why do people continue to think they can build a secure system designed to simultaneous distribute data publicly and prevent its distribution?