High-bandwidth Digital Content Protection

High-bandwidth Digital Content Protection (HDCP) is a form of digital copy protection developed by
Intel Corporation[1] to prevent copying of digital audio and video content as it travels across connections.
Types of connections include DisplayPort (DP), Digital Visual Interface (DVI), and High-Definition
Multimedia Interface (HDMI), as well as less popular or now deprecated protocols like Gigabit Video
Interface (GVIF) and Unified Display Interface (UDI).

The system is meant to stop HDCP-encrypted content from being played on unauthorized devices or
devices which have been modified to copy HDCP content.[2][3] Before sending data, a transmitting device
checks that the receiver is authorized to receive it. If so, the transmitter encrypts the data to prevent
eavesdropping as it flows to the receiver.[4]

In order to make a device that plays HDCP-enabled content, the manufacturer must obtain a license for the
patent from Intel subsidiary Digital Content Protection LLC, pay an annual fee, and submit to various
conditions.[5][6][7] For example, the device cannot be designed to copy; it must "frustrate attempts to defeat
the content protection requirements";[7] it must not transmit high definition protected video to non-HDCP
receivers; and DVD-Audio works can be played only at CD-audio quality[7] by non-HDCP digital audio
outputs (analog audio outputs have no quality limits).

Cryptanalysis researchers demonstrated flaws in HDCP as early as 2001. In September 2010, an HDCP
master key that allows for the generation of valid device keys was released to the public, rendering the key
revocation feature of HDCP useless.[8][9] Intel has confirmed that the crack is real,[10] and believes the
master key was reverse engineered rather than leaked.[11] In practical terms, the impact of the crack has
been described as "the digital equivalent of pointing a video camera at the TV", and of limited importance
for consumers because the encryption of high-definition discs has been attacked directly, with the loss of
interactive features like menus.[12] Intel threatened to sue anyone producing an unlicensed device.[11]

Contents
Specification
Uses
Circumvention
Cryptanalysis
Master key release
HDCP v2.2, v2.1 and v2.0 breach
Problems
Versions
HDCP v2.x
See also
References
External links
Specification
HDCP uses three systems:[5]

1. Authentication prevents non-licensed devices from receiving content.

2. Encryption of the data sent over DisplayPort, DVI, HDMI, GVIF, or UDI interfaces prevents
eavesdropping of information and man-in-the-middle attacks.
3. Key revocation prevents devices that have been compromised and cloned from receiving
data.

Each HDCP-capable device has a unique set of 40 56-bit keys. Failure to keep them secret violates the
license agreement. For each set of values, a special private key called a KSV (Key Selection Vector) is
created. Each KSV consists of 40 bits (one bit for each HDCP key), with 20 bits set to 0 and 20 bits set to
1.

During authentication, the parties exchange their KSVs under a procedure called Blom's scheme. Each
device adds its own secret keys together (using unsigned addition modulo 256 ) according to a KSV
received from another device. Depending on the order of the bits set to 1 in the KSV, a corresponding
secret key is used or ignored in the addition. The generation of keys and KSVs gives both devices the same
56-bit number, which is later used to encrypt data.

Encryption is done by a stream cipher. Each decoded pixel is encrypted by applying an XOR operation
with a 24-bit number produced by a generator. The HDCP specifications ensure constant updating of keys
after each encoded frame.

If a particular set of keys is compromised, their corresponding KSV is added to a revocation list burned
onto new discs in the DVD and Blu-ray formats. (The lists are signed with a DSA digital signature, which
is meant to keep malicious users from revoking legitimate devices.) During authentication, the transmitting
device looks for the receiver's KSV on the list, and if it is there, will not send the decrypted work to the
revoked device.

Uses
HDCP devices are generally divided into three categories:

Source
The source sends the content to be displayed.
Examples include set-top boxes, DVD, HD DVD and
Blu-ray Disc players, and computer video cards. A
source has only an HDCP/HDMI transmitter.[4]
Sink
The sink renders the content for display so it can be
viewed. Examples include TVs and digital projectors.
A sink has one or more HDCP/HDMI receivers.[4]
Repeater
A repeater accepts content, decrypts it, then re- An HDCP transmitter chip by Silicon
encrypts and retransmits the data. It may perform Image in an Apple TV device
some signal processing, such as upconverting video
into a higher-resolution format, or splitting out the
audio portion of the signal. Repeaters have HDMI inputs and outputs. Examples include
home theater audio-visual receivers that separate and amplify the audio signal, while re-
 transmitting the video for display on a TV. A repeater could also simply send the input data
stream to multiple outputs for simultaneous display on several screens.[4]

Each device may contain one or more HDCP transmitters and/or receivers. (A single transmitter or receiver
chip may combine HDCP and HDMI functionality.)[4]

In the United States, the Federal Communications Commission (FCC) approved HDCP as a "Digital
Output Protection Technology" on 4 August 2004.[13] The FCC's Broadcast flag regulations, which were
struck down by the United States Court of Appeals for the District of Columbia Circuit, would have
required DRM technologies on all digital outputs from HDTV signal demodulators. Congress is still
considering legislation that would implement something similar to the Broadcast Flag. The HDCP standard
is more restrictive than the FCC's Digital Output Protection Technology requirement. HDCP bans
compliant products from converting HDCP-restricted content to full-resolution analog form, presumably in
an attempt to reduce the size of the analog hole.

On 19 January 2005, the European Information, Communications, and Consumer Electronics Technology
Industry Associations (EICTA) announced that HDCP is a required component of the European "HD
ready" label.[14]

Microsoft Windows Vista and Windows 7 both use HDCP in computer graphics cards and monitors.[15][16]

Circumvention
HDCP strippers remove HDCP information from the video signal in order to allow the data to flow freely
to a non-HDCP display. It is currently unclear whether such devices would remain working if the HDCP
licensing body issued key-revocation lists, which may be installed via new media (e.g. newer Blu-ray
Discs) played-back by another device (e.g. a Blu-ray Disc player) connected to it.[17]

Cryptanalysis

In 2001, Scott Crosby of Carnegie Mellon University wrote a paper with Ian Goldberg, Robert Johnson,
Dawn Song, and David Wagner called "A Cryptanalysis of the High-bandwidth Digital Content Protection
System", and presented it at ACM-CCS8 DRM Workshop on 5 November.[18]

The authors concluded that HDCP's linear key exchange is a fundamental weakness, and discussed ways
to:

Eavesdrop on any data.

Clone any device with only its public key.
Avoid any blacklist on devices.
Create new device key vectors.
In aggregate, usurp the authority completely.

They also said the Blom's scheme key swap could be broken by a so-called conspiracy attack: obtaining
the keys of at least 40 devices and reconstructing the secret symmetrical master matrix that was used to
compute them.

Around the same time, Niels Ferguson independently claimed to have broken the HDCP scheme, but he
did not publish his research, citing legal concerns arising from the controversial Digital Millennium
Copyright Act.[19]
In November 2011 Professor Tim Güneysu of Ruhr-Universität Bochum revealed he had broken the
HDCP 1.3 encryption standard.

Master key release

On 14 September 2010, Engadget reported the release of a possible genuine HDCP master key which can
create device keys that can authenticate with other HDCP compliant devices without obtaining valid keys
from The Digital Content Protection LLC. This master key would neutralize the key revocation feature of
HDCP, because new keys can be created when old ones are revoked.[8] Since the master key is known, it
follows that an unlicensed HDCP decoding device could simply use the master key to dynamically
generate new keys on the fly, making revocation impossible. It was not immediately clear who discovered
the key or how they discovered it, though the discovery was announced via a Twitter update which linked
to a Pastebin snippet containing the key and instructions on how to use it. Engadget said the attacker may
have used the method proposed by Crosby in 2001 to retrieve the master key, although they cited a
different researcher. On 16 September, Intel confirmed that the code had been cracked.[20][21] Intel has
threatened legal action against anyone producing hardware to circumvent the HDCP, possibly under the
Digital Millennium Copyright Act.[11]

HDCP v2.2, v2.1 and v2.0 breach

In August 2012 version 2.1 was proved to be broken.[22] The attack used the fact that the pairing process
sends the Km key obfuscated with an XOR. That makes the encryptor (receiver) unaware of whether it
encrypts or decrypts the key. Further, the input parameters for the XOR and the AES above it are fixed
from the receiver side, meaning the transmitter can enforce repeating the same operation. Such a setting
allows an attacker to monitor the pairing protocol, repeat it with a small change and extract the Km key.
The small change is to pick the "random" key to be the encrypted key from the previous flow. Now, the
attacker runs the protocol and in its pairing message it gets E(E(Km)). Since E() is based on XOR it undoes
itself, thus exposing the Km of the legitimate device.

V2.2 was released to fix that weakness by adding randomness provided by the receiver side. However the
transmitter in V2.2 must not support receivers of V2.1 or V2.0 in order to avoid this attack. Hence a new
erratum was released to redefine the field called "Type" to prevent backward compatibility with versions
below 2.2. The "Type" flag should be requested by the content's usage rules (i.e. via the DRM or CAS that
opened the content).[23]

In August 2015, version 2.2 was rumored to be broken. An episode of AMC's series Breaking Bad was
leaked to the Internet in UHD format; its metadata indicated it was an HDMI cap, meaning it was captured
through HDMI interface that removed HDCP 2.2 protection.[24][25]

On 4 November 2015, Chinese company LegendSky Tech Co., already known for their other HDCP
rippers/splitters under the HDFury brand, released the HDFury Integral, a device that can remove HDCP
2.2 from HDCP-enabled UHD works.[26] On 31 December 2015, Warner Bros and Digital Content
Protection, LLC (DCP, the owners of HDCP) filed a lawsuit against LegendSky.[27][28] Nevertheless, the
lawsuit was ultimately dropped after LegendSky argued that the device did not "strip" HDCP content
protection but rather downgraded it to an older version, a measure which is explicitly permitted in DCP's
licensing manual.[29]

Problems
HDCP can cause problems for users who want to connect multiple screens to a device; for example, a bar
with several televisions connected to one satellite receiver or when a user has a closed laptop and uses an
external display as the only monitor. HDCP devices can create multiple keys, allowing each screen to
operate, but the number varies from device to device; e.g., a Dish or Sky satellite receiver can generate 16
keys.[30] The technology sometimes causes handshaking problems where devices cannot establish a
connection, especially with older high-definition displays.[31][32][33]

Edward Felten wrote "the main practical effect of HDCP has been to create one more way in which your
electronics could fail to work properly with your TV," and concluded in the aftermath of the master key
fiasco that HDCP has been "less a security system than a tool for shaping the consumer electronics
market."[34]

Additional issues arise when interactive media (i.e. video games) suffer from control latency, because it
requires additional processing for encoding/decoding. Various everyday usage situations, such as live
streaming or capture of game play, are also adversely affected.[35]

There is also the problem that all Apple laptop products, presumably in order to reduce switching time,
when confronted with an HDCP-compliant sink device, automatically enable HDCP encryption from the
HDMI / Mini DisplayPort / USB-C connector port. This is a problem if the user wishes to use recording or
videoconferencing facilities further down the chain, because these devices most often do not decrypt
HDCP-enabled content (since HDCP is meant to avoid direct copying of content, and such devices could
conceivably do exactly that). This applies even if the output is not HDCP-requiring content, like a
PowerPoint presentation or merely the device's UI.[36] Some sink devices have the ability to disable their
HDCP reporting entirely, however, preventing this issue from blocking content to videoconferencing or
recording. However, HDCP content will then refuse to play on many source devices if this is disabled
while the sink device is connected.[37]

When connecting a HDCP 2.2 source device through compatible distribution to a video wall made of
multiple legacy displays the ability to display an image can not be guaranteed.[38]

Versions
 HDCP Release
Supported interfaces
revision Date
17
1.0 February DVI
2000
9 June
1.1 DVI, HDMI
2003
13 June
1.2 DVI, HDMI
2006
21 Dec
1.3 DVI, HDMI, DP, GVIF, UDI
2006
8 July
1.4
2009

23 Oct Interface Independent Adaptation, Any IP based interface

2.0 IIA
2008 Compressed or uncompressed video (only specified for compressed over PES
though)

New mechanism to manage Type 1 content. Type 1 is a flag preventing content from
18 July going to v1.x HDCP. It is assumed that UHD content will require that.
2.1 IIA
2011
Resolves addition of devices to the HDMI tree without a full tree re-authentication by
allowing ReceiverID_List to be asynchronous

16 Addresses a breach described above, as well as other flaws in Locality Check

2.2 IIA October
Type 1 extended to preventing content from going to v2.1, 2.0 and v1.x as they all
2012
have weaknesses

13
2.2 for
February
HDMI
2013
This spec is not bound to backward compatibility to v2.0 and v2.1 hence makes it a
11 clean version of v2.2
2.2 for
September
MHL
2013
28
2.3 for
February
HDMI
2018

HDCP v2.x
The 2.x version of HDCP is not a continuation of HDCPv1, and is rather a completely different link
protection. Version 2.x employs industry-standard encryption algorithms, such as 128-bit AES with 3072 or
1024-bit RSA public key and 256-bit HMAC-SHA256 hash function.[23] While all of the HDCP v1.x
specifications support backward compatibility to previous versions of the specification, HDCPv2 devices
may interface with HDCPv1 hardware only by natively supporting HDCPv1, or by using a dedicated
converter device. This means that HDCPv2 is only applicable to new technologies. It has been selected for
the WirelessHD and Miracast (formerly WiFi Display) standards.[39][40]

HDCP 2.x features a new authentication protocol, and a locality check to ensure the receiver is relatively
close (it must respond to the locality check within 7 ms on a normal DVI/HDMI link).[23] Version 2.1 of
the specification was cryptanalyzed and found to have several flaws, including the ability to recover the
session key.[22]

There are still a few commonalities between HDCP v2 and v1.

 1. Both are under DCP LLC authority.
2. Both share same license agreement, compliance rules and robustness rules.
3. Both share same revocation system and same device ID formats.

See also
HDCP repeater bit
Digital Transmission Content Protection
Digital rights management
Encrypted Media Extensions
Defective by Design
Trusted Computing
Hardware restriction

References
1. "Digital Content Protection - About DCP" (http://www.digital-cp.com/about_dcp).
2. HDCP specification 1.3. Page 31 0x15, Page 35
3. "HD DVD Glossary" (http://www.hddvd-faq.com/glossary.asp). 080509 hddvd-faq.com
4. "HDCP deciphered: white paper" (https://web.archive.org/web/20080920191718/http://www.
digital-cp.com/files/documents/04A897FD-FEF1-0EEE-CDBB649127F79525/HDCP_decip
hered_070808.pdf) (PDF). DCP, LLC. 22 July 2008. Archived from the original on 20
September 2008.
5. "HDCP v1.3 specification" (https://web.archive.org/web/20080920192936/http://www.digital-
cp.com/files/static_page_files/8006F925-129D-4C12-C87899B5A76EF5C3/HDCP_Specifi
cation%20Rev1_3.pdf) (PDF). Digital Content Protection. 21 December 2006. Archived from
the original (http://www.digital-cp.com/files/static_page_files/8006F925-129D-4C12-C87899
B5A76EF5C3/HDCP_Specification%20Rev1_3.pdf) (PDF) on 20 September 2008.
Retrieved 8 May 2008.
6. "Digital Content Protection LLC" (https://web.archive.org/web/20080202215640/http://www.d
igital-cp.com/home). Archived from the original (http://www.digital-cp.com/home) on 2
February 2008. Retrieved 24 January 2008.
7. "HDCP License Agreement" (https://web.archive.org/web/20090419204233/http://www.digit
al-cp.com/files/static_page_files/D6724AFD-9B02-A253-D8D2FE5B1A10F7F7/HDCP_Lice
nse_Agreement_082207.pdf) (PDF). Digital Content Protection, LLC. 16 January 2008.
Archived from the original (http://www.digital-cp.com/files/static_page_files/D6724AFD-9B02
-A253-D8D2FE5B1A10F7F7/HDCP_License_Agreement_082207.pdf) (PDF) on 19 April
2009. Retrieved 24 January 2008.
8. Lawler, Richard. "HDCP 'master key' supposedly released, unlocks HDTV copy protection
permanently" (https://www.engadget.com/2010/09/14/hdcp-master-key-supposedly-released
-unlocks-hdtv-copy-protect/). Engadget. Retrieved 14 September 2010.
9. Peter Bright (17 September 2010). "Intel confirms HDCP key is real, can now be broken at
will" (https://arstechnica.com/tech-policy/news/2010/09/intel-confirms-the-hdcp-key-is-real-c
an-now-be-broken-at-will.ars). Ars Technica. Retrieved 17 September 2010.
10. "Intel confirms that HDCP has been cracked" (https://www.foxnews.com/tech/hdtv-code-crac
k-is-real-intel-confirms). Fox News. 16 September 2010.
11. Wired. "Intel Threatens to Sue Anyone Who Uses HDCP Crack (https://www.wired.com/thre
atlevel/2010/09/intel-threatens-consumers/)".
12. HDCP antipiracy leak opens doors for black boxes | InSecurity Complex - CNET News (http
s://www.cnet.com/news/hdcp-antipiracy-leak-opens-doors-for-black-boxes/)
13. "FCC Approves Digital Output Protection Technologies and Recording Method
Certifications" (http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-250532A1.pdf)
(PDF) (Press release). Federal Communications Commission. 4 August 2004. Retrieved
28 December 2006.
14. "EICTA announces "Conditions for High Definition Labelling of Display Devices" (https://we
b.archive.org/web/20070114175730/http://www.eicta.org/fileadmin/user_upload/document/d
ocument1160753216.pdf) (PDF) (Press release). EICTA. 19 January 2005. Archived from
the original (http://www.eicta.org/fileadmin/user_upload/document/document1160753216.pd
f) (PDF) on 14 January 2007. Retrieved 28 December 2006.
15. Output Content Protection and Windows Vista (http://www.microsoft.com/whdc/device/medi
a/output_protect.mspx)
16. "The Clicker: Microsoft's OPM for the masses - Engadget" (https://web.archive.org/web/2008
0726070508/http://www.engadget.com/entry/1234000143050582/). Archived from the
original (https://www.engadget.com/entry/1234000143050582/) on 26 July 2008. Retrieved
29 August 2017.
17. Ryan Block (21 July 2005). "The Clicker: HDCP's Shiny Red Button" (https://www.engadget.
com/2005/07/21/the-clicker-hdcps-shiny-red-button). Engadget. Retrieved 28 December
2006.
18. Scott Crosby; Ian Goldberg; Robert Johnson; Dawn Song; David Wagner (5 November
2001). A Cryptanalysis of the High-bandwidth Digital Content Protection System (https://we
b.archive.org/web/20041107101758/http://www.cs.rice.edu/~scrosby/pubs/hdcppaper.ps).
ACM-CSS8 DRM Workshop. Archived from the original (http://www.cs.rice.edu/~scrosby/pu
bs/hdcppaper.ps) on 7 November 2004. Retrieved 28 December 2006.
19. Niels Ferguson, DMCA Censorship (https://web.archive.org/web/20120220014712/http://ww
w.macfergus.com/niels/dmca/cia.html), 15 August 2001
20. "HDTV Code Crack Is Real, Intel Confirms" (http://www.foxnews.com/scitech/2010/09/16/int
el-confirms-hdtv-code-cracked/). Fox News. 16 September 2010.
21. Intel Confirms That HDCP Master Key is Cracked (http://www.tomshardware.com/news/hdcp
-master-key-copy-protection,11311.html)
22. Green, Matthew (27 August 2012). "Reposted: A cryptanalysis of HDCP v2.1" (http://blog.cry
ptographyengineering.com/2012/08/reposted-cryptanalysis-of-hdcp-v2.html). A Few
Thoughts on Cryptographic Engineering.
23. "High-bandwidth Digital Content Protection System: Mapping HDCP to HDMI (Revision
2.2)" (https://www.digital-cp.com/sites/default/files/specifications/HDCP%20Interface%20Ind
ependent%20Adaptation%20Specification%20Rev2_2_FINAL.pdf) (PDF). Digital Content
Protection LLC. 13 February 2013.
24. van der Sar, Ernesto (28 August 2015). "First Netflix 4K Content Leaks to Torrent Sites" (http
s://torrentfreak.com/first-netflix-4k-content-leaks-to-torrent-sites-150828/). Torrentfreak.
25. Robertson, Adi (28 August 2015). "Netflix's 4K video reportedly cracked, Breaking Bad
episode posted online" (https://www.theverge.com/2015/8/28/9222337/piracy-netflix-breakin
g-bad-4k-episode).
26. "HDfury launches yet another path breaking device – the HDCP Doctor, HDfury Integral" (htt
ps://web.archive.org/web/20160115002430/http://www.hdfury.com/11159/). HDFury.com.
HDFury. Archived from the original (https://www.hdfury.com/11159/) on 15 January 2016.
Retrieved 7 January 2016.
27. "Lawsuit against Legendsky (PDF)" (https://archive.org/details/gov.uscourts.nysd.451763).
Retrieved 7 January 2016.
28. Mullin, Joe. "Warner Bros. sues "HD Fury" over boxes that can copy 4k video" (https://arstec
hnica.com/tech-policy/2016/01/warner-bros-sues-hd-fury-over-boxes-that-can-copy-4k-vide
o/). Ars Technica. Retrieved 7 January 2016.
29. Van der Sar, Ernesto (6 May 2016). "4K Content Protection "Stripper" Beats Warner Bros in
Court" (https://torrentfreak.com/4k-content-protection-stripper-beats-warner-bros-in-court-160
5xx/). TorrentFreak. Retrieved 6 June 2017.
30. "Device List as of 1/7/2010" (http://www.crestron.com/downloads/pdf/misc/third_party_hdcp_
limits.pdf) (PDF). Crestron.
31. Masamitsu, Emily (23 January 2007). "PS3 Blinking Mystery Deepens—Westinghouse: "Our
TVs Not the Problem" " (https://web.archive.org/web/20070206224544/http://www.popularm
echanics.com/blogs/technology_news/4212233.html). Popular Mechanics. Archived from
the original (http://www.popularmechanics.com/blogs/technology_news/4212233.html) on 6
February 2007.
32. Selter, Scott (10 November 2005). "HDCP "Handshake" A Big Problem For Many Legacy
DVI-Based HDTVs" (https://web.archive.org/web/20091212070208/http://www.avrev.com/ne
ws/1105/10.hdcp.html). AVRev.com. Archived from the original (http://www.avrev.com/news/
1105/10.hdcp.html) on 12 December 2009. Retrieved 8 March 2008.
33. Stockfisch, Mark (4 November 2007). "HDMI/DVI HDCP handshake problems & how to
avoid them" (http://www.eetimes.com/design/communications-design/4013366/HDMI-DVI-H
DCP-handshake-problems--how-to-avoid-them). EETimes.
34. Felten, Ed (11 September 2010). "Understanding the HDCP Master Key Leak" (http://www.fr
eedom-to-tinker.com/blog/felten/understanding-hdcp-master-key-leak).
35. "How do you capture video of your PS3 gameplay" (http://gaming.stackexchange.com/questi
ons/13704/how-do-you-capture-video-of-your-ps3-gameplay). Arqade. Stack Exchange. 1
January 2011.
36. "Frequently asked questions about using HDMI with Mac computers - Apple Support" (http
s://support.apple.com/en-us/HT204388). Apple. 22 March 2017.
37. "HDCP White Paper: How DigitalMedia(TM) Switchers Handle HDCP" (http://www.crestron.
com/downloads/pdf/product_engineering_specifications/hdcp_whitepaper_crestron.pdf)
(PDF). Crestron.
38. "Introduction to HDCP2.2" (http://www.extron.com/download/files/whitepaper/hdcp_2_2_wp.
pdf) (PDF). Extron. 8 September 2015.
39. "WirelessHD 1.1 Specification Summary" (http://www.wirelesshd.org/about/specification-su
mmary/). WirelessHD. WirelessHD. Retrieved 18 April 2017.
40. "Technical Note Wi-Fi CERTIFIED Miracast™ HDCP Interoperability Issue: HDCP 2.2
Protocol Descriptor" (https://www.wi-fi.org/download.php?file=/sites/default/files/private/Mira
cast_HDCP_Tech_Note_v1%200_0.pdf) (PDF). WiFi Alliance. WiFi Alliance. Retrieved
18 April 2017.

External links
Official website (https://www.digital-cp.com/)

Retrieved from "https://en.wikipedia.org/w/index.php?title=High-

bandwidth_Digital_Content_Protection&oldid=1043057877"

This page was last edited on 8 September 2021, at 04:27 (UTC).

Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using
this site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia
Foundation, Inc., a non-profit organization.