Misplaced Pages

#497502

53-470: MCCS requires a bidirectional communication protocol like Display Data Channel between host and display, although the specification does not favour any particular protocol. A virtual control panel (VCP) code is a binary code that represents a single command entity in the MCCS language. Each command contains variable number of data parameters and command attributes. The following groups of controls are defined in

106-588: A "Digital Output Protection Technology" on 4 August 2004. The FCC's Broadcast flag regulations, which were struck down by the United States Court of Appeals for the District of Columbia Circuit , would have required DRM technologies on all digital outputs from HDTV signal demodulators. Congress is still considering legislation that would implement something similar to the Broadcast Flag. The HDCP standard

159-531: A Blu-ray Disc player) connected to it. In 2001, Scott Crosby of Carnegie Mellon University wrote a paper with Ian Goldberg , Robert Johnson, Dawn Song, and David Wagner called "A Cryptanalysis of the High-bandwidth Digital Content Protection System", and presented it at ACM-CCS8 DRM Workshop on 5 November. The authors concluded that HDCP's linear key exchange is a fundamental weakness, and discussed ways to: They also said

212-555: A DDC-capable monitor was connected. The DDC signal can be sent to or from a video graphics array (VGA) monitor with the I C protocol using the master's serial clock and serial data pins. DDC1 is a simple, low-speed, unidirectional serial link protocol. Pin 12, ID1 functions as a data line that continuously transmits the 128-byte EDID block, and the data clock is synchronised with vertical sync , providing typical clock rates of 60 to 100 Hz. Very few display devices implemented this protocol. The most common version, called DDC2B ,

265-453: A KSV received from another device. Depending on the order of the bits set to 1 in the KSV, a corresponding secret key is used or ignored in the addition. The generation of keys and KSVs gives both devices the same 56-bit number, which is later used to encrypt data. Encryption is done by a stream cipher . Each decoded pixel is encrypted by applying an XOR operation with a 24-bit number produced by

318-446: A generator. The HDCP specifications ensure constant updating of keys after each encoded frame. If a particular set of keys is compromised, their corresponding KSV is added to a revocation list burned onto new discs in the DVD and Blu-ray formats. (The lists are signed with a DSA digital signature, which is meant to keep malicious users from revoking legitimate devices.) During authentication,

371-487: A license for the patent from Intel subsidiary Digital Content Protection LLC, pay an annual fee, and submit to various conditions. For example, the device cannot be designed to copy; it must "frustrate attempts to defeat the content protection requirements"; it must not transmit high definition protected video to non-HDCP receivers; and DVD-Audio works can be played only at CD -audio quality by non-HDCP digital audio outputs (analog audio outputs have no quality limits). If

424-533: A mouse or keyboard with little to no additional effort. Such devices and monitors were briefly available in the mid-1990s, but they disappeared with the introduction of USB . DDC2B+ and DDC2Bi are scaled-down versions of DDC2Ab which only support monitor and graphics card devices but still allow bidirectional communication between them. DDC2 is not exclusive to the VGA interface. Both DVI and HDMI feature dedicated DDC2B wires. DDC/CI ( Command Interface ) standard

477-408: A physical link between a monitor and a video card, which was originally carried on either two or three pins in a 15-pin analog VGA connector . Extended display identification data (EDID) is a companion standard; it defines a compact binary file format describing the monitor's capabilities and supported graphics modes, stored in a read-only memory ( EEPROM ) chip programmed by the manufacturer of

530-545: A separate standard and introduced the DDC2B+ protocol. DDC version 3 , December 1997, introduced the DDC2Bi protocol and support for VESA Plug and Display and Flat Panel Display Interface on separate device addresses, requiring them to comply with EDID 2.0. The DDC standard has been superseded by E-DDC in 1999. DDC is also used as a communication channel for implementing High-bandwidth Digital Content Protection (HDCP). Prior to

583-459: A small change and extract the Km key. The small change is to pick the "random" key to be the encrypted key from the previous flow. Now, the attacker runs the protocol and in its pairing message it gets E(E(Km)) . Since E() is based on XOR it undoes itself, thus exposing the Km of the legitimate device. V2.2 was released to fix that weakness by adding randomness provided by the receiver side. However

SECTION 10

#1733126407498

636-487: A unique set of 40 56-bit keys. Failure to keep them secret violates the license agreement. For each set of values, a special private key called a KSV (Key Selection Vector) is created. Each KSV consists of 40 bits (one bit for each HDCP key), with 20 bits set to 0 and 20 bits set to 1. During authentication, the parties exchange their KSVs under a procedure called Blom's scheme . Each device adds its own secret keys together (using unsigned addition modulo 2 ) according to

689-583: A user has a closed laptop and uses an external display as the only monitor. HDCP devices can create multiple keys, allowing each screen to operate, but the number varies from device to device; e.g., a Dish or Sky satellite receiver can generate 16 keys. The technology sometimes causes handshaking problems where devices cannot establish a connection, especially with older high-definition displays. Edward Felten wrote "the main practical effect of HDCP has been to create one more way in which your electronics could fail to work properly with your TV," and concluded in

742-610: Is a required component of the European " HD ready " label. Microsoft Windows Vista and Windows 7 both use HDCP in computer graphics cards and monitors. HDCP strippers decrypt the HDCP stream and transmit an unencrypted HDMI video signal so it will work in a non-HDCP display. It is currently unclear whether such devices would remain working if the HDCP licensing body issued key-revocation lists, which may be installed via new media (e.g. newer Blu-ray Discs ) played-back by another device (e.g.

795-481: Is also the problem that all Apple laptop products, presumably in order to reduce switching time, when confronted with an HDCP-compliant sink device, automatically enable HDCP encryption from the HDMI / Mini DisplayPort / USB-C connector port. This is a problem if the user wishes to use recording or videoconferencing facilities further down the chain, because these devices most often do not decrypt HDCP-enabled content (since HDCP

848-552: Is based on I²C , a serial bus . Pin 12, ID1, of the VGA connector is used as the data pin of the I²C bus, and the formerly-unused pin 15 is the I²C clock. Pin 9, previously used as a mechanical key, supplies +5V DC power (up to 50mA) to power the EEPROM. With this, the host can read the EDID even if the monitor is powered off. Though I²C is fully bidirectional and supports multiple bus-masters , DDC2B

901-518: Is disabled while the sink device is connected. When connecting a HDCP 2.2 source device through compatible distribution to a video wall made of multiple legacy displays the ability to display an image cannot be guaranteed. The 2.x version of HDCP is not a continuation of HDCPv1, and is rather a completely different link protection. Version 2.x employs industry-standard encryption algorithms, such as 128-bit AES with 3072 or 1024-bit RSA public key and 256-bit HMAC-SHA256 hash function. While all of

954-466: Is meant to avoid direct copying of content, and such devices could conceivably do exactly that). This applies even if the output is not HDCP-requiring content, like a PowerPoint presentation or merely the device's UI. Some sink devices have the ability to disable their HDCP reporting entirely, however, preventing this issue from blocking content to videoconferencing or recording. However, HDCP content will then refuse to play on many source devices if this

1007-424: Is meant to stop HDCP-encrypted content from being played on unauthorized devices or devices which have been modified to copy HDCP content. Before sending data, a transmitting device checks that the receiver is authorized to receive it. If so, the transmitter encrypts the data to prevent eavesdropping as it flows to the receiver. In order to make a device that plays HDCP-enabled content, the manufacturer must obtain

1060-513: Is more restrictive than the FCC's Digital Output Protection Technology requirement. HDCP bans compliant products from converting HDCP-restricted content to full-resolution analog form, presumably in an attempt to reduce the size of the analog hole . On 19 January 2005, the European Information, Communications, and Consumer Electronics Technology Industry Associations ( EICTA ) announced that HDCP

1113-498: Is unidirectional and allows only one bus master —the graphics adapter. The monitor acts as a slave device at the 7-bit I²C address 50h, and provides 128-256 bytes of read-only EDID. Because this access is always a read, the first I²C octet will always be A1h. DDC2Ab is an implementation of the I²C-based 100-kbit/s ACCESS.bus interface, which made it possible for monitor manufacturers to support external ACCESS.bus peripherals such as

SECTION 20

#1733126407498

1166-431: Is version 2.2a, adopted January 2011. Display Data Channel Display Data Channel ( DDC ) is a collection of protocols for digital communication between a computer display and a graphics adapter that enable the display to communicate its supported display modes to the adapter and that enable the computer host to adjust monitor parameters, such as brightness and contrast. Like modern analog VGA connectors,

1219-587: The DVI and DisplayPort connectors include pins for DDC, but DisplayPort only supports DDC within its optional Dual-Mode DP ( DP++ ) feature in DVI/HDMI mode. The standard was created by the Video Electronics Standards Association (VESA). The DDC suite of standards aims to provide Plug and Play and DPMS power management experiences for computer displays. DDC1 and DDC2B/Ab/B+/Bi protocols are

1272-499: The 4 ID pins while manipulating the HSync and VSync signals in order to extract 16 bits (4 ID pin values for each of the 4 combinations of HSync and VSync states) of monitor identification. DDC changed the purpose of the ID pins to incorporate a serial link interface . However, during the transition, the change was not backwards-compatible and video cards using the old scheme could have problems if

1325-569: The Blom's scheme key swap could be broken by a so-called conspiracy attack : obtaining the keys of at least 40 devices and reconstructing the secret symmetrical master matrix that was used to compute them. Around the same time, Niels Ferguson independently claimed to have broken the HDCP scheme, but he did not publish his research, citing legal concerns arising from the controversial Digital Millennium Copyright Act . In November 2011 Professor Tim Güneysu of Ruhr-Universität Bochum revealed he had broken

1378-492: The DDC, the VGA standard had reserved four pins in the analog VGA connector , known as ID0, ID1, ID2 and ID3 (pins 11, 12, 4 and 15) for identification of monitor type. These ID pins, attached to resistors to pull one or more of them to ground (GND), allowed for the definition of the monitor type, with all open (n/c, not connected) meaning "no monitor". In the most commonly documented scheme,

1431-424: The EDID memory in the monitor, limiting the storage size to 2 bytes = 256 bytes, but allowing the use of cheap 2-Kbit EEPROMs. In E-DDC, a special I²C addressing scheme was introduced, in which multiple 256-byte segments could be selected. To do this, a single 8-bit segment index is passed to the display via the I²C address 30h. (Because this access is always a write, the first I²C octet will always be 60h.) Data from

1484-417: The HDCP 1.3 encryption standard. On 14 September 2010, Engadget reported the release of a possible genuine HDCP master key which can create device keys that can authenticate with other HDCP compliant devices without obtaining valid keys from The Digital Content Protection LLC. This master key would neutralize the key revocation feature of HDCP, because new keys can be created when old ones are revoked. Since

1537-459: The HDCP v1.x specifications support backward compatibility to previous versions of the specification, HDCPv2 devices may interface with HDCPv1 hardware only by natively supporting HDCPv1, or by using a dedicated converter device. This means that HDCPv2 is only applicable to new technologies. It has been selected for the WirelessHD and Miracast (formerly WiFi Display) standards. HDCP 2.x features

1590-502: The ID3 pin was unused and only the 3 remaining pins were defined. The ID0 was pulled to GND by color monitors, while the monochrome monitors pulled ID1 to GND. Finally, the ID2 pulled to GND signaled a monitor capable of 1024×768 resolution, such as IBM 8514 . In this scheme, the input states of the ID pins would encode the monitor type as follows: More elaborate schemes also existed that used all of

1643-425: The aftermath of the master key fiasco that HDCP has been "less a security system than a tool for shaping the consumer electronics market." Additional issues arise when interactive media (i.e. video games) suffer from control latency , because it requires additional processing for encoding/decoding. Various everyday usage situations, such as live streaming or capture of game play, are also adversely affected. There

Monitor Control Command Set - Misplaced Pages Continue

1696-497: The attacker may have used the method proposed by Crosby in 2001 to retrieve the master key, although they cited a different researcher. On 16 September, Intel confirmed that the code had been cracked. Intel has threatened legal action against anyone producing hardware to circumvent the HDCP, possibly under the Digital Millennium Copyright Act . In August 2012 version 2.1 was proved to be broken. The attack used

1749-406: The device has a feature like Intel Management Engine disabled, HDCP will not work. Cryptanalysis researchers demonstrated flaws in HDCP as early as 2001. In September 2010, an HDCP master key that allows for the generation of valid device keys was released to the public, rendering the key revocation feature of HDCP useless. Intel has confirmed that the crack is real, and believes the master key

1802-415: The display processor are introduced. MCCS Version 2, Revision 1 was released on May 28, 2005 and included some minor updates, as well as clarifications and improved usability of the standard. MCCS Version 3, released on July 27, 2006, was a major revision and update which introduced significant changes, however this revision has seen very little support from the industry. The latest release of V2 standard

1855-690: The display, but the degree of system integration vary. Windows exposes DDC/CI as the Monitor Configuration Win32 API series. Enhanced Display Data Channel ( E-DDC ) is the most recent revision of the DDC standard. Version 1 was introduced in September 1999 and featured the addition of a segment pointer which allowed up to 32 Kbytes of display information storage for use by the Enhanced EDID (E-EDID) standard. Earlier DDC implementations used simple 8-bit data offset when communicating with

1908-505: The fact that the pairing process sends the Km key obfuscated with an XOR . That makes the encryptor (receiver) unaware of whether it encrypts or decrypts the key. Further, the input parameters for the XOR and the AES above it are fixed from the receiver side, meaning the transmitter can enforce repeating the same operation. Such a setting allows an attacker to monitor the pairing protocol, repeat it with

1961-1031: The first 256-byte segment is performed. The auto-reset mechanism is to provide for backward compatibility to, for example, DDC2B hosts, otherwise they may be stuck at a segment other than 00h in some rare cases. Other important changes were removal of the DDC1 and DDC2Ab protocols, deprecation of separate VESA P&D and FPDI device addresses, and clarifications to the DDC power requirements. E-DDC Version 1.1 , approved March 2004, featured support for HDMI and consumer electronics. E-DDC Version 1.2 , approved December 2007, introduced support for DisplayPort (which has no dedicated DDC2B links and uses its bidirectional auxiliary channel for EDID and MCCS communication) and DisplayID standards. E-DDC Version 1.3 from September 2017 contains corrections for errata and minor clarifications. Some KVM switches (keyboard-video-mouse) and video extenders handle DDC traffic incorrectly, making it necessary to disable monitor plug and play features in

2014-425: The master key is known, it follows that an unlicensed HDCP decoding device could simply use the master key to dynamically generate new keys on the fly, making revocation impossible. It was not immediately clear who discovered the key or how they discovered it, though the discovery was announced via a Twitter update which linked to a Pastebin snippet containing the key and instructions on how to use it. Engadget said

2067-416: The monitor's color balance. Some tilting DDC/CI monitors support an auto-pivot function, where a rotation sensor in the monitor enables the operating system to keep the display upright as the monitor is moved between its portrait and landscape positions. Most DDC/CI monitors support only a small subset of MCCS commands and some have undocumented commands. Many manufacturers did not pay attention to DDC/CI in

2120-629: The monitor. The format uses a description block containing 128 bytes of data, with optional extension blocks to provide additional information. The most current version is Enhanced EDID (E-EDID) Release A, v2.0 . DisplayID is aim to replace EDID, which supports many features such as HDR and color management . The first version of the DDC standard was adopted in August 1994. It included the EDID 1.0 format and specified DDC1, DDC2B and DDC2Ab physical links. DDC version 2 , introduced in April 1996, split EDID into

2173-478: The operating system, and maybe even physically remove pin 12 (serial data pin) from the analog VGA cables that connect such device to multiple PCs. Microsoft Windows features a standard "Plug and Play Monitor" driver which uses the display's EDID information to construct a list of supported monitor modes. The Display Resolution control panel applet can be used to disable this driver's Plug and Play features and manually select any resolution or refresh rate supported by

Monitor Control Command Set - Misplaced Pages Continue

2226-518: The owners of HDCP) filed a lawsuit against LegendSky. Nevertheless, the lawsuit was ultimately dropped after LegendSky argued that the device did not "strip" HDCP content protection but rather downgraded it to an older version, a measure which is explicitly permitted in DCP's licensing manual. HDCP can cause problems for users who want to connect multiple screens to a device; for example, a bar with several televisions connected to one satellite receiver or when

2279-462: The past, but now almost all monitors support such general MCCS commands as brightness and contrast management. DDC/CI standard describes a full suite of bidirectional control protocols - DDC2Ab, DDC2Bi and DDC2B+ - in a single standard and provides a means for packaging Monitor Control Command Set commands. DDC/CI version 1.1 was adopted in October 2004. Monitor Control Command Set version 2.0

2332-445: The selected segment is then immediately read via the regular DDC2 address using a repeated I²C 'START' signal. However, VESA specification defines the segment index value range as 00h to 7Fh, so this only allows addressing 128 segments × 256 bytes = 32  KiB . The segment index register is volatile, defaulting to zero and automatically resetting to zero after each NACK or STOP. Therefore, it must be set every time access to data above

2385-447: The standard: It is possible to select the input source using a VCP command. Some monitors will only take VCP commands from the active input source, others will take commands from any connected input source. Three categories of controls exist: Control data may be read and write (RW), read-only (RO), or write-only (WO). The display exposes its supported internal controls via capability strings. The original MCCS standard version 1

2438-533: The transmitter in V2.2 must not support receivers of V2.1 or V2.0 in order to avoid this attack. Hence a new erratum was released to redefine the field called "Type" to prevent backward compatibility with versions below 2.2. The "Type" flag should be requested by the content's usage rules (i.e. via the DRM or CAS that opened the content). In August 2015, version 2.2 was rumored to be broken. An episode of AMC's series Breaking Bad

2491-575: The transmitting device looks for the receiver's KSV on the list, and if it is there, will not send the decrypted work to the revoked device. HDCP devices are generally divided into three categories: Each device may contain one or more HDCP transmitters and/or receivers. (A single transmitter or receiver chip may combine HDCP and HDMI functionality.) In the United States , the Federal Communications Commission (FCC) approved HDCP as

2544-760: The video card. Many video card manufacturers and third parties provide control applications which can be used to select a custom display mode that does not conform to the EDID information or the monitor .INF file. High-bandwidth Digital Content Protection High-bandwidth Digital Content Protection ( HDCP ) is a form of digital copy protection developed by Intel Corporation to prevent copying of digital audio and video content as it travels across connections. Types of connections include DisplayPort (DP), Digital Visual Interface (DVI), and High-Definition Multimedia Interface (HDMI), as well as less popular or now deprecated protocols like Gigabit Video Interface (GVIF) and Unified Display Interface (UDI). The system

2597-513: Was reverse engineered rather than leaked. In practical terms, the impact of the crack has been described as "the digital equivalent of pointing a video camera at the TV ", and of limited importance for consumers because the encryption of high-definition discs has been attacked directly , with the loss of interactive features like menus. Intel threatened to sue anyone producing an unlicensed device. HDCP uses three systems: Each HDCP-capable device has

2650-450: Was adopted in October 2003. A new MCCS V3 was introduced in July 2006, though did not gain enough industry attention yet. The latest release of V2 standard is version 2.2a, adopted January 2011. Despite its ubiquity in post-2016 displays, DDC/CI is not generally used by the operating system by default for brightness control on external displays. Additional software can be used to send commands to

2703-431: Was introduced in August 1998. It specifies a means for a computer to send commands to the monitor, as well as receive sensor data from the monitor, over a bidirectional link. Specific commands to control monitors are defined in a separate Monitor Control Command Set (MCCS) standard version 1.0, released in September 1998. DDC/CI monitors are sometimes supplied with an external color sensor to allow automatic calibration of

SECTION 50

#1733126407498

2756-679: Was leaked to the Internet in UHD format; its metadata indicated it was an HDMI cap , meaning it was captured through HDMI interface that removed HDCP 2.2 protection. On 4 November 2015, Chinese company LegendSky Tech Co., already known for their other HDCP rippers/splitters under the HDFury brand, released the HDFury Integral, a device that can remove HDCP 2.2 from HDCP-enabled UHD works. On 31 December 2015, Warner Bros and Digital Content Protection, LLC (DCP,

2809-459: Was released on September 11, 1998. MCCS Version 2 was released on October 17, 2003. A major update of the standard, it provided support for flat panel displays, VESA DPVL ( Digital Packet Video Link ) standard; it added a range of television controls and introduced individual control of multiple windows on a display. New classes of VCP codes associated with asset management, secondary displays (for information, status, etc.) and remote program calls to

#497502