HDCP Master Key Leak

Discussion in 'NZ Computing' started by Lawrence D'Oliveiro, Sep 18, 2010.

  1. Don’t you find Intel’s choice of words just a little odd
    <http://www.theregister.co.uk/2010/09/17/hdcp_copy_protection_crack/>:

    "What we have confirmed through testing is that you can derive keys for
    devices from this published material that do work with the keys produced
    by our security technology," Waldrop told FoxNews ...

    Surely they could just compare the key against the one built into their
    device-key generator, and say “yes, it’s the same� Instead, they have
    tested using this as a master key and concluded “yes, it produces usable
    device keysâ€, which is not quite the same thing.

    Sounds like the group that did the testing is not the same as the group that
    has access to the master key.
    Lawrence D'Oliveiro, Sep 18, 2010
    #1
    1. Advertising

  2. Lawrence D'Oliveiro

    Murray Symon Guest

    Lawrence D'Oliveiro wrote:

    > Don’t you find Intel’s choice of words just a little odd
    > <http://www.theregister.co.uk/2010/09/17/hdcp_copy_protection_crack/>:
    >
    > "What we have confirmed through testing is that you can derive keys
    > for devices from this published material that do work with the keys
    > produced by our security technology," Waldrop told FoxNews ...
    >
    > Surely they could just compare the key against the one built into their
    > device-key generator, and say “yes, it’s the same� Instead, they have
    > tested using this as a master key and concluded “yes, it produces usable
    > device keysâ€, which is not quite the same thing.
    >
    > Sounds like the group that did the testing is not the same as the group
    > that has access to the master key.


    Yes, that's one reason. Key check values (KCV) may have ben available,
    but like a hash they would not be a definitive proof, as collisions are
    possible.
    In a hierarchical key distribution scheme where distributed keys are
    encrypted under higher level keys with various levels of key security
    (such as tamper proof HSMs) the keys are not handled in the clear but
    always as ciphertext. This means verification needs to be performed
    cryptographically with reference to the master key-encoding-keys, or
    by functional tests, such as was mentioned.

    Murray.
    Murray Symon, Sep 18, 2010
    #2
    1. Advertising

  3. Lawrence D'Oliveiro

    Sweetpea Guest

    On Sat, 18 Sep 2010 20:18:21 +1200, Lawrence D'Oliveiro wrote:

    > Sounds like the group that did the testing is not the same as the group
    > that has access to the master key.


    Or they don't want to say it is the master key.


    --
    "Filtering the Internet is like trying to boil the ocean"
    Sweetpea, Sep 18, 2010
    #3
  4. In message <i720r1$2bq7$>, Murray Symon wrote:

    > Lawrence D'Oliveiro wrote:
    >
    >> Sounds like the group that did the testing is not the same as the group
    >> that has access to the master key.

    >
    > Yes, that's one reason. Key check values (KCV) may have ben available,
    > but like a hash they would not be a definitive proof, as collisions are
    > possible.


    Not sure what you mean here. Feel free to relate your “KCV†to the
    description of HDCP here <http://cryptome.org/hdcp-v1.htm>.

    > In a hierarchical key distribution scheme where distributed keys are
    > encrypted under higher level keys with various levels of key security
    > (such as tamper proof HSMs) the keys are not handled in the clear but
    > always as ciphertext.


    Keys have to be decrypted in order to be used.
    Lawrence D'Oliveiro, Sep 18, 2010
    #4
  5. Lawrence D'Oliveiro

    Murray Symon Guest

    Lawrence D'Oliveiro wrote:

    > In message <i720r1$2bq7$>, Murray Symon wrote:
    >
    >> Lawrence D'Oliveiro wrote:
    >>
    >>> Sounds like the group that did the testing is not the same as the group
    >>> that has access to the master key.

    >>
    >> Yes, that's one reason. Key check values (KCV) may have ben available,
    >> but like a hash they would not be a definitive proof, as collisions are
    >> possible.

    >
    > Not sure what you mean here. Feel free to relate your “KCV†to the
    > description of HDCP here <http://cryptome.org/hdcp-v1.htm>.
    >
    >> In a hierarchical key distribution scheme where distributed keys are
    >> encrypted under higher level keys with various levels of key security
    >> (such as tamper proof HSMs) the keys are not handled in the clear but
    >> always as ciphertext.

    >
    > Keys have to be decrypted in order to be used.


    Glad you worked that out :)

    Interesting is the following from Ars Technica article:

    "In other words, Intel and the media companies don't care that their
    encryption systems offer only token protection and consumer inconvenience;
    all that matters is that the encryption systems are sufficient to meet the
    DMCA threshold for a content protection system: the threat of legal action,
    rather than cryptography, is their real tool against unapproved uses of
    digital content."
    Murray Symon, Sep 19, 2010
    #5
  6. In message <i73kkk$2psr$>, Murray Symon wrote:

    > Lawrence D'Oliveiro wrote:
    >
    >> In message <i720r1$2bq7$>, Murray Symon wrote:
    >>
    >>> Lawrence D'Oliveiro wrote:
    >>>
    >>>> Sounds like the group that did the testing is not the same as the group
    >>>> that has access to the master key.
    >>>
    >>> Yes, that's one reason. Key check values (KCV) may have ben available,
    >>> but like a hash they would not be a definitive proof, as collisions are
    >>> possible.

    >>
    >> Not sure what you mean here. Feel free to relate your “KCV†to the
    >> description of HDCP here <http://cryptome.org/hdcp-v1.htm>.
    >>
    >>> In a hierarchical key distribution scheme where distributed keys are
    >>> encrypted under higher level keys with various levels of key security
    >>> (such as tamper proof HSMs) the keys are not handled in the clear but
    >>> always as ciphertext.

    >>
    >> Keys have to be decrypted in order to be used.

    >
    > Glad you worked that out :)


    So what was your posting about, again?
    Lawrence D'Oliveiro, Sep 19, 2010
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?ISO-8859-2?Q?Tomislav_Par=E8ina?=

    IOS Router HDCP command

    =?ISO-8859-2?Q?Tomislav_Par=E8ina?=, Apr 9, 2005, in forum: Cisco
    Replies:
    1
    Views:
    557
    miwiley
    Apr 10, 2005
  2. Replies:
    1
    Views:
    437
    Joshua Zyber
    Mar 11, 2006
  3. Silverstrand
    Replies:
    0
    Views:
    736
    Silverstrand
    Aug 11, 2006
  4. Steven Ellis

    Misinformation about HDCP and HDMI

    Steven Ellis, Aug 14, 2006, in forum: NZ Computing
    Replies:
    12
    Views:
    515
    Lawrence D'Oliveiro
    Aug 20, 2006
  5. Bit Twister

    Avoid Giving Your "Master Key" to a Hacker

    Bit Twister, Oct 31, 2010, in forum: Computer Security
    Replies:
    4
    Views:
    1,241
    Ari Silverstein
    Nov 4, 2010
Loading...

Share This Page