当前位置:主页>互联网观察>正文
HDCP加密/解密算法开源实现公布 蓝光破解近在咫尺

英特尔证实HDCP(高频宽数字内容保护)主密钥已经泄漏,现在研究人员在BSD许可证下发布HDCP加密/解密算法的开源实现。他们表示公布软件的目的是帮助其他人研究或实现HDCP协议。 目前的版本是0.3版,代码通过了HDC规格提供的测试向量,能在2.33GHz Intel Xeon CPU上以180帧/秒加密640x480视频,但它在单核机器上速度不够快,不能实时解密1080p视频,但在多核机器上可以并行解密。代码未来也能进一步进行优化,例如使用SSE指令。

 

HDCP Encryption/Decryption Code

Rob Johnson (rob@cs.sunysb.edu)
Mikhail Rubnich (rubnich@gmail.com)

This is a software implementation of the HDCP encryption algorithm. We are releasing this code in hopes that it might be useful to other people researching or implementing the HDCP protocol.

DOWNLOAD: hdcp-0.3.tgz
COMPILE: make
TEST: ./hdcp -t
(If there is any "!" in the output, then there was an error)
BENCHMARK: ./hdcp -S

The HDCP cipher is designed to be efficient when implemented in hardware, but it is terribly inefficient in software, primarily because it makes extensive use of bit operations. Our implementation uses bit-slicing to achieve high speeds by exploiting bit-level parallelism. We have created a few high-level routines to make it as easy as possible to implement HDCP, as shown in the following example.

Given Km, REPEATER, and An from the initial HDCP handshake messages, all a decryptor needs to do is:

#define NFRAMES (64) /* NFRAMES must be <= 64 */

void HDCP(uint64_t Km, uint64_t REPEATER, uint64_t An, int width, int height)
{
  uint64_t Ks, R0, M0, Mi[NFRAMES], Ki[NFRAMES], Ri[NFRAMES], outputs[height][width][NFRAMES];
  BS_HDCPCipherState hs;

  /* Generate the session key Ks, the checksum R0, and the initial IV M0 */
  HDCPAuthentication(Km, REPEATER, An, &Ks, &R0, &M0);

  /* Finish HDCP handshake using R0 */
  /* ... */

  Mi[NFRAMES-1] = M0;  
  while(/* there's more video to encrypt/decrypt... */) {

    /* Generate the Ki, Ri, Mi, and stream cipher outputs for the next NFRAMES frames */
    HDCPInitializeMultiFrameState(NFRAMES, Ks, REPEATER, Mi[NFRAMES-1], &hs, Ki, Ri, Mi);
    HDCPFrameStream(NFRAMES, height, width, &hs, outputs);

    /* xor the next NFRAME frames of video data with outputs... */
    /* ... */
  }
}

Since our implementation is bit-sliced, it can generate the output for up to 64 frames of video in parallel. This is much faster than a non-bit-sliced implementation that generates 1 frame of stream cipher output at a time, but has the disadvantage of requiring a lot of ram to save the outputs for future frames.

The core cipher code is in hdcp_cipher.[ch]. The example program hdcp.c has two functions of interest:

  • print_test_vectors() generates and prints the test vectors from HDCP 1.4, Tables A-3 and A-4. Obviously, they all pass.
  • measure_hdcp_stream_speed() measures the performance for generating stream cipher output and provides an example of using the library.

 

Some benchmarks on 640x480 frames (using only a single core):

CPU frames/sec
Intel(R) Xeon(R) CPU 5140 @ 2.33GHz 181
Intel(R) Core(TM)2 Duo CPU P9600 @ 2.53GHz 76
Decryption of 1080p content is about 7x slower but decryption can be parallelized across multiple cores, so a high-end 64-bit CPU should be able to decrypt 30fps 1080p content using two cores and about 1.6GB of RAM.

Change Log

0.3
Extracted autogenerated bitslicing functions into their own file and (hopefully) fixed compilation problem regarding immediate arguments to psllqi128.
0.2
Patches from James Nobis:
  • modify Makefile to work with gmake on *BSD
  • use the __SSE2__ #define provided by gcc



上一篇:HDCP主密钥泄漏,所有蓝光光盘都能破解   下一篇:Google发布新的图像格式WebP
·谷歌封杀阿里云背后:反盗版与防分裂(09-27)
·phpMyAdmin官方镜像被发现植入后门(09-27)
·傅盛为什么离开360? 功高震主还是蓄意叛逃?(转(09-25)
·两支黑客团队成功攻陷iPhone 4S以及Galaxy S3(09-21)
·物理学家称曲率驱动或可实现10倍光速飞行(09-19)
·英国政府有1680万个未用IPv4地址(09-18)
·部分淘宝网店屏蔽360浏览器-安全门愈演愈烈(09-14)
·蹭不加密WIFI不属于窃听(09-13)
·水木深喉的分析帖:雇员们,去360还是留在百度(09-13)
·Anonymous攻击GoDaddy 影响百万网站(09-12)
·变种Pushdo僵尸网络重出江湖(09-07)
·McAfee威胁报告:新型恶意勒索软件正在崛起(09-07)
·绝对安全!俄罗斯军方研发出超级安全的Android (09-05)
·Lulzsec全军覆没-最后一名成员被捕(09-03)
·业内称电商大战第三方支付公司最倒霉(09-01)
·3B之争搅动中国互联网:360主攻低端用户(09-01)
·百度反制当晚360搜索份额小幅下降(09-01)
·3B大战首交锋:李彦宏、周鸿祎旧怨新仇(09-01)
·Windows 8可能不适合你的八大理由(08-28)
·全球最复杂电脑病毒曝光-“火焰”病毒(05-30)
·番茄花园之后 JUJU猫被取缔 三嫌犯被捕一人在逃(03-31)
·果粉十大不靠谱观点:苹果硬件最佳微软不算啥(12-02)
·英国政府投资10亿美元提升网络安全(11-26)
·2010年中国计算机正版操作系统预装率达98.08%(11-17)
·直播:提供"黑客"软件 黑基网两主管受审(11-16)
·C语言之父Dennis Ritchie辞世(10-14)
·傅盛:360诋毁背后有阴谋 没底线将走向坟墓(10-01)
·绵阳警方公布超速摸胸照调查结果 两人被拘留(09-29)
·LulzSec和Anonymous的三名成员被捕(09-29)
·中信证券前网管借木马数月截获35条内幕信息(09-27)
·奇虎工程师破解市政一卡通充值2600元 被判盗窃(09-26)
·重回中国的google不再叫谷歌,业务突破重点在于(09-23)
·黑客袭击日本三菱重工下属军工企业,资料被窃取(09-20)
·2011-9-1日起,利用黑客手段非法获利5000元以上(08-31)
·Google将启动完全用海水散热的水上数据中心(05-25)
·腾讯诉360侵权案宣判 360需公开消除影响30天(04-27)
·荆楚网警暗战黑客团伙 一举侦破部督“409”案(02-28)
·金山网络公布互联网十大病毒集团名单(02-28)
·在淘宝被诈骗5.46万始末(02-28)
·诺基亚Windows系统手机明年面市(02-17)
·博士黑客入侵游戏网站牟利400余万,婚前被抓(02-15)
·中国黑客侵入五家能源大企业--报告(02-10)
·卡巴斯基杀毒软件源代码泄露黑客或受益(01-30)
·黑客网站负责人因培训黑客技术入狱(01-30)
·英特尔收购McAfee获欧盟批准(01-27)
·买软件网为李俊去“毒”,授“首席安全官”(01-07)
·金山公司网站流出大量用户隐私,包括用户名和密(01-04)
·金山紧急会议:曝360泄漏网民大量隐私(01-04)
·本田官网遭黑客攻击,490万份顾客资料外泄(12-31)
·搜索引擎对GDP拉动超地产业20倍(12-29)
·黑客如何找回被偷走的电脑(12-28)
·德国将设网络防卫机构(12-28)
·中国警方用Q币悬赏缉凶(12-28)
·一男子因偷看妻子的邮件面临五年徒刑(12-28)
·中国代练韩国网游非法获得上亿人民币被拘捕(12-21)
·俄罗斯四人黑客团伙黑掉整个城市ATM机(12-20)
·金山杀毒软件杀毒引擎被国际认可(12-14)
·伊朗承认Stuxnet蠕虫影响到核计划(11-30)
·北京公安局原网监处长受贿1690万 被核准死缓(11-30)
·WindowsLive Spaces中国内地用户专属迁移方案正(11-18)
·V2EX推出免费的DNS服务(11-16)
·僵尸病毒疑为手机安全商炒作 专家称传染性有限(11-12)
·别忘了当年“3721也是可以查杀1200种流行木马”(11-10)
  新补天网,低调务实。宗旨是为大家搜集提供互联网各个方面的学习资料和技术文档,并为大家提供各种优秀的工具软件。我们也将不再拘泥于传统的网络安全分类,而是站在更高的角度去理解信息化的方方面面。