Tuesday, February 21, 2006

Damn HDCP Technology

The other day I was reading about HDCP (http://www.digital-cp.com/home). HDCP is drastically misguided attempt by the media industry to add the concept of 'content protection' to the communications between your television and your DVD, Tivo, VCR or something else that comes up in the future. Under the guise of 'preventing content from pirates' they came up with a system that hamstrings your display with technology that could be used to enforce builtin obcselencense. Say you buy a DVD and a TV at the same time, if your DVD player breaks and the new DVD players do not list your TV as 'authorized' you have to buy both a new DVD and TV and toss the perfectly good old TV. In its most innocuous form of use this could be used to make say a Sony television set only be able to receive a signal from a Sony DVD player (at least that should be obvious when you buy it). Other cheery uses of it would be to make displays only receive HiDef signals from 'authorized' equipment, individually license each display in your house, and the obvious prevention of copying of content (which it is not even any good at). HDCP looks like just another scheme to screw over the customer in the guise of 'look how poor we are because of all the pirates!!' disregarding their own culpability. Guess the industry is not content to sell us just one $4000 50" plasma screen. They want us to buy a new one every year, rent our devices by the hour, and pay through the nose for crappy content that we can not return (Again because of the 'pirates').


With all the insidious intent built into the system I expected a little more than what I saw. It amazed me is the amount of effort that was spent to design some ridiculously complicated scheme that seems to me to be generally useless to protect much of anything. I am sure that there are many many other ways to attack it but here is the blindingly obvious *DMCA take note* based on my uninformed midnight review of the public specification......

They have layers of public key encryption (possibly decent no details given), revocation lists, states, and whatnot used to authenticate the receivers/transmitters. However they then back it up through the use of a symmetric encryption algorithm based on a psuedorandom number generator. 'Encryption' schemes based on that technology are used by budding cryptanalysts to break their teeth on. There are a number of ways to attack them, and no they are not theoretical. Guess they were too cheap or stupid to license or even research a decent stream cipher.

What a waste of time and money. Makes you wonder what kind of people they have working on these things. Nevermind the whole 'wrongness' of the thing, that they could so botch the implementation up. Pirates are smarter than this. The only possible practical purpose this type of technology can serve is to screw over the law abiding everyday consumer who cannot possibly make a informed decision of whether he/she wants this technology in their TV set. It is the latest in a long line of misguided and flawed applications of technologies from Macrovision to Blu-Ray. Copyright lawyers and media conglomerates take note...

Your business model is dead and your empire crumbling because you abused your consumer with technologies like this. STOP IT! Good content stands on its own and does not need to be protected, start producing some.