Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > HDCP Master Key Leak

Reply
Thread Tools

HDCP Master Key Leak

 
 
Lawrence D'Oliveiro
Guest
Posts: n/a
 
      09-18-2010
Don’t you find Intel’s choice of words just a little odd
<http://www.theregister.co.uk/2010/09/17/hdcp_copy_protection_crack/>:

"What we have confirmed through testing is that you can derive keys for
devices from this published material that do work with the keys produced
by our security technology," Waldrop told FoxNews ...

Surely they could just compare the key against the one built into their
device-key generator, and say “yes, it’s the same”? Instead, they have
tested using this as a master key and concluded “yes, it produces usable
device keys”, which is not quite the same thing.

Sounds like the group that did the testing is not the same as the group that
has access to the master key.
 
Reply With Quote
 
 
 
 
Murray Symon
Guest
Posts: n/a
 
      09-18-2010
Lawrence D'Oliveiro wrote:

> Don’t you find Intel’s choice of words just a little odd
> <http://www.theregister.co.uk/2010/09/17/hdcp_copy_protection_crack/>:
>
> "What we have confirmed through testing is that you can derive keys
> for devices from this published material that do work with the keys
> produced by our security technology," Waldrop told FoxNews ...
>
> Surely they could just compare the key against the one built into their
> device-key generator, and say “yes, it’s the same”? Instead, they have
> tested using this as a master key and concluded “yes, it produces usable
> device keys”, which is not quite the same thing.
>
> Sounds like the group that did the testing is not the same as the group
> that has access to the master key.


Yes, that's one reason. Key check values (KCV) may have ben available,
but like a hash they would not be a definitive proof, as collisions are
possible.
In a hierarchical key distribution scheme where distributed keys are
encrypted under higher level keys with various levels of key security
(such as tamper proof HSMs) the keys are not handled in the clear but
always as ciphertext. This means verification needs to be performed
cryptographically with reference to the master key-encoding-keys, or
by functional tests, such as was mentioned.

Murray.
 
Reply With Quote
 
 
 
 
Sweetpea
Guest
Posts: n/a
 
      09-18-2010
On Sat, 18 Sep 2010 20:18:21 +1200, Lawrence D'Oliveiro wrote:

> Sounds like the group that did the testing is not the same as the group
> that has access to the master key.


Or they don't want to say it is the master key.


--
"Filtering the Internet is like trying to boil the ocean"
 
Reply With Quote
 
Lawrence D'Oliveiro
Guest
Posts: n/a
 
      09-18-2010
In message <i720r1$2bq7$(E-Mail Removed)>, Murray Symon wrote:

> Lawrence D'Oliveiro wrote:
>
>> Sounds like the group that did the testing is not the same as the group
>> that has access to the master key.

>
> Yes, that's one reason. Key check values (KCV) may have ben available,
> but like a hash they would not be a definitive proof, as collisions are
> possible.


Not sure what you mean here. Feel free to relate your “KCV” to the
description of HDCP here <http://cryptome.org/hdcp-v1.htm>.

> In a hierarchical key distribution scheme where distributed keys are
> encrypted under higher level keys with various levels of key security
> (such as tamper proof HSMs) the keys are not handled in the clear but
> always as ciphertext.


Keys have to be decrypted in order to be used.
 
Reply With Quote
 
Murray Symon
Guest
Posts: n/a
 
      09-19-2010
Lawrence D'Oliveiro wrote:

> In message <i720r1$2bq7$(E-Mail Removed)>, Murray Symon wrote:
>
>> Lawrence D'Oliveiro wrote:
>>
>>> Sounds like the group that did the testing is not the same as the group
>>> that has access to the master key.

>>
>> Yes, that's one reason. Key check values (KCV) may have ben available,
>> but like a hash they would not be a definitive proof, as collisions are
>> possible.

>
> Not sure what you mean here. Feel free to relate your “KCV” to the
> description of HDCP here <http://cryptome.org/hdcp-v1.htm>.
>
>> In a hierarchical key distribution scheme where distributed keys are
>> encrypted under higher level keys with various levels of key security
>> (such as tamper proof HSMs) the keys are not handled in the clear but
>> always as ciphertext.

>
> Keys have to be decrypted in order to be used.


Glad you worked that out

Interesting is the following from Ars Technica article:

"In other words, Intel and the media companies don't care that their
encryption systems offer only token protection and consumer inconvenience;
all that matters is that the encryption systems are sufficient to meet the
DMCA threshold for a content protection system: the threat of legal action,
rather than cryptography, is their real tool against unapproved uses of
digital content."
 
Reply With Quote
 
Lawrence D'Oliveiro
Guest
Posts: n/a
 
      09-19-2010
In message <i73kkk$2psr$(E-Mail Removed)>, Murray Symon wrote:

> Lawrence D'Oliveiro wrote:
>
>> In message <i720r1$2bq7$(E-Mail Removed)>, Murray Symon wrote:
>>
>>> Lawrence D'Oliveiro wrote:
>>>
>>>> Sounds like the group that did the testing is not the same as the group
>>>> that has access to the master key.
>>>
>>> Yes, that's one reason. Key check values (KCV) may have ben available,
>>> but like a hash they would not be a definitive proof, as collisions are
>>> possible.

>>
>> Not sure what you mean here. Feel free to relate your “KCV” to the
>> description of HDCP here <http://cryptome.org/hdcp-v1.htm>.
>>
>>> In a hierarchical key distribution scheme where distributed keys are
>>> encrypted under higher level keys with various levels of key security
>>> (such as tamper proof HSMs) the keys are not handled in the clear but
>>> always as ciphertext.

>>
>> Keys have to be decrypted in order to be used.

>
> Glad you worked that out


So what was your posting about, again?
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Misinformation about HDCP and HDMI Steven Ellis NZ Computing 12 08-20-2006 07:10 AM
MSI NX7900GT-VT256E-HD HDCP-enabled Geforce 7900GT Videocard Silverstrand Front Page News 0 08-11-2006 03:40 PM
Does HDMI automatically infer HDCP? auriga_m38@yahoo.com DVD Video 1 03-11-2006 01:11 AM
IOS Router HDCP command =?ISO-8859-2?Q?Tomislav_Par=E8ina?= Cisco 1 04-10-2005 02:15 PM
seeking servlet "Master" keep getting "Master/servlet/Master" not found. Tomcat 5.0.25 Doug McCann Java 1 08-05-2004 09:16 PM



Advertisments