Go Back
By Industry
By Technology
Synopsys Cloud
Synopsys Cloud

Cloud native EDA tools & pre-optimized hardware platforms

Request a Free Trial →
Multi-Die System Solution
Multi-Die System Solution

A comprehensive solution for fast heterogeneous integration

Discover Multi-Die →
View All Solutions →
Explore Silicon Design, Verification & Manufacturing

Synopsys is a leading provider of electronic design automation solutions and services.

Families
Optical Design
Photonic Design
Design
3D Image Processing
Verification
Modeling & Simulation
Manufacturing
Try Synopsys Cloud
Synopsys Cloud

Unlimited access to EDA software licenses on-demand

Request a Free Trial →
Explore Silicon IP

Synopsys is a leading provider of high-quality, silicon-proven semiconductor IP solutions for SoC designs.

Interface IP
Processor IP
Analog IP
Memories & Libraries
SoC Architecture
Security IP
SoC Infrastructure IP
IP Accelerated
IP Markets
Synopsys IP Portfolio Cover
Synopsys IP Portfolio
Download Brochure →
Synopsys IP Technical Bulletin
Read Latest Issue →
Explore Application Security

Synopsys helps you protect your bottom line by building trust in your software—at the speed your business demands.

Integrated AppSec Solutions
Software Risk Analysis
AppSec Program Services
Your guide to securing your open source supply chain
Your guide to securing your open source supply chain
Read the report →
View All Products →
Company Overview
Resources
SNUG 2024 | Synopsys
SNUG 2024

Synopsys User Group Conference

Learn more →
Synopsys Job Search Thumbnail
Pursue Your Passion

Start Your Job Search

Apply Now →

Understanding HDMI & HDCP 2.2 Authentication

VIP Expert

Apr 20, 2015 / 2 min read

Table of Contents

When digital content is transmitted, it is susceptible to unauthorized copying and interceptions. Hence protecting content has become an important factor in the transmission of audiovisual content. In 2003, Intel developed an encryption technique called the High-bandwidth Digital Content Protection (HDCP) protocol to protect audio and video data between a transmitter (transmitting the audio visual content such as a Blu-ray player) and a receiver such as a Monitor. If a transmitting device is transmitting the content HDCP protected then the receiver must also support HDCP in order to receive the content correctly.

HDCP protocol is now managed by Digital Content Protection (DCP), LLC, an Intel subidiary, which licenses technologies for the protection of commercial digital content. For every HDCP protected digital content must follow the HDCP protocol and also must have a license issued by DCP, LLC.

History of HDCP

In earlier devices that support the 1.X version of HDCP, such as HDCP1.4, the receiver demonstrates that it has valid secret keys, device private key. Transmitter authenticates that the receiver has valid keys, and then both devices share a secret session key that will be used during encryption as depicted in Figure 1. The authentication strength was reasonable using SHA-1 encryption algorithm in key exchanges. Most of the authentication and encryption was proprietary between devices that support HDCP1.4. Encryption uses a proprietary stream cipher.

HDCP 1.x authentication process diagram

Introduction to HDCP2.2

HDCP 2.2 specification applies state of the art cryptography standards, such as RSA and AES, and uses them in authentication and encryption respectively which makes it much more secure than the previous HDCP1.X protocols.

HDCP 2.2 protocol works in 3 phases: the first phase, Authentication, is to verify that the receiver is genuine and authorized to receive the digital content. During the second phase, Encryption, transmitter can start sending the encrypted data to receiver, which will then decrypt it using keys exchanged during the authentication step. In the event that legitimate devices are compromised, the third phase, Renewability, allows the HDCP transmitters to identify such compromised devices and prevent transmission of HDCP content.

HDCP2.2 Authentication Protocol

Before transmitting the audio visual content, the transmitter must make sure using the authentication protocol that the receiver is genuine and authorized to receive the protected content.

The Authentication Protocol consists of:
1. Authentication and key exchange (AKE): Checks that the receiver contains a valid un-revoked public key certificate.
2. Locality Check: A check to make sure that the receiver is placed nearby and restricts the transmission to a locality.
3. Session key exchange (SKE): A common shared session key is exchanged which will be used to encrypt the data itself.
4. Authentication with repeater: An option step when sink is a repeater i.e., Subsequent sink device can be attached. Transmitter checks that none of the receivers in the topology is un-authorized.

In the next blog post, we will discuss the basics of RSA cryptography. An advanced version of RSA is the underlying cryptography standard used during the Authentication and key exchange.

Continue Reading

Verifying CXL 3.1 Designs with Synopsys Verification IP

Verifying CXL 3.1 Designs with Synopsys Verification IP

Zongyao Wen
Nikhil Jain
By Zongyao Wen, Nikhil Jain

Apr 11, 2024 / 4 min read

Tags: Verification Central, Verification IP, Verification
Customer Spotlight: NXP's S32N Family of Processors Enables Vehicle Super-Integration for Central Compute Applications

Customer Spotlight: NXP's S32N Family of Processors Enables Vehicle Super-Integration for Central Compute Applications

Marc Serughetti
By Marc Serughetti

Apr 10, 2024 / 4 min read

Tags: Verification Central, Automotive, Verification, Virtual Prototyping
Synopsys and Arm Collaboration -Accelerating Development and Innovation for Arm-based Automotive Systems

Synopsys and Arm Collaboration -Accelerating Development and Innovation for Arm-based Automotive Systems

Marc Serughetti
By Marc Serughetti

Mar 15, 2024 / 4 min read

Tags: Verification Central, Design, Automotive, Verification, Virtual Prototyping