Download the Tom's Hardware App from the App Store
The reference for current tech news
Yes No

Intel HDCP Cracked Using $350 Hardware Kit

by - source: Ruhr-Universität Bochum

An FPGA development board was used in a man-in-the-middle attack in obtaining and transmitting an encrypted signal from an HDMI port.

Researchers from the Ruhr University of Bochum's Secure Hardware Group in Germany have cracked the copy protection system used by HDMI ports: Intel's HDCP, or High-bandwidth Digital Content Protection. In addition to HDMI, HDCP is used to encrypt video signals transferred via DVI, DisplayPort and other connectors.

"In 2010, an HDCP master key, which is intended to form the secret core element of the encryption system, appeared briefly on a website," reads the official press release. "In response, the manufacturer Intel announced that HDCP still represented an effective protection component for digital entertainment, as the production of an HDCP-compatible chip using this master key would be highly complex and expensive."

Seemingly taking that as a challenge, the team accomplished the "inexpensive" man-in-the-middle attack by using Digilent's Atlys Spartan-6 FPGA development board. It features a Xilinx Spartan-6 LX45 FPGA (field programmable gate array) in a 324-pin BGA package, two HDMI video input ports, two HDMI video output ports, a 10/100/1000 Ethernet jack, a RS232 serial port and more.

"Our intention was rather to investigate the fundamental security of HDCP systems and to measure the actual financial outlay for a complete knockout," said team leader Prof. Dr.-Ing Tim Güneysu. "The fact that we were able to achieve this in the context of a PhD thesis and using materials costing just €200 is not a ringing endorsement of the security of the current HDCP system."

The $349 USD ($199 Academic price) board serves as the "middleman" by modifying all communications between a Blu-ray player and a flat-screen HDTV without being detected. The team was able to tap the HDCP encrypted data streams, decipher them and send the digital content to an unprotected screen via a corresponding HDMI 1.3-compatible receiver.

Yet as the team points out, this man-in-the-middle attack could allow the end-user to burn films from Blu-ray discs, but recording directly from an HDMI port results in a large amount of data. That said, this method is "of no great practical use for pirates." But Güneysu envisions a real threat to security-critical systems used by law enforcement agencies and the military.

"Although Intel is already offering a new security system, HDCP 2.0, due to the backward compatibility, the weak point will also remain a problem in coming years," he concluded.

Intel and Digilent have yet to comment on the report.

Share:
4
Comments
Read more
X
Submit

Comments
Add your comment
ppumkin 29/11/2011 13:20
Hide
-0+

Quote : but recording directly from an HDMI port results in a large amount of data. That said, this method is "of no great practical use for pirates.

I just setup a nas server with 6TB of storage with a AMD processor and loads of ram... Dumping that there and using the nas to recode it to a nice divx over night.. maybe its not pratical- but it sure is pretty easy.. but you have to watch the whole movie i suppose-- ripping the Bluray directly seems a bit faster.

Anonymous 29/11/2011 13:48
Hide
-1+

this isn't new at all - see hdfury cables. They have been available for AGES and do the exact same thing..

doive1231 29/11/2011 13:56
Hide
-0+

Good to see tax euros being spent so effectively.

shanky887614 29/11/2011 22:20
Hide
-0+

ive never understood hdcp


if you can play blu-rays on a computer it can copy them


we have all seen screen capture software before. its kind of a waste of time


(i know a screen capture wouldnt work, its an example)

Submit my comment
Read more

See more

Best offers

Latest news

Optical Storage Previous news

Newsletters


OK
Partners