HDCP master key confirmed

The news was indeed as good as I hoped it to be, Intel confirmed today the key was real. What I want to know is where it came from. There are a couple of ways this could have been done. Apparently it only requires around 50 devices with unique keys to extract/calculate the master key. Given the sheer number of devices out there worldwide, this would be the most likely scenario.
Another option is someone at Intel is going to be sacked, but I think this is unlikely. Rumour has it only 2 people have access and you can bet this kind of information is in a vault and permanently monitored in the form of various access control systems, including ‘simple’ things such as a video camera. Don’t see this happening, unless someone was really pissed and fled the country before the key went public ;)
Or maybe they got (intentionally) hacked. No idea if the system is hooked up to a network though. If it is and the key was not stored securely it deserved to be ‘freed’. But again I think this is unlikely as I would expect a master key to be either in a HSM or stored on a smartcard that’s only inserted if new keys need to be derived (or maybe someone at Intel stole the smartcard, also a possibility).

Anyway, enough talk about where it came from. How can this be of service to those who want to get rid of HDCP encryption? Just capturing the HDMI stream would require a sweet setup. A quick calculation yields 149 MB/s (1920×1080 pixels x 24-bit x 24 fps). Note that HDMI v1.3 goes upto 16-bit per colour making the number even higher.
What about capturing frame by frame, bringing the required bandwidth down? Tricky, but probably very doable. Stream can be encrypted end decrypted later on when you have all the time in the world.
Or go the hardware route and plug a custom FPGA board holding the decryption key. A decent FPGA would be able to keep up with the stream a do some realtime decryption. Then all you’d have to worry about is what to do with the decrypted data.

Comments are closed.