undefined | Better HN

0 pointstshaddox2y ago0 comments

I think you're essentially describing the hardware DRM supply chain.

For example, HDCP is a DRM scheme where Intel convinces (or legally requires) every manufacturer of HDMI output devices (e.g. set-top boxes, Blu-ray players) in the world to encrypt certain video streams.

Then, Intel requires manufacturers of HDMI input devices (e.g. TVs) to purchase a license key that can decrypt those video streams. This license agreement also requires the manufacturer to design their device such that the device key cannot be easily discovered and the video content cannot be easily copied.

Then, Intel gets media companies to include some extra metadata in video media like Blu-ray discs. This metadata can contain revoked device keys, so that if a TV manufacturer violates the terms of the license agreement (e.g. leaks their key, or sells a device that makes copies of video content), that manufacturer's TVs won't be able to play new content that starts including their key in the revocation list.

Of course, Intel's HDCP master key was either leaked or reverse-engineered, so anyone can generate their own valid device keys. Intel will probably sue you if you do this, I guess.

0 comments

charcircuit2y ago

>Of course, Intel's HDCP master key was either leaked or reverse-engineered, so anyone can generate their own valid device keys

Of an older version of HDCP. New media can require a higher HDCP version where that bypass isn't possible.

tshaddoxOP2y ago

That's certainly possible, but did that actually happen in practice? The downside is obviously that you essentially start selling new Blu-ray discs that don't work on any old Blu-ray players. I feel like I would have heard if that happened. Unless maybe the old players could issue firmware updates?

charcircuit2y ago

>That's certainly possible, but did that actually happen in practice?

Yes, see 4k blurays for requiring HDCP 2.2 requiring people to get a new bluray player.

sebzim45002y ago

Interesting. I don't understand the revocation process though.

What stops the blu-ray reader from just ignoring the revocation list on the disk?

tshaddoxOP2y ago

The revocation list is for the TV. Intel revokes a TV's key, distributes the updated revocation list on new Blu-ray discs, and when a compliant Blu-ray player is playing one of those new discs it will refuse to negotiate with a revoked TV.

Now that I think of it, I wonder if compliant Blu-ray players actually save the new revocation entries and then continue refusing to negotiate with revoked TVs even for old Blu-ray discs.

galangalalgol2y ago

If so, couldn't a malicious disc revoke all TVs?

1 more reply

dylan6042y ago

That's where the reversing comes in to switch the function call to check the revocation list to a NOP and just keep on going. At least, that's how I imagine HDMI equipment that ignores HDCP works

What stops them from being sold that way would probably be the licensing agreement and honest players. I'd imagine in China, there are lots of these types of devices available.

blibble2y ago

the blu-ray is encrypted and the player requires a key to decrypt it

if you want your blu-ray player to be able to read blu-ray disks you sign a contract that says you will respect the revocation list

if you change your mind later: your player key will be revoked and new blu-rays won't play on your device

(it's actually more sophisticated than this... they can block specific players too)

tshaddoxOP2y ago

That doesn't quite sound right to me. I don't think a new Blu-ray disc could be released that continues to be readable by some old readers but is no longer readable by other old readers.

1 more reply

j / k navigate · click thread line to collapse

0 pointstshaddox2y ago0 comments

I think you're essentially describing the hardware DRM supply chain.

Of course, Intel's HDCP master key was either leaked or reverse-engineered, so anyone can generate their own valid device keys. Intel will probably sue you if you do this, I guess.

0 comments

charcircuit2y ago

>Of course, Intel's HDCP master key was either leaked or reverse-engineered, so anyone can generate their own valid device keys

Of an older version of HDCP. New media can require a higher HDCP version where that bypass isn't possible.

tshaddoxOP2y ago

charcircuit2y ago

>That's certainly possible, but did that actually happen in practice?

Yes, see 4k blurays for requiring HDCP 2.2 requiring people to get a new bluray player.

sebzim45002y ago

Interesting. I don't understand the revocation process though.

What stops the blu-ray reader from just ignoring the revocation list on the disk?

tshaddoxOP2y ago

Now that I think of it, I wonder if compliant Blu-ray players actually save the new revocation entries and then continue refusing to negotiate with revoked TVs even for old Blu-ray discs.

galangalalgol2y ago

If so, couldn't a malicious disc revoke all TVs?

1 more reply

dylan6042y ago

That's where the reversing comes in to switch the function call to check the revocation list to a NOP and just keep on going. At least, that's how I imagine HDMI equipment that ignores HDCP works

What stops them from being sold that way would probably be the licensing agreement and honest players. I'd imagine in China, there are lots of these types of devices available.

blibble2y ago

the blu-ray is encrypted and the player requires a key to decrypt it

if you want your blu-ray player to be able to read blu-ray disks you sign a contract that says you will respect the revocation list

if you change your mind later: your player key will be revoked and new blu-rays won't play on your device

(it's actually more sophisticated than this... they can block specific players too)

tshaddoxOP2y ago

That doesn't quite sound right to me. I don't think a new Blu-ray disc could be released that continues to be readable by some old readers but is no longer readable by other old readers.

1 more reply

j / k navigate · click thread line to collapse