Verification Academy

Search form

My Account Menu

  • Register
  • Log In
  • Topics
  • Courses
  • Forums
  • Patterns Library
  • Cookbooks
  • Events
  • More
  • All Topics
    The Verification Academy offers users multiple entry points to find the information they need. One of these entry points is through Topic collections. These topics are industry standards that all design and verification engineers should recognize. While we continue to add new topics, users are encourage to further refine collection information to meet their specific interests.
    • Languages & Standards

      • Portable Test and Stimulus
      • Functional Safety
      • Design & Verification Languages
    • Methodologies

      • UVM - Universal Verification Methodology
      • UVM Framework
      • UVM Connect
      • FPGA Verification
      • Coverage
    • Techniques & Tools

      • Verification IP
      • Simulation-Based Techniques
      • Planning, Measurement, and Analysis
      • Formal-Based Techniques
      • Debug
      • Clock-Domain Crossing
      • Acceleration
  • All Courses
    The Verification Academy is organized into a collection of free online courses, focusing on various key aspects of advanced functional verification. Each course consists of multiple sessions—allowing the participant to pick and choose specific topics of interest, as well as revisit any specific topics for future reference. After completing a specific course, the participant should be armed with enough knowledge to then understand the necessary steps required for maturing their own organization’s skills and infrastructure on the specific topic of interest. The Verification Academy will provide you with a unique opportunity to develop an understanding of how to mature your organization’s processes so that you can then reap the benefits that advanced functional verification offers.
    • Universal Verification Methodology (UVM)

      • Advanced UVM
      • Basic UVM
      • Introduction to UVM
      • UVM Connect
      • UVM Debug
      • UVMF - One Bite at a Time
    • Featured Courses

      • Introduction to ISO 26262
      • Introduction to DO-254
      • Clock-Domain Crossing Verification
      • Portable Stimulus Basics
      • Power Aware CDC Verification
      • Power Aware Verification
      • SystemVerilog OOP for UVM Verification
    • Additional Courses

      • Assertion-Based Verification
      • An Introduction to Unit Testing with SVUnit
      • Evolving FPGA Verification Capabilities
      • Metrics in SoC Verification
      • SystemVerilog Testbench Acceleration
      • Testbench Co-Emulation: SystemC & TLM-2.0
      • Verification Planning and Management
      • VHDL-2008 Why It Matters
    • Formal-Based Techniques

      • Formal Assertion-Based Verification
      • Formal-Based Technology: Automatic Formal Solutions
      • Formal Coverage
      • Getting Started with Formal-Based Technology
      • Handling Inconclusive Assertions in Formal Verification
      • Sequential Logic Equivalence Checking
    • Analog/Mixed Signal

      • AMS Design Configuration Schemes
      • Improve AMS Verification Performance
      • Improve AMS Verification Quality
  • All Forum Topics
    The Verification Community is eager to answer your UVM, SystemVerilog and Coverage related questions. We encourage you to take an active role in the Forums by answering and commenting to any questions that you are able to.
    • UVM Forum

      • Active Questions
      • Solutions
      • Replies
      • No Replies
      • Search
      • UVM Forum
    • SystemVerilog Forum

      • Active Questions
      • Solutions
      • Replies
      • No Replies
      • Search
      • SystemVerilog Forum
    • Coverage Forum

      • Active Questions
      • Solutions
      • Replies
      • No Replies
      • Search
      • Coverage Forum
    • Additional Forums

      • Announcements
      • Downloads
      • OVM Forum
  • Patterns Library
    The Verification Academy Patterns Library contains a collection of solutions to many of today's verification problems. The patterns contained in the library span across the entire domain of verification (i.e., from specification to methodology to implementation—and across multiple verification engines such as formal, simulation, and emulation).
    • Implementation Patterns

      • Environment Patterns
      • Stimulus Patterns
      • Analysis Patterns
      • All Implementation Patterns
    • Specification Patterns

      • Occurrence Property Patterns
      • Order Property Patterns
      • All Specification Patterns
    • Pattern Resources

      • Start Here - Patterns Library Overview
      • Whitepaper - Taking Reuse to the Next Level
      • Verification Horizons - The Verification Academy Patterns Library
      • Contribute a Pattern to the Library
  • All Cookbooks
    Find all the methodology you need in this comprehensive and vast collection. The UVM and Coverage Cookbooks contain dozens of informative, executable articles covering all aspects of UVM and Coverage.
    • UVM Cookbook

      • UVM Basics
      • Testbench Architecture
      • DUT-Testbench Connections
      • Configuring a Test Environment
      • Analysis Components & Techniques
      • End Of Test Mechanisms
      • Sequences
      • The UVM Messaging System
      • Other Stimulus Techniques
      • Register Abstraction Layer
      • Testbench Acceleration through Co-Emulation
      • Debug of SV and UVM
      • UVM Connect - SV-SystemC interoperability
      • UVM Versions and Compatibility
      • UVM Cookbook
    • Coding Guidelines & Deployment

      • Code Examples
      • UVM Verification Component
      • Package/Organization
      • Questa/Compiling UVM
      • SystemVerilog Guidelines
      • SystemVerilog Performance Guidelines
      • UVM Guidelines
      • UVM Performance Guidelines
    • Coverage Cookbook

      • Introduction
      • What is Coverage?
      • Kinds of Coverage
      • Specification to Testplan
      • Testplan to Functional Coverage
      • Bus Protocol Coverage
      • Block Level Coverage
      • Datapath Coverage
      • SoC Coverage Example
      • Requirements Writing Guidelines
      • Coverage Cookbook
  • All Events
    No one argues that the challenges of verification are growing exponentially. What is needed to meet these challenges are tools, methodologies and processes that can help you transform your verification environment. These recorded seminars from Verification Academy trainers and users provide examples for adoption of new technologies and how to evolve your verification process.
    • Upcoming & Featured Events

      • Creating an Optimal Safety Architecture  - February 9th
      • The ABC of Formal Verification - February 11th
      • Events Calendar
    • On Demand Seminars

      • I'm Excited About Formal...
      • Visualizer Coverage
      • Formal-based ‘X’ Verification
      • 2020 Functional Verification Study
      • All On-Demand Seminars
    • Recording Archive

      • Improving Your SystemVerilog & UVM Skills
      • Should I Kill My Formal Run?
      • Visualizer Debug Environment
      • All Recordings
    • Mentor Training Center

      • SystemVerilog for Verification
      • SystemVerilog UVM
      • UVM Framework
      • Instructor-led Training
    • Mentor Learning Center

      • SystemVerilog Fundamentals
      • SystemVerilog UVM
      • Questa Simulation Coverage Acceleration Apps with inFact
      • View all Learning Paths
  • About Verification Academy
    The Verification Academy will provide you with a unique opportunity to develop an understanding of how to mature your organization's processes so that you can then reap the benefits that advanced functional verification offers.
    • Blog & News

      • Verification Horizons Blog
      • Academy News
      • Academy Newsletter
      • Technical Resources
    • Verification Horizons Publication

      • Verification Horizons - November 2020
      • Verification Horizons - July 2020
      • Verification Horizons - March 2020
      • Issue Archive
    • About Us

      • Verification Academy Overview
      • Subject Matter Experts
      • Contact Us
    • Training

      • Questa® & ModelSim®
      • Questa® inFact
      • Functional Verification Library
  • Home /
  • Verification Horizons /
  • June 2016 /
  • Simplifying HDCP Verification Using Questa® VIP

Simplifying HDCP Verification Using Questa® VIP

Verification Horizons - Tom Fitzpatrick, Editor

Simplifying HDCP Verification Using Questa® VIP by Raman Jain and Priya Minocha, Mentor Graphics

Since the advent of television, transference of video data from source to display has been a challenging task. Video by nature contains large amounts of information that needs to be transferred quickly. As modern digital displays were introduced, new standards to transfer the video were also introduced; such as Digital Visual Interface (DVI), High- Definition Multimedia Interface (HDMI), DisplayPort, UDI, GVIF, etc.

Digital transmission of audiovisual content is desirable when pursuing the highest possible quality, as it allows perfect reproduction of the source content on displays. But that data must be kept secure from unauthorized parties. High- Bandwidth Digital Content Protection (HDCP), developed by Intel®, provided a solution to prevent copying of digital audio and video content as it travels across the devices. HDCP involves multiple standards that contain various complex algorithms used during authentication, which itself is a multi-step flow and hence makes it difficult to use. This article describes various challenges in the field of verifying and debugging HDCP protected interfaces (HDMI and DisplayPort), and how Mentor’s QVIP makes this task easier for users by providing simple to use APIs and debug messages.

INTRODUCTION TO HDCP

HDCP is a system meant to encrypt the audiovisual content in such a way that this HDCP-encrypted content is restricted from being played on unauthorized devices or devices which have been revoked by the system.

Let’s think of a security check at the airport. First, they confirm your identity and an authorized booking. If everything is fine, they allow you to enter, provide you a seat and let you enjoy the journey. Here, tickets, passport, and IDs are like the public and private keys associated with an HDCP Device. Once they are authenticated, you are provided with a session key (similar to a seat allotted in airplane), which is used to encrypt/decrypt the content.

Likewise, whenever a source device detects the presence of a display (through Hot Plug Detect or any other means), it starts an HDCP session. An HDCP session is basically the exchange of keys between source and display devices. Only valid keys will result in successful authentication. Once, the device is authenticated successfully, they generate a shared secret value which cannot be determined by eavesdroppers.

In case the device does not possess valid keys, authentication fails and the secret value to decrypt the content is not shared with the display. And hence the encrypted content received by the display cannot be decrypted.

Figure 1: Airport Security Check


An HDCP system contains:

  • One Content Control Function, whose content is encrypted
  • One transmitter that encrypts
  • One or multiple receivers (or repeaters)

Figure 2: HDCP System


It provides a three step content protection mechanism:

  1. Authentication of HDCP Receivers to their immediate upstream connection (to an HDCP Transmitter)
  2. Revocation of HDCP Receivers that are determined to be invalid by the Digital Content Protection, LLC
  3. HDCP Encryption of Audiovisual Content over the HDCP-protected interfaces between HDCP transmitters and their downstream HDCP receivers

Before sending data, a transmitting device checks that the receiver is authorized to receive it. If so, the transmitter encrypts the data to prevent eavesdropping as it flows to the receiver.

HDCP supports two versions, HDCP V1.x and HDCP V2.x, where Version 2.x is not a continuation of 1.x and is rather a completely different link protection.

HDCP 1.X

To each adopter of HDCP v1.x, Digital Content Protection, LLC provides a unique set of 40, 56-bit secret device keys and a corresponding 40-bit identifier, Key Selection Vector (KSV). Exchange of these secret device keys between the HDCP devices generates a shared secret value that cannot be determined by eavesdroppers. This shared secret value is then used as a symmetric key to encrypt the HDCP content. If a particular set of keys is compromised, their corresponding KSV is added to a revocation list burned onto new devices. The lists are signed with a DSA digital signature, which is meant to keep malicious users from revoking legitimate devices. During authentication, the transmitting device looks for the receiver’s KSV on the list, and if it is there, will not send protected content to the revoked device. Thus, a communication path is established between the HDCP transmitter and HDCP receiver that can be accessed only by authorized devices.

HDCP 1.x system allows up to seven levels of HDCP repeaters and as many as 128 total HDCP devices, including repeaters.

HDCP authentication protocol is completed in three parts:

  1. First Part of Authentication Process: Establishes shared values between the two HDCP devices if both devices have a valid Device Key Set from the Digital Content Protection, LLC.
  2. Second Part of Authentication: Allows an HDCP repeater to report the KSVs of attached HDCP receivers.
  3. Third Part of Authentication: Occurs during the vertical blanking interval preceding each frame for which encryption is enabled and provides an initialization state for the HDCP cipher for encrypting the HDCP content within that frame.

Once the authentication has been completed successfully, a pseudo-random data stream (24-bit for HDMI and 32-bit for DP) is generated by the HDCP cipher. HDCP encryption consists of bit-wise exclusive-or (XOR) of this data stream with the content to be encrypted.

HDCP 2.X

HDCP Version 2.x is a completely different mechanism for authentication and encryption, HDCP v2.2 being the latest evolution in the 4K era. HDCP 2.0 replaces the ad hoc 56-bit HDCP 1.x encryption scheme with two standard algorithms from the data security industry: for authentication, an RSA system with 1024 and 3072-bit keys, and for content encryption, a 128-bit AES system.

In addition, the maximum number of connected devices is reduced to 32 and the maximum level of repeaters is reduced to four. All of these changes mean that unlike HDCP v1.x specifications, which support backward compatibility, HDCP v2.x is not directly backward compatible with HDCP 1.x. However, the new specifications describe a few converters to interact between HDCP 1.x and HDCP 2.x devices to support mixed A/V systems with both versions of HDCP-compliant devices. Thus, HDCP v2.x interfaces may only interact with HDCP v1.x only by natively supporting HDCP v1.x using a dedicated converter device.

All HDCP v2 adopters are provided with a 128-bit secret Global Constant denoted by lc128 by DCP LLC. The same Global Constant is shared by all the HDCP devices.

All HDCP v2 transmitters are issued a 3072-bit RSA public key of DCP LLC denoted by kpubdcp and receivers are issued 1024-bit RSA public and private keys.

HDCP 2.x features a new authentication protocol and a locality check to ensure that only nearby devices will be able to receive the protected content. This authentication protocol is comprised of the following stages:

  1. Authentication and Key Exchange (AKE): The HDCP receiver’s public key certificate is verified by the HDCP transmitter and a master key Km is exchanged.
  2. Locality Check: The HDCP transmitter en- sures that the receiver is located nearby by requiring that the Round Trip Time (RTT) between two messages is not more than 20 ms.
  3. Session Key Exchange (SKE): Successful completion of AKE and locality check stages affirm to the HDCP transmitter that the HDCP receiver is authorized to receive HDCP content. Then a 128-bit pseudo-random session key is generated by the transmitter and is communicated to the receiver. Whenever, HDCP encryption is disabled due to detection or loss of HPD or authentication failures, this session key is expired.
  4. Authentication with Repeaters: If the connected downstream port is an HDCP repeater, this step is executed. It is used for the upstream propagation of topology information and the downstream propagation of Content Stream Management information.

Although the mechanisms for HDCP v1.x and v2.x are completely different, still there are few commonalities between HDCP v2 and v1:

  1. Both are under DCP LLC authority
  2. Both share the same license agreement, compliance rules and robustness rules
  3. Both share the same revocation system and same device ID formats, moreover basic HDCP encryption/ decryption fundamentals remain intact.

DIFFERENCES IN HDCP FOR HDMI AND DP

All the HDCP 1.x versions have a similar concept for authenticating the display device, but among the different types of interfaces, few differences occur at the encryption stage. For example, for HDMI the pseudo-random encrypted output is 24-bit wide while for DisplayPort it is 32-bit wide. This concept holds true for Version 2.x as well.

Here we have mentioned some differences in HDCP for HDMI and DP interfaces.

For Version 1.x DisplayPort varies in the following manner:

  • Third Step of Authentication, which resets the Cipher in the Vertical Blanking of every frame, is absent
  • Authentication process can be started either by sending AKSV and An or by receiving BKSV first

For Version 2.x, it has the following variations:

  • Locality timing check
  • Field in register rx_status

Few variations that are common among both the versions:

  • Wide Offset address range than HDMI
  • In DP CP_IRQ interrupt can be sent by receiver which does not exist in HDMI
  • Link Integrity check process differs
  • Encryption Criteria and Cipher Calculation logics differ
  • Stream Mapping over lanes differ in both

Above are the basic differences which exist in HDCP for HDMI and DP along with other minor differences.

VERIFICATION CHALLENGES

Being a content protection protocol, HDCP involves complicated algorithms for authentication and encryption which in turn brings a dilemma for successful verification. Along with the great merits which HDCP bring along, it also introduces the following verification intricacies:

Multi-flavored versions

  • Multi-step flow of authentication and encryption/ decryption algorithms
  • Two explicit sets of algorithms for Version 1.x and 2.x
  • Within a version different flavors for different interfaces

All the above reasons make it cumbersome to create single test bench scenarios that can run on all the versions and their corresponding revisions.

Debugging

  • If something goes wrong at some point of the authentication or there are cipher mismatches then it becomes hard to find out the exact cause of the issue as HDCP involves complex algorithms and multiple steps.

Analyzing bus activities

  • Multiple private and public keys of wide bit lengths
  • Highly iterative logic at every instant
  • Multiple cycles to complete each step

All these make it difficult to analyze the bus activities.

Verification closure

  • Authentication process is dynamic. It can be initiated at any point of time and any number of times
  • Multiple possible scenarios which may lead to authentication failure

These call for a full-fledged functional verification plan to execute all the scenarios.

Content validation

  • Once the encrypted audio-visual content received at the display has been decrypted, the actual data before the encryption and after the decryption needs to be compared in order to validate the synchronization of pseudo-random cipher values at both ends.

QUESTA VERIFICATION IP SOLUTION

Mentor’s Display QVIPs provide a user friendly solution to verify various display interfaces like HDMI and DisplayPort. HDCP Versions 1.x and 2.x are available for HDMI and DisplayPort.

Questa VIP provides the following major features to solve HDCP problems:

Consistent HDCP solution

  • Consistent HDCP solution across different versions as well as interfaces, HDMI and DisplayPort.

It reduces the test bench development time and effort required to verify HDCP when moving from one version to another or one interface to another.

Dynamic control of HDCP functionality

  • Switches to enable and disable HDCP functionality during the simulation at any point of time. Moreover, once devices are authenticated, HDCP encryption can be enabled dynamically.

Easy to use APIs

  • APIs to execute the authentication with a single call, which are consistent across versions 1.x and 2.x

For example, a single API call “start_auth” would automatically start the authentication process and all authentication steps will get executed once. A snapshot for the sequence to initiate HDCP authentication is shown below:

Figure 3: HDCP authentication initiation sequence


Control for individual authentication steps

  • APIs to control individual steps of authentication which can be called again to restart authentication as and when required. These APIs are consistent across different versions.

Informative messages

  • Informative messages during authentication process describe the current stage of the authentication and related information
  • Status variables show the cipher values at every cycle.

Sample of debug messages provided is shown below in Figure 4.

Figure 4: Debug messages sample


Ease of debugging

  • Checks for all kinds of protocol violations along with a detailed description of fired messages.
  • When there is illegal activity on a bus or an HDCP specification violation, the corresponding error message is fired.

For example, if KSV of HDCP receiver does not contain 20 0’s and 20 1’s then the following error is shown in Figure 5.

Figure 5: Assertion snapshot


Scoreboarding

  • Frame transmitted before encryption and received after decryption is compared to validate the synchronized encryption/decryption cipher values at source and sink.

Coverage

    Covers all the HDCP scenarios for getting verification closure.

Snapshot of some coverage points are shown in Figure 6 below.

Figure 6: HDCP Coverage


CONCLUSION

Content protection is required to keep the intellectual rights of audio-visual data safe. Although it is not a mandatory requirement, when data is critical, it becomes imperative to keep it protected from third parties. Verification of HDCP assures its accurate functionality, which guarantees the safety of data.

Display QVIPs provide a solution which solves the verification challenge when dealing with HDCP for HDMI and DisplayPort. It provides a consistent HDCP solution across all the versions/interfaces with APIs that are easy to use, along with fully informative debug messages, thus making the HDCP verification process fast and easy to debug. It also provides assertions to check the protocol violations, coverage and scoreboarding for full-fledged verification.

It reduces the time and effort required by providing an easier way to generate the stimuli and thus simplifying the complexity associated with the verification of HDCP protocols so that engineers can concentrate on higher value design aspects.

To learn more about QVIPs, you can visit several whitepapers on mentor.com, including:

  • Verifying Display Standards – A comprehensive UVM based Verification IP Solution
  • Verification IP Stimulus APIs – Are They Really Easy to Use?

REFERENCES

  1. High-Bandwidth Digital Content Protection System Revision 1.4, 8 July, 2009
  2. High-Bandwidth Digital Content Protection System, Mapping HDCP to HDMI, Revision 2.2, 13 February, 2013
  3. High-Bandwidth Digital Content Protection System Revision 1.3, 21 December, 2006 [4] High-Bandwidth Digital Content Protection System, Mapping HDCP to DisplayPort, Revision 2.2, 21 December, 2012

Back to Top

Table of Contents

Verification Horizons Articles:

  • Marking Milestones: In Life and in Technology

  • How Formal Techniques Can Keep Hackers from Driving You into a Ditch

  • Simplifying HDCP Verification Using Questa® VIP

  • No RTL Yet? No Problem. UVM Testing a SystemVerilog Fabric Model

  • Accelerating Networking Products to Market

  • The Advantage of Using Mentor Graphics for the Physical Verification of FPGAs in Accordance with an Aerospace DO254 Methodology Flow

  • Extending UVM Verification Models for the Analysis of Fault Injection Simulations

  • Saving Time and Improving Quality with a Specification to Realization Flow

  • Solve UVM Debug Problems with the UVM Vault

© Mentor, a Siemens Business, All rights reserved www.mentor.com

Footer Menu

  • Sitemap
  • Terms & Conditions
  • Verification Horizons Blog
  • LinkedIn Group
SiteLock