HDCP makes use of a three-stage content protection process:

• Device Authentication and Key Exchange

• Encryption of Content

• Key-revocation procedures

 

Through this three-stage process, the High-bandwidth Digital Content Protection protocol attempts to eliminate the interception of encrypted digital content midstream between source and sink devices.

In this article, we take a look at each of these steps to get a better understanding of what goes on in a digital connection when this form of digital content protection is on board.

Device Authentication and Key Exchange Process

The cryptographic Authentication and Key Exchange (AKE) represents the first of a three stage security process used by HDCP to protect the content mid-stream between source and sink. AKE is designed such that it will not allow non-compliant devices to receive HD content.

This process makes use of a set of unique 'secret' keys as assigned by the HDCP licensing body.

The assignment of a unique set of secret keys to a licensee brings with it a number of conditions that need to be satisfied for the licensing body to grant the keys. These conditions are imposed by the licensing body to ensure that the integrity of HDCP would not be compromised.

In particular, companies wishing to produce an HDCP-compliant device, have to prove that their product has been designed in a manner robust enough to effectively frustrate attempts to defeat the content protection requirements. Further more, companies should do their utmost to protect the assigned keys. Failure to do so may be seen as a violation of the licensing agreement. If these keys end up used by some rogue device after leaking into the wild, owners of legitimate compliant devices may - at some point - risk having their HD-gear functionality revoked by HDCP.

Each set of unique keys assigned to a device model consists of 40 different 'secret or private' keys, each 56 bits long. For each set of keys, a special 'public' key called Key Selection Vector (KSV) is created. Each KSV has exactly 20 zero bits and 20 bits set to 1.

During the authentication stage, both parties exchange their KSVs. Then each device adds (without overflow) its own set of secret keys according to a KSV received from another device. If a particular bit in the vector is set to 1, then the corresponding secret key is used in the addition, otherwise it is ignored. Secret Keys and KSVs are generated in such a way that during this process both devices get the same 56 bit number as a result. It is this computed 56-bit number that is later used in the encryption of the data traveling between source and sink devices.
 

Content Encryption

Encryption is done by a 'stream cipher'. This is a type of symmetric encryption algorithm that can be designed to be exceptionally fast, much faster than any block cipher as it usually operates directly on the incoming bit-stream rather than the larger blocks of data processed by block ciphers.

With a stream cipher, the transformation of the incoming data units will vary, depending on when they are encountered during the encryption process. Each decoded pixel is encrypted by applying an XOR operation with a pseudo random sequence produced by a generator. The HDCP specifications ensure constant updating of keys (after each encoded frame).

 

Key-Revocation

Key-revocation procedures are there to ensure that any device which violates the license agreement could be relatively easily blocked from receiving HD data.

If some particular model is considered 'compromised', its Key Selection Vector (KSV) is put into a blacklist - referred to as revocation list. These lists are encoded onto the HD media e.g. on newly produced disks with HD content. This means that the newer the media - e.g. high definition DVD disc - the larger will be the revocation list.

Each revocation list is signed with a digital signature using the Digital Signature Algorithm - also referred to as DSA. DSA is a United States Federal Government standard for digital signatures; it is used to prevent malicious users from both revoking legitimate devices as well as removing revocation for compromised devices from the list.

During the authentication process, if the receiver's KSV is found by a transmitter in the revocation list, then the transmitter considers the receiver to be compromised and refuses to send High Definition data to it.

It is this key revocation process that makes HDCP sort of 'future-proof' when it comes to combating the use of fake or rogue devices. Through key revocation, HDCP gives the media, content, or even other devices, the ability to invalidate keys of devices known to be a problem.

 

Is HDCP a 'flawless' content protection tool?

We have seen the various processes used to help protect HD content when the later is send from source to sink. It is clear that HDCP manages to achieve this objective through a number of measures taken over different fronts - not just encryption, but equally important through key revocation, as well as through licensing issues that prohibit manufactures from making devices that converts an HDCP enabled source into an analog full high definition version of the digital content - unless the content providers determines so through the appropriate setting of the so called image constraint token (ICT flag).

If it were for the AKE or the encryption processes alone, HDCP would easily loose its strength as a content protection mechanism. In fact, cryptanalysis researchers had already demonstrated fatal flaws in HDCP in 2001, prior to its adoption in any commercial product - flaws that could lead to fundamental weaknesses in the HDCP protocol - including eavesdropping of data and cloning of a device through its public key only.

Even so, FCC still approved HDCP in August 2004 as the content protection protocol for use with High definition content. Why? It is difficult to give a simple straight answer. However, there is one peculiar thing about HDCP that must not be forgotten - key revocation and its black listing mechanism; this gives HDCP unique power to retroactively remove functionality of what may be considered compromised devices.
 

 

---

Conclusion

Whether you like it or not, HDCP - with all its known flaws - is a reality and an integral part of today's HDTV world - either you comply or else, forget all about enjoying the awesome images brought about by HDTV and high definition DVDs.

---