Slashdot Mirror


Making and Breaking HDCP Handshakes

Cadre writes "Ed Felten describes the handshaking routine used by HDCP and how if any 40 devices conspire together, they can break the security of the system."

3 of 144 comments (clear)

  1. American Hero. by Whiney+Mac+Fanboy · · Score: 5, Interesting
    Ed Felten is a true American hero - he's:
    * Convinced the Music Industry watermarking is unworkable (saving us from poor quality files)

    * Testified against predatory monopolists as a witness for the US govt.

    * Exposed holes in Sony's "fix" for XCP malware CDs (that turned out to be almost as dangerous as the original rootkit)

    * Given us the memorable quote Given a choice between dancing pigs and security, users will pick dancing pigs every time.
    (gleaned from wikipedia)

    Also - anyone thinking the 40 'conspiring' devices makes it impractical to break HDCP/HDMI - think again. It just means 40 (or less) like minded hackers have to get together - not particularly hard to imagine these days.
    --
    There are shills on slashdot. Apparently, I'm one of them.
  2. A little tougher than that... by weetjerm · · Score: 5, Interesting

    His attack methodology is correct, but it will take more than 40 devices to break the system. The chances are very low that all 40 devices being linearly independent, and therefore each one offering non-duplicate information about the system. If you read the comments, he actually inadvertantly ran into this problem with his small example of 4 keys.

    However, in writing this, I realize that I do not know how many keys you would need to present a good probability of solving the system of equations. Anyone want to run a simulation?

  3. Re:Why Reveal this Now? by Anonymous Coward · · Score: 5, Interesting
    The bad news is that some day they will start hiring people who know what they're doing with cryptosystems and then we're all screwed.


    Rather unlikely. The whole concept of DRM is bankrupt as a cryptographic concept because you are handing over the ciphertext, the plaintext and last but not least the key over to your adversary (usually called "consumer" or "hacker"). Sure you can try to make it hard for him to actually get them but you already handed them over and it just remains a question of time until they are recovered.
    Meanwhile, a single break is a class break for at least all the content released up to the point of the break (even with "revokable" keys). Also, once a broke the system once, the content is freed forever and can be distributed at leisure (darknet hypothesis), which means even some small quality loss may be acceptable to the attacker since that loss would only occure once.

    In short, DRM is a DReaM indeed.