HDMI for 360 why not?

Tom wrote:
> GameAddict wrote:
> > well if I were M$ then I will make HDMI cable for 360 and make tons of
> > money. I thought the hardware is there to support it?
>
> They can easily make a cable that simply converts the signal to digital
> and feeds it through an HDMI cable which is fine for gameplay but how
> it would support HDCP security for HD-DVD movies is kind of a mystery.

http://en.wikipedia.org/wiki/HDCP

High-Bandwidth Digital Content Protection (HDCP) is a form of digital
rights management (DRM) developed by the Intel Corporation to control
digital audio and video content as it travels across Digital Visual
Interface (DVI) or High Definition Multimedia Interface (HDMI)
connections. The HDCP specification is proprietary and an
implementation of HDCP requires a license.

HDCP is licensed by Digital Content Protection, LLC, a subsidiary of
Intel. In addition to paying fees, licensees agree to limit the
capabilities of their products. For example, High-definition digital
video content must be restricted to DVD quality on non-HDCP compliant
video outputs when requested by the source. DVD-Audio content is
restricted to DAT quality on non-HDCP digital audio outputs (analog
audio outputs have no quality limits). Licensees cannot allow their
devices to make copies of content, and must design their products to
"effectively frustrate attempts to defeat the content protection
requirements."
Contents
[hide]

* 1 Specification
* 2 Cryptanalysis
* 3 Uses
* 4 References
* 5 External links

[edit]

Specification

HDCP's main target is to prevent transmission of non-encrypted high
definition content. Three systems were developed to achieve that goal:

1. Authentication process disallows non-genuine devices to receive
HD content.
2. Encryption of the actual data sent over DVI or HDMI interface
prevents eavesdropping of information. It also prevents "man in the
middle" attacks.
3. Key revocation procedures ensure that devices manufactured by any
vendors who violate the license agreement could be relatively easily
blocked from receiving HD data.

Each HDCP capable device model has a unique set of keys; there are 40
keys, each 56 bits long. These keys are confidential and failure to
keep them secret may be seen as a violation of the license agreement.
For each set of keys a special key called a KSV (Key Selection Vector)
is created. Each KSV has exactly 20 bits set to 0 and 20 bits set to 1.

During the authentication process, both parties exchange their KSVs.
Then each device adds (without overflow) its own secret keys according
to a KSV received from another device. If a particular bit in the
vector is set to 1, then the corresponding secret key is used in the
addition, otherwise it is ignored. Keys and KSVs are generated in such
a way that during this process both devices get the same 56 bit number
as a result. That number is later used in the encryption process.

Encryption is done by a stream cipher. Each decoded pixel is encrypted
by applying an XOR operation with a 24-bit number produced by a
generator. The HDCP specifications ensure constant updating of keys
(after each encoded frame).

If some particular model is considered "compromised", its KSV is put
into revocation lists, which are written e.g. on newly produced disks
with HD content. Each revocation list is signed with a digital
signature using the DSA algorithm; this is supposed to prevent
malicious users from revoking legitimate devices. During the
authentication process, if the receiver's KSV is found by a transmitter
in the revocation list, then the transmitter considers the receiver to
be compromised and refuses to send HD data to it.
[edit]

Cryptanalysis

Cryptanalysis researchers demonstrated fatal flaws in HDCP for the
first time in 2001, prior to its adoption in any commercial product.
Scott Crosby of Carnegie Mellon University authored a paper with Ian
Goldberg, Robert Johnson, Dawn Song, and David Wagner called "A
Cryptanalysis of the High-bandwidth Digital Content Protection System"
[1]. This paper was presented at ACM-CCS8 DRM Workshop on November 5,
2001.

The authors conclude:

"HDCP's linear key exchange is a fundamental weakness. We can:

* Eavesdrop on any data
* Clone any device with only their public key
* Avoid any blacklist on devices
* Create new device keyvectors.
* In aggregate, we can usurp the authority completely."

Around the same time that Scott Crosby and co-authors were writing this
paper, noted cryptographer Niels Ferguson independently claimed to have
broken the HDCP scheme, but he chose not to publish his research due to
legal concerns arising from the Digital Millennium Copyright Act [2].

The most well-known attack on HDCP is the conspiracy attack, where a
number of devices are compromised and the information gathered is used
to reproduce the private key of the central authority.
[edit]

Uses

HD DVD and Blu-ray Disc players allow content providers to set an Image
Constraint Token (ICT) flag that will only output full-resolution
digital signals using HDCP. If such a player is connected to a
non-HDCP-enabled television set and the content is flagged, the player
will output a downsampled 960x540p signal. Most high-definition
television sets currently in use are not HDCP-capable, and this would
initially negate some of the key benefits of HD DVD and Blu-ray for
those consumers. Movie studios are apparently in agreement to not
include the ICT flag on any HD DVDs or Blu-ray Discs in the immediate
future. [1] [2]

In the United States the Federal Communications Commission approved
(PDF file) HDCP as a "Digital Output Protection Technology" on August
4th, 2004 despite its known flaws. The FCC's Broadcast flag
regulations, which were struck down by the United States Court of
Appeals for the District of Columbia Circuit, would have required
digital output protection technologies on all digital outputs from HDTV
signal demodulators. Congress is still considering legislation that
would implement something similar to the Broadcast Flag. Analog outputs
from digital receivers do not require output protections, but the
analog output must be limited to a resolution of 480p, which
effectively limits sets with analog input to non-HD resolutions. The
HDCP standard is more restrictive than the FCC's Digital Output
Protection Technology requirement. HDCP bans compliant products from
converting HDCP-protected content to full-resolution analog form,
presumably in an attempt to reduce the size of the analog hole.

On January 19, 2005, the European Industry Association for Information
Systems (EICTA) announced that HDCP is a required component of the
European "HD ready" label.

Microsoft has announced that their next operating system release,
Windows Vista, will support this technology in the context of computer
graphics cards and monitors. [3] [4]

By 2005, devices were developed and freely sold in countries without
restrictions on copy-protection circumvention. Those usually take the
form of filters that have to be installed in the signal path between
the movie player or decoder and the TV and strip any HDCP protection
out of the video signal, leaving the movie to play on unprotected
displays. The Clicker: HDCP's Shiny Red Button (2005-07-21)
[edit]

References
 >> Stay informed about: HDMI for 360 why not?