Researchers say Intel's copy protection protocol has been known to be flawed for nine years and they aren't surprised by the news.
An antipiracy code used in set-top boxes, Blu-ray and DVD players has been cracked and published on the Internet, and as a result, we may soon see devices on the market that allow people to make unauthorized copies of movies.
Intel confirmed to CNET yesterday that code posted anonymously to the Internet earlier this week is the secret master key to the HDCP (High-bandwidth Digital Content Protection) protocol. Intel created HDCP to be used for ensuring that only authorized devices are playing copyright-protected video and audio, and it licenses the technology to hardware manufacturers.
The master key is supposed to be secret from everyone except a central HDCP authority. It is used to generate keys in consumer devices for encrypting the data and verifying that the devices have HDCP licenses. From this master key you can compute all the sub keys.
"Those keys let you play god for this protocol," said Paul Kocher, president of Cryptography Research. "It's only a matter of time before someone produces a device that captures high-definition content" and allows people to play and record movies at will. Kocher predicted that within three to five years such a product would hit the market. "We will see people in China building TV sets that aren't properly licensed (for HDCP) and don't work the way the protocol is supposed to work," he said.
This isn't your typical rip-and-burn type of piracy. Any devices using the leaked HDCP code would be capturing the content as it is being transmitted in real-time to a display.
"It's the digital equivalent of pointing a video camera at the TV," Kocher said. However, this means that advanced features and menu items, such as turning off subtitles, are completely lost.
In the meantime, people will continue to pirate content just as they always have. "HDCP has apparently not succeeded in stopping infringed copies of content from showing up all over the place, and that's not likely to change," said Ed Felten, director of the Center for Information Technology Policy at Princeton University. (Felten discusses details of the key leak here.)
Intel spokesman Tom Waldrop downplayed the significance of the master key leak and said it wouldn't hurt Intel's business. Making pirate devices won't be easy because the technology is built in to the chip, he said.
"In order for someone to use those keys to obtain digital content in an unauthorized way, they would have to implement them in silicon," he said. "As a practical matter, that's a difficult and costly thing to do."
In the case of any unauthorized devices being marketed, Intel will protect its intellectual property.
"We believe that this technology will remain effective. There's a large install base of licensed devices including several hundred licensees that will continue to use it and in any case, were a (circumvention) device to appear that attempts to take advantage of this particular hack there are legal remedies, particularly under the DMCA (Digital Millennium Copyright Act)," he said. "It's business as usual going forward."
However, prosecution is difficult when the criminals are in another country. "Piracy is driven by criminal enterprises, and it's not easy to sue them in U.S. courts," Kocher said.
Meanwhile, Intel is investigating who posted the code and how it was obtained, Waldrop said.
Kocher speculated that it came from someone who either had access to the keys during the development process or someone involved in testing HDCP-based devices or the chips that go in them.
There are other measures movie studios can do to protect their content, according to Kocher.
"They can put forensic marks into the content or tracing information before it is output," he said. "That said, there is no practical response to repair the protocol while maintaining compatibility. From a studio or security perspective these kinds of flaws are quite fatal...you either start from scratch or live with the problem."
It was only a matter of time before the proverbial cat was out of the bag. In two separate projects nine years ago, researchers revealed that they had uncovered serious weaknesses in the HDCP protocol.
In August 2001, Dutch encryption expert Niels Ferguson called the technology "fatally flawed," but said he would not post details about his research on the Internet for fear of running afoul of the DMCA.
Then in November 2001, a team of researchers from Carnegie Mellon University released a paper drawing the same conclusion. They said the protocol could be broken by using keys from at least 39 devices to reconstruct the secret master key.
"If the protocol had been designed properly from the beginning, we wouldn't be in this situation," Kocher said. "This isn't the way crypto is supposed to be done. This was preventable."
Aside from the broken copy protection scheme, HDCP has other problems, Felten said.
"HDCP does complicate some of the legitimate ways people want to plug their devices together," he said. "People complain that receivers don't work when everything is said to be HDCP-compatible but there are slight differences in the implementations."
Asked to respond why Intel has remained committed to a technology that has been proven to be flawed, Waldrop said because the technology protects content and people are using it.
"Essentially, it works and it continues to be effective," he said. "There are always methods to circumvent any such technology and there always have been. But the difficulty of those, combined with the business model we have in the industry for device makers and licensing and the enforcement avenues and regulations means, overall, it's still a very robust system. That doesn't change."