All HDCP transmitters or receivers also include a Key Selection Vector (KSV) provided by DCP.
This 20-bit binary value uniquely identies the HDCP transmitter or receiver. Devices exchange
KSVs and use them during authentication and encryption.
The transmitters and receivers also implement the HDCP cipher, an algorithm that encrypts and
decrypts data. The cipher generates pseudo-random numbers that are passed between the
devices and used during authentication and encryption.
Authentication
HDCP authentication has three parts:
1. First Part of Authentication: The transmitter and receiver both calculate a shared secret
session key that they use for encrypting and decrypting data. By completing this process,
the receiver demonstrates that it holds valid, secret device keys without needing to reveal
those keys publicly.
This happens in several steps. First, the transmitter sends its KSV to the receiver,
along with a pseudo-random value generated by its cipher. In return, the receiver
sends its KSV to the transmitter, along with a single bit that indicates whether the
receiver is a repeater.
The transmitter and receiver then each use the other device’s KSV and their own Device
Private Keys to generate a shared secret value. Because all HDCP keys are mathematically
related, this calculation results in an identical value within each device.
This value is secret, so the two devices do not transmit the value over the network;
however, they each feed the shared secret value and the pseudo-random number
into their HDCP cipher engine. The HDCP cipher generates a secret shared session key
along with another value, which the receiver sends to the transmitter to indicate it has
successfully completed its part of the authentication process. The transmitter compares it
with its own calculated value, and if the two are identical, authentication is successful. The
transmitter can then start sending a stream of content, encrypted using the session key,
which only the receiver can decipher.
2. Second Part of Authentication: This occurs only if the receiving device is a repeater.
The receiver sends to the transmitter a list of all downstream receiver KSVs, as well as
the number of levels in the tree. This enables the transmitter to determine whether the
maximum tree size has been exceeded and whether all devices in the tree are valid.
3. Third Part of Authentication: This nal stage occurs periodically during the transmission
of encrypted content. Every 128 video frames or at least once every two seconds, the
6
(16 Seiten)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern