Master HDCP Key Cracked
From Bruce
The master key for the High-Bandwidth Digital Content Protection standard -- that's what encrypts digital television between set-top boxes and digital televisions -- has been cracked and published. (Intel confirmed that the key is real.) The ramifications are unclear:
But even if the code is real, it might not immediately foster piracy as the cracking of CSS on DVDs did more than a decade ago. Unlike CSS, which could be implemented in software, HDCP requires custom hardware. The threat model for Hollywood, then, isn't that a hacker could use the master key to generate a DeCSS-like program for HD, but that shady hardware makers, perhaps in China, might eventually create and sell black-market HDCP cards that would allow the free copying of protected high-def content.
schneier
A comment there:
We generally refer to this as security theater. The cryptographic security has been illusory all along.
...
________________________________________________________
/*
* Some utils
*~
* @author chris.skinner July 2010
*/
package nz.here.there.everywhere;
import java.security.Provider;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
public class SomeCipher {
public static String serrcode ( int err) {
String s = "?";
String se = Integer.toHexString(err);
for (String ss : errs){
if(ss.contains(se)) {
s = ss;
break;
}
}
se = Integer.toHexString(err).toUpperCase();
for ( String st : errs){
if(st.contains(se)) {
s = st;
break;
}
}
return s;
}
//================
public static long by2long (byte[] b) {
//java.lang.Byte wrapper provides longValue(),
long value = 0;
for (byte byt:b)
value = (value << 8) + (byt & 0xff);
return value;
}
public static byte[] longtohex( long g) {
// long to byte array nb only 4 bytes
// java long is 8 bytes, but our maths is 4 bytes only...
byte[] bout = new byte[4];
for (int j = 3 ; j >= 0; j--){
bout[j] = (byte)( g & 0x00000000000000FFL);
g = g >> 8;
}
return bout;
}
public static byte[] inc(byte[] val){ // add 1 to a byte array
return longtohex(by2long(val)+1);
}
public static byte[] sub (byte[] ba, byte[] bb){ // ba = ba - bb
return (longtohex(by2long(ba) - by2long(bb)));
}
public static byte[] add ( byte[] bb, byte[] bc){ // ba = bb + bc
return (longtohex(by2long(bb) + by2long(bc)));
}
public static String by2String (byte b) {
String s = "";
// seems to need this for static include...
s = String.format("%02X", b);
return s;
}
public static byte[] pad(byte[] plain) {
// pad but NOT if 0 mod 8
byte[] padded = null;
int z = plain.length;
int x = (z & 0x0007) ;
try
{
if ((x) != 0)
{
x = 8 - x;
padded = new byte[z+x];
// java.util.Arrays.fill (padded, 0, z, (byte)0x77); // z not really "to" index but +1
padded[z] = (byte)0x80;
System.arraycopy(plain, 0, padded, 0, z);
java.util.Arrays.fill (padded, z+1, z+x, (byte)0x00);
// done by default 00
return (padded);
}
else
{
return plain;
}
}
catch (Exception ex)
{
System.out.println("pad error " + ex.getMessage() ) ;
return plain;
} // catch
}// pad KSCC maybe
public static byte[] padm(byte[] plain) { // for gp authentication, always add 1 80
byte[] padded = null;
int z = plain.length + 1 ;
int x = (z & 0x0007) ;
if (x != 0)
x = 8 -x;
// System.out.println("\n plain.length " + plain.length + " x " + x ) ;
padded = new byte[z + x];
padded[z-1] = (byte)0x80;
try {
System.arraycopy(plain, 0, padded, 0, z-1);
java.util.Arrays.fill (padded, z+1, z+x, (byte)0x00);
// done by default 00
return (padded);
}
catch (Exception ex)
{
System.out.println("pad error " + ex.getMessage() ) ;
}
// catch
return (padded);
}//
pad at least 1 GP
public static byte[] appendt ( List<byte[]> pb) { //new append method with pad
byte[] bout = append( pb);
return pad(bout);
}
public static byte[] append ( List<byte[]> pb) {
//new append method without pad
// actually a concatente, not append...
int sz = 0;
for (byte[] bd : pb) {
sz+= bd.length; }
byte[] bout = new byte[sz];
sz = 0;
for (byte[] bc:pb) {
System.arraycopy(bc, 0, bout, sz, bc.length);
sz+= bc.length;
}
return bout;
}
public static SecretKey makey16( byte[] b, Provider prov) {
// CARE input MUST be the final 16 bytes of ciphertext
byte[] raw = new byte[16];
SecretKey s = null;
if (b.length < 16) {
System.out.println(" key bytes too short for factory");
System.exit(79);
//formalise these...throw exception???
}
System.arraycopy(b, b.length-16, raw, 0, 16);
s = makey(raw,prov);
return s;
} //makey16
public static SecretKey makey( byte[] b, Provider prov) {
// make a 24 byte DESede key from 16 bytes
SecretKey s = null;
byte[] b24 = new byte[24];
try {
if (b.length < 16) {
System.out.println(" key bytes too short for factory");
System.exit(77);
//formalise these...throw exception???
}
else {
System.arraycopy(b, 0, b24, 0, 16);
// replicate the first 8 to the last 8
System.arraycopy(b, 0, b24, 16, 8);
DESedeKeySpec desEdeKeySpec = new DESedeKeySpec(b24);
SecretKeyFactory desEdeKeyFact = SecretKeyFactory.getInstance("DESede",prov);
s = desEdeKeyFact.generateSecret(desEdeKeySpec);
// byte[] rawkey = desEdeKeySpec.getKey(); // get the raw bytes back...
// System.out.print ("\n isparity adjusted " + desEdeKeySpec.isParityAdjusted(rawkey, 0)) ;
}
}
catch (NullPointerException npe) {
System.out.println(" key bytes null");
System.exit(78);
//formalise these...???
}
catch (Exception ex) {
System.exit(77); //formalise these...
ex.printStackTrace();
}
return (s);
} // makey\\
public static String Hex2String(byte[] b) {
// convert array of bytes to string
String result="";
for (byte by:b)
result+= String.format("%02X", by);
return result;
}
public static String Hex2String(byte[] b, int size) {
if (size > b.length)
return Hex2String(b);
byte[] bin = new byte[size];
System.arraycopy(b,0,bin,0,size);
String result="";
for (byte by:bin)
result+= String.format("%02X", by);
return result;
}
public static String stripGarbage(String s) {
String good =
"ABCDEF0123456789";
String result = "";
for ( int i = 0; i < s.length(); i++ ) {
if ( good.indexOf(s.charAt(i)) >= 0 )
result += s.charAt(i); //stringbuilder might be better
}
return result;
}//______________________________________________
public static byte[] String2Hex(String sin){
sin = sin.toUpperCase();
sin = stripGarbage(sin);
byte[] bout = new byte[sin.length() / 2];
// sz must be even...
if ((sin.length() & 1) != 0)
return bout;
try {
for (int j = 0; j < sin.length()-1; j+=2) {
bout[j/2] = (byte)(Integer.parseInt(sin.substring(j,j+2),16));
} // for
} // try
catch (Exception ex) {
print(" String2Hex " + ex.getMessage() );
}
return bout;
}//_______________________
public static void print (String s) { // one stop stop print
System.out.print(s);
}//_____________________
static List<String> errs = Arrays.asList( // there are lots more
//"0x9000 SW_NO_ERROR", // , //response status : No Error ,
"0x6100 SW_BYTES_REMAINING_00", // ,
"0x6700 SW_WRONG_LENGTH", // ,
"0x6982 SW_SECURITY_STATUS_NOT_SATISFIED", // , new 9171
"0x6983 SW_FILE_INVALID", // ,
"0x6984 SW_DATA_INVALID", // ,
"0x6985 SW_CONDITIONS_NOT_SATISFIED", // ,
"0x6986 SW_COMMAND_NOT_ALLOWED", // ,//no current EF) = // 0x6986
"0x6999 SW_APPLET_SELECT_FAILED", // ,
"0x6A80 SW_WRONG_DATA", // ,
"0x6A81 SW_FUNC_NOT_SUPPORTED", // ,
"0x6A82 SW_FILE_NOT_FOUND", // ,
"0x6A83 SW_RECORD_NOT_FOUND", // ,
"0x6A86 SW_INCORRECT_P1P2", // ,// Incorrect parameters (P1,P2)
"0x6B00 SW_WRONG_P1P2", // ,
"0x6C00 SW_CORRECT_LENGTH_00", // ,// Correct Expected Length (Le)
"0x6D00 SW_INS_NOT_SUPPORTED", // ,// INS value not supported
"0x6E00 SW_CLA_NOT_SUPPORTED", // ,// CLA value not supported CLASS
"0x6F00 SW_UNKNOWN", // ,// No precise diagnosis
"0x6A84 SW_FILE_FULL", // // Not enough memory space in the file
"9172 TC cert fail new ", //
);
} //Classssssssssssssssssssssssssssssssss
_____________________________________________________________________
Some acronyms Acronyms defined:
FICAM–Federal Identity, Credential, and Access Management
NSTIC–National Strategy for Trusted Identities in Cyberspace
NHIN–Nationwide Health Information Network
TWIC–Transportation Worker Identification Credential
smartcardalliance
_____________________________
Sad Java
How sad that Java failed to conquer the internet, and that
Adobe rules
Shocking example of Java decrepitude:
Serial ports are not supported
it is possible to find an ancient (c) 1998 copy of
javax.comm
In typiclalJava fashion, installation is a
Bitch. Even after you have
set classpath (does Flash ever ask this?)
you see this:
Several serial port sample applications are provided with this release. One of them is BlackBox. To run BlackBox, first add BlackBox.jar to your classpath:
C:\>set CLASSPATH=c:\commapi\samples\Blackbox\BlackBox.jar;%CLASSPATH%
Now you can run BlackBox:
BUT YOU CANNOT
+java BlackBox
Exception in thread "main" java.lang.NoClassDefFoundError: javax/comm/CommPort
Caused by: java.lang.ClassNotFoundException: javax.comm.CommPort
at java.net.URLClassLoader$1.run(Unknown Source)
etc etc
So either we have to do some more absurd tinkering with classpath
OR the code does not vin fact hava a CommPort class
-
the vast majority of the Human race has by now switched off....
I am stunned Years ago, last time I used serial ports, they were a couple of lines in BASIC
ps:
SerialPortDisplay[] is not found in javax.comm so their very first Demo doesnt run OR compile...