Intel threatened legal action Friday against anybody who uses its proprietary crypto key — leaked on the internet — to produce hardware that defeats the so-called HDCP technology that limits home recording of digital television and Blu-ray.
“There are laws to protect both the intellectual property involved as well as the content that is created and owned by the content providers,” said Tom Waldrop, a spokesman for the company, which developed HDCP. “Should a circumvention device be created using this information, we and others would avail ourselves, as appropriate, of those remedies.”
Intel’s comments came as it confirmed that the internet leak of the “master key” to the High-Bandwidth Digital Content Protection system was authentic.
HDCP is a copy-protection technology that encrypts high-definition video traveling from Blu-ray players or set-top boxes to television monitors. The technology was approved by the Federal Communications Commission in 2004, and is a standard feature in televisions, cable boxes, satellite receivers and Blu-ray players in much of the modern world.
The anonymous release this week of the HDCP master key means black market hardware makers, perhaps in China, can now create hardware capable of defeating the copy protection scheme. The leak comes just months after the movie studios persuaded the FCC to let them remotely switch-off the analog ports on your satellite receiver or cable box, so that Hollywood could sell new movie releases as pay-per-view offerings without fear that they’ll be recorded from non-HDCP outputs.
Waldrop declined comment on whether Intel has already brought in federal law enforcement to investigate the breach as a potential trade-secret violation. Federal prosecutors and the FBI in Silicon Valley also declined to comment.
The master crypto key for HDCP appeared Monday on the clipboard site Pastebin, and has since been mirrored on hundreds of other websites, in a scene reminiscent of the 1999 crack of the Content Scramble System that once protected DVDs from copying.
The HDCP master key in question — a long string of numbers — is used to generate lower-level “device keys.”
Device keys are embedded in hardware cards in set-top boxes, televisions and other electronics — enabling them to send and receive protected content in an encrypted format. The device keys verify that electronics are authorized to interact with each other.
Among the legal options available to Intel is the Digital Millennium Copyright Act of 1998, which prohibits the marketing of devices that circumvent encryption programs. The Hollywood studios, for example, recently sued and beat RealNetworks in a federal lawsuit after it produced a device that copied and stored DVDs, which are encrypted with the long-ago cracked Content Scramble System. Marketing in such devices could also violate criminal copyright laws.
Waldrop said Intel did not believe that a “human source” entrusted with the master key leaked it because the master is “created and structured that nobody sees it.”
“Someone has used mathematics and computers to be able to work back to what the master key is,” he said, declining to elaborate.
Paul Kocher, chief scientist at Cryptography Research in San Francisco, said in a recent interview that somebody in the business of making HDCP-compatible devices, who had access to at least 50 individual device keys, would have been able to reconstruct the master key by analyzing “mathematical similarities” in the individual device keys. That was a vulnerability in the technology, Kocher said, that was bound to be exploited.
No comments:
Post a Comment