In The HDCP 2.2 Authentication Process – an Introduction, we discussed why we need HDCP, and the basic steps of the HDCP Authentication Process. We noted that an advanced version of RSA is the underlying cryptography standard used during the Authentication and Key Exchange (AKE). AKE is the first step in the authentication protocol. Here we will continue exploring the next 3 steps of the protocol: Locality Check, Session Key Exchange (SKE) and Authentication with repeater.
This is an interesting checking mechanism introduced in HDCP2.X to ensure that the receiver and the transmitter are placed nearby. It prohibits sharing of HDCP2.2 protected content over a long distance.
The flow for locality check is shown in the figure below. The transmitter sends a random number (rn) to the receiver and expects the HMAC-SHA256 value L’ computed over rn and derived key Kd to be back within 20ms. In the case of failure of locality check, either due to timer expiration or mismatch between L and L’, it may result in Authentication failure. The protocol permits the transmitter to retry the locality check (up to 1024 attempts) by sending the LC_INIT message with a new rn value.
Flow for Locality Check
Successful completion of AKE and locality check affirms to the HDCP transmitter that the HDCP receiver is authorized to receive the HDCP protected audio visual content. So after the locality check, the transmitter can generate a random 128 bit session key (Ks) and encrypt it using the Master key exchanged during the AKE and send it to the receiver.
During SKE, the HDCP transmitter:
Then this session key Ks and Riv will be used in the encryption of the audio video content by the transmitter. The receiver will be able to decrypt the content using this key (remember the Symmetric key encryption technique).
This is an optional step only needed when the receiver is a repeater device. This step is used to propagate the topology information to the transmitter. The repeater accumulates a list of the entire downstream receiver IDs as well as the number of levels in the topology tree. The transmitter also checks whether any of the receivers is in its revocation list.
Once authentication is successful, the transmitter can start encrypting the audio visual content using AES-128 bit encryption algorithms which is a very secure and fast encryption technique capable of providing high bandwidth. The key for the AES core is the session key (Ks) xor with the secret constant lc128. This secret constant is provided by DCP LLC.
You can learn more about the HDCP 2.2 Authentication Process by downloading our whitepaper, Demystifying the HDCP 2.2 Authentication Process.