[tshaddox]

I think you're essentially describing the hardware DRM supply chain.

For example, HDCP is a DRM scheme where Intel convinces (or legally requires) every manufacturer of HDMI output devices (e.g. set-top boxes, Blu-ray players) in the world to encrypt certain video streams.

Then, Intel requires manufacturers of HDMI input devices (e.g. TVs) to purchase a license key that can decrypt those video streams. This license agreement also requires the manufacturer to design their device such that the device key cannot be easily discovered and the video content cannot be easily copied.

Then, Intel gets media companies to include some extra metadata in video media like Blu-ray discs. This metadata can contain revoked device keys, so that if a TV manufacturer violates the terms of the license agreement (e.g. leaks their key, or sells a device that makes copies of video content), that manufacturer's TVs won't be able to play new content that starts including their key in the revocation list.

Of course, Intel's HDCP master key was either leaked or reverse-engineered, so anyone can generate their own valid device keys. Intel will probably sue you if you do this, I guess.

[charcircuit]

>Of course, Intel's HDCP master key was either leaked or reverse-engineered, so anyone can generate their own valid device keys

Of an older version of HDCP. New media can require a higher HDCP version where that bypass isn't possible.

[tshaddox]

That's certainly possible, but did that actually happen in practice? The downside is obviously that you essentially start selling new Blu-ray discs that don't work on any old Blu-ray players. I feel like I would have heard if that happened. Unless maybe the old players could issue firmware updates?

[charcircuit]

>That's certainly possible, but did that actually happen in practice?

Yes, see 4k blurays for requiring HDCP 2.2 requiring people to get a new bluray player.

[sebzim4500]

Interesting. I don't understand the revocation process though.

What stops the blu-ray reader from just ignoring the revocation list on the disk?

[tshaddox]

The revocation list is for the TV. Intel revokes a TV's key, distributes the updated revocation list on new Blu-ray discs, and when a compliant Blu-ray player is playing one of those new discs it will refuse to negotiate with a revoked TV.

Now that I think of it, I wonder if compliant Blu-ray players actually save the new revocation entries and then continue refusing to negotiate with revoked TVs even for old Blu-ray discs.

[galangalalgol]

If so, couldn't a malicious disc revoke all TVs?

[tshaddox]

Perhaps, although you’d presumably need Intel’s private keys in order to sign the revocation list.

[dylan604]

That's where the reversing comes in to switch the function call to check the revocation list to a NOP and just keep on going. At least, that's how I imagine HDMI equipment that ignores HDCP works

What stops them from being sold that way would probably be the licensing agreement and honest players. I'd imagine in China, there are lots of these types of devices available.

[blibble]

the blu-ray is encrypted and the player requires a key to decrypt it

if you want your blu-ray player to be able to read blu-ray disks you sign a contract that says you will respect the revocation list

if you change your mind later: your player key will be revoked and new blu-rays won't play on your device

(it's actually more sophisticated than this... they can block specific players too)

[tshaddox]

That doesn't quite sound right to me. I don't think a new Blu-ray disc could be released that continues to be readable by some old readers but is no longer readable by other old readers.

[blibble]

> I don't think a new Blu-ray disc could be released that continues to be readable by some old readers but is no longer readable by other old readers.

you can obviously think whatever you want, but you'd be completely wrong

DVD supported this 20 years ago, blu-ray's system is far more sophisticated and can even block individual players

    The approach of AACS provisions each individual player with a unique set of decryption keys which are used in a broadcast encryption scheme. This approach allows licensors to "revoke" individual players, or more specifically, the decryption keys associated with the player. Thus, if a given player's keys are compromised and published, the AACS LA can simply revoke those keys in future content, making the keys/player useless for decrypting new titles.

(from https://en.wikipedia.org/wiki/Advanced_Access_Content_System)

the spec also supports a persistent CRL so a new disk can also stop your old disks from working

[AnthonyMouse]

The problem, of course, being that some players will just read the raw bytes from the disc without even attempting to decrypt them, and then anyone can decrypt them in software using any other keys even if the player used to read the disc was revoked.

Then every time another player's keys are published it allows anyone to use the older player to read discs using the newer player's leaked keys. And some players are cracked but the keys aren't published, instead they use them to extract the disc key for every new disc and then publish all the disc keys, which can be used in the same way without revealing which player was cracked.

[tshaddox]

For CSS and AACS, yes. I was referring specifically to HDCP, which involves negotiation between source and sink devices and AFAIK has nothing like broadcast encryption.