Princeton professor sez cracking HDCP is "eminently doable"
It seems that HDCP, the high def content protection scheme that's all the rage among
Hollywood types, may not be as secure as the suits had hoped: Princeton University computer science professor Ed Felten
takes a look at the standard's supposedly well-known security flaws and dumbs down the basic tech on his blog so all us
non-math majors can understand. Basically, HDCP relies on a handshake between connected hardware wherein the two
devices send each other a set of rules to be applied to the forty-or-so numbers that constitute both devices'
"secret vector" -- if each device reports the same numerical result (as the pre-determined mathematical rules
dictate they should), sweet high definition content can begin to flow freely. According to Felt, all it takes to figure
out a given device's secret vector or create a workable "phantom" vector is to perform a number of handshakes
equal to the number of elements in the secret vector, followed by a little bit of algebra to tease out the results from
a matrix of equations (follow the "Read" link for a better explanation). Although HDCP-restricted HDMI and
DVI connections aren't prevalent enough yet for anyone to have actually undertaken this project (either that, or fear
of legal reprisals has kept any successful cracks from being published), the simple fact that it's doable could mean
nightmares for Tinseltown sooner rather than later.[Via Boing Boing]
Reader Comments (Page 1 of 1)
matt @ Apr 14th 2006 10:18PM
owned.
do movie studios expect a perfect, uncrackable protection ? that's impossible. whatever they create can and will eventually be destroyed. The more they say it's "uncrackable", the harder people will hack away at it just to prove that it can be done.
Ryan Gardner @ Apr 14th 2006 10:34PM
Yeah, unless the studios use some kind of quantum cryptography - they will get hacked.
Sounds like a fun game to hack HDCP... too bad it's a game that will land you in jail after winning :(
netdroid9 @ Oct 17th 2006 8:22PM
Hell, even then we could probably crack the code. Even if the quantum cryptography system itself can't be cracked, the hardware that uses for encryption/decryption can. Theoretically, you'd just have to monitor the circuit.
Big Glare @ Apr 14th 2006 10:43PM
Considering HDCP will lock out anyone whose Television Predated HDCP. Thats almost every set from 1993 to 2004 worldwide. They are almost forcing the AACS and HDCP to be cracked to enable those of us who were good little Early Adopters and bought HDTV sooner rather than later.
I would have ordered my HD-DVD drive right away had they not put the ICT in the mix. I canceled my order in January when it was finallized and wont buy into either format until I know I can rip the ICT from discs I obtain to watch on my 2003 Mitsubishi Diamond series HDTV that doesnt have HDCP.
Dennis @ Apr 14th 2006 10:52PM
Good.
Torontoguy @ Apr 14th 2006 10:56PM
Well, let's see if we have the pattern down.
1) misguided geek A with too much time on his hands decides to squander the computing resources of a major research center on some completely pointless exercise (like cracking a copy protection scheme).
2) If successful, his method makes it out through the geek grapevine to irresponsible dork B who develops the method into a cracking application which he then releases into the wild so that...
3) total lamers n can make and distribute free copies of $20.00 movies.
Hey, Professor! Nobody has developed a cure for cancer yet...why don't you work on that?
David @ Nov 13th 2006 1:45PM
That's a bit short sighted. The major reason for copy protection isn't so much the hackers etc but the pirates whop churn out hundreds of thousands of the $20 discs often well enough to get their boot leg product into reputable retailers.
Unfortuately the zealousness of the MPAA to protect their already over priced product equates to an inferior product being sold to the consumer.
The comment about curing cancer is beyond acceptable. Not only do you in a swoop slander suffers of the disease you beggar the question what have YOU done to cure the disease?
Don @ Nov 14th 2006 5:33PM
Perhaps because he's a computer science researcher and not a cancer researcher? Dumbass.
Josh Warner @ Apr 14th 2006 11:28PM
This reminds me of an article I read a while back about DRM in general:
Encryption depends on both encrypted content sent, and a shared key used to encrypt/decrypt the content. When actually sending data, the key can be physically separated from listeners (or in this case, crackers).
The real problem with DRM is that you have to give the user (in hollywood speak: the hacker) both keys AND the content! The media has to have the key to be encrypted and also the encrypted content; the device (which is also physically in the possession of the cracker) has all possible decryption keys.
To draw a parallel between hollywood and the military: in essence, you have encrypted a top-secret communique, placed it in a box WITH THE CODE TO DECRYPT IT, given it to the enemy, and expected them not to crack the hell out of it. Riiight.
We as consumers are the enemies in hollywood's view. I for one look forward to when HDCP is hacked; I shure as heck am not going to shell out $$$ for a new monitor to play hi-def content when my 17" LCD with DVI is perfectly capable.
Revrant @ Apr 14th 2006 11:33PM
A. Retards buy into the corporate scheme willingly, joyous Baa Baa Baa'ing ensues
B. Blog bashes ATI over not supporting Corporate Anti-Consumer DRM, then bashes DRM. Bipolar fit commences.
C. People buy high definition formats for high price and are unable to watch aforementioned films due to anti-consumer DRM, become frustrated, turn to illegal functions in order to watch their damned movies. 'suits commence.
That about cover it? Yep.
Torontoguy @ Apr 14th 2006 11:48PM
Forget the Robin Hood (Robs from the 'corporate' rich to give to the 'consumer' poor) crap!
This is about whiney little creeps who think they are entitled to something for nothing.
Jeff @ Apr 14th 2006 11:49PM
Hollywood studios, take note: the only DRM that has ever not been cracked is either a) protecting content that nobody cares about, or b) so innocuous that most people don't even notice that it exists.
But the point is all DRM *can* be broken. Content is content, data is data. If you want to have data that's in a format that's actually readable by some other device, that data can be read - even if it's encrypted. The only way to make an unbreakable DRM is by encrypting it such that *no* other device can read it. And that pretty much defeats the entire purpose of releasing content to the public.
Learn it and love it, guys. HDCP will be cracked as soon as somebody gets annoyed enough with it to do so. And so will the next thing that comes along in a vain attempt to supplant it.
Revrant @ Apr 14th 2006 11:51PM
Wow, hold on a moment *injects Toronto with some Starforce* calm down there big fella.
OMAC @ Apr 14th 2006 11:53PM
Torontoguy, why would a computer science professor work on a cure for cancer?
C-Dogg @ Apr 15th 2006 12:22AM
"2) If successful, his method makes it out through the geek grapevine to irresponsible dork B who develops the method into a cracking application which he then releases into the wild so that...
3) total lamers n can make and distribute free copies of $20.00 movies."
I'm going to have to disagree with you there Torontoguy. Just because a few people circumvent copy protection schemes for monetary gain doesn't mean that everyone does. VLC Media Player depends on circumventing DVD copy protection to play DVDs from all regions and it's not only probably the best media player out there, it's free/open source. Also, like OMAC said, why would a computer science professor be working on a cure for cancer? (By the way, some cancers already can be treated/cured)
Snake201 @ Apr 15th 2006 12:22AM
Torontoguy you got "pwned"
Eric Domb @ Apr 15th 2006 12:35AM
I think the Princeton Prof. isn't looking to develop a profit-making scheme, but rather to alert the general public and those responsible for DRM about potentially serious issues that HDCP may have.
Toronto guy, why the hell are you reading TUAW when you could be curing cancer?!
Not to be nitpicky or anything, but Computer Science is heavily involved in developing cures/treatments for cancers and other diseases. I've actually done CS research that's been used to help prevent the effects of botulism.
PS: Princeton class of 2010!
billybob_jcv @ Apr 15th 2006 12:38AM
Stupid, stupid corporate suits! They insist on wasting money and engineers on developing DRM that is ALWAYS broken - if they would instead spend that money on increasing the quality & functionality of the displays, processors, media, content, etc - can you imagine where we *could* be?
Eric Domb @ Apr 15th 2006 12:39AM
Oops, not TUAW, Engadget. I got confused...too busy curing cancer...
Lukas @ Apr 15th 2006 1:29AM
HDCP will stand up to most consumers attempts to crack it, the hack may be someone actually using an electron microscope to read the encryption keys off the devices (I read once that would be possible) However, all it takes is one cracked device, and then all the (important) content that is published will flow freely through that single hacked system to the rest of us via bit torrent. The bottom line is we (average consumers) will have no need to crack the encryption, someone else will take care of that.
SEP @ Apr 15th 2006 1:45AM
Ho ho ho. Toronto is a dumbass. It was never about financial gain, never about something for nothing. It never was, never will be. When will fools like this ever learn? Proof of concept is all it ever will be. Oh, that and never getting ripped-the-hell-off by a bunch of suits again.....
Jonathan Worrel @ Apr 15th 2006 1:47AM
This is my proposal to stop copyrighted content from being exploited. However, it will only work once optical media formats become obsolete and all media switches to downloadable content.
1. A guy wants to buy a movie for his Panasonic
2. He creates a user account on Panasonic's website and registers all his gadgets and media players, providing their serial numbers.
3. He then browses an online video store, which is partnered with thousands of companies marketing media players, such as Panasonic. On this site, he buys his movie for all of the serial numbers on his user account
4. The server creates a copy of of the movie to send to him that can only be played by the serial numbers he provided.
If he ever gets a new device that he wishes to play the movie on, he will have to pay a small fee to add the new device's serial number to the list. Doing such can prevent most theft, as most people aren't willing to pay more money to share with other people.
Anyways, let me know what you think.
Pacey @ Apr 15th 2006 2:44AM
As the old saying goes...
Anything man can create, man can destroy...
Ben Hobbs @ Apr 15th 2006 3:17AM
I wish the parties so concerned with Pirating and DRM would put all of their energy and money into getting the price of their product down.
If DVD's and online music etc... where available at a sensible price then people wouldnt bother pirating it. Does x hollywood star really need to be paid 25 million dollars for his three months work?
EdZ @ Apr 15th 2006 4:26AM
19> Either spoof serial numbers within the device itself, or as the site allows you to enter the numbers you want, enter a predetermined string of them, compare the resultant files, and thus crack the encryption key.
DRM has an inherant flaw in that you MUST hold both the encrypted content and the key. There are no two ways about it.
tekdroid @ Apr 15th 2006 8:09AM
Please don't crack it. I would rather see nobody buy it. AACS, too. Let them dig their own grave this time. Ignore all products.
roboknave @ Apr 15th 2006 9:42AM
Sorry Johnathan, your scheme wouldn't work. As Edz pointed out, it is probably crackable pretty quickly. Also, if I d/l content for all my serial numbers then buy a new device, all that d/l'd content is useless on the new device unless I d/l it again. Even if it doesn't cost me money, it does cost me time.
To TorontoGuy: Where's your cure for all cancers? Or are you waiting for the corporate suits to invent one? Myself, I'm not holding my breath since not curing all cancers actually generates a boatload of money I'm sure the suits like lining their pockets with. Besides which, most of these schemes just make interoperability between your different kinds of devices a nightmare. "Hmmm, does my TV work with this HD-DVD? And does that work with my other content providers?" "No, if you want HD-DVD, you need *THIS* TV and these extra pieces. Along with these other extra pieces for your other content providers. That'll be $10,999.99."
As to the professor, they probably should have hired him as a consultant before they came up with HDCP. Or at least talked with someone that uses crypto standards that are well known or well published. Not much different than kids trying to invent a secret code really. Since they don't bother to really check into what's already been done, they all keep coming up with the equivalent of the Ceasar cipher again and again. And of course, those who already know keep cracking it again and again. Maybe after a few dozen tries, like everyone else who's come up with an encryption scheme, they'll figure out something that really is difficult to crack. Guess the transition into the information economy wasn't as easy as they thought it would be...
Eric W @ Apr 15th 2006 10:07AM
Woudn't it be easier just to buy a cheap HDCP device ( like LCD display ) and crack it open and find the serial video input to the LCD chip? You then take that video and feed it to whatever input you can ( say a HD video recorder ) and your done. It's something a good EE could do in a week or less ( I'm sure the asia pirate rings have already done so ).
Big Glare @ Apr 15th 2006 10:56AM
I don't beleive HDCP is the real villian here. The True villian is the AACS copy protection and the ICT which says if you dont have HDCP you don't get HD. Without the ICT if your TV isnt HDCP compatible or not is fairly moot since you can still get HD from component video connections or DVI or 1394 )if god forbid companies still cared about it).
The only thing with HDCP cracking is its "live" ability to constantly update itself. If the powers that be feel a device is easily cracked or has its serial numbers stolen they can lock out all devices of that type. Too many people hacking a Sony LCD, next thing you know EVERYONES Sony LCD screen is blocked out even nice legit users.
abandon the ICT and no one has to pirate movies, and no need to fear HDCP.
If studios were truly concerned about piracy they would embrace one format for Purchased movies, HD-DVD and then only sold recording devices for another. No one is copying PSP-UMD movies that Ive seen. Copying of Nintendo Cartridge games was such a small factor in schemes. But you see Movies, XBox games, Playstation 1 and 2 games being copied left and right because you can. CDs and DVDs can be read by PCs and Copied to media sold for pennies. Stop trying to slow down pirates, take away their ocean.
Jonathan Worrel @ Apr 15th 2006 12:55PM
Haha, just an if-then statement for you guys.
If man can destroy anything it creates, then robots will never take over the world.
Stevie K @ Apr 15th 2006 1:45PM
People will be able to routinely beat HDCP by this time next year.
Type-E @ Apr 15th 2006 2:25PM
If the secret vector has 40 56-bit key, doesn't that mean that there can only be (40 choose 2)780 number of device? Or is it like, one vector per brand company? ie all ATI graphic card uses the same secret vector. Or is it such that Sony makes 10 bluray player, it'll use 10 secret vectors?
EatingPie @ Apr 15th 2006 4:16PM
HDCP is HARDWARE-based, and occurs between the 2 ends of an HDMI connection. HARDWARE-BASED. The crack must be done at the HARDWARE/firmware level. You will need a piece of HARDWARE between your TV and the player. And even then, what format will the HARDWARE spit out the cracked signal? And to what other piece of HARDWARE!!??
This is not a feasible solution for the general public.
Hacking AACS is different. That's more like cracking CSS. This is not.
-Pie
Per-Erik Broz @ Apr 15th 2006 4:28PM
Good thing there are HDCP chips on the loose. I saw some add-on cards for CRT projectors which had HDCP chips (it took HD material, decoded it and sent it on to the old-non-hdcp chips in the projector. The chips where grinded on top to not reveal the source of the chips, though rumored they are from a plasma plant in asia.
These things will happen, some chips has also found their way to some dvi-with-hdcp to dvi-without-hdcp converter boxes.
So we don't even need to crack it, as long as they don't have 100% control over the use of the chips.
Zorak @ Apr 15th 2006 5:29PM
Oh, ones and zeros!
You are far too expensive.
Fair prices kill thieves.
mike @ Apr 16th 2006 12:24AM
Why dont these hacker whackos concentrate on hacking into and taking down al-queada websites instead of other crap!
Eric Domb @ Apr 16th 2006 3:28PM
#21:
Does the Hollywood star need to be paid $25 million for a movie? Well, I guess that all depends on whether suckers like you or me are willing to go spend $30 at the movie theater, then buy the $20 DVD, then the $50 special edition DVD, and buy the toys/dolls/action figures for our kids, etc.
So does he need to be paid that much for a movie? No, but he certainly will be if you ask him to :)
Perrey Z. @ Apr 16th 2006 7:26PM
#11: Because Hollywood wants to keep their rich homos, whores and cunts which they call "actors" living the highlife with after sales royalties of their previous crappy work., so in other words, if you buy a movie and your brake it or loose it before making a successful compatible copy, you'll have no other option but to buy it again.
Good for this professor., let's hope his science department is not "sponsor" by any Japanese company like it Hitachi and Matsushita who sponor 2-U.S. universities in order to STEAL the ideas of the American students and professors who attend these universitis and have pending projects in these sponsored departments, or in this case to block his efforts from cracking of the HDCP.
Mike Campbell @ Apr 16th 2006 11:46PM
@ Perrey Z
Wow - a comment that manages to be homophobic, misogynistic, and xenophobic all at the same time. You don't mess around, do you?!
citykids @ Apr 17th 2006 3:21PM
Burn, Hollywood burn! I for one have given up feeding this bloated beast, here's hoping they crack that bad boy wide open!
Perrey Z @ Apr 18th 2006 1:42AM
#34: Mikey C. that's what the majority of them are., There's nothing to be surprise., and yeah, i don't mess around i also forgot junkies. Oh boy!
The HDCP note has brought another subject to the blog; Hollywood's dirty lifestyle secret.
raider @ Oct 18th 2006 12:53AM
I love that theres a whole bunch of anti hollywood sentiment on a blog discussing cracking a code protecting hollywood movies .. If they are that evil / useless etc, why friggin bother ?
Dave @ Oct 27th 2007 4:53AM
Hardware can be emulated, so it being "hardware encryption" doesn't mean it can't be cracked. This protection scheme can and should be cracked, since they're depriving people who bought HDTVs in good faith of the ability to play HD content. That will, in fact, cause it to be cracked even more quickly.
All copy protection will be cracked eventually, and usually sooner rather than later. There is a difference between enthusiast cracking and mainstream cracking, however. All console game systems have been cracked, but systems that require a hardware modification to play copied content are not mainstream cracking. This type of protection is fairly easy to implement by putting data on parts of the disk that can't be written to by a commercially available recorder, either with special recorders or specially manufactured media. The studios will have to accept some losses, just like every other business does.