German Research University Breaks HDCP Protection used in Blu-ray

The  Ruhr-Universität is a renowned research university in Germany known for its vulnerability researches. The last time I heard of them, was when they broke the  W3C standard for XML encryption. This time, they have taken a hit at High-bandwidth Digital Content Protection (HDCP), which is used in  HDMI or DVI-compliant playback devices. This same technology is used to playback Blu-ray media from over an encrypted channel. HDCP was broken into last year (or so it seemed). However, this time, the crack is confirmed.

A Slashdot discussion sums up  the implications  as,

On an HDMI cable, the actual encryption that takes place is specific to keys on both sides, so cannot generally be universally cracked. If a vendor key becomes compromised, future Blu-Ray players can blacklist it.  What makes this solution useful, is that it’s just about the only way to crack the encryption on-the-wire without having to open anything up or solder anything, and it can’t be prevented by simply blacklisting vendor keys.

Intel vouched for HDCP when a master key was leaked last year. However, this year,  Ruhr-Universität has found a way past master keys and has a way to bypass this system completely.

Prof. Dr.-Ing. Tim Güneysu working with final year student  Benno Lomb has said,

We developed an independent hardware solution instead, based on a cheap FPGA board.  We were able to tap the HDCP encrypted data streams, decipher them and send the digital content to an unprotected screen via a corresponding HDMI 1.3-compatible receiver.

This is a Man-in-the-middle attack. The vulnerability is a risk and can be broken with a device costing 200 euros. It is a cheap method to break a high-value encryption that the media industry spent a lot of money and put a lot of hope in.

Published by

Chinmoy Kanjilal

Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. You can connect with him on Twitter @ckandroid.