Anonymous wrote: >DTV Content Protection > >[...] Similar concepts are presented in >http://apache.dataloss.nl/~fred/www.nunce.org/hdcp/hdcp111901.htm by >Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song and David Wagner. >This paper assumes (unlike Irwin) that attackers have access to the >private keys of chosen devices. This is a questionable assumption [...]
The final version of that paper is at http://www.cs.berkeley.edu/~daw/papers/hdcp-drm01.ps Quoting from the paper's conclusion section: To recover the center's master secret, an attacker needs 40 key pairs, and we point out a variety of ways to get them. An attacker can reverse engineer 40 different HDCP video software utilities, he can break open 40 devices and extract the keys via reverse engineering, or he can simply license the keys from the trusted center. According to the HDCP License Agreement, device manufacturers can buy 10000 key pairs for $16000. Given these 40 spanning keys, the master secret can be recovered in seconds. So in essence, the trusted authority sells a large portion of its master secret to every HDCP licensee. The $16,000 figure is taken from page 21 of http://www.digital-cp.com/data/hdcp_license_agreement.pdf Of course, you have to sign an NDA, too, but I'm not sure whether that would deter a serious bad guy. So, in effect, the trusted center has agreed to sell its master secret for $16,000 and a promise. Thank you for your post. It was chock-full of interesting information -- particularly the bits about DTCP, which I had never seen before. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]