HDCP 2.2 Authentication: RSA Cryptography

In the blog post, The HDCP 2.2 Authentication Process – an Introduction, we discussed why we need HDCP, and the basic steps of the HDCP Authentication Process. We noted that an advanced version of RSA is the underlying cryptography standard used during the Authentication and key exchange.

Here, we will discuss the basics of RSA cryptography.

Basics of RSA Cryptography

All encryption and decryption techniques in cryptography can be classified into 2 categories:

• Symmetric Key
• Public Key

In the Symmetric Key category, both encryption key and decryption key are known to the transmitter as well as the receiver, or a common encryption key is shared between the transmitter and the receiver, whereas decryption key is same or easily computed from the encryption key. A common example of this type of encryption technique is AES which is also used in HDCP2.2 for encryption of the audio visual content.

In the Public Key category, the encryption key is public and known, but private key is computationally infeasible to find without the information which is only known to the receiver. The most popular version of this category is RSA which uses the public key technique.

Figure 1: General principle of Cryptography 

RSA Cryptography is based on the pair of keys consisting of a private key and a public key. Each receiver has its private key and a public key. Private Key is used to encrypt and check signatures whereas public key is used to encrypt the plain text. Public key is not secret and can be sent in a plain text whereas private key is kept secret and can be derived from the public key with an extremely high computation effort.

The advantage of RSA cryptography with a public key and a private key pair is that there is no identical secret key which has to be exchanged between receiver and transmitter. The disadvantage of RSA encryption is that the calculation of cypher text and plain text is elaborate.

Explaining the RSA algorithm mathematically, public key consist of a pair of numbers (e, n) and the private key of a pair of numbers (d, n) where n = p*q where p and q are large secret prime numbers. Figure 2 shows the encryption where a plain text or a message is represented by a number m raising to publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product n (of two large secret prime numbers, p and q)

Figure 2: RSA Encryption using Public key

Decryption is also similar as shown in Figure 3, only a different secret power d is used where e.d≡1 (mod(p-1). (q-1)). The whole security of the system rests in part on the complexity of factoring the published divisor, n.

Figure 3: RSA decryption using private key

Summarizing the algorithm, if two people, say Alice wants to communicate to Bob, then

• Bob chooses secret primes p and q and computes n = pq.
• Bob chooses e with e, (p − 1)(q − 1) = 1.
• Bob computes d with de ≡ 1 mod (p − 1)() (q − 1) .).
• Bob makes n and e public and keeps p, q, d secret.
• Alice encrypts m as c ≡ m^e (mod n) and sends c to Bob.
• Bob decrypts by computing m ≡ c^d (mod n).

Although extremely difficult, plain RSA  can still be broken with sufficient computing power. That’s why HDCP2.2 uses a derivative of plain RSA called Optimized Asymmetric Encryption padding (RSAES-OAEP) which utilizes padding and hash functions.

In the next blog post on HDCP, we will see how this derivative is used in verifying the receiver’s public key certificate and in the Authentication and Key Exchange (AKE) step.

You can learn more about the HDCP 2.2 Authentication Process by downloading our whitepaper, Demystifying the HDCP 2.2 Authentication Process.