REN: Now, listen, Cadet. I've got a job for you. See this button? DON'T TOUCH IT! It's the HISTORY
HDCP eraser button, you fool!
STIMPY: So what'll happen?
REN: That's just it! We don't know! Maayyybeee something bad?... Mayyybeee something good! I guess we'll never know!
'Cause you're going to guard it! You won't touch it, will you?
So you read last week's column on OPM and you
thought, "That's not fair! That's just evil – pure evil." You subsequently traversed the twelve different stages of DRM
grief (eleven of which appear to be anger) and you happily arrived at step 12, hackery.
The next day, you, as a loyal reader, returned to Engadget and were greeted by the apparent answer to all your
DVI/HDMI/HDCP woes. There in front of you stood Spatz-Tech's DVIMAGIC. "Take that, you evil HDCP doers. You can't
keep me down."
For those unaware Spatz-Techs DVIMAGIC, while sold and marketed as a DVI amplifier, is attracting attention among
the consumer crowd as an HDCP stripper. The device is placed between your playback device (e.g. computer, cable box,
HD-DVD player, etc) and your display device. The DVIMAGIC then pretends to be a secure device. Once the DVIMAGIC
convinces the playback device to send the signal, it receives the signal, decrypts the signal, and sends a bit-perfect
copy of the signal out the other end to your monitor. The result is a pristine restriction-free copy of your
content.
Oh, sure - used like this, these devices fly in the face of the DMCA. But thats a small price to pay for a working
display. Besides, as many proudly proclaimed, Were not from the US. They cant touch us.
Well theres a bigger problem looming ahead. Unfortunately, the good people behind HDCP werent complete idiots. If
you thought that the idea of OPM was a little scary, youre going to love Key Revocation Lists. Consider revocation
HDCPs version of the History Eraser Button.
So what is revocation? Lets first start with a brief look at HDCP.
There are three main parts to HDCPs security system. First, there is the cryptographic Authentication and Key
Exchange (AKE). When a company wishes to produce an HDCP-compliant device, that company requests a set of keys from the
HDCP licensing body. After the licensing body has determined that the companys product has been designed in a manner
robust enough to withstand attacks and that the keys will be protected, the company will be given a series of unique
secret keys.
AKE is the cryptographic method that uses these keys to determine a mutual value with which to encrypt the data
traveling between the playback device and the display device.
Once both the playback device and the display device have settled on a value with which to encrypt the content, all
the video content will be encrypted using this mutual value (this is the second part). Additionally, the system
will check every couple of seconds to ensure the integrity of both the keys and the link.
So far, that seems reasonable. However, what happens when rogue devices start to appear on the market? What happens
when a companys design wasnt as robust as first thought or, worse yet, a companys secret keys are leaked into the
wild.
This is where key-revocation lists come into play. The third aspect of HDCP security is device renewability. This is
the ability for media, streaming content, or even other devices to invalidate keys known to be a problem. For instance,
lets assume that youve purchased a DVIMAGIC. That little device is sitting between your cable box and your
television. Everything is going fine. Then, one day, you wake up to discover that your television is no longer working
with all the channels. What happened? Your cable box just used System Renewability Messages (SRMs) to invalidate
the keys used by your DVIMAGIC. From that point on, your cable box will treat your DVIMAGIC as a rogue device. As such,
it will not allow it to pass AKE.
Will your DVIMAGIC work with a HD-DVD player? That depends: what discs have you tried to play? Revocation lists are
encoded onto the DVDs. The newer the disc is, the larger the revocation list will be, and, once youre caught, that
playback device should never pass AKE.
For a hack, this might be annoying. However, what happens when legitimate keys are in the wild? For instance,
lets assume for a second that a large plasma-television company was the victim of a break-in/angry employee/etc. The
result is that said companys keys have landed in the hands of a DVIMAGIC-type dongle maker. When that
dongle-maker is caught, will the powers-that-be revoke its keys knowing that, in doing so, there will be legitimate
customers caught in the crossfire?
The answer isnt 100% clear. Content owners might very well say, Too bad Company X didnt properly protect its
keys. The result? Unclear.
What we do know is that with HDCP there is shiny red button that can be used to retroactively remove
functionality.
And did Stimpy press that button? You betcha!
Column note: there is no guarantee that the DVIMAGIC device will be added to any revocation list. The DVIMAGIC product
is simply used to demonstrate the general type of product which could, in theory, be revoked.
If you have comments or suggestions for future columns, drop me a line at theclicker@theevilempire.com.