High-bandwidth Digital Content Protection System 9 June 2003
Revision 1.1 Digital Content Protection LLC
Page 17 of 85
Transition A1:A2. The random value An and HDCP Transmitter KSV have been written, and
a valid HDCP Receiver Bksv and REPEATER bit have been read. HDCP Transmitter has
confirmed that Bksv contains 20 ones and 20 zeros.
State A2: Computations. In this state, the HDCP Transmitter computes the values Km, Ks,
M
0,
and R
0
, using the HDCP Transmitter’s Device Private Keys, Bksv read during State A1,
and the random number An written to the HDCP Receiver during state A1.
Transition A2:A3. When the computed results from State A2 are available, the HDCP
Transmitter proceeds to State A3.
State A3: Validate Receiver. The HDCP Transmitter reads R
0
' from the HDCP Receiver and
compares it with the corresponding R
0
produced by the HDCP Transmitter during the
computations of State A2. If R
0
is equal to R
0
', then HDCP Encryption is immediately
enabled. The verification timer is set up to generate timer events at the nominal rate of once
every two seconds, plus or minus one-half second. The HDCP Transmitter must allow the
HDCP Receiver up to 100 ms to make R
0
' available from the time that Aksv is written. The
HDCP Transmitter also checks the current revocation list for the HDCP Receiver’s KSV
Bksv. If Bksv is in the revocation list, then the HDCP Receiver is considered to have failed the
authentication. Note: checking the revocation list for Bksv may begin as soon as the Bksv has
been read in State A1, asynchronously to the other portions of the protocol, but it must
complete prior to the transition into the authenticated state (State A4).
The integrity of the current revocation list must be verified by checking the signature of the
SRM using the Digital Content Protection LLC public key, as specified in Section 5.
Transition A3:A0. The link integrity message R
0
received from the HDCP Receiver does not
match the value calculated by the HDCP Transmitter, or Bksv is in the current revocation list.
Transition A3:A6. The link integrity message R
0
received from the HDCP Receiver matches
the expected value calculated by the HDCP Transmitter and Bksv is not in the current
revocation list.
State A4: Authenticated. The HDCP Transmitter has completed the authentication protocol.
At this time, and at no time prior, the HDCP System makes available to the Upstream Content
Control Function upon request, information that indicates that the HDCP System is fully
engaged and able to deliver HDCP Content, which means (a) HDCP Encryption is operational
on each downstream HDCP-protected Interface Port attached to an HDCP Receiver, (b)
processing of valid received SRMs, if any, has occurred, as defined in this Specification, and
(c) there are no HDCP Receivers on HDCP-protected Interface Ports, or downstream, with
KSVs in the current revocation list.
Transition A4:A5. A verification timer event causes this transition to State A5.
State A5: Link Integrity Check. In this state, the HDCP Transmitter reads R
i
' from the
HDCP Receiver and compares that value against its value R
i
. If the values are not equal, then
the HDCP Receiver is incorrectly decrypting the transmitted stream. The R
i
' value may be re-
read to allow for synchronization and I
2
C bus errors. The HDCP Transmitter may also check
for a loss of synchronization with the HDCP Receiver (see Appendix C). If both the HDCP
Transmitter and HDCP Receiver are capable of the Enhanced Link Verification option, the Pj
values may be used to check for loss of synchronization more frequently than the Ri check.
Transition A5:A4. R
i
' from the HDCP Receiver correctly matches the expected value, Ri.