New Lock Aims To End Chip Piracy

Stony Stevenson writes "Pirated microchips based on stolen blueprints could soon be a thing of the past thanks to computer engineers at Rice University and the University of Michigan. The engineers have devised a way to head off this costly infringement by giving each chip its own unique lock and key. The patent holder would hold the keys, and the chip would securely communicate with the patent holder to unlock itself. The chip could operate only after being unlocked. The Ending Piracy of Integrated Circuits (Epic) technique relies on established cryptography methods, and introduces subtle changes into the chip design process without affecting performance or power consumption. With Epic protection enabled, each integrated circuit would be manufactured with a few extra switches that behave like a combination lock."

Physical DRM

[QMalcolm]

Great.

Re:Physical DRM

[Lumpy]

Problem is it wont fly. Chips are made to be as cheap as possible. Paying a licensing fee and then requiring the damn thing to be on the internet to be activated is not only stupid but completely unmarketable.

There is a reason that Grey market chips get made of popular chips. Because the manufacturers are price whores and get them made at the cheapest plant in China. how about not paying the executive staff obscene salaries for their useless butts and have the items made in a location that is reputable and trustworthy?

finally, I found a way around the china syndrome of copying. Send them a Test firmware so they can test the product but not operate it, then you simply re-flash with a jtag jig when the good boards arrive. The china operation never get's their hands on the firmware so they cant copy the product.

The whole article is nothing more than an advertisement for a useless technology that only a uneducated CEO or CTO would read about in a trade magazine and make the rash decision to implement it without talking to his engineering staff.

Re:Physical DRM

[C0vardeAn0nim0]

then they buy a unit at any wall-mart, take it back to china, read the production firmware using a jtag cable, and they're back in the business

Re:Physical DRM

[Dun+Malg]

If you could just get the firmware out of most chips, the Linux driver problem wouldn't exist the way it does. Really, it'snot that difficult to get at the firmware. The difference between the unpaid, unfunded Linux crowd and a Chinese chip fab is that the chip fab has dozens of paid specialists in that very field to work on it full time, plus millions of dollars worth of expensive lab equipment, plus a huge financial incentive to crack it.

Sure, great idea

[KublaiKhan]

Presuming that there's a constant internet connection, that the manufacturer's server is incapable of being cracked and maintains at least 5-9's uptime, and that anyone's stupid enough to buy a crippled chip with this on it.

Re:Sure, great idea

[poot_rootbeer]

The outsourced manufacturing company wouldn't have the ability to activate them, so couldn't sell extras to the black market.

However, since they have the blueprints to the chips, they can find the sections of the schematic that implement this activation system, create a slightly modified die where they're masked out to always return an "authorized" status, and sell THOSE pirate chips on the black market.

Re:Sure, great idea

[Chris+Burke]

It doesn't sound like this is a consumer-level activation, but a one-time, manufacturer-side process:

Yeah, though it's still pretty silly.

The outsourced manufacturing company wouldn't have the ability to activate them, so couldn't sell extras to the black market.

Since the whole problem is that the outsourced manufacturing company has the layout (blueprint), then they certainly would be able to activate the chip by removing the "lock" circuitry from the layout and manufacturing chips which require no activation! It may be a non-trivial task to reverse-engineer which parts of the chip are responsible, but if the money is there it is certainly possible and would be worth it.

In other words this lock would only exist on the legitimate parts, and wouldn't exist on the bootleg ones, and the bootleg chips would operate exactly like an "activated" legitimate part.

I think it's kind of ironic that the acronym EPIC was also the acronym used to describe the Itanium's IA-64 instruction set (Explicitly Parallel Instruction Computing). Though I doubt this one will even make it out of academia.

Re:Sure, great idea

[Some_Llama]

"In other words this lock would only exist on the legitimate parts, and wouldn't exist on the bootleg ones, and the bootleg chips would operate exactly like an "activated" legitimate part."

in other words, like every existing anti piracy mechanism to date.

Re:Sure, great idea

[Chris+Burke]

in other words, like every existing anti piracy mechanism to date.

Yes, but it's actually even worse. Because with normal DRM, you're trying to keep the guy who is watching the DVD from being able to copy the DVD.

But in this case, it's actually like you're trying to keep the guy who is making the DVD from being able to copy it. They don't even have to break your DRM or work around it, they just have to decide not to build it in.

Re:Sure, great idea

[insertwackynamehere]

Maybe the answer is to stop outsourcing.

Re:Sure, great idea

[DaveV1.0]

Wow. You didn't even bother to RTFA. That or you are a dumbass. To be honest, I think it is be both.

The chip is activated after manufacture but before shipping to the consumer. After it is activated, it never has to contact the patent holder again.

This is a technology to stop industrial espionage and has nothing to do with DRM or trusted computing.

Now, please, stop being a reactionary dumbass and STFU.

Re:Sure, great idea

[asuffield]

For which you need people capable of doing that, who have to be paid. That might not cost as much as developing a new circuit from scratch altogether, but it _might_ be enough to make the pirating just not worth it.

Unlikely. The need to employ actual mechanics has never been a problem for people running chop shops.

Removing a generic feature from a chip design just isn't that hard. If you make it hard to remove, it won't be generic any more, and it will significantly add to the cost of developing each chip (already huge) - so nobody is going to do that.

Re:Sure, great idea

[poetmatt]

I do understand what you're saying, but no, this is still on the patent owner. From the last sentence you said sums up the answer: The thing is, businesses are always going to opt for the cheapest option.

Whose fault is that? Why should anyone other than the business that makes that decision (aka patent owner) bear the brunt of that responsibility? Why should a manufacturer add a cost to their process and what incentive do they have to do so? Answer: none whatsoever.

It is the patent owner's responsibility to do whatever recourse is necessary to prevent the situation from happening. Doing things because they are cheaper doesn't mean you can just wipe away all the liability or responsibility. Just because for example, I manufacture using method A because its cheaper than method B doesn't take away any responsibility I have for choosing method A and the results thereafter. However, instead of accepting that responsibility I add a costly process to the manufacturer that is neither realistic nor even guaranteed to help a single drop in this scenario.

What are we, supposed to be sympathetic to a patent owner who made a bad business decision? Whose responsibility is that again, exactly? The market is not sympathetic, neither is the consumer market, neither is the manufacturer, and neither am I.

Re:Sure, great idea

[rtb61]

Reason the technology was given away was stupidity driven by greed. When you put a bunch of sociopaths in control of government and corporations it is all about how well their immediate lusts can be satisfied, their greed and desire for more money, power and self gratification.

They do not care about anything at all except themselves, even the families are nothing more than accoutrements and decorations, pets to fulfil their own egos.

Just the same in this case, the people who cam up with this technology absolutely do not care how the technology will be abused in future, as long as they perceive it will feed their immediate myopic greed.

They are going to get the cheapest contractors, who absolutely can not be trusted, to supply the chips at the lowest possible price. Those contractors of course do this by paying workers slave wages, cheating their own suppliers and having an absolutely disregard for how much they pollute the environment with their production processes. Of course these contractors also currently supplement their income by producing additional chips and distributing them via alternate more profitable channels.

Re:Sure, great idea

[Grishnakh]

When you put a bunch of sociopaths in control of government and corporations it is all about how well their immediate lusts can be satisfied, their greed and desire for more money, power and self gratification.

Unfortunately, the capitalistic and democratic system we live under is inherently set up to reward sociopathic behavior, so those are the people who rise to the top in it.

Not that this means capitalism and democracy should be abolished; Stalinist-style communism as practiced in North Korea, for instance, seems to reward absolute lunacy, and I guess I'd rather have sociopathic leaders than insane lunatic ones.

Re:Sure, great idea

[rtb61]

Not really. Wwhn you look at the 50s through to the 70s when people communicate the sociopaths are exposed for who they are. Without the cover of corrupt mass media, and bullshit PR, democracy can quite readily handle them.

However as demonstrated by the eighties and nineties as well as the early 2000s corrupt centralised mass media is used yo effectively camouflages the sociopaths and allow them to remain in positions and gain even higher positions where they can do extreme harm. The internet is starting to become the most effective tool in exposing them and bringing them down.

Stalin and Mao where sociopaths with complete autocratic control and the only place a socipath belongs is in an institution that can restrict their behaviour and prevent them from doing harm to others. Society simply needs to make the effort to detect them as early as possible, so that the cheneys, bushes and ballmers of the world are restricted to occupational therapy in controlled environments, weaving baskets, crocheting beanies or something similar.

Re:Sure, great idea

[Alsee]

Thanx for the link.

I don't know anything much about the physical side of chip masks and manufacturing, but I think I know enough reasonably review the crypto and chip programming logic of the plan.

They spend almost the entire paper describing the system and how secure it is against the "front door attack". It is standard public key crypto. If you don't know the designer's private key then the chip is never going to invite you in the front door, end of story. For all intents and purposes it is mathematically impossible to break through the front door. I fully agree with them on that.

Then oddly they spend quite a bit of time analyzing the "CK" key. The CK key is the same for all chips, and it lies right behind the front door. As they analyze it, yes I agree it is rather difficult to crack the CK if you're coming through the front door, BUT NONE OF THAT ANALYSIS MATTERS AT ALL. If you're coming through the front door it doesn't matter of whether can you figure out the CK or not because you can never feed the CK in through the absolutely impenetrable public key crypto front door. They could publish the "secret" CK key on the front page of the New York Times and it would not significantly alter the security of their plan.

Now as I said I don't know anything much about the physical side of chip masks and manufacturing, but that's the back door. *IF* you can copy the mask creating an intelligently altered new mask, or if you can read the chip itself and create an intelligently altered new mask, then obtaining the CK is trivial (you could "activate" the chip as normal and have it TELL you the CK), and you can trivially remove or subvert the public key front door. The changes you need to make are fairly trivial to figure out.

The paper spends almost zero time on this, other than to say it's enough hassle that piracy "may not pay off". I don't know much about the hardware side of doing it this way, but the back door sure seems wide open to me, and they themselves describing that attack route "may not pay off" does not sound particularly strong to my ears.

So, can anyone else here address this angle?
Assume that you are a major industrial chip manufacturing plant with full expert staff and all of the usual major industrial support equipment, assume you are handed a chip mask, and assume your chip design experts know what kinds of wiring they want to cut or short-out. Just how difficult and expensive would it be to scan either chip or mask to human-examinable form, incorporate small easy identified changes, and to create the second unlocked mask?

Because that is all that is relevant. The difficulty and cost of that back door route pretty well defines the entire strength of their plan.

P.S.
I love how on the page 3 diagram they represent the "Holder of Master Key and IP rights" as a gray bearded wizard in blue wizard cloak, complete with pointy hat. LOL.

-

Tag: DefectiveByDesign

[RobBebop]

Hardware that locks up when it can't call the mothership? And I though Microsoft Genuine Advantage was bad!

Not a good idea

[mlts]

In a number of countries that this chip is aimed for, what will happen is that some knockoff fab will disassemble the chip, figure out the masks, and just make and sell the same IC minus the locking circuitry.

This type of locking mechanism also brings up other points. Once the IC is "unlocked", is it unlocked for good, or just for a time period? Could some criminal organization figure out the method of re-locking it, then lock the machines who belong to the patent holder's customers? This would result in some decent havoc especially in embedded circuitry (HVAC systems, railroad switches.)

The article seems to be lacking substance as well.

The second

[BigJClark]

Perhaps its unlocked once and good to go. I don't think its the consumer that is guilty of pirated chips, but computer companies that purchase elicit copied chips cheaper than from the OEM. This shouldn't affect us that much, besides a perceived increase in quality.

Nothing to see here, move along.

This is dumb. I can crack it in two seconds.

[MikeDataLink]

If I am copying the chip, I'll just remove those stupid extra "locks" during the manufacturing process. Just remove them from my pirated copy before I make the chip. Seems like a dumb idea.

Same Non-Problem, Same *WRONG* Solution

[ewhac]

Although the article doesn't expressly say so, I'm guessing chip "activation" occurs at the factory long before it's put in a tube and shipped to an OEM. So end-users will (probably) never see this.

As I see it, this has two major problems with it. The first, of course, is that copy protection in any form is childish, stupid, and ultimately ineffective.

The second is a bit more down to earth -- this will become the bottleneck on the manufacturing line. Chips are manufactured in the millions, with hundreds of thousands falling off the line each day. These nimrods propose to authenticate every last one of them, using computationally non-trivial crypto, uniquely before they roll off the line.

Let's generously assume it takes one second to authenticate and activate a chip (not, that's not a ridiculously long time -- between crypto compute time and network latency to the Pacific Rim, this is entirely realistic). This means you can activate a maximum of 86400 chips per day. Maybe you can parallelize the process, and maybe you can't (depends on whether the people who wrote the authentication server were idiots or not). And if your OC-3 to the Internet gets a backhoe through it, "accidentally" or otherwise, all production in your facility stops dead. Wonderful idea.

This stunning idea also seems to assume only one patent holder will be interested in a given chip. The most cursory inspection of even a "simple" memory chip will reveal several patent holders, all of whom will doubtless insist on "activation" which, again, may or may not be parallelizeable.

Like all copy protection "solutions" presented throughout history, this is a really, really stupid idea. I can't think of any fab that would willingly sign on to this.

Schwab

So what prevents the IC "pirate" from stealing?

[Fallen+Kell]

I mean, these guys are good enough to steal the design and have the knowledge to manufacture the device. What prevents them from modifying the IC to remove the lock? I mean, they are the ones actually making it. I am sure they have someone smart enough to be able to find the "added" authentication portion in the design docs, since the design docs probably have it named exactly what it is (i.e. the Epic lock circuit)....

Re:When it detects that it's a pirate copy, it say

[andy_t_roo]

atleast until the people with the hundred million$ plans, and the billion $ chip plant spend a few hundred thousand on analyzing the plans to find the few transistors that do this and take them out, making pre-unlocked chips. - if a bunch of random hackers can do over current DRM, there's not much chance that this would last.

Re:Chip Piracy, Eh?

[Mr+44]

This is about whether or not some large US corporation gets their cut of the profits. Nothing more. It should be no surprise that they behave the same way as the mafia.


You misspelled "makes back their R&D investment".

Outsourcing is simply trade

[Colin+Smith]

You do it every day. Do you manufacture your own bread? Butter? Do you manufacture your own hardware components? No, because someone else can do it better and cheaper.