High-bandwidth Digital Content Protection (HDCP) is a form of digital
copy protection developed by
Intel Corporation to prevent copying
of digital audio & video content as it travels across connections.
Types of connections include
DisplayPort (DP), Digital Visual
Interface (DVI), and
High-Definition Multimedia Interface
High-Definition Multimedia Interface (HDMI), as
well as less popular or now deprecated protocols like Gigabit Video
Interface (GVIF) and
Unified Display Interface (UDI).
The system is meant to stop HDCP-encrypted content from being played
on unauthorized devices or devices which have been modified to copy
HDCP content. Before sending data, a transmitting device checks
that the receiver is authorized to receive it. If so, the transmitter
encrypts the data to prevent eavesdropping as it flows to the
In order to make a device that plays HDCP-enabled work, the
manufacturer must obtain a license for the patent from Intel
subsidiary Digital Content Protection LLC, pay an annual fee, and
submit to various conditions. For example, the device cannot
be designed to copy; it must "frustrate attempts to defeat the content
protection requirements"; it must not transmit high definition
protected video to non-HDCP receivers; and DVD-Audio works can be
played only at CD-audio quality by non-HDCP digital audio outputs
(analog audio outputs have no quality limits).
Cryptanalysis researchers demonstrated flaws in HDCP as early as 2010.
In September 2010, an HDCP master key that allows for the generation
of valid device keys was released to the public, rendering the key
revocation feature of HDCP useless.
Intel has confirmed that the
crack is real, and believes the master key was reverse engineered
rather than leaked. In practical terms, the impact of the crack
has been described as "the digital equivalent of pointing a video
camera at the TV", and of limited importance for consumers because the
encryption of high-definition discs has been attacked directly, with
the loss of interactive features like menus.
Intel threatened to
sue anyone producing an unlicensed device.
3.2 Master key release
3.3 HDCP v2.2, v2.1 and v2.0 breach
6 HDCP v2.x
7 See also
9 External links
HDCP uses three systems:
Authentication prevents non-licensed devices from receiving content.
Encryption of the data sent over DisplayPort, DVI, HDMI, GVIF, or UDI
interfaces prevents eavesdropping of information and man-in-the-middle
Key revocation prevents devices that have been compromised and cloned
from receiving data.
Each HDCP-capable device has a unique set of 40 56-bit keys. Failure
to keep them secret violates the license agreement. For each set of
values, a special public key called a KSV (Key Selection Vector) is
created. Each KSV consists of 40 bits (one bit for each HDCP key),
with 20 bits set to 0 and 20 bits set to 1.
During authentication, the parties exchange their KSVs under a
procedure called Blom's scheme. Each device adds its own secret keys
together (using unsigned addition modulo 256) according to a KSV
received from another device. Depending on the order of the bits set
to 1 in the KSV, a corresponding secret key is used or ignored in the
addition. The generation of keys and KSVs gives both devices the same
56-bit number, which is later used to encrypt data.
Encryption is done by a stream cipher. Each decoded pixel is encrypted
by applying an
XOR operation with a 24-bit number produced by a
generator. The HDCP specifications ensure constant updating of keys
after each encoded frame.
If a particular set of keys is compromised, their corresponding KSV is
added to a revocation list burned onto new discs in the
Blu-ray formats. (The lists are signed with a DSA digital signature,
which is meant to keep malicious users from revoking legitimate
devices.) During authentication, the transmitting device looks for the
receiver's KSV on the list, and if it is there, will not send the
decrypted work to the revoked device.
HDCP devices are generally divided into three categories:
The source sends the content to be displayed. Examples include set-top
boxes, DVD, HD
Blu-ray Disc players, and computer video cards.
A source has only an HDCP/HDMI transmitter.
The sink renders the content for display so it can be viewed. Examples
include TVs and digital projectors. A sink has one or more HDCP/HDMI
A repeater accepts content, decrypts it, then re-encrypts and
retransmits the data. It may perform some signal processing, such as
upconverting video into a higher-resolution format, or splitting out
the audio portion of the signal. Repeaters have HDMI inputs and
outputs. Examples include home theater audio-visual receivers that
separate and amplify the audio signal, while re-transmitting the video
for display on a TV. A repeater could also simply send the input data
stream to multiple outputs for simultaneous display on several
Each device may contain one or more HDCP transmitters and/or
receivers. (A single transmitter or receiver chip may combine HDCP and
In the United States, the
Federal Communications Commission
Federal Communications Commission (FCC)
approved HDCP as a "Digital Output Protection Technology" on August 4,
2004. The FCC's
Broadcast flag regulations, which were struck down
United States Court of Appeals for the District of Columbia
Circuit, would have required DRM technologies on all digital outputs
from HDTV signal demodulators. Congress is still considering[when?]
legislation that would implement something similar to the Broadcast
Flag. The HDCP standard is more restrictive than the
FCC's Digital Output Protection
Technology requirement. HDCP bans
compliant products from converting HDCP-restricted content to
full-resolution analog form, presumably in an attempt to reduce the
size of the analog hole.[weasel words]
On January 19, 2005, the European Information, Communications, and
Technology Industry Associations (EICTA)
announced that HDCP is a required component of the European "HD ready"
Windows Vista and
Windows 7 both use HDCP in computer
graphics cards and monitors.
HDCP strippers remove HDCP information from the video signal in order
to allow the data to flow freely to a non-HDCP display. It is
currently[when?] unclear whether such devices would remain working if
the HDCP licensing body issued key-revocation lists, which may be
installed via new media (e.g. newer Blu-ray Discs) played-back by
another device (e.g. a
Blu-ray Disc player) connected to it.
In 2001, Scott Crosby of
Carnegie Mellon University
Carnegie Mellon University wrote a paper with
Ian Goldberg, Robert Johnson, Dawn Song, and David Wagner called "A
Cryptanalysis of the High-bandwidth Digital Content Protection
System", and presented it at ACM-CCS8 DRM Workshop on November 5.
The authors concluded that HDCP's linear key exchange is a fundamental
weakness, and discussed ways to:
Eavesdrop on any data.
Clone any device with only its public key.
Avoid any blacklist on devices.
Create new device key vectors.
In aggregate, usurp the authority completely.
They also said the
Blom's scheme key swap could be broken by a
so-called conspiracy attack: obtaining the keys of at least 40 devices
and reconstructing the secret symmetrical master matrix that was used
to compute them.
Around the same time,
Niels Ferguson independently claimed to have
broken the HDCP scheme, but he did not publish his research, citing
legal concerns arising from the controversial Digital Millennium
In November 2011 Professor Tim Güneysu of Ruhr-Universität Bochum
revealed he had broken the HDCP 1.3 encryption standard.
Master key release
On September 14, 2010,
Engadget reported the release of a possible
genuine HDCP master key which can create device keys that can
authenticate with other HDCP compliant devices without obtaining valid
keys from The Digital Content Protection LLC. This master key would
neutralize the key revocation feature of HDCP, because new keys can be
created when old ones are revoked. Since the master key is known,
it follows that an unlicensed HDCP decoding device could simply use
the master key to dynamically generate new keys on the fly, making
revocation impossible. It was not immediately clear who discovered the
key or how they discovered it, though the discovery was announced via
Twitter update which linked to a
Pastebin snippet containing the key
and instructions on how to use it.
Engadget said the attacker may have
used the method proposed by Crosby in 2001 to retrieve the master key,
although they cited a different researcher. On September 16, Intel
confirmed that the code had been cracked.
Intel has threatened
legal action against anyone producing hardware to circumvent the HDCP,
possibly under the Digital Millennium Copyright Act.
HDCP v2.2, v2.1 and v2.0 breach
This section includes a list of references, but its sources remain
unclear because it has insufficient inline citations. Please help to
improve this section by introducing more precise citations. (February
2015) (Learn how and when to remove this template message)
On August 2012 version 2.1 was proved to be broken. The attack
used the fact that the pairing process sends the Km key obfuscated
with an XOR. That makes the encryptor (receiver) unaware of whether it
encrypts or decrypts the key. Further, the input parameters for the
XOR and the AES above it are fixed from the receiver side, meaning the
transmitter can enforce repeating the same operation. Such a setting
allows an attacker to monitor the pairing protocol, repeat it with a
small change and extract the Km key. The small change is to pick the
"random" key to be the encrypted key from the previous flow. Now, the
attacker runs the protocol and in its pairing message it gets
E(E(Km)). Since E() is based on
XOR it undoes itself, thus exposing
the Km of the legitimate device.
V2.2 was released to fix that weakness by adding randomness provided
by the receiver side. However the transmitter in V2.2 must not support
receivers of V2.1 or V2.0 in order to avoid this attack. Hence a new
erratum was released to redefine the field called "Type" to prevent
backward compatibility with versions below 2.2. The "Type" flag should
be requested by the content's usage rules (i.e. via the DRM or CAS
that opened the content).
In August 2015, version 2.2 was rumored to be broken. An episode of
Netflix's UHD version of series
Breaking Bad was leaked to the
Internet in UHD format; its metadata indicated it was an HDMI cap,
meaning it was captured through HDMI interface that removed HDCP 2.2
On November 4, 2015, Chinese company LegendSky Tech Co., already known
for their other HDCP rippers/splitters under the HDFury brand,
released the HDFury Integral, a device that can remove HDCP 2.2 from
HDCP-enabled UHD works. On December 31, 2015,
Warner Bros and
Digital Content Protection, LLC (DCP, the owners of HDCP) filed a
lawsuit against LegendSky. Nevertheless, the lawsuit was
ultimately dropped after LegendSky argued that the device did not
"strip" HDCP content protection but rather downgraded it to an older
version, a measure which is explicitly permitted in DCP's licensing
HDCP can cause problems for users who want to connect multiple screens
to a device; for example, a bar with several televisions connected to
one satellite receiver or when a user has a closed laptop and uses an
external display as the only monitor. HDCP devices can create multiple
keys, allowing each screen to operate, but the number varies from
device to device; e.g., a Dish or Sky satellite receiver can generate
16 keys. The technology sometimes causes handshaking problems
where devices cannot establish a connection, especially with older
Edward Felten wrote "the main practical effect of HDCP has been to
create one more way in which your electronics could fail to work
properly with your TV," and concluded in the aftermath of the master
key fiasco that HDCP has been "less a security system than a tool for
shaping the consumer electronics market."
Additional issues arise when interactive media (i.e. video games)
suffer from control latency, because it requires additional processing
for encoding/decoding. Various everyday usage situations, such as live
streaming or capture of game play, are also adversely affected.
There is also the problem that all Apple laptop products, presumably
in order to reduce switching time, when confronted with an
HDCP-compliant sink device, automatically enable HDCP encryption from
the HDMI / Mini
DisplayPort / USB-C connector port. This is a problem
if the user wishes to use recording or videoconferencing facilities
further down the chain, because these devices most often do not
decrypt HDCP-enabled content (since HDCP is meant to avoid direct
copying of content, and such devices could conceivably do exactly
that). This applies even if the output is not HDCP-requiring content,
PowerPoint presentation or merely the device's UI.
Additionally, all Android-based devices and some later PC
tablets exhibit the same behavior, being unusable
with HDCP-enabled sink devices. Some sink devices have the ability to
disable their HDCP reporting entirely, however, preventing this issue
from blocking content to videoconferencing or recording. However, HDCP
content will then refuse to play on many source devices if this is
disabled while the sink device is connected.
When connecting a HDCP 2.2 source device through compatible
distribution to a video wall made of multiple legacy displays the
ability to display an image can not be guaranteed.
Feb 17, 2000
Jun 9, 2003
Jun 13, 2006
Dec 21, 2006
DVI, HDMI, DP, GVIF, UDI
Jul 8, 2009
Oct 23 2008
Interface Independent Adaptation, Any IP based interface
Compressed or uncompressed video (only specified for compressed over
Jul 18, 2011
New mechanism to manage Type 1 content. Type 1 is a flag preventing
content from going to v1.x HDCP. It is assumed that UHD content will
Resolves addition of devices to the HDMI tree without a full tree
re-authentication by allowing ReceiverID_List to be asynchronous
Oct 16, 2012
Addresses a breach described above, as well as other flaws in Locality
Type 1 extended to preventing content from going to v2.1, 2.0 and v1.x
as they all have weaknesses
2.2 for HDMI
Feb 13, 2013
This spec is not bound to backward compatibility to v2.0 and v2.1
hence makes it a clean version of v2.2
2.2 for MHL
Sep 11, 2013
2.3 for HDMI
Feb 28, 2018
The 2.x version of HDCP is not a continuation of HDCPv1, and is rather
a completely different link protection. Version 2.x employs
industry-standard encryption algorithms, such as 128-bit AES with 3072
or 1024-bit RSA public key and 256-bit
HMAC-SHA256 hash function.
While all of the HDCP v1.x specifications support backward
compatibility to previous versions of the specification, HDCPv2
devices may interface with HDCPv1 hardware only by natively supporting
HDCPv1, or by using a dedicated converter device. As a
result,[weasel words] there is currently[when?] no deployment
plan for v2 to replace v1 in existing systems. This
means that HDCPv2 is only applicable to new technologies. It has been
selected for the
Miracast (formerly WiFi Display)
HDCP 2.x features a new authentication protocol, and a locality check
to ensure the receiver is relatively close (it must respond to the
locality check within 7 ms on a normal DVI/HDMI link). Version 2.1
of the specification was recently cryptanalyzed and found to have
several flaws, including the ability to recover the session key.
There are still a few commonalities between HDCP v2 and v1.
Both are under DCP LLC authority.
Both share same license agreement, compliance rules and robustness
Both share same revocation system and same device ID formats.
Digital Transmission Content Protection
Digital rights management
Encrypted Media Extensions
Defective by Design
^ "Digital Content Protection - About DCP".
^ HDCP specification 1.3. Page 31 0x15, Page 35
DVD Glossary". 080509 hddvd-faq.com
^ a b c d e "HDCP deciphered: white paper" (PDF). DCP, LLC.
2008-07-22. Archived from the original on September 20, 2008. CS1
maint: Unfit url (link)
^ a b "HDCP v1.3 specification" (pdf). Digital Content Protection.
2006-12-21. Retrieved 2008-05-08.
^ "Digital Content Protection LLC". Archived from the original on
2008-02-02. Retrieved 2008-01-24.
^ a b c "HDCP License Agreement" (PDF). Digital Content Protection,
LLC. 2008-01-16. Archived from the original (PDF) on 2009-04-19.
^ a b Lawler, Richard. "HDCP 'master key' supposedly released, unlocks
HDTV copy protection permanently". Engadget. Retrieved September 14,
^ Peter Bright (2010-09-17). "
Intel confirms HDCP key is real, can now
be broken at will". Ars Technica. Retrieved 2010-09-17.
^ Latif, Lawrence (2010-09-17). "
Intel confirms that HDCP has been
cracked". The Inquirer.
^ a b c Wired. "
Intel Threatens to Sue Anyone Who Uses HDCP Crack".
^ HDCP antipiracy leak opens doors for black boxes InSecurity
Complex - CNET News
^ "FCC Approves Digital Output Protection Technologies and Recording
Method Certifications" (PDF) (Press release). Federal Communications
Commission. 2004-08-04. Retrieved 2006-12-28.
EICTA announces "Conditions for High Definition Labelling of
Display Devices" (PDF) (Press release). EICTA. 2005-01-19. Retrieved
^ Output Content Protection and Windows Vista
^ The Clicker: Microsoft's OPM for the masses - Engadget
^ Ryan Block (2005-07-21). "The Clicker: HDCP's Shiny Red Button".
Engadget. Retrieved 2006-12-28.
^ Scott Crosby; Ian Goldberg; Robert Johnson; Dawn Song; David Wagner
(2001-11-05). A Cryptanalysis of the High-bandwidth Digital Content
Protection System. ACM-CSS8 DRM Workshop. Archived from the original
on November 7, 2004. Retrieved 2006-12-28.
^ Niels Ferguson, DMCA Censorship, August 15, 2001
^ "HDTV Code Crack Is Real,
Intel Confirms". Fox News.
Intel Confirms That HDCP Master Key is Cracked
^ a b Green, Matthew (2012-08-27). "Reposted: A cryptanalysis of HDCP
v2.1". A Few Thoughts on Cryptographic Engineering.
^ a b c "
High-bandwidth Digital Content Protection System: Mapping
HDCP to HDMI (Revision 2.2)" (PDF). Digital Content Protection LLC.
^ van der Sar, Ernesto (2015-08-28). "First Netflix 4K Content Leaks
to Torrent Sites". Torrentfreak.
^ Robertson, Adi (2015-08-28). "Netflix's 4K video reportedly cracked,
Breaking Bad episode posted online".
^ "HDfury launches yet another path breaking device – the HDCP
Doctor, HDfury Integral". HDFury.com. HDFury. Retrieved 7 January
^ "Lawsuit against Legendsky (PDF)". Retrieved 7 January 2016.
^ Mullin, Joe. "Warner Bros. sues "HD Fury" over boxes that can copy
4k video". Ars Technica. Retrieved 7 January 2016.
^ Van der Sar, Ernesto (May 6, 2016). "4K Content Protection
Warner Bros in Court". TorrentFreak. Retrieved June
^ "Device List as of 1/7/2010" (PDF). Crestron.
^ Masamitsu, Emily (2007-01-23). "PS3 Blinking Mystery
Deepens—Westinghouse: "Our TVs Not the Problem"". Popular Mechanics.
Archived from the original on 2007-02-06.
^ Selter, Scott (2005-11-10). "HDCP "Handshake" A Big Problem For Many
Legacy DVI-Based HDTVs". AVRev.com.
^ Stockfisch, Mark (2007-11-04). "HDMI/DVI HDCP handshake problems
& how to avoid them". EETimes.
^ Felten, Ed (2010-09-11). "Understanding the HDCP Master Key
^ "How do you capture video of your PS3 gameplay". Arqade. Stack
^ "Frequently asked questions about using HDMI with Mac computers -
Apple Support". Apple. 2017-03-22.
^ "HDCP White Paper: How DigitalMedia(TM) Switchers Handle HDCP"
^ "Introduction to HDCP2.2" (PDF). Extron. 2015-09-08.
WirelessHD 1.1 Specification Summary". WirelessHD. WirelessHD.
Retrieved 18 April 2017.
^ "Technical Note Wi-Fi CERTIFIED Miracast™ HDCP Interoperability
Issue: HDCP 2.2 Protocol Descriptor" (PDF). WiFi Alliance. WiFi
Alliance. Retrieved 18 April 2017.
Common Building Block
Intel Communication Streaming Architecture
Intel Inboard 386
Advanced Programmable Interrupt Controller
Intel Turbo Boost
Intel Secure Key
Active Management Technology
High-bandwidth Digital Content Protection
High Definition Audio
I/O Controller Hub
Serial Digital Video Out
Host Embedded Controller Interface
Platform Environment Control Interface
Platform Controller Hub
System Management Bus
Silicon Photonics Link
Broadcast encryption and digital rights management
Conditional access system
Smart cards and encryption
Digital video disc
Content Scramble System (CSS)
Advanced Access Content System
Advanced Access Content System (AACS)
Analogue broadcast encoding
See also free-to-view