Slashdot Mirror
HDCP Encryption/Decryption Code Released
rtj writes "We have released an open-source (BSD licensed) implementation of the HDCP encryption/decryption algorithms. The code includes the block cipher, stream cipher, and hashing algorithms necessary to perform an HDCP handshake and to encrypt or decrypt video. The code passes the test vectors provided in the HDCP specification and can encrypt video at a rate of about 180 640x480 frames/second on a 2.33GHz Intel Xeon CPU. This isn't quite fast enough to decrypt 1080p content in real-time on a single core, but decryption can be parallelized across multiple cores. There are also many opportunities for further optimisation, such as using SSE instructions. We are releasing the code in hopes that others will further optimize it and use it in their HDCP-related projects."
Intel's statement had to do with the security of the use case of HDCP: digital video encrypted with HDCP being transported over HDMI cables. In other words, the hardware Intel claims is required, is specialized hardware which interfaces with HDMI ports. This software implementation is not interesting for cracking encrypted video if it cannot communicate with the Blu-Ray or other media player in question in a way which tricks the media player into thinking that the computer running the software is a certified display device.
NEVER underestimate a determined hacker.
Especially one who's been told it can't be done.
I guess the next logical step would be a GPU implementation....
Errrrr the point of this software is to perform the handshake which authenticates it as a legitimate source or sink device. The master key also allows you to simply generate a NEW device key if the one you are using happens to get blacklisted by a firmware update.
The reason this is useful is not for bluray, it is for first-run broadcast content.
It just means you can't do it in realtime on a 2.5ghz core2... Nothing to stop you dumping the encrypted data somewhere and decrypting it later.
Also consider a 2.5GHz Core2 isn't all that modern, and it doesn't even specify wether this cpu is dual or quad core. With 6, 8 and even 12 core processors available, plus the possibility to parallelize over multiple processors 60fps is quite achievable today.
There is also the possibility of using a GPU to do this.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
In other words, the HDCP hardware decryptor is more powerful than the main CPU. Even with the specialized-vs-generic advantage, just think about the power wasted encrypting/decrypting it for no reason but letting the cartel control the market market and the complexity of the electronics you have to buy with your own money.
Every HDCP device should be slapped with a huge carbon and recycling tax -- with an extra punitive rate, since the waste is introduced intentionally.
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
In other words, the HDCP hardware decryptor is more powerful than the main CPU.
I'm pretty sure it's not, given that the $50 video card I bought last week to run a second monitor at work has an HDMI port on it. If the chip were that powerful, it would be too expensive to put on a card that cheap.
I'm sure this is just a case where specialized hardware is able to accomplish the task a lot more quickly than the first version of some software running on a general-purpose CPU.
"...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
I think you greatly underestimate the advantage an ASIC has over a general purpose CPU (even the latest Intel CPUs with AES-NI) when it comes to crypto.
How about you RTFA:
"The HDCP cipher is designed to be efficient when implemented in hardware, but it is terribly inefficient in software, primarily because it makes extensive use of bit operations. Our implementation uses bit-slicing to achieve high speeds by exploiting bit-level parallelism. We have created a few high-level routines to make it as easy as possible to implement HDCP, as shown in the following example. "
retrorocket.o not found, launch anyway?
In other words, the HDCP hardware decryptor is more powerful than the main CPU.
Um. No. Not at all. CPU's are highly generalized computational engines. A CPU's instruction set contains every instruction needed to perform every operation by a computer, including I/O to peripheral busses, etc. A GPU is a highly specialized processor designed to complement a CPU and offload graphics-specific computations that requires a large number of high speed mathematical computations. It's only purpose is to take data from the CPU and render it quickly for a display. The functionality of a GPU can be implemented in a CPU, although with a huge degradation in performance. The functionality of a CPU can not be implemented in a GPU.
In summary:
1. A CPU is the brain of the computer and the GPU is only meant to complement it.
2. GPU's are specialized and cannot replace the function of a CPU.
3. CPU's can perform the functions of a GPU but at a much slower speed.
Every HDCP device should be slapped with a huge carbon and recycling tax -- with an extra punitive rate, since the waste is introduced intentionally.
What a crock. Thanks to technologies like CUDA you can write your own programs that leverage the GPU's in your existing video cards. It's likely only a matter of time before you start to see GPU-based implementations of this code, which means the nVidia or ATI card in your existing PC could easily decrypt HDCP content in real-time. So are you willing to pay excessive taxes for the video card in your PC? When implemented in existing DVI & HDMI chipsets, HDCP really doesn't require all that much more physical overhead, certainly not enough to justify an absurd carbon tax. Highly specialized hardware like that is significantly more efficient than even the GPU in your PC.
There are already bootleg hardware HDCP strippers on the market. It used to be possible to shut down these devices by revoking their keys, but that's now gone out the window with the master-key leak. Expect the next generation of devices to let you upload new keys to them, or maybe generate new keys themselves.
Software decryption is kinda interesting but you're right, hardware is where it's at.
This is the "specialized-vs-generic advantage" I mentioned. You do waste a lot less power, but you still do waste it for no gain whatsoever.
A parable: a crazy dictator ordered his workers to make a huge earth mound and then to level it, with nothing but shovels. Another dictator ordered his troops to make a mound of the same size and then level it, but this time he granted them heavy machinery. Which dictator uses his people better?
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
DRM must be really really costly. And the bad thing is we're all paying for it - the honest customers even more than the "pirates" against which it is supposed to protect.
When I see how much computing resources it takes just to en/decrypt a stream - OK it's a general purpose processor, not something dedicated - I am thinking of the cost of those resources in all the devices we have. After all your BluRay player has to read the BR disk, decrypt the content, then encrypt it again to an HDCP stream, which is sent over to say a TV, which then decrypts it again to make it a watchable image.
Now if only we wouldn't need that encryption.
BluRay itself is (all but) cracked, that's one decryption step that can be done away with.
HDCP transfer is now done with; that's another two steps of en- and decryption that can go.
That is at least three pieces of beefy hardware. That's three chips that won't come for a few pennies each. That's three chips that will be wasting significant amounts of energy.
Plus of course the huge upfront cost to develop all that: to develop the algorithms, set up the secure key supply, designing the dedicated de/encrypt chips and writing all the software around it to make it work.
And all of us are paying for it. It makes BR players and disks and HDCP compliant hardware more expensive than necessary, it even increases our power bills unnecessary. I really wonder when this madness can come to an end.