A Cryptanalysis of the High-Bandwidth Digital Content Protection System
Purchase on Springer.com
$29.95 / €24.95 / £19.95*
* Final gross prices may vary according to local VAT.
We describe a weakness in the High Bandwidth Digital Content Protection (HDCP) scheme which may lead to practical attacks. HDCP is a proposed identity-based cryptosystem for use over the Digital Visual Interface bus, a consumer video bus used to connect personal computers and digital display devices. Public/private key pairs are assigned to devices by a trusted authority, which possesses a master secret. If an attacker can recover 40 public/private key pairs that span the module of public keys, then the authority’s master secret can be recovered in a few seconds. With the master secret, an attacker can eavesdrop on communications between any two devices and can spoof any device, both in real time. Additionally, the attacker can produce new key pairs not on any key revocation list. Thus the attacker can completely usurp the trusted authority’s power. Furthermore, the protocol is still insecure even if all devices’ keys are signed by the central authority.
- A. Shamir. Identity-based cyrptosystems and signature schemes. In Crypto’84, 1984.
- Y. Desmedt and J. Quisquater. Public-key systems based on the difficulty of tampering. In Crypto’86, 1986.
- H. Tanaka. A realization scheme for the identity-based cryptosystem. In Crypto’87, 1987.
- S. Tsuji and T. Itoh. An ID-based cryptosystem based on the discrete logarithm problem. In IEEE Journal of Selected Areas in Communication, volume 7, 1989.
- Dan Boneh and Matthew Franklin. Identity-based encryption from the Weil pairing. In CRYPTO’2001, 2001.
- David Barth. Personal communication. September 2001.
- Rolf Blom. An optimal class of symmetric key generation systems. In T. Beth, N. Cot, and I. Ingemarsson, editors, Proc. EUROCRYPT 84, pages 335–338. Springer-Verlag, 1985.
- Rolf Blom. Non-public key distribution. In R. L. Rivest, A. Sherman, and D. Chaum, editors, Proc. CRYPTO 82, pages 231–236, New York, 1983. Plenum Press.
- Scott Crosby. Apparent HDCP authentication protocol weaknesses. http://cryptome.org/hdcp-weakness.htm, May 2001.
- Keith Irwin. Four simple cryptographic attacks on HDCP. http://www.angelfire.com/realm/keithirwin/HDCPAttacks.html, July 2001.
- Niels Ferguson. Censorship in action: Silenced by the DMCA. http://www.macfergus.com/niels/dmca/index.html, August 2001.
- Intel Corporation. High-Bandwidth Digital Content Protection System, 1.00 edition, February 2000.
- Hitachi, Ltd. and Intel Corporation and Matsushita Electronic Industrial Co., Ltd. and Sony Corporation and Toshiba Corporation. Digital Transmission Content Protection System, Volume 1, July 2001.
- Semiconductor Design Solutions. RSA2048A RSA coprocessor data sheet. http://www.sidsa.com/datasheets/RSA/ds_rsa2048a_short.html.
- 3GPP Security Algorithms Group of Experts. 3GPP KASUMI evaluation report. Technical report, 3rd Generation Partnership Project, Oct 2000.
- A Cryptanalysis of the High-Bandwidth Digital Content Protection System
- Book Title
- Security and Privacy in Digital Rights Management
- Book Subtitle
- ACM CCS-8 Workshop DRM 2001 Philadelphia, PA, USA, November 5, 2001 Revised Papers
- pp 192-200
- Print ISBN
- Online ISBN
- Series Title
- Lecture Notes in Computer Science
- Series Volume
- Series ISSN
- Springer Berlin Heidelberg
- Copyright Holder
- Springer-Verlag Berlin Heidelberg
- Additional Links
- Industry Sectors
- eBook Packages
- Tomas Sander (4)
- Editor Affiliations
- 4. InterTrust STAR Lab. - New Jersey
- Author Affiliations
- 5. Carnegie-Mellon University, USA
- 6. Zero Knowledge Systems, USA
- 7. University of California at Berkeley, USA
To view the rest of this content please follow the download PDF link above.