Here's the fun bit:
"We observe that attackers can exploit a well-known cryptographic design mistake: the shared secret generation is entirely linear. The attack only needs 40 public/private key pairs such that the public key pairs span M ⊂ (Z/256Z)40, the module generated by all public keys. Since HDCP devices divulge their public keys freely, one can easily test whether a set of 40 devices have public keys spanning M before expending the effort to extract their private keys. With these keys, the authority’s secret can be recovered in only a few seconds on any desktop computer."
Edited to add the next paragraph (paper was published in 2001):
"The consequence of these flaws is that, after recovering the private keys of 40 devices, we can attack every other interoperable HDCP device in existence: we can decrypt eavesdropped communications, spoof the identity of other devices, and even forge new device keys as though we were the trusted center. Note that this allows us to bypass any revocation list or “blacklisting”: such mechanisms are rendered completely ineffective by these flaws in HDCP. Therefore we recommend that the current HDCP cryptosystem should be abandoned and replaced with standard cryptographic primitives."
So does this mean that all new equipment will quickly switch to DisplayPort, necessitating another round of TV/monitor upgrades? Or will the HDMI organization add DPCP (AES) to the HDMI standard?
[Edit: it was mentioned elsewhere* in the thread that HDCP 2.0 uses AES]
For those not quite that curious, if you've ever tried to watch a Blu-Ray movie on your computer, and gotten an error about it being restricted from playing back on your display; there's a good chance that is because of HDCP.
If this is true (and there isn't really a good reason to believe that it isn't), this is pretty bad news for the content industry.
It was this angle of attack, or one very similar to it, that I remember reading from an nVidia (or it might have been ATI) powerpoint deck a few years back.
If I were a content provider, I wouldn't be so thrilled.
My single worst experience with iTunes was when I took the dive and spent that extra dollar to rent an HD movie. Just to find out a $5 movie on my $500 Mac Mini won't play on my $1,000 TV.
I haven't made a -single- Apple purchase since then. That's how badly HDCP pissed me off.
And it was free.
What problem was HDCP trying to solve, again?
The problem of the price of goods in a competitive market falling to the marginal cost of production.
That's a problem for the people who produce goods that a new technology is busy reducing the marginal cost of production. It shouldn't be a problem for anybody else, but HDCP makes it so.
Selling a 50 cent piece of wire for $80 is a much better business model than making a movie and getting people to buy it, after all.
Uh, yeah it (HDCP) did; on specific movies rented via iTunes, if you don't have an HDCP compliant display, it won't play.
My Samsung BD-P1590 has had new fewer than 4 firmware updates, the last of which actually caused the player to crash on most of the Blu-Ray movies I try to watch. I rent from Netflix and I have literally had to rip the movie and stream it to my XBMC box in order to watch the movie because it wouldn't play on my Blu-Ray player.
Secondly, I've had to completely disable BD-Live because when the disc has those lame downloadable previews, it takes several minutes of just sitting at a spinning wheel or lame icon with nothing (apparently) happening. If I'm lucky the preview will download and play, but 90% of the time, the player just stays like that forever and the only button that works on the remote is Power.
Lastly, the unskippable previews really piss me off. I know that DVD had this as well, but it's seriously annoying that it takes 5+ minutes just to get to the menu to watch a movie. Many times I do sit and watch the previews while popcorn is popping or the wife isn't ready to watch yet, but when I want to skip them, I really should be able to.
So, despite the fact that I try to watch movie the authorized way, most of the time I find it easier to rip/stream the movie from a BD-ROM with XMBC than to actually use my Blu-Ray player.
I really feel bad for the non-techies that have to deal with all this mess without being able to find sneaky workarounds to get it to work properly.
I have a samsung blue ray player too. I usuallly push stop, and then hit the "title menu" (or disc menu? I forget) to skip the unskippable stuff.
I had to download a 300meg trial of PowerDVD just to play a film I'd already paid for (I also had to update my graphics card for some reason, the computer had been playing HD content for months without needing that).
That will be the last Blue-Ray disk I buy..
The experience is getting a bit ridiculous, and I personally hope someone writes a DeCSS for Blu-Ray so that we can uncripple this format.
Btw, I don't actually buy any Blu-Ray disks, I just have my Netflix account enabled for Blu-Ray and watch most movies in that format since it looks better on my HDTV.
I've been using AnyDVD HD for a few years, but I have not had a Blu-Ray reader or writer until a couple of days ago and I have no Blu-Ray discs yet (Netflix, hurry up!). AnyDVD works great on DVDs and claims to work with Blu-Ray and HD-DVD formatted content. It's not free, unfortunately, but it's supposed to uncripple the format.
And before I get to far: I'm not a pirate, my use of AnyDVD HD is simple: I have a single SageTV Media Server (HTPC/DVR software) and I use extenders to play all of my video content on three televisions (meaning my TVs have one tiny low-power box yet all of my TVs can play a DVD or watch recorded content and live TV from my noisy HTPC tucked away in a rack in my basement). Without AnyDVD, I can't put a DVD in the basement server and play it on an extender upstairs. I was hoping to do the same with my new Blu-Ray player.
For this reason, I doubt we'll ever see a public domain solution like DeCSS arrive. It's too bad.
The funny thing is that I would have been a Blu-Ray early adopter if I didn't see this mess coming. I can't believe my parents purchased a player before I did.
But the load times alone make me want to throw my Blu-Ray player out of the window. It's a mind-numbingly slow experience in every way.
Then I got a PlayStation 3. It made the kids happy and is radically faster playing Blu-Ray discs. If you're not a gamer be sure to get the optional "normal" bluetooth remote and you'll be all set.
The real problem is that I can't see much of a difference between the dvd version of a movie and the bluray version, if I have a choice for the same price I probably will buy bluray but otherwise the dvd upscaling works just as well for me.
This experience of quality differs greatly than that of a regular xvid rip and a hidef h264 rip which are actually quite noticeable.
I think the bottom line is that Sony and the Blu-Ray disk manufacturers are treating our player devices like they own them. This is the same kind of thinking that caused the Sony Rootkit fiasco. What would people do if they found out that a Blu-Ray update caused their player to start reporting every movie they watched to a server (it probably already does)?
I wouldn't be so sure. This is exactly the experience I got in the first year of DVDs being available. (although the player was a bit lighter ;) ) After some time we got proper software for Windows and after that, there was DeCSS.
Just give it time. If there is useful content on Blue-Ray, people will use it and the experience will improve.
I thought we would have been there by now. DeCSS came out at about the time my parents upgraded from VHS to DVD. My parents just purchased a Blu-Ray player, so I'm thinking ... any day now. People have commented on how long it's taken to get the HDMI master key, but I'd argue it hasn't been that long. Despite some theoretical attack methods being published as early as 2001, there wasn't any reason because HDCP/HDMI was exotic for quite some time. Going back to the "My Parents" analogy: their first device to ever have an HDMI port on it was purchased earlier this summer. Both Panasonic devices, yet my dad has to power cycle the blu-ray player occasionally because the TV won't pick the picture up.
Here's my theory on how consumer electronic DRM cracking:
1) DRM or other scheme is created. It ticks off geeks/enthusiasts, but they largely deal with it. ...2) Despite itself, eventually it gains critical mass and a bunch of those geek's non-geeky parents buy devices and experience the same trouble. ...3) Geek children get constant phone calls from parents about why their new stuff doesn't work as well as their old stuff and ask said Geek Children to come over and fix it because they don't know what an HDCP Error is. ...4) One or more geeks get irritated enough with the phone calls to finally test that theoretical attack. ...5) Geeks everywhere find custom firmware for their parent's televisions and players and permanently solve the problem, while also recommending to their other non-technical friends precisely which model of TV and Blu-Ray to buy based entirely on its ability to have the play-back destroying copy-protection removed. The last part hasn't happened yet, but one can dream.
One step at a time.
Also, there's a whole industry around copy-protection which won't go away in one day. Pretty much the best we can do right now, is make is obsolete by proving DRM is useless, while they will try to prove otherwise. DVD-s right now are a nice compromise where they did their job™, and we get the content as if it was not locked. (of course you still cannot skip the intros on "official players", but that's just an education issue - for example mplayer can play the movie itself without the added marketing crap)
The proof is in their own studies, really ... if they believe them. According to Big Media, piracy rates are incredible. It takes a few words in Google to find that everything that has ever been put behind DRM is available without it, for free (illegally, of course). The negative effects of DRM schemes are huge (see rest of comments).
There would be so many very cool things that have nothing to do with piracy if DRM wasn't part of the equation. And they can be done right now by breaking US law and circumventing whatever scheme is in place.
I have several Blu-Ray discs, but I've loaned them (and my PS3) to my parents until I get around to getting a BD drive for my Linux box. I do miss watching video in 720p, though; interlaced DVD is unpleasant, to say the least.
Hulu and boxee would be nice for some things, if the streaming servers for baseball games wouldn't get bogged down, or something causes a stutter or pause as bandwidth runs thin.
Also, I get poor cell signal in my new ground-floor apartment, so my $80/mo cell bill providing service to my smartphone isn't doing me any good. I switched to using Google Voice for the time being, but that doesn't well if something's hogging bandwidth. (Just because I can rate control going out, doesn't mean I can rate control what's trying to come in from the other side of that pipe.)
I wired my apartment to avoid wifi noise, but 6Mb/s DSL just isn't good enough for some common network multitasking activities. DOCSIS in apartment contexts is a horrible choice; you quickly get too many people on the same loop. VDSL may or may not be available; tech says one thing after a test, phone company's system says another. With VDSL, though, I'll get tied to a crap router with a built-in 802.1x identifying key, so I can't use my own setup.
Rate control of what's trying to come in from the other side of the pipe is half the point of putting voip traffic in its own QOS class. (The other half being rate control of data going out.) You may not be able to for some reason, but any good QOS system should let you do that.
So your comment sounds particularly naive, in this part of the world.
Things have a long way to go before a majority of westerners have access to solid, reliable 10Mbps connections.
Clearly you do not.
My connection is somewhat above the surveyed "average" speeds and stability for the UK, as frequently reported in the media here. One such story puts the average true throughput of a 10-12Mbps DSL connection at around 3.3Mbps: http://www.digitalspy.co.uk/digitaltv/news/a251311/uks-avera... .. As mine is usually around 5-6Mbps (though dropping to 2-3 at peak, sometimes) my connection is, I believe, "reasonably good" by national standards.
Yes, I can. It is an absolute measure. Yours may well be well above the average for the region or even the nation, but it is still not good. Mind, slightly tongue-in-cheek since estimating actual required level of service is a bit tricky. I meant it mostly in the sense of "do not let the telcos tell you that is 'good enough'".
Personally, I would put the "reasonably good" barrier for this day and age at about 20/10Mbps. (I pay about 40€ for a nominal 100Mbps - which, in a quick test right now, gives me 24/13Mbps to/from the UK, over Wi-Fi LAN).
Even if you assume "everyone [and that's 1/3 the country] still on dial-up is such a late-adopter they're not even interested in HD yet", a lot of that broadband is less than 1 Mbps. And many broadband consumers have monthly bandwidth caps.
People with >1Mbps uncapped broadband is probably too small of a market to make purely digital distribution viable.
The latter part of your statement is true. They're not wiring up rural areas. However, I live in a neighborhood that doesn't have a home newer than 30 years and am receiving AT&T U-Verse, 20Mbps down (and consistent).
I don't believe the future is in shiny discs. The near-future probably isn't in exclusive streaming video, but the longer term likely is. We're a few technological break-thrus away, perhaps, but for what my opinion is worth... I believe it'll get there.
It's bizarre. Imagine a job where my customer complains about how ineffective my product is yet continues to shovel money at me. Wait, even worse, my product makes their customers miserable and yet they still shovel money at me. It sort of sounds like the business model of a crack dealer.
The paste however contains the key matrix used to encrypt and decrypt the digital video signal. If this is valid, every transmission between a HDCP-secured playback device and the display can be decrypted, thus rendering every other encryption method, used in the playback chain, useless, including AACS and BD+.
This is serious, because the keys for AACS can be revoked, if compromised. HDCP keys however can't be revoked.
Another problem with cracking the transport instead of the storage medium, is that to rip from HDMI you have to play the movie at normal speed, while ripping straight from disc can be done much faster.
Regarding on-the-fly watermarking, I see the hypothetical use, but current watermarking algorithms are to complex for BD+. An interesting idea though.
According to their FAQ: http://www.digital-cp.com/faqs
"HDCP revision 2.0 uses industry-standard public-key RSA authentication and AES 128 encryption. It also supports protection of compressed content, making it feasible to use relatively slow 50 to 200 Mbps interfaces."
... and ...
"HDCP 1.x technology offers protection for uncompressed content transmitted over several common wired interfaces including DVI, HDMI and DisplayPort. HDCP revision 2.0 adds strengthened encryption..."
In other words, no equipment that anyone has.
Hence the master key pretty much kills it all.
Therefore, this matrix may not even be leaked, but somebody might reconstruct it from relatively small number (I don't remember exact required number, but i recollect that it is at most thousands) of keypairs recovered from devices in circulation.
By the way similar mode of deployment was once recommended for RSA (having shared modulus whose factorization is known to central authority), but it is long known to be insecure (for RSA). I don't know of any non-HDCP related analysis of public key cryptography based on similar approach as HDCP (vector summing or matrix multiplication, depending on viewpoint), which probably means that it is very well known to be insecure.
Edit: and for the key update: you would have to update all deployed keys simultaneously, which is probably impossible. Moreover HDCP does not even specify any kind of infrastructure to accomplish this.
According to Wikipedia, you only need to collect 39 Dragon Balls to reconstruct the master matrix.
I don't think this does anything for Blu-ray as it has it's own encryption scheme.
Edit: Oops, I see someone mentioned this already. Missed that comment.
Credibility is less because it was posted anonymously as a dump of hex to paste-bin, therefore eliminating any authority that would come if this person was a well-known security researcher. If the author had credibility and wanted to use his/her reputation to make the post more credible, he'd have the pleasure of a herd of lawyers and law enforcement at his door, assuming that he lives in a country with anti-circumvention laws. So his only choice is to keep it to himself or post anonymously, taking away any credibility that comes with authority in a subject.
Regardless, someone will test this soon enough and determine if this non-credible post is credible or just a creative bunch of social engineering. That it's garnered this much attention this quickly (take a look at your major social news sites ... and tech blogs) should scare industry insiders. The mere HOPE that some random posting on pastebin would topple HDCP and bring a possible end to device interoperability would get this much attention truly highlights what a dismal mess HDCP is. If it's The Real Thing(tm), we'll know when the master key is used to generate a random device key and 80% of the time the signal is decrypted properly without having to turn both devices off and back on.
And if it is true, I hope our friend that posted it took some pretty serious precautions to protect his own anonymity.