Slashdot Mirror
New Lock Aims To End Chip Piracy
Stony Stevenson writes "Pirated microchips based on stolen blueprints could soon be a thing of the past thanks to computer engineers at Rice University and the University of Michigan. The engineers have devised a way to head off this costly infringement by giving each chip its own unique lock and key. The patent holder would hold the keys, and the chip would securely communicate with the patent holder to unlock itself. The chip could operate only after being unlocked. The Ending Piracy of Integrated Circuits (Epic) technique relies on established cryptography methods, and introduces subtle changes into the chip design process without affecting performance or power consumption. With Epic protection enabled, each integrated circuit would be manufactured with a few extra switches that behave like a combination lock."
Great.
Presuming that there's a constant internet connection, that the manufacturer's server is incapable of being cracked and maintains at least 5-9's uptime, and that anyone's stupid enough to buy a crippled chip with this on it.
In Xanadu did Kubla Khan
A stately pleasure dome decree
Hardware that locks up when it can't call the mothership? And I though Microsoft Genuine Advantage was bad!
Support the 30 Hour Work Week!!!
Announcer:
"The countdown is at 10...9...8..."
*technician rushes in*
"Hold everything! We forgot to unlock the MMU processor!"
"...and ignition!"
You can't talk about Wikipedia's flaws on Wikipedia
Wow, I havn't heard of chip piracy in a long time. Maybe it is because, like other forms of piracy, it isn't a big problem. I have problems with piracy when it involves safety equipment, and large purchases from reputable dealers ... but most of the time, you get what you pay for, and you're not being deceived, you're willingly purchasing counterfeit 'stuff'.
Isn't it sad when people think of piracy in terms of music, when the REAL piracy problems (counterfeiting) are those which involve fake electrical/safety/baby equipment (or food)?
Forgive me for not RTFA as I am on my way out the door How does the chip contact the Patent Holder? Are we dealing with some form of activation system here? Is it going to end up being the same end result as Windows Activation which is the never ending race between the pirates and patent holder to get to keys? If a pirate manufacturer gets ahold of the serial generation scheme and is able to activate their chip before the real one does that mean the real user will not be able to?
In a number of countries that this chip is aimed for, what will happen is that some knockoff fab will disassemble the chip, figure out the masks, and just make and sell the same IC minus the locking circuitry.
This type of locking mechanism also brings up other points. Once the IC is "unlocked", is it unlocked for good, or just for a time period? Could some criminal organization figure out the method of re-locking it, then lock the machines who belong to the patent holder's customers? This would result in some decent havoc especially in embedded circuitry (HVAC systems, railroad switches.)
The article seems to be lacking substance as well.
...wouldn't it be pretty straightforward to replace the hardware circuit that does
...?
if(bignastyDRM(uniqueDRMkey)==TRUE){}
with
if(TRUE){}
Yes, I know circuits are usually either designed with a capture program or modeled in VRML/Verilog -- but the logic still holds. Find out what part of the circuit locks the functionality -- and replace it with a wire to Vcc.
(Unless, of course, they will require the chip to communicate with the mothership every time it has to blow its little digital nose etc...)
Paleotechnologist and connoisseur of pretty shiny things.
Giving new meaning to your CPU locking up.
But my pirated copy of Windows only works on my pirated CPU chip!
Okay, show of hands, who has a pirated processor? Anyone? Anyone? Buehler? Is this really a huge problem? Doesn't it cost more to produce a pirate CPU than the potential profits from selling it? Methinks the issue is overstated, either that or the chip industry should contact the RIAA & MPAA's media moguls about an advertising deal (which is the same thing, overstatement but loud).
Laughter is the Spackle of the Soul.
I guess they mean layout, since ASICs have their behavior defined in a hardware description language (HDL). I guess the design for the lower level layout could be protected this way, but that is not the only way IP is stolen. Maybe this would stop "3rd shift at the factory" type piracy, but you can't be sure from what's in the article.
It will not stop the snagging your high level design, which is where the actual proprietary IP is that your competitors want to steal.
If I read the original article correctly:
If someone gets the chip design and is copying it to be built in another fab, it'd be possible (difficult, but much less difficult than a complete chip redesign or re-engineering) to remove this part of the chip (and increase the profit margin, since A: no investment on research and B: more die per unit silicon.)
What this is going to affect is people who run a fab making legitimate parts, but also run the same parts from the same masks but keep them off the books and sell them independently of the company that owns the design -- OEM ripoffs.
Nostalgia's not what it used to be.
Why would they need to pirate the blueprints? Why not just go to the patent office, look up the patent, and implement a chip based off that? And would it be that hard to chop out the encryption part, or is the entire chip encrypted? I think the article got something mixed up.
Dark Helmet: "So the combination is one, two, three, four, five? That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!"
...
President Skroob: "1 2 3 4 5? That's amazing! I've got the same combination on my luggage!"
"They said I probly shouldn't fly with just one eye," "I am Bender. Please insert girder."
While it sounds promising, it still raises the little hairs on the back of my neck. Danger Will Robinson, danger!
Dream as if you'll live forever.
Live as if you'll die tomorrow.
~Anonymous~
Perhaps its unlocked once and good to go. I don't think its the consumer that is guilty of pirated chips, but computer companies that purchase elicit copied chips cheaper than from the OEM. This shouldn't affect us that much, besides a perceived increase in quality.
Nothing to see here, move along.
Hi, I Boris. Hear fix bear, yes?
I guess this means I'll have to buy genuine Ruffles and Doritos from now on!
--
How many mod points will this bad pun cost me?
Just exactly why would the end user want what is essentally hardware DRM? With "pirated" chips the customer had paid for the chip while when you "pirate" music you usally get it for free. With these "pirated" chips you think you actually have a legit product (and really, if it works and is cheap who cares) that is unlike "pirating" music where most people know that its not 100% legal.
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
I understand that the Galactic Empire ordered a batch of this technology in order to protect against stolen blueprints.
If fabless companies are so worried about overseas manufacturing, then why not use a fab that is inside the country your company resides in? That way, you can sue the living hell out of them when they do sell / steal your plans.
I would think that building the Chips in the US or Europe where the fabs are more reputable would be a better cost effective solution than sending it to an orient fab and watch it pump out pirate chips left and right, or relying on some sort of activation scheme that these pirate hardware companies would most likely reverse engineer out of them anyway.
In Soviet Russia, Trojan exploits YOU!
If I am copying the chip, I'll just remove those stupid extra "locks" during the manufacturing process. Just remove them from my pirated copy before I make the chip. Seems like a dumb idea.
Mike @ The Geek Pub. Let's Make Stuff!
...will be cost. A 'few extra circuits' may not sound like much, but with chip manufacturers engaged in a protracted price war, every cent counts - especially when multiplied by the chip numbers we are talking here.
The Mothership
EPIC FAIL!
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Wrong crypto key?
EPIC FAIL.
As I see it, this has two major problems with it. The first, of course, is that copy protection in any form is childish, stupid, and ultimately ineffective.
The second is a bit more down to earth -- this will become the bottleneck on the manufacturing line. Chips are manufactured in the millions, with hundreds of thousands falling off the line each day. These nimrods propose to authenticate every last one of them, using computationally non-trivial crypto, uniquely before they roll off the line.
Let's generously assume it takes one second to authenticate and activate a chip (not, that's not a ridiculously long time -- between crypto compute time and network latency to the Pacific Rim, this is entirely realistic). This means you can activate a maximum of 86400 chips per day. Maybe you can parallelize the process, and maybe you can't (depends on whether the people who wrote the authentication server were idiots or not). And if your OC-3 to the Internet gets a backhoe through it, "accidentally" or otherwise, all production in your facility stops dead. Wonderful idea.
This stunning idea also seems to assume only one patent holder will be interested in a given chip. The most cursory inspection of even a "simple" memory chip will reveal several patent holders, all of whom will doubtless insist on "activation" which, again, may or may not be parallelizeable.
Like all copy protection "solutions" presented throughout history, this is a really, really stupid idea. I can't think of any fab that would willingly sign on to this.
Schwab
Editor, A1-AAA AmeriCaptions
There was a time when half the USB flash media readers on the market were based on the same pirated designs -- at least according to hardware folks I used to work with who'd be in a better position to know than I am (or, most likely, you are). I'm fairly sure this is a bigger problem than many people realize.
the two things that come to mind first are that it could be abused by large nameless (software, music, or movie,,,) companies that want to add "features' based on this technology.
and second that the authors of various types of malware will find a way to exploit this and use it.
anything that can be turned on can be turned off.
one day your IT department gets an email saying that they will kill all your computers if you don't pay X dollars.
-Tries to tackle industrial piracy through technology - Check
-Strong financial incentive to break the scheme exists - Check
-Can be broken or crippled in a number of ways - Check
-Attempts to address a problem involving dozens of manufacturers, hundreds of factories, producing billions of microchips which get integrated into everything from toasters to cellphones, planes, and oil rigs - Check
-Scheme conveniently relies on the Internet for authentication- Check
-And, last but not least: features cheesy acronym forming a heroic-sounding name - Check
Okay, I think it is safe to assume this will lead nowhere. Or nowhere good at least.
Seriously, I can't wait to see what happens until someone DDoSes an authentication server and about half a billion different devices, from fridges to routers, all suddenly stop working because they all use the same chip, (say, the one that handles temperature control).
Hello! I'm a disaster waiting to happen!
The only way to prevent cracking is if the processor's computation takes place at company's "server". As long as the actual processing is done on the client side, the server isn't even needed. The cracker only needs one legitimate chip with one legitimate key, to witness the proper functioning of the chip. Then the chip's basic functionality can be recreated in a new design, without any encryption or server. This is basic stuff... The real story is how engineers at Rice University and the University of Michigan got such a story into the news.
The research paper describing EPIC http://www.eecs.umich.edu/~imarkov/pubs/conf/date08-epic.pdf will be presented next week in Munich http://date-conference.com/
I know this is /. but I took the time to find the actual paper, they cover the typical attacks on the security mechanism quite thoroughly. Apparently its very difficult to scan a mask, especially at the small scales the industry deals in today - they suggest it would be cheaper to simply design the chip yourself.
(Off-topic: the anti-spam mechanism atm gives an interesting result for my email address..."'poo' in gap" oO)
I think the [MS Word] paperclip is a great idea. - Miguel de Icaza
Now we need something to keep people from double-dipping. Then our chip problems will be a thing of the past.
So this would thwart reverse engineering, but not thwart piracy. Pirates are quite advanced. They were capable of slicing the chips thinly enough to examine them layer-by-layers years ago. Of course, once reverse engineering is thwarted, the piracy will become more profitable and proliferate. Well, good luck with that patent, guys.
Any guest worker system is indistinguishable from indentured servitude.
Watch me Epic Mount this chip into the motherboard.
Thar be good!
http://www.travelingmunchies.com/2007/09/multimedia-message.html
Homonyms are fun!
You're driving your car, but they're riding their bikes there.
How many people in the world know how to pirate a microchip? Like, ten? And I'd bet they're busy doing their friggin jobs, so they don't have the time to deal with this nonsense.
Dude, you want to see piracy? The Dread Pirate Roberts takes NO survivors! He'd kill ten people to make five cents. Now that's piracy! Not some pimply faced geek with inch-thick glasses downloading the latest MP3 off the computer.
I don't get it. I would assume anybody with the sophistication to actually manufacture such a chip would be able to just remove the locking mechanism from the design, no? Or is it so fundamentally integrated into the design that you'd have to totally redesign the chip to make it work after being removed? The article seems really light on details, but I just don't see how this would work. Then again, it's certainly not an area I have any expertise in.
A picture of the V For Vendetta Mask (Guy Fawkes) appears as well.
This "problem" of stopping copying and sharing, is it even solvable? That a technical "solution" is even being tried shows little faith in the law. If intellectual property law actually worked, and if owners weren't constantly trying for even more "rights" than the law grants, they wouldn't need this hardware DRM, they wouldn't waste time and resources on it, and they wouldn't even think of trying it anymore than an ordinary person would think of trying to get a restaurant to pay him to eat a meal. That both legal and technical solutions are hopelessly flawed and yet they try them anyway shows they're not too smart. About the only thing that does work, for a while, are appeals to morality. All that DRM does in that case is serve as a guide. And that's pretty wobbly. When no one any longer sees anything wrong with copying (and that day may yet come, and sooner thanks to the alienating tactics owners have employed) what will they do? You'd think that the failure of every single technique ever tried to stop copying would lead to a reexamination of some basic assumptions about the means we use to promote the arts and sciences. But no, we still have people trying to create DRM that works.
Watching yet another attempt at DRM is like watching the launching of yet another voyage to find the edge of the world. 520 years from now, DRM is going to look about as sensible as proofs that the world is flat look to us today.
Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
WTF?
Someone actually modded this comment insightful? I hope that was a joke.
I mean, these guys are good enough to steal the design and have the knowledge to manufacture the device. What prevents them from modifying the IC to remove the lock? I mean, they are the ones actually making it. I am sure they have someone smart enough to be able to find the "added" authentication portion in the design docs, since the design docs probably have it named exactly what it is (i.e. the Epic lock circuit)....
We were all warned a long time ago that MS products sucked, remember the Magic 8 Ball said, "Outlook not so good"
Trying to lock things up? And have ever worked? No! Because is not the way!! When they will learn?...
ghostbar page.
If it's a Backronym, it's crap.
Seriously, though, the AMD/Intel wars are long over. Is "chip piracy" really an issue?
"Times have not become more violent. They have just become more televised."
-Marilyn Manson
If you're smart enough to do that in "two seconds" why the hell aren't you making billions of dollars with your own chip designs?
This sounds like it's something to keep Random East Asian Fab from running off a few million extra licensed chips and selling them on the grey market... not something to lock out the end user if he doesn't pay the annual fee. The upside is that you'll never even know when you're buying something protected by EPIC. The downside is that you'll never know until EPIC FAILs. And maybe not even then.
What happens when the thing locks back up?
I hope the next generation fighter jet and Boeing 777 make sure these parts don't make it in there.
"Flight 82, this is the tower. Please state your intentions for disregarding orders to circle until you are cleared to land"
"Tower this is flight 82. Throttle controls are unresponsive - I keep getting a 500 error."
Self Defense - A Human Right www.a-human-right.com
Anyone else immediately think of Flylogic when they saw this?
They etch away the plastic surrounding the die on an IC to expose the die itself, and can then read back the contents of the rom manually. "You can literally take these two pictures above and create a schematic from them if you understand NMOS circuits."
(their blog)
...How does whats described in the article affect those with the power to create a schematic from an inert chip?
Most of you who know something about semiconductors understand that customization of semiconductors happens after the manufacturing process, usually by insertion using big IC testers, laser trimming, customized package bond-outs, and so on. If the control of a central authority (i.e. root certificate) is necessary, as opposed to control from the semiconductor (which affords no protection), then a digital certificate still needs to be injected with a root certificate residing at a properly protected certificate authority with standard protections like FIPS-certified hardware security modules. Simply creating a unique ID by which one would somehow use a public/private key scheme would still be subject to a man-in-the-middle attack.
Now, the problem is that you need to get that certificate into the chip securely. If you do it at the initial tester level (i.e. wafer sort), then you have a gaping hole because someone can analyze the communication into the chip using digital oscilloscope data capture off of the load board or probe card and create their own root certificate. One still needs to mount a man-in-the-middle attack to accomplish this, but it is definitely possible to attack the system. Combine this with the mask duplication that already occurs in IC theft or the "extra shift" problem where the chips are overproduced, and this scheme can be entirely bypassed. If one embeds a temporary or permanent certificate in ROM, then the masks can easily be reverse-engineered to determine the secrets. This could take more time, but is ultimately insecure.
The only way one could really prevent this problem is if you could physically prevent someone in the test house from getting physical access to the tester. Something along the lines of FIPS 140 Level 3 would be necessary to prevent the type of intrusion on the data insertion from the tester, and this would be prohibitively expensive and logistically nightmarish. Most of these FIPS 140 Level 3 systems are usually hermetically sealed one-way and not meant to constantly cycle physical items through like wafer boats or chip trays. In short, it's not really a feasible scheme.
Threat models aside, the ultimate goal of security is not to make it impenetrable but to make it economically infeasible. Unfortunately, with the very high volume devices that this type of scheme might be intended on protecting and the economics of piracy, it's unlikely that determined thieves with big bank accounts to bribe folks in low-cost countries will be able to ultimately resist the temptation.
Hundreds of thousands personal (and not so personal) computers locked themselves today after rogue group of Mongolian hackers stole keychain from, as evidence shows, not so secure vaults at "EPIC Security Ltd.". EPIC security guards went high alert, but they failed to act in time before Mongols (riding bareback and yelling) departed.
EPIC Security Ltd. issued security update and instructions for unlocking targeted computers. Users just have to bring their computers (or if it's easier for them only their CPU's - very small chips with very many pins underside)to EPIC Security Ltd.'s premises or nearest servicing outlet.
List of outlet's is sent directly by email to every user targeted.
http://opencm3.net, http://www.nongnu.org/gm2/
Unless the fab has unused capacity / lines to produce these chips based on other dies/masks separately, they're going to have to swap dies / masks out when they want to produce their 'pirate' copies. This swap-out takes time. Calibration takes time. It also increases the likelihood of errors; not just in the 'pirate' copies but also in the originals when they switch back. A fab is going to explain this odd higher failure rate to their customer, how?
At best somebody within the company could take the design and contract manufacture of it out to a smaller fab or sister fab that isn't booked by the same customer, and have them manufacture it during the same time the originals are produced. That'd be less noticeable, but it would also be more expensive - as the customer isn't footing part of the bill for that shadow fab.
Hurries and puts bleeding child in car. Turns key...
"I'm sorry sir, your patent offenders registry status prevents you from starting this car."
But car, I need to get to the emerg... "I'm sorry sir, your patent offenders registry status prevents you from starting this car."
Oh fuck it!
Dials phone
"I'm sorry sir, your patent offenders registry status prevents you from dialing this phone. Please seek the assistance of a non-offender in...
Look where all this talking got us, baby.
I read the paper (thanks for the link.) I wouldn't say they cover this thoroughly. In fact, I'd argue that they handwaved this, even though it is the most likely and most important attack vector.
They argue that modifying masks is a problem, which may be true. However, there are several stages of design data before the masks, and I would expect that a corporate-level pirate could have access to something early enough in the process that it could be modified by someone skilled in the art. Design data is probably transfered to the FAB as a flattened layout, with no circuit/design hierarchy. However, it should be possible for someone who knows the chip interfaces related to this unlocking mechanism to work backwards from them and find where to tie things off to make the chip work. The labor cost would probably be pretty low compared to the cost of prepping a second mask to manufacture the modified chips.
If and only if this is your thing -- Seems more bother to back-engineer a chip than to do it clean. But buy chip, make masks, layer by layer, fab a run of chips, activate all as one.... Sound familiar? "Stolen blueprints" (actually film) doesn't sound all that likely. Besides it would be exceedingly easy to be caught doing that. Getting the API for an ASIC seems as criminal as it gets, but I'm no expert on China.
If a manufacturer refuses to reveal a digital chip, getting the API from the commercial driver reverse-engineering is another more sensible approach. Analogue fakes can be revealed by testing. A fake is highly unlikely to be as good as the real thing. (Think cola.)
Finally, if someone actually got the real "blueprints", the nature of the crypto could be determined by experts in that field. Someone said: "DRM", this might actually beat it out for lameness.
atleast until the people with the hundred million$ plans, and the billion $ chip plant spend a few hundred thousand on analyzing the plans to find the few transistors that do this and take them out, making pre-unlocked chips. - if a bunch of random hackers can do over current DRM, there's not much chance that this would last.
*Add* something instead. Add in a fusible link that would disable the protection scheme.
It would have to be subtle enough to pass inspection by the original mask creators.
Instead of creating a bogus, complicated and expensive DRM scheme, just introduce a watermark onto the mask. Use the watermark to identify which manufacturer is selling the extra chips.
The counter of course is the good ole compare blueprints trick. However then we're back to what you mentioned before, the calibration expense issue.
They ARE out to get you simply because They are in it for themselves and they don't care about you.
Unless that lock is stored in some sort of (electric charges) basically flash memory on chip, there is nothing to stop someone from copying that chip with it's combination lock and all.
How would a manufactured be able to know the difference between a real chip vs. a knockoff. If (physical)electrically digital circuits both are identical including the locking mechanism. So there shouldn't be any protection.
I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso
TFA states that this is targeted toward chips made from stolen plans. If the differences are so easily layered onto existing chip designs, surely someone sophisticated enough to have a chip manufacturing plant tossing off copies would be able to just NOT include those switches or have them there but to no effect. yes?
The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
Chip "piracy" is the direct result of greedy companies outsourcing the family jewels to low wage countries.
If the chips didn't have such a high resale value and profit margin, there would be little incentive to pirate them in the first place. Adding DRM at the hardware level only serves to increase manufacturing costs by some fractional amount, it doesn't do anything to address the filthy lucre that attracts pirate manufacturing in the first place. Same reason as people sell dope despite the (government-created) risks : there's a ton of money to be made, selling a product with huge margins and constant demand. It's a no-brainer, from a business perspective.
When the profit of a single item exceeds your weekly income tenfold, how can you fault these people for taking advantage of the situation ? I'd do it in a heartbeat if I were in their shoes!
If we truly want a global marketplace, we're going to need a level playing field... none of this modernized slave labor bullshit. Technological security measures are no match for human desperation.
-Billco, Fnarg.com
Testing for CPU chips is already quite time consuming and authentication wouldn't add much to it. If this is for lower level crap like USB-flash interface chips then not so much.
Brackets contain world's first nanosig, highly magnified:[.]
Indeed, a large number of high value chips are commonly forged and sold in places like China and the Philippines where it is not economically feasible to enforce the law, even if the local law were favorable to the original owner. One might argue that much of the lost business would never have been paying customers (as is overwhelmingly true for stolen software), but companies such as CISCO have clearly lost billions of real sales in these countries.
There are well known technologies, such as SEM that can see the actual voltages at nodes inside an operating chip. The implementation would have to be quite tricky to block all known methods to read-out the "combination lock" of single a authorized chip. At one time we had to reverse engineer the "security" algorithm of one of the FPGA companies, for a valid internal business purpose. It took us only a few days to break their code and build hardware to not only replicate, but also add our own proprietary, automated chip serialization algorithm. The company was very unhappy with with us, but the whole idea that they had "secure" chips was joke.
I think a better system would be to implement a much more robust external key+challenge system like on the very best smart cards and security dongles, then buy and install a tiny key chip in final equipment, where the entire key is made by company whose only product was security.
I knew a guy who made these decades ago inside of "blue boxes" (don't ask). The electronics were potted along with a capsule of acid. Mechanical attempts to get to the ICs were just about guaranteed to dissolve everything. Even so, I think it would take today's hackers about a week to figure out a way around that system.
But just because chip counterfeiting is a constant game of spy v. spy doesn't mean that one side has to give up.
I will create a sig when innovation restarts in the U.S.
There's a few things about this. 1) This isn't about end user DRM. Its about patent holders on chip designs being able to protect their property from less then scrupulous manufacturers. 2) The end user, in theory, will NEVER see this. 3) If its an inconvenience to manufacturers, this'll have to be something they'll have to discuss to the patent holder. 4) Stop putting on the "omg its stealth user DRM" hats, not worth it.
I looked at the pics in the article, and I saw that they were giving us a four-letter subliminal message.
This proposal just doesn't make any sense.
"Each would also have the ability to produce its own at least 64-bit random identification number that could not be changed." Unless quantum computing has made some jumps I'm unaware of, no it can't. Since we're assuming malfeasance from the start of the manufacturing of the chip, I can see no possible way for this to be true. The factory can adjust the process. They will control the vertical, the horizontal, and the clock. A single activation for this 'lock' will apply to each key. The means by which this ID is stored is also not clear. If its burned into by the chip itself on generation/activation, the same code can be burned into the chip by the process by which the chip is manufactured. If its encrypted and stored, it is subject to the same man-in-the-middle problems as any DRM type encryption. Assuming these are "inside jobs", the chip manufacturer would even have tens or even hundreds of thousands of examples of this lock-key pairing on which to base a crack.
Also, the idea that this additional gates won't change performance or energy usage is wrong on its face. The change may not be significant, but it exists.
Finally, if the blueprint can be "stolen" (although its probably not stolen but improperly used by overseas manufacturers in most cases), why can't the encryption algorithm? Even if this technique would work, a single employee willing to sell the secret for 6 or even 7 figures, a single back door in the system, or any of a dozen other ways could make the entire process useless.
Remember, this isn't to get someone a free DVD or even to sell one title on the street. V(Pirated Ipod) > V(Pirated Hannah Montana song)
I read a lot of people stating in this forum "it's bad" and "it's a problem" when referring to the fact that people in other parts of the world illegally obtain a set of information and sell a product based on that information.
I ask, "bad for whom?"
Let's back up. The whole fiction of intellectual property exists for a very good reason. Within a society, there needs to be a way to reimburse creative works when the result of those works is primarily intellectual in nature: artistic expressions, brands, and inventions. So, as a society, have this socially understood and agreed-upon deal, that looks different for copyright, trademarks and patents but at the core the deal is the same: exclusivity to profit for some time in return for the intellectual result.
The problem I see with the "it's bad" assertions in this case that as a whole globe, there is no shared society, and there is no socially understood deal about fictitious property, globally. Maybe humans will get there someday - and have some shared agreement of global humanity with common norms and behaviors and laws. WIPO aside, and efforts to get there notwithstanding, . . . personally, I think that in that kind of world it means there is only one right way to live, and I think that will be bad for humans. I think having different places, different countries, (maybe someday different planets) where the rules and norms and languages are entirely separate and distinct - is a very good thing. Such diversity makes us more robust as a species. Tough noogies if that makes mega-corporate globalized business more challenging.
To answer my rhetorical question above, the balance of what intellectual property is today so far swayed toward the interests of large corporate organizations, the answer seems pretty clear to me - this kind of theft is bad for very large corporations - basically the only entities who would realistically be hurt by lack of sales from patent infringement in distant regions of the world. For everyone else, 'it's just business.'
I hope there's people who still reads yesterday news. The question is:
How much behind the highest chip technology is the best product a geek can do at home by connecting standard components?
i.e.: Is there a large amount of people capable of "building" a 486 processor with neutral components? If they finally find a way of making physical DRM work, how much slower would be the the "Open Electronics" alternative?
The original paper has a comment that upon activation the keys will be automatically burnt permanently into the chip in an Electronic Fuse Unit to avoid multiple activations.
However there is another problem with this. The whole scheme relies heavily on a good supply of randomness. But obviously one can not rely on the actual fabricator to supply this randomness since they are they adversary in this setting. Thus the only solution seems to be to supply each and every chip with it's own true random number generator. (Again a PRNG is not good enough for this application since even these need to get a truly random seed from somewhere.) I see two problems with this assumption. First adding a TRNG to each and every chip will increase there costs directly proportional to it's relative security. A second more significant problem is that this provides a much easier avenue of attack then removing the entire security mechanism from the blueprint. Namely all that is requires is to "break" the TRNG. For example it could be shorted to always produce the same sequence. I am sure that this would be significantly easier then removing the entire EPIC circuitry.
There are also problems with how the cryptographic tools are used. The paper states that the common key (CK) which unlocks _all_ chips for a given blueprint _regardless of their randomness_ is the be signed by the IP holder and then encrypted with the public key of each chip instance. But then nothing stops a rouge manufacturer from generating their own key pair, sending the public key to the IP holder, and decrypting the response with the private key. This would give the the CK signed under the IP holders public key which they could use to activate any new chip from that blueprint!!
Luckily this bug has an easy fix. Reverse the order of signature and encryption. That is the IP holder should sign the cipher text not the plain text.
..that like any good lock or alarm system, the best it will do is stop the casual pirate/thief, and slow down a talented and persistant one. I've heard tell of chip pirates that will actually carefully remove the outer casing on an IC they want to copy, and analyze the actual silicon to get their copy. No reason why they couldn't do that, then engineer their way around the locking mechanism.
... only Vista and Mac OS X and later can unlock this crap? This is a petty excuse for fscking customers... again!
The FSF needs to alter it's plans for Defective By Design and broadcast a commercial on television, or something like that. They have a shitload of money, so let the mainstream know about this. Whatever they do, they need big publicity for this issue. Our daily lives ride on hard- and software, our very infrastructure is built on it, so FLOSS gets more important every day. This is not just me being a open source fanboy, this is realy important.
Here be signatures
You do it every day. Do you manufacture your own bread? Butter? Do you manufacture your own hardware components? No, because someone else can do it better and cheaper.
Deleted
For goodness sake. We've seen the 'your equipment has a cryptographic lock' scheme in every DRM solution, and we've seen them all fail for the simple reason that the provider must hand you the key. Why is this naive re-hash of history interesting?
puts ("Python r0cks\n");
See.... I was right all along... Intelligent Design is the most believable theory, we just don't, ummm, have the key to the DNA. God doesn't seem to be answering calls... but his receptionist has the most lovely voice.
Intul Inside! Powered by AMB!
Hell, I'm willing to pay twice the price to buy Intul Inside! Powered by AMB! Featuring an Untrusted Computing Platform Module!
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
In all seriousness, how would you tell?
I am trolling
Nice fantasy. You should spin it up into a SF short story.
Something like this is part of the mythos of Tales of the Afternow. In the storyline, because so much of the world is covered by draconian copyright laws and DRM, attempting to dodge the restrictions is a punishable, sometimes capital offense (as is creating unlicensed works).
Proteus' Child
Doko ni datte; hito wa, tsunagette iru.
So in other words, we would then be able to buy better pirated chips that lack the locking "feature"? Sign me up!
My company got burned by it a few years ago. We had an 8 channel DAC (the MAX5308) in our design which didn't have a drop in replacement from another vendor. We needed some parts, and the lead times from Maxim were too long, so we contacted some distributors and found someone who had these parts.
We had a bunch of boards built, and we started getting a high failure rate, which we traced back to the DAC. A closer inspection of the part revealed it had a date code that was before the actual release date of the chip! We contacted Maxim and stopped payment on the parts. Maxim took some parts for evidence (and I believe sent us a few samples to tide us over).
We were building $14000 units that were being deployed in military communications systems.
It turns out the counterfeits were coming from Asia. The distributor in question probably knew that the chips were counterfeit and looked the other way.
Semiconductor companies put a lot of effort in making sure there products are reliable. (If a PC board has 100 parts, what failure rate is acceptable in your chips before you start to have very bad yield issues? What if it's 1000 parts?). We, as a society, have come to count on things being reliable, and real danger can result when their not. It's not as bad as counterfeit pharmaceuticals, but it's not so far off either.
I don't know if this scheme will work or not. But it's a real problem, with real consequences.
It's not wasting time, I'm educating myself.
If I understand this correctly, it relies on physical differences being built into each physical example of the same chip design.
So, if I'm the manufacturer of these chips, presumably I'm going to have to know how to design each physical example, which means I will know what the differences between them are, which means that I will know which parts of the design make up the "lock", which means I will be able to omit that lock from the design if I choose.
What am I missing?
Or, we could use Actel parts:
http://www.actel.com/products/solutions/security/default.aspx
transparent to me the end user, can't be used for underhanded DRM, etc. I'm also buying off on the
idea that with a unique key combination for the chip/board combo etc. kept by the manufacturer would
be a great way to block a "pirate" chip from being used, etc.
But I don't see any way to secure an "EPIC" chip after the fact unless the "unlock" is burned into PROM
circuitry, and I don't know if there is any way for a patent holder to use a 'Net connection in a
manufacturing facility quickly enough to be useful and still secure enough to prevent an unscrupulous
set if engineers from reverse engineering how the combinations work and duplicating it offline.
Thoughts?
...Open Source isn't the only answer -- but it's almost always a better value than the alternatives...
Outsource everything overseas and golly gee, just look at the unintended consequences. If you kept things over here in the States, you'd have greater control of the process and not have to worry about knock-offs. Suck it up and reap the whirlwind, motherfuckers.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
I remember a huge uproar when Intel had a unique chip ID retrievable by software. This was intended to assist internet advertising and decrease chip piracy. Privacy advocates said this would cause computer tracking and Big Brother. (Since then hardware ethnet numbers turned out to be almost the same thing.)
I'm not a Luddite because I love technology (I have an '03 Master's in IT from Harvard) and I'm making a living in the IT industry. But for what it is worth, I have never owned any of the devices you mention (gaming devices, music players, cell phones).
You miss the huge difference between this and DRM. DRM requires the unlocking to be done in the presence of and under the control of the attacker. This does not.
The reason DRM will never be fundamentally secure is because you are trying to lock out and let in the exact same group of people. With this, that is not the case.
The point of this mechanism is to make it as difficult as possible to "find the few transistors that do this" and further to make the chip inoperative if you "take them out". The result will not be "pre-unlocked chips" but useless chips.
This idea seems quite ingenious.
Based on people's comments, there is a lot of confusion about how this locking works. It's not a DRM scheme, once activated, the chip is permanently activated because the unlocking codes are burnt into the chip.
The locks are intended to keep manufacturers from producing extra chips during off hours and selling them on the black market. The designers will know and control how many chips are unlocked per day, which they will be able to confirm when the chips are shipped.
Someone correct me if I'm wrong, but it appears to me that the locking works by introducing noise into the chip using xor gates distributed throughout the chip.
To activate the chip, the fab must send the chip's code to the designers, they then generate the unlocking code, which is easy for the designer to generate because they know how the chip locking works. The unlocking code is then burnt into the chip, which fixes the dispersed xor gates to the correct values.
The fab can't easily reverse engineer this chip design because they are not given the original schematics, they're only given the masks which are used to directly make the chips (which I'm assuming are supplied by the designer).
Of course, this can be broken, but hopefully it will make chip piracy less cost effective, which will ensure that the genuine articles are able to compete.
raises hand
I downloaded it on BitTorrent -- genuine UltraSPRC