Blu-ray copy protection busted wide open

In the world of copy-protection schemes, if you build it, they will crack it. Eventually. This time around, it’s Blu-ray’s turn to be busted wide open. A purported HDCP master key was posted online a couple of days ago, and after investigating, Intel has confirmed to PCMag that it’s legit.

BitTorrent regulars will know that HDCP hasn’t exactly stopped pirates from sharing copyrighted HD content. However, the release of the master key will allow prying types to gain access to the raw digital bitstream sent out to displays. Intel spokesman Tom Waldrop doesn’t necessarily think we’ll see software use the key to tap into that bitstream. Instead, Waldrop predicts that the key will be embedded in silicon and used to decode Blu-ray content via hardware.

If you’re interested, the 376-line master key isn’t terribly difficult to find online. Unfortunately, unlike the handful of lines of code required to crack a plain old DVD, the HDCP key is probably a little too large to print on a tshirt.

Comments closed
    • desertfox
    • 10 years ago

    I’m not interested in pirating any copy-protected content, I just want to watch it on my non-HDCP monitor.

    • grug
    • 10 years ago

    What’s with the misleading headline?

    The _actual_ Blu-Ray copy protection, AACS, has been broken for a while. They play cat-and-mouse games with the likes of Slysoft, so on occasion you have to wait for a software update before you can decrypt a disc, but no one is ever locked out for long.

    Defeating AACS means you can, say, extract the video streams from the disc, put them in a new container (MP4, MKV), and display them on a non-HDCP capable display or on your media device like a WDTV or PS3. No re-encoding necessary.

    Whereas “the downfall” of HDCP means absolutely nothing except to those with very expensive HD digital capture hardware. Who then have to capture losslessly/uncompressed on giant storage devices. And then spend a few hours re-compressing the lossy-encoded video again.

    Pirating a Blu-Ray digitally over HDMI with HDCP disabled is just as unlikely a piracy method as pressing pausing the film on every frame and taking a screenshot.

      • FuturePastNow
      • 10 years ago

      We may see some cheap Chinese no-name HDMI input cards now, though.

      • albundy
      • 10 years ago

      “Whereas “the downfall” of HDCP means absolutely nothing except to those with very expensive HD digital capture hardware. ”

      This should be a sticky at the top, cus it’s the bottom line. This decryption is more device oriented than anything else IMHO. Most video cards from a half decade ago and on are HDCP compliant, as are most monitors, and if both are not, who cares. mkv does the job.

    • Rectal Prolapse
    • 10 years ago

    Blu-ray copy protection has been broken for years. I thought everybody knew that? Ugh, why are the same bs headlines like this keep popping up?

    • Ruiner
    • 10 years ago

    You can’t stop the signal, Mal.

    • Bauxite
    • 10 years ago

    They deserve it.

    They were even told what a joke it was in 2001 and someone harassed the researchers about daring to do the the evil deed known as “math” to their crummy scheme of crippling consumer hardware.

      • indeego
      • 10 years ago

      9 years for DRM is a damn good run. I suspect Intel and others shrug it off because it already has mass adoption and has paid for itself many times overg{<.<}g

        • StashTheVampede
        • 10 years ago

        DVDs encryption was one of the most advanced at the time and it was broken in how many years (3-4?). This single key took ~9 years to do and it may have been leaked online vs. brute force’d. If it was indeed leaked, then it would show that computers didn’t actually break it, but a human with access did.

        Media companies learned a lot through the defeat of DVDs. Bluray and the complete digital path has several paths to get protected/blocked/key’d. The next major race will be to defeat streaming setups from major providers.

    • Anonymous Hamster
    • 10 years ago

    If I’m not mistaken, all HDCP negotiation happens over a relatively slow-speed serial I2C bus (ie, the DDC channel). It seems like you could program a cheap microcontroller to intercept that channel and provide proper HDCP handshaking for a non-HDCP device, such as the Black Magic Intensity. Of course, the data being sent over the HDMI link is still encrypted data, but now the microcontroller should have the key to decrypt it. That data just needs to be sent to the PC, and the video can be easily decrypted. In short, if I’m not mistaken, copying can be done using a $200 capture card, a cheap microcontroller, and little bit of hacking. In other words, this may not be limited to people who can fab their own high-speed, high-complexity chips.

      • stdRaichu
      • 10 years ago

      Even better is that now people will be able to make capture cards (and blu ray players and all the rest of it) that can decrypt all the HDCP stuff internally, but don’t have to pay royalties to the HDCP consortium (and also not have to abide by the rules). Cue an influx of cheap chinese BD players that’ll be region free and let you skip the ads in 5… 4… 3…

      Not sure about the specifics of firmware and HDCP, but I figure that it’ll be possible to flash existing kit with code with a new “universal” key, whilst possibly allowing “illicit” functions like saving HDMI streams to disc and the aforementioned skipping of ads.

      Not that a give a crap – proud owner of AnyDVD+ and HDCP has never had the slightest notion of going near my media centre.

        • Anomymous Gerbil
        • 10 years ago

        You may be cconfusing what HDCP does, versus what BluRay encryption is.

    • carlosvp
    • 10 years ago

    Note the HDCP leak is unrelated to Bluray. Yes, Bluray players use HDCP on their HDMI outputs (like any other high-def device) but the HDCP key is strictly part of the on-the-wire protocol, nothing to do with Bluray.

    • Anonymous Hamster
    • 10 years ago

    Note that this will only let you copy the A/V content of Blu-ray, but not any code or programming content needed for interactive special features. Also, note that the copy must take place in real time (ie, to copy 1 hour of movie, it takes 1 hour). Also, note that the content must be recompressed, meaning that you might end up with a poorer result than what was on the disk originally. So this is quite different than the CSS cracking of DVDs.

      • Deanjo
      • 10 years ago

      It would also allow the copying of HD Broadcasts of premium TV channels which rely on the HDCP link to maintain a encrypted signal. The cable companies can only encrypt the stream up to the box.

    • Deanjo
    • 10 years ago

    The key itself is useless to a majority of people. The only device that I can think of that would readily benefit from this is a device such as the Intensity HDMI Capture Card.

    • Samlind
    • 10 years ago

    Coming soon, the radically improved HDMI-Too interface with 100x the throughput of regular HDMI (which you will need to transfer the public key).

    • Duck
    • 10 years ago

    muhahhaahhhahaaaaaaa!

    • potatochobit
    • 10 years ago

    i always thought the main purpose for HDCP was to get you to buy the proper equipment

      • StashTheVampede
      • 10 years ago

      HDCP was really a money grab and delay game (litigation).

      It was a money grab to get you, content providers, etc to buy new equipment to protect the digital stream. It was also a money stream for the holders of the license that is now unenforceable. What the key really represents now is the threat of litigation to US based companies that willingly sell hardware the defeats it.

      Now that the cat is out of the bag, litigation is the only thing protecting devices from being sold in the US. The market for importers won’t be huge, but it will be there.

    • bdwilcox
    • 10 years ago

    Dear corporations that restrict our rights to what we purchased and all those in government who abide by their actions through blasphemies like the DMCA,

    Suck it.

    Sincerely,

    The Consumer

    pbbbbbffffffftttttt (insert raspberry planet from Hitchhiker’s Guide to the Galaxy)

      • dpaus
      • 10 years ago

      Yeah, what he said!!

        • trackerben
        • 10 years ago

        Is what happens when you don’t take your secrets Seriously. There are tried and tested methods, they just have to be “creative”. For one, Intel could have asked the government to treat the source repository as controlled munitions in the manner of WMD, secreted it with some arab dictatorship somewhere, and it wouldn’t ever be found. Or they could have crypto’d the series further with a one-time pad which is highly indeterminate in versioning and has content known to induce cognitive dissonance and impairment upon viewing, such as the healthcare bill.

    • adisor19
    • 10 years ago

    Consumer win.

    With a little HDCP stripping dongle, we’ll finally be able to record perfect HD cable, satellite, BD, basically ANYTHING that uses the HDCP encryption over an HDMI cable 🙂

    Adi

      • OneArmedScissor
      • 10 years ago

      Yeah, consumer win, alright. The best part is that for years to come, the consumers will still be funding this failed bull****’s continued implementation and development of future failed DRM out of their own wallets.

      Hooray for DRM. The customer is always right.

    • bthylafh
    • 10 years ago

    -[

      • [+Duracell-]
      • 10 years ago

      7-zip will compress that thing to nothing 😛

        • indeego
        • 10 years ago

        I got it to 11,854 bytes with 7-zip on Max compression, though didn’t screw with dictionary sizes or advanced settingsg{<.<}g

        • jackaroon
        • 10 years ago

        I just tested it. I already removed the encoding to save space (hex version is 22k) and I used “ultra.”

        binkey.bin: 11,200 bytes
        binkey.7z: 11,460 bytes

          • indeego
          • 10 years ago

          You win. g{<:(<}g

          • [+Duracell-]
          • 10 years ago

          Shows how much I know about compression algorithms…Maybe I should read up on them. They all seem really interesting 🙂

      • jackaroon
      • 10 years ago

      Well, “random looking” numbers like encryption keys don’t compress well, much the same way as already-compressed data. You have a decent idea with the base 64 thing, if you were to invent a literal base 64 with 64 distinct glyphs, rather than whatever base 64 is, encoded like it is to survive 7 bit email MTAs. I wonder if something like a fancy high density UPC-style image would do the trick — I don’t know much about them, but they are a pretty dense and designed for durable readability. You’d probably lose bits (hehe, both kinds of bits) in the laundry though, so better embed a HEC if you still have room (if UPCs don’t already do that anyway).

Pin It on Pinterest

Share This