HDCP, the security system for protecting high-definition video, has been compromised by the posting of the master encryption key to the Internet. This release has raised some fears that HD video will suffer the same fate as DVD after the encryption key was found in 1999. Intel, the inventor of HDCP, has reported that the key is legitimate. However, many believe that legal and technical barriers will keep HDCP relevant for the foreseeable future.

HDCP uses a public key cryptography mechanism, approved by the FCC in 2004, to protect the outputs of set-top boxes, Blu-Ray players and other entertainment devices. The system uses a sophisticated encryption key-management system to provide a chain of trust for protecting digital content. The master key, managed by Intel, is used to generate device-specific keys. Once content is encrypted by a studio, it only can be unlocked by device keys that have been generated by the master key.

A lock-out mechanism within HDCP allows Intel to revoke the credentials for compromised devices.  In order to lock a device out, content creators would have to include a list of revoked keys on any new Blu-Ray or broadcast HD content. But this mechanism will be ineffective in locking out newly generated keys because hackers could create a new key whenever an old one had been blocked.

Raising The Bar

Content providers are in a constant cat-and-mouse game with pirates.  As new security mechanisms are established, pirates are finding different ways of illicitly capturing digital copies of content. Although analog HDCP strippers have been produced in the past, these suffer reduced quality compared to the exact digital copy.

The growth of the DVD industry was enabled by a content scrambling system (CSS), which gave the movie industry the confidence to post digital copies of its content. But in 1999, hackers identified the master key and created a tiny program capable of decrypting DVDs and of saving the unencrypted data to a hard disk.

The practical effects of the HDCP crack might take more time, owing to the higher technical bar in decrypting content, notes Paul Kocher, chief scientist at Cryptography Research: "From a piracy perspective, it’s unlikely to make a large difference in the immediate future, although I’m expecting that video capture systems that break HDCP will get built within the next few years."

The biggest technical challenge is that capturing uncompressed video data from interfaces like HDMI requires special-purpose hardware. Although the hardware is not complex in theory, there is little demand because it would be awkward to use and there is no legitimate purpose. Kocher explains, "Rather high data rates are also involved in capturing raw video, so it also would take a significant amount of engineering to deal with the data after it was captured and decrypted.  For example, the most likely option would be to re-compress it, but high-quality, real-time video encoders are still fairly hard to make. That said, somebody will build such a device sooner or later, so it’s just a matter of time."

Keeping Pirates at Bay

In the short run, Intel plans to pursue all legal options to keelhaul these pirates.

According to Intel spokesman Tom Waldrop, "Technical answers are not going to solve 100 percent of all issues. That’s why enforcement is a big part of our strategy."

In the longer term, studios might start looking at other approaches like HDCP 2.0, a new copy-protection implementation with better encryption. However, studio and equipment vendors face a difficult challenge in improving security without angering legitimate customers.

Comments Kocher, "While any of today’s TVs remain in use, all set-top boxes need to be compatible and those TVs will have to support output using the current (broken) HDCP.  Even if new TVs supported a better protocol, attackers could always trick the set-top box into using the old protocol."

– George Lawton

The Daily


Doing Good

Charter is doubling its investment in the Spectrum Scholars program and making the scholarship and internship program annual as opposed to biannual. Beginning with the 2022-2023 academic year, Charter will

Read the Full Issue
The Skinny is delivered on Tuesday and focuses on the cable profession. You'll stay in the know on the headlines, topics and special issues you value most. Sign Up


Jan 28
Cablefax 100 – 2022 Nominations Due: January 28, 2022
Mar 11
The FAXIES 2022 Entry Deadline: March 11
Apr 1
Cablefax Top Ops – 2022Nominations Due: April 1, 2022
Jun 3
The Diversity List – 2022Nomination Deadline: June 3
Aug 12
Most Powerful Women – 2022Nominations Due: August 12
Full Calendar


Seeking an INDUSTRY JOB?

Hiring? In conjunction with our sister brand, Cynopsis, we are offering hiring managers a deep pool of media-savvy, skilled candidates at a range of experience levels and sectors, The result will be an even more robust industry job board, to help both employers and job seekers.

Contact John@cynopsis.com for more information.