High bandwidth Digital Content Protection (HDCP)

HDCP is a copy protection system to prevent copying of digital audio/video content as it is passed between two devices.

HDCP consists of three parts

1. authentication between the devices
2. encrypted transmission of content
3. revocation

History

HDCP was developed by Intel. The current version is HDCP 2.1.

Protocol dependencies

Earlier HDCP versions used interfaces like HDMI, DVI and Display Port. Since version 2.0, HDCP can be used on a TCP/IP connection. There's no fixed TCP port assigned to HDCP, the endpoints must use an out-of-band mechanism to agree on a port.

Example traffic

Wireshark

The HDCP dissector is in pre-alpha state. It supports the most important messages of the HDCP authentication.

Since there's no well-known port number for HDCP, the dissector is an heuristic dissector on top of TCP.

Preference Settings

There's one preference enable the HDCP dissector

HDCP messages are difficult to recognize (e.g. one byte message id, followed by some bytes of random data). If the dissector were active all the time, it would very likely generate false positives. Therefore, it's inactive by default and can be activated by setting the preference. This approach is similar to the hilscher dissector.

Example capture file

SampleCaptures/hdcp_authentication_sample.pcap - HDCP authentication between a DVB receiver and a handheld device

Everybody who has a chance to capture HDCP traces is encouraged to contribute them. My access to HDCP2 devices is very limited

Display Filter

Capture Filter

External links

• HDCP specifications

• Wikipedia page about HDCP

Discussion