New Lock Aims To End Chip Piracy

Stony Stevenson writes "Pirated microchips based on stolen blueprints could soon be a thing of the past thanks to computer engineers at Rice University and the University of Michigan. The engineers have devised a way to head off this costly infringement by giving each chip its own unique lock and key. The patent holder would hold the keys, and the chip would securely communicate with the patent holder to unlock itself. The chip could operate only after being unlocked. The Ending Piracy of Integrated Circuits (Epic) technique relies on established cryptography methods, and introduces subtle changes into the chip design process without affecting performance or power consumption. With Epic protection enabled, each integrated circuit would be manufactured with a few extra switches that behave like a combination lock."

Physical DRM

[QMalcolm]

Great.

Re:Physical DRM

[burni]

Yep, "great"!

.. soon to be cracked, by a great army of brilliant chinese/taiwanese/etc.. engineers,
specialized in getting to know how everything works.

Just to remember, how long did it took to crack HD-DVD encryption ?
Not long enough to survive it's own extinction.

We all know the story's ending, it just happens too often.

Re:Physical DRM

[Lumpy]

Problem is it wont fly. Chips are made to be as cheap as possible. Paying a licensing fee and then requiring the damn thing to be on the internet to be activated is not only stupid but completely unmarketable.

There is a reason that Grey market chips get made of popular chips. Because the manufacturers are price whores and get them made at the cheapest plant in China. how about not paying the executive staff obscene salaries for their useless butts and have the items made in a location that is reputable and trustworthy?

finally, I found a way around the china syndrome of copying. Send them a Test firmware so they can test the product but not operate it, then you simply re-flash with a jtag jig when the good boards arrive. The china operation never get's their hands on the firmware so they cant copy the product.

The whole article is nothing more than an advertisement for a useless technology that only a uneducated CEO or CTO would read about in a trade magazine and make the rash decision to implement it without talking to his engineering staff.

Re:Physical DRM

[C0vardeAn0nim0]

then they buy a unit at any wall-mart, take it back to china, read the production firmware using a jtag cable, and they're back in the business

Re:Physical DRM

[phcrack]

It's been a while since I worked with JTAG, but IIRC you can set a flag on most implementations that disables reading the firmware out. All you can do is install new firmware or delete what's in there at that moment. If you could just get the firmware out of most chips, the Linux driver problem wouldn't exist the way it does.

Re:Physical DRM

[Dun+Malg]

If you could just get the firmware out of most chips, the Linux driver problem wouldn't exist the way it does. Really, it'snot that difficult to get at the firmware. The difference between the unpaid, unfunded Linux crowd and a Chinese chip fab is that the chip fab has dozens of paid specialists in that very field to work on it full time, plus millions of dollars worth of expensive lab equipment, plus a huge financial incentive to crack it.

Re:Physical DRM

[el+americano]

Right, executives aren't over paid. Stockholders are never surprised and outraged by the amount of money these same people walk away with after they're fired. I'm sure they also don't force mergers and other transactions that are in their own self-interest, but against the company's interest. There's no in-crowd who support and encourage these pay structures in the hope of cashing in themselves one day. But most of all, I know for a fact that the majority of these people are not overpaid for the value they add to their companies.

In any case, if I'm not a CEO myself, I clearly have no room to talk.

Re:Physical DRM

[Chapter80]

The issue talked about here is copying of blueprints, not theft.

Perhaps you didn't see the 5th word in the summary: "Pirated microchips based on stolen blueprints..."

Actually, since gang violence only becomes a problem in certain social conditions and since in our current social model money equals power, this is exactly so.

Oh dear God, it's frightening that any sane person believes this. I suppose you would advocate locking up the rich victim of any gang violence. Or why just victims - why not all people over a certain level of wealth - let's lock them up? There was a gang shooting downtown; better arrest the mayor.

Gotta love the real free market, free from copyrights and patents, with prices nearing the marginal cost of production asymptotically, and sometimes even reaching it; but for some reason, the so-called pro-free market people tend to start crying "regulate ! Copyrights ! Patents !" at that point :(.

As much as people on Slashdot tend to want patent reform, I only see an occasional few advocate total removal of patents and copyrights. Has there ever been a "controlled experiment" (as much as that is possible) comparing a "totally free market" to one with the "rule of law" including patents and copyrights, such that we can compare the rates of innovation in this society? I know of none - the closest I can think of is Open Source Software. The rate of innovation in Open Source software vs. Proprietary software hasn't been very impressive in my opinion. (I'd like to see a study, but my gut feel is that proprietary software beats open source software 1000 to 1, in quantity and 'contribution to society', however that would be measured.)

Re:Physical DRM

[Lumpy]

it dont work that way. most chips that are programmable can be designed to not allow a reverse load. Hell all PIC chips allow me to lock them. Then you need to grind the surface off and try and read what the flash portion is set to with an electron microscope.

It aint that easy, most current production chips have protection for this built in.

Sure, great idea

[KublaiKhan]

Presuming that there's a constant internet connection, that the manufacturer's server is incapable of being cracked and maintains at least 5-9's uptime, and that anyone's stupid enough to buy a crippled chip with this on it.

Re:Sure, great idea

[bkaul01]

It doesn't sound like this is a consumer-level activation, but a one-time, manufacturer-side process:

To activate a chip, the manufacturer would plug it in and let it contact the patent owner over an ordinary phone line or internet connection. It's intended to protect against overseas subcontractors who have access to the blueprints making extras and then going and selling them on the black market, behind the patent-holder's back. So, the overseas company would make it, ship it back to the company who owns the rights to it, where it would be activated before being distributed. The outsourced manufacturing company wouldn't have the ability to activate them, so couldn't sell extras to the black market.

Re:Sure, great idea

[poetmatt]

That's how it starts, but that's not how it would end. Think of how much the government or any power abusing company seeking more of that would be on this like FOS. Especially if it becomes commonly manufactured. Not that this is 100%, but I wouldn't see a situation like this technology being force trickled on consumers to be completely unlikely either.

We've had it before, I believe it was called trusted computing. Boy do people love how that has turned out, if I recall correctly.

I understand that a processor blueprint is not something that people want compromised. Throwing a technical attempt to solve the problem rather than dealing with human error is just putting the blame in the wrong places and throwing stuff at the wall hoping things will stick.

Re:Sure, great idea

[poot_rootbeer]

The outsourced manufacturing company wouldn't have the ability to activate them, so couldn't sell extras to the black market.

However, since they have the blueprints to the chips, they can find the sections of the schematic that implement this activation system, create a slightly modified die where they're masked out to always return an "authorized" status, and sell THOSE pirate chips on the black market.

Re:Sure, great idea

[KublaiKhan]

Slightly better, but still dodgy in my mind. If someone wants to counterfeit a chip design, then it'll be counterfeited--if by nothing else, then by someone with access to an electron microscope and a solid background in chip design theory, or by someone getting hold of a few of the 'unlocked' chips and reverse-engineering 'em that way.

Re:Sure, great idea

[Chris+Burke]

It doesn't sound like this is a consumer-level activation, but a one-time, manufacturer-side process:

Yeah, though it's still pretty silly.

The outsourced manufacturing company wouldn't have the ability to activate them, so couldn't sell extras to the black market.

Since the whole problem is that the outsourced manufacturing company has the layout (blueprint), then they certainly would be able to activate the chip by removing the "lock" circuitry from the layout and manufacturing chips which require no activation! It may be a non-trivial task to reverse-engineer which parts of the chip are responsible, but if the money is there it is certainly possible and would be worth it.

In other words this lock would only exist on the legitimate parts, and wouldn't exist on the bootleg ones, and the bootleg chips would operate exactly like an "activated" legitimate part.

I think it's kind of ironic that the acronym EPIC was also the acronym used to describe the Itanium's IA-64 instruction set (Explicitly Parallel Instruction Computing). Though I doubt this one will even make it out of academia.

Re:Sure, great idea

[Some_Llama]

"In other words this lock would only exist on the legitimate parts, and wouldn't exist on the bootleg ones, and the bootleg chips would operate exactly like an "activated" legitimate part."

in other words, like every existing anti piracy mechanism to date.

Re:Sure, great idea

[Chris+Burke]

in other words, like every existing anti piracy mechanism to date.

Yes, but it's actually even worse. Because with normal DRM, you're trying to keep the guy who is watching the DVD from being able to copy the DVD.

But in this case, it's actually like you're trying to keep the guy who is making the DVD from being able to copy it. They don't even have to break your DRM or work around it, they just have to decide not to build it in.

Re:Sure, great idea

[x_MeRLiN_x]

You seem to be missing the fact that the patent owner (who this is designed to protect) is a completely separate entity from the manufacturer. The manufacturer is nothing more than a subcontractor. The manufacturer obviously requires the blueprints to produce the chip. It is the manufacturer who is selling the patent owner's chips on the black market. Nothing is being "leaked". You can bet your life that the "signed agreements" you mention are without exception already in place. They're just being flouted.

Others who responded to my post have argued that you therefore shouldn't hire Chinese or other cheap chip production plants, because they are well known for failing to respect intellectual property and you have no possible recourse against them.

The thing is, businesses are always going to opt for the cheapest option. If this technological measure is cheaper than opting for a more expensive, "trustworthy" producer, then I don't think you have a case against it. This doesn't harm consumers in any way shape or form, simply because it doesn't involve them. The restrictions will have already been removed long before it reaches their hands.

Re:Sure, great idea

[insertwackynamehere]

Maybe the answer is to stop outsourcing.

Re:Sure, great idea

[DaveV1.0]

Wow. You didn't even bother to RTFA. That or you are a dumbass. To be honest, I think it is be both.

The chip is activated after manufacture but before shipping to the consumer. After it is activated, it never has to contact the patent holder again.

This is a technology to stop industrial espionage and has nothing to do with DRM or trusted computing.

Now, please, stop being a reactionary dumbass and STFU.

Re:Sure, great idea

[asuffield]

For which you need people capable of doing that, who have to be paid. That might not cost as much as developing a new circuit from scratch altogether, but it _might_ be enough to make the pirating just not worth it.

Unlikely. The need to employ actual mechanics has never been a problem for people running chop shops.

Removing a generic feature from a chip design just isn't that hard. If you make it hard to remove, it won't be generic any more, and it will significantly add to the cost of developing each chip (already huge) - so nobody is going to do that.

Re:Sure, great idea

[kesuki]

this involves cryptography. let's say that you use 128-bit encryption that's 128 gates per bit of the key/unlock mechanism. 128 gates is nothing on a large, say graphic processor, even 20,000 gates is nothing on a large graphic or general purpose cpu. so how are you going to crack this when each chip has it's own key/lock pair? and the 'key' pair, only goes across a trusted network in another country?

yeah, this isn't dvd movie crypto where the 'client' has to have access to a way to decrypt the movie.

this is the kind of crypto that can't be broken without a backdoor. of course since epic is built into the original chip blue print, just 'masking off that part' renders in a cpu that only spits out 'error, epic not found, halt now' that locks the chip from running. depending on how the chip maker designs this into chips, it's not like they can just engineer a 'mod chip' that tells the cpu everything is okay and to run code... the cost of trying to circumvent 'epic' instantly becomes more than you'd get for say, a pirate dvd player chip.

this is a big deal, really big, because right now sub standard dvd players around the globe are using 'pirate' chips, and usually 'pirate' code to run those chips. Prior to epic they were resorting to programming the firmware of retail dvd players to try and thwart piracy, but then the pirates just waited for a system to come out with the 'real' chip, and steal the firmware so they could program the pirate players themselves. or even worse just program them with 'firmware' downloaded off the net from god only knows the source..

epic will be used by countless dvd and blu-ray chip fabs, so they can benefit from low cost Chinese fabrication, and never have to worry about the design being stolen again.

i've tried to think of ways to break epic, but if it's on chip, tearing apart the chip to see what gets written on chip (especially if it's Different For Every chip) isn't going to work, a mod chip solution could work, but then you need to design a special chip, that only works with revision x. of the 'real' chip, and the cost of doing this is going to be somewhere in the $50 per modchip if you only sell a few hundred thousand of the pirate chip... the cost goes down if you sell millions of units, but most pirate chip stuff is so substandard that it only gets bought when it's 'carrying' a name brand that it isn't, and they do try their best to catch that kind of fraud.... and a big old mod-chip that isn't in the 'real' system makes it a really easy spot for guys with x-ray viewers to screen the stuff. so then you have to hide the 'mod-chip' as say a flash reader

so yeah, epic will very likely reduce the amount of counterfeit dvd players etc. of course, they can always just counterfeit the pre-epic designs, but better blu-ray designs are going to come along, and those will all (i'm guessing) feature epic.

Re:Sure, great idea

[droopycom]

Read the paper. http://www.cse.umich.edu/~imarkov/pubs/conf/date08-epic.pdf.

The chip generate a unique Private Key when first powering up. The matching Public Key is sent to the IP holder for activation. Supposedly there is no way to force a chip to generate a known private key without modifying the masks.

Modifying the mask (blueprint) using a "microscope" (or other techniques), is much more difficult that just putting the original mask in the machine and churning out a few thousands of chips.

Re:Sure, great idea

[poetmatt]

I do understand what you're saying, but no, this is still on the patent owner. From the last sentence you said sums up the answer: The thing is, businesses are always going to opt for the cheapest option.

Whose fault is that? Why should anyone other than the business that makes that decision (aka patent owner) bear the brunt of that responsibility? Why should a manufacturer add a cost to their process and what incentive do they have to do so? Answer: none whatsoever.

It is the patent owner's responsibility to do whatever recourse is necessary to prevent the situation from happening. Doing things because they are cheaper doesn't mean you can just wipe away all the liability or responsibility. Just because for example, I manufacture using method A because its cheaper than method B doesn't take away any responsibility I have for choosing method A and the results thereafter. However, instead of accepting that responsibility I add a costly process to the manufacturer that is neither realistic nor even guaranteed to help a single drop in this scenario.

What are we, supposed to be sympathetic to a patent owner who made a bad business decision? Whose responsibility is that again, exactly? The market is not sympathetic, neither is the consumer market, neither is the manufacturer, and neither am I.

Re:Sure, great idea

[rtb61]

Reason the technology was given away was stupidity driven by greed. When you put a bunch of sociopaths in control of government and corporations it is all about how well their immediate lusts can be satisfied, their greed and desire for more money, power and self gratification.

They do not care about anything at all except themselves, even the families are nothing more than accoutrements and decorations, pets to fulfil their own egos.

Just the same in this case, the people who cam up with this technology absolutely do not care how the technology will be abused in future, as long as they perceive it will feed their immediate myopic greed.

They are going to get the cheapest contractors, who absolutely can not be trusted, to supply the chips at the lowest possible price. Those contractors of course do this by paying workers slave wages, cheating their own suppliers and having an absolutely disregard for how much they pollute the environment with their production processes. Of course these contractors also currently supplement their income by producing additional chips and distributing them via alternate more profitable channels.

Re:Sure, great idea

[Grishnakh]

When you put a bunch of sociopaths in control of government and corporations it is all about how well their immediate lusts can be satisfied, their greed and desire for more money, power and self gratification.

Unfortunately, the capitalistic and democratic system we live under is inherently set up to reward sociopathic behavior, so those are the people who rise to the top in it.

Not that this means capitalism and democracy should be abolished; Stalinist-style communism as practiced in North Korea, for instance, seems to reward absolute lunacy, and I guess I'd rather have sociopathic leaders than insane lunatic ones.

Re:Sure, great idea

[rtb61]

Not really. Wwhn you look at the 50s through to the 70s when people communicate the sociopaths are exposed for who they are. Without the cover of corrupt mass media, and bullshit PR, democracy can quite readily handle them.

However as demonstrated by the eighties and nineties as well as the early 2000s corrupt centralised mass media is used yo effectively camouflages the sociopaths and allow them to remain in positions and gain even higher positions where they can do extreme harm. The internet is starting to become the most effective tool in exposing them and bringing them down.

Stalin and Mao where sociopaths with complete autocratic control and the only place a socipath belongs is in an institution that can restrict their behaviour and prevent them from doing harm to others. Society simply needs to make the effort to detect them as early as possible, so that the cheneys, bushes and ballmers of the world are restricted to occupational therapy in controlled environments, weaving baskets, crocheting beanies or something similar.

Re:Sure, great idea

[Alsee]

Thanx for the link.

I don't know anything much about the physical side of chip masks and manufacturing, but I think I know enough reasonably review the crypto and chip programming logic of the plan.

They spend almost the entire paper describing the system and how secure it is against the "front door attack". It is standard public key crypto. If you don't know the designer's private key then the chip is never going to invite you in the front door, end of story. For all intents and purposes it is mathematically impossible to break through the front door. I fully agree with them on that.

Then oddly they spend quite a bit of time analyzing the "CK" key. The CK key is the same for all chips, and it lies right behind the front door. As they analyze it, yes I agree it is rather difficult to crack the CK if you're coming through the front door, BUT NONE OF THAT ANALYSIS MATTERS AT ALL. If you're coming through the front door it doesn't matter of whether can you figure out the CK or not because you can never feed the CK in through the absolutely impenetrable public key crypto front door. They could publish the "secret" CK key on the front page of the New York Times and it would not significantly alter the security of their plan.

Now as I said I don't know anything much about the physical side of chip masks and manufacturing, but that's the back door. *IF* you can copy the mask creating an intelligently altered new mask, or if you can read the chip itself and create an intelligently altered new mask, then obtaining the CK is trivial (you could "activate" the chip as normal and have it TELL you the CK), and you can trivially remove or subvert the public key front door. The changes you need to make are fairly trivial to figure out.

The paper spends almost zero time on this, other than to say it's enough hassle that piracy "may not pay off". I don't know much about the hardware side of doing it this way, but the back door sure seems wide open to me, and they themselves describing that attack route "may not pay off" does not sound particularly strong to my ears.

So, can anyone else here address this angle?
Assume that you are a major industrial chip manufacturing plant with full expert staff and all of the usual major industrial support equipment, assume you are handed a chip mask, and assume your chip design experts know what kinds of wiring they want to cut or short-out. Just how difficult and expensive would it be to scan either chip or mask to human-examinable form, incorporate small easy identified changes, and to create the second unlocked mask?

Because that is all that is relevant. The difficulty and cost of that back door route pretty well defines the entire strength of their plan.

P.S.
I love how on the page 3 diagram they represent the "Holder of Master Key and IP rights" as a gray bearded wizard in blue wizard cloak, complete with pointy hat. LOL.

-

Re:Sure, great idea

[JoelKatz]

None of what you said makes any sense. This is not a "phone home system". It doesn't compare to cracking systems where you have control over the system during the validation process. Validation is not "via a server".

It's this simple:

1) The processor is manufactured.

2) The fab customer receives the processors from the fab.

3) The fab customer unlocks them.

4) The fab customer pays the fab and sells/ships the processor.

There is no opportunity for anyone to observe or tamper with the unlocking process. No validation is needed prior to unlocking because the fab customer will only unlock processors he has physical custody of.

Tag: DefectiveByDesign

[RobBebop]

Hardware that locks up when it can't call the mothership? And I though Microsoft Genuine Advantage was bad!

Chip Piracy, Eh?

[PC+and+Sony+Fanboy]

Wow, I havn't heard of chip piracy in a long time. Maybe it is because, like other forms of piracy, it isn't a big problem. I have problems with piracy when it involves safety equipment, and large purchases from reputable dealers ... but most of the time, you get what you pay for, and you're not being deceived, you're willingly purchasing counterfeit 'stuff'.

Isn't it sad when people think of piracy in terms of music, when the REAL piracy problems (counterfeiting) are those which involve fake electrical/safety/baby equipment (or food)?

Re:Chip Piracy, Eh?

[Smidge204]

Even better, given the sophistication of some of these bootleggers - couldn't they just reverse engineer the blueprints and modify them to bypass the feature?

The chips need to be activated at the manufacturer's level, not the consumer level. It does this by an internal random number generator. So... Take one genuine chip, find out what it's random number/activation key is, then modify your blueprints to produce the SAME ID number (bypass the RNG) and then activate all of them with the same key.

This sounds no more secure than programs that require user-name based serial numbers...

Alternatively, produce the chips with the "combination lock" set to "open" to begin with and bypass activation altogether.
=Smidge=

Re:Chip Piracy, Eh?

[mabhatter654]

It's bad in China. They like to pass the prints from the "premium" contractor in Taiwan, to somebody cheap on-shore that will knock them off to Southeast Asia markets. Probably half the stuff on the streets of Hong Kong or Seoul is counterfeit made from the actual prints, but at unauthorized manufactures. It's a problem when that gets back to the USA and the equipment builder is held up for liability for a product they didn't make because the parts get into their installed systems as "spares" for cheap.

Re:Chip Piracy, Eh?

[asuffield]

It's bad in China. They like to pass the prints from the "premium" contractor in Taiwan, to somebody cheap on-shore that will knock them off to Southeast Asia markets. Probably half the stuff on the streets of Hong Kong or Seoul is counterfeit made from the actual prints, but at unauthorized manufactures.

And the vast majority of it is every bit as good as the original, because it's made in the same plants by the same people who do all the other outsourced manufacturing. There is never any particular evidence presented to support the usual claim that the "unauthorized" product has a higher defect rate than the "authorized" product.

This is about whether or not some large US corporation gets their cut of the profits. Nothing more. It should be no surprise that they behave the same way as the mafia.

Re:Chip Piracy, Eh?

[Mr+44]

This is about whether or not some large US corporation gets their cut of the profits. Nothing more. It should be no surprise that they behave the same way as the mafia.


You misspelled "makes back their R&D investment".

Re:Chip Piracy, Eh?

[Mr.+Slippery]

Isn't it sad when people think of piracy in terms of music, when the REAL piracy problems (counterfeiting) are those which involve fake electrical/safety/baby equipment (or food)?

The REAL piracy problem is the 13 to 16 billion dollars per year lost to maritime robbery.

Let's call counterfeiting by its proper name, okay? Confusing people who commit armed robbery on the high seas with people who make counterfeit items (whether safety-critical ones or DVDs) is unlikely to help us talk clearly about the problems.

Not a good idea

[mlts]

In a number of countries that this chip is aimed for, what will happen is that some knockoff fab will disassemble the chip, figure out the masks, and just make and sell the same IC minus the locking circuitry.

This type of locking mechanism also brings up other points. Once the IC is "unlocked", is it unlocked for good, or just for a time period? Could some criminal organization figure out the method of re-locking it, then lock the machines who belong to the patent holder's customers? This would result in some decent havoc especially in embedded circuitry (HVAC systems, railroad switches.)

The article seems to be lacking substance as well.

Re:Not a good idea

[KublaiKhan]

Not to mention that if the manufacturer goes out of business, all the equipment stops working.

As if anyone would take -that- risk...

Re:Not a good idea

[Frosty+Piss]

Could some criminal organization figure out the method of re-locking it?

Which government agency are you thinking of specifically?

Well, if they have the blueprint...

[FlyByPC]

...wouldn't it be pretty straightforward to replace the hardware circuit that does

if(bignastyDRM(uniqueDRMkey)==TRUE){}

with

if(TRUE){}

...?

Yes, I know circuits are usually either designed with a capture program or modeled in VRML/Verilog -- but the logic still holds. Find out what part of the circuit locks the functionality -- and replace it with a wire to Vcc.

(Unless, of course, they will require the chip to communicate with the mothership every time it has to blow its little digital nose etc...)

Re:Well, if they have the blueprint...

[Sta7ic]

Sure thing. Just gotta jimmy a paperclip in there at the 45nm level.

Giving new meaning to....

[coolhaus]

Giving new meaning to your CPU locking up.

Intul Inside! Powered by AMB!

[themushroom]

But my pirated copy of Windows only works on my pirated CPU chip!

Okay, show of hands, who has a pirated processor? Anyone? Anyone? Buehler? Is this really a huge problem? Doesn't it cost more to produce a pirate CPU than the potential profits from selling it? Methinks the issue is overstated, either that or the chip industry should contact the RIAA & MPAA's media moguls about an advertising deal (which is the same thing, overstatement but loud).

This targets gray market, not black

[smellsofbikes]

If I read the original article correctly:
If someone gets the chip design and is copying it to be built in another fab, it'd be possible (difficult, but much less difficult than a complete chip redesign or re-engineering) to remove this part of the chip (and increase the profit margin, since A: no investment on research and B: more die per unit silicon.)

What this is going to affect is people who run a fab making legitimate parts, but also run the same parts from the same masks but keep them off the books and sell them independently of the company that owns the design -- OEM ripoffs.

Oblig.

[Bobb+Sledd]

Dark Helmet: "So the combination is one, two, three, four, five? That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!"
...
President Skroob: "1 2 3 4 5? That's amazing! I've got the same combination on my luggage!"

Hmm, this reminds me of something

[fallen1]

very, very foul and disturbing. Oh, yeah, P3 chips with unique Processor Serial Numbers. I realize that the goal of this project is not the same as the Intel PSNs, but it still strikes me as a way to get unique IDs into each CPU and end anonymity on the net -- what there is that remains of anonymity. Not to mention the complete foul-ups when some enterprising "hacker" figures out how to remotely lock CPUs or other chips that have been unlocked.

While it sounds promising, it still raises the little hairs on the back of my neck. Danger Will Robinson, danger!

The second

[BigJClark]

Perhaps its unlocked once and good to go. I don't think its the consumer that is guilty of pirated chips, but computer companies that purchase elicit copied chips cheaper than from the OEM. This shouldn't affect us that much, besides a perceived increase in quality.

Nothing to see here, move along.

Holy crap

[Bobfrankly1]

I guess this means I'll have to buy genuine Ruffles and Doritos from now on!
--
How many mod points will this bad pun cost me?

Re:Uhm... but if the chip is patented...

[bkaul01]

Patents are rarely detailed enough to fully implement in practice; usually they cover only a subset of the design, and are written broadly enough that several different paths could be taken to implement them. Looking up a patent would show you the concept, but not an exact design such as a blueprint provides.

I don't get it

[Deathlizard]

If fabless companies are so worried about overseas manufacturing, then why not use a fab that is inside the country your company resides in? That way, you can sue the living hell out of them when they do sell / steal your plans.

I would think that building the Chips in the US or Europe where the fabs are more reputable would be a better cost effective solution than sending it to an orient fab and watch it pump out pirate chips left and right, or relying on some sort of activation scheme that these pirate hardware companies would most likely reverse engineer out of them anyway.

This is dumb. I can crack it in two seconds.

[MikeDataLink]

If I am copying the chip, I'll just remove those stupid extra "locks" during the manufacturing process. Just remove them from my pirated copy before I make the chip. Seems like a dumb idea.

Overriding factor for implementation

[The+Ancients]

...will be cost. A 'few extra circuits' may not sound like much, but with chip manufacturers engaged in a protracted price war, every cent counts - especially when multiplied by the chip numbers we are talking here.

When it detects that it's a pirate copy, it says:

[spun]

EPIC FAIL!

Error Message?

[CompMD]

Wrong crypto key?

EPIC FAIL.

Same Non-Problem, Same *WRONG* Solution

[ewhac]

Although the article doesn't expressly say so, I'm guessing chip "activation" occurs at the factory long before it's put in a tube and shipped to an OEM. So end-users will (probably) never see this.

As I see it, this has two major problems with it. The first, of course, is that copy protection in any form is childish, stupid, and ultimately ineffective.

The second is a bit more down to earth -- this will become the bottleneck on the manufacturing line. Chips are manufactured in the millions, with hundreds of thousands falling off the line each day. These nimrods propose to authenticate every last one of them, using computationally non-trivial crypto, uniquely before they roll off the line.

Let's generously assume it takes one second to authenticate and activate a chip (not, that's not a ridiculously long time -- between crypto compute time and network latency to the Pacific Rim, this is entirely realistic). This means you can activate a maximum of 86400 chips per day. Maybe you can parallelize the process, and maybe you can't (depends on whether the people who wrote the authentication server were idiots or not). And if your OC-3 to the Internet gets a backhoe through it, "accidentally" or otherwise, all production in your facility stops dead. Wonderful idea.

This stunning idea also seems to assume only one patent holder will be interested in a given chip. The most cursory inspection of even a "simple" memory chip will reveal several patent holders, all of whom will doubtless insist on "activation" which, again, may or may not be parallelizeable.

Like all copy protection "solutions" presented throughout history, this is a really, really stupid idea. I can't think of any fab that would willingly sign on to this.

Schwab

Re:Same Non-Problem, Same *WRONG* Solution

[KublaiKhan]

I can think of a way to make an obscene profit off of it: negotiate to be paid by the hour rather than by the unit. The longer it takes to authenticate a chip, the better. ;-P

Think PHYs, not Pentiums

[Skirwan]

There was a time when half the USB flash media readers on the market were based on the same pirated designs -- at least according to hardware folks I used to work with who'd be in a better position to know than I am (or, most likely, you are). I'm fairly sure this is a bigger problem than many people realize.

The research paper

[cowpiboy]

The research paper describing EPIC http://www.eecs.umich.edu/~imarkov/pubs/conf/date08-epic.pdf will be presented next week in Munich http://date-conference.com/

Re:The research paper

[owlstead]

Interesting paper:
- relies on the fact that *any* changes in the blueprint would be prohibitively expensive, could be, but just replacing components by pathways does not *sound* very expensive to me
- RSA key pair generation on chip: bad idea, RSA key pair generation can take a lot of time (ECC key pair generation could be used as a replacement), needs PRNG
- PRNG on chip might prove expensive (where does it get its entropy???)
- no mention of X509 or any other PKI scheme, lets hope they are smart enough to see that they need some form of key management scheme
- cost of maintaining a PKI (public key infrastructure) might be rather expensive, especially if both parties are new to the game

Overall, interesting idea, but I'm not so sure anyone would want this. Lots of hassle for the buyer without any benefits to him, this makes it 1) expensive, thus a less favourable solution to others without this scheme 2) more likely that they will screw up the PKI system that is needed for this to work.

Well, they called it EPIC, and we all know that it may take some time before EPIC products come out (e.g. this one :)

Re:This is dumb. I can crack it in two seconds.

[DCBoland]

I know this is /. but I took the time to find the actual paper, they cover the typical attacks on the security mechanism quite thoroughly. Apparently its very difficult to scan a mask, especially at the small scales the industry deals in today - they suggest it would be cheaper to simply design the chip yourself.

(Off-topic: the anti-spam mechanism atm gives an interesting result for my email address..."'poo' in gap" oO)

So what prevents the IC "pirate" from stealing?

[Fallen+Kell]

I mean, these guys are good enough to steal the design and have the knowledge to manufacture the device. What prevents them from modifying the IC to remove the lock? I mean, they are the ones actually making it. I am sure they have someone smart enough to be able to find the "added" authentication portion in the design docs, since the design docs probably have it named exactly what it is (i.e. the Epic lock circuit)....

In other news...

[dragisha]

Hundreds of thousands personal (and not so personal) computers locked themselves today after rogue group of Mongolian hackers stole keychain from, as evidence shows, not so secure vaults at "EPIC Security Ltd.". EPIC security guards went high alert, but they failed to act in time before Mongols (riding bareback and yelling) departed.

EPIC Security Ltd. issued security update and instructions for unlocking targeted computers. Users just have to bring their computers (or if it's easier for them only their CPU's - very small chips with very many pins underside)to EPIC Security Ltd.'s premises or nearest servicing outlet.

List of outlet's is sent directly by email to every user targeted.

And when would this separate run be made?

[Animaether]

Unless the fab has unused capacity / lines to produce these chips based on other dies/masks separately, they're going to have to swap dies / masks out when they want to produce their 'pirate' copies. This swap-out takes time. Calibration takes time. It also increases the likelihood of errors; not just in the 'pirate' copies but also in the originals when they switch back. A fab is going to explain this odd higher failure rate to their customer, how?

At best somebody within the company could take the design and contract manufacture of it out to a smaller fab or sister fab that isn't booked by the same customer, and have them manufacture it during the same time the originals are produced. That'd be less noticeable, but it would also be more expensive - as the customer isn't footing part of the bill for that shadow fab.

Re:When it detects that it's a pirate copy, it say

[pitchpipe]

Not only EPIC FAIL, maybe we could have this chip report you to a patent offenders registry where all of the other chips that are using EPIC could deny your using them to prevent further patent abuse.

Hurries and puts bleeding child in car. Turns key...
"I'm sorry sir, your patent offenders registry status prevents you from starting this car."
But car, I need to get to the emerg... "I'm sorry sir, your patent offenders registry status prevents you from starting this car."
Oh fuck it!
Dials phone
"I'm sorry sir, your patent offenders registry status prevents you from dialing this phone. Please seek the assistance of a non-offender in...

Actual paper does NOT cover this attack well.

[yakovlev]

I read the paper (thanks for the link.) I wouldn't say they cover this thoroughly. In fact, I'd argue that they handwaved this, even though it is the most likely and most important attack vector.

They argue that modifying masks is a problem, which may be true. However, there are several stages of design data before the masks, and I would expect that a corporate-level pirate could have access to something early enough in the process that it could be modified by someone skilled in the art. Design data is probably transfered to the FAB as a flattened layout, with no circuit/design hierarchy. However, it should be possible for someone who knows the chip interfaces related to this unlocking mechanism to work backwards from them and find where to tie things off to make the chip work. The labor cost would probably be pretty low compared to the cost of prepping a second mask to manufacture the modified chips.

Re:Actual paper does NOT cover this attack well.

[LarsG]

However, it should be possible for someone who knows the chip interfaces related to this unlocking mechanism to work backwards from them and find where to tie things off to make the chip work.

From my quick glance a the paper it looks like they scatter a bunch of XOR gates around the chip in non-fastpath areas. Chip won't work correctly unless those gates are set correctly. Those settings are transmitted to the chip using some sort of pki.

Even if you identify all the XOR gates, you'd have to brute-force test all combinations. 2^64 can get expensive really fast, especially if you only have access to the masks and have to manufacture test-chips instead of running the brute-force in a software simulation.

Re:When it detects that it's a pirate copy, it say

[andy_t_roo]

atleast until the people with the hundred million$ plans, and the billion $ chip plant spend a few hundred thousand on analyzing the plans to find the few transistors that do this and take them out, making pre-unlocked chips. - if a bunch of random hackers can do over current DRM, there's not much chance that this would last.

Watermarks DRM

[IdeaMan]

*Add* something instead. Add in a fusible link that would disable the protection scheme.
It would have to be subtle enough to pass inspection by the original mask creators.

Instead of creating a bogus, complicated and expensive DRM scheme, just introduce a watermark onto the mask. Use the watermark to identify which manufacturer is selling the extra chips.

The counter of course is the good ole compare blueprints trick. However then we're back to what you mentioned before, the calibration expense issue.

Outsourcing is simply trade

[Colin+Smith]

You do it every day. Do you manufacture your own bread? Butter? Do you manufacture your own hardware components? No, because someone else can do it better and cheaper.

Chip piracy != music piracy

[FuzzyDaddy]

Chip piracy is a big problem.

My company got burned by it a few years ago. We had an 8 channel DAC (the MAX5308) in our design which didn't have a drop in replacement from another vendor. We needed some parts, and the lead times from Maxim were too long, so we contacted some distributors and found someone who had these parts.

We had a bunch of boards built, and we started getting a high failure rate, which we traced back to the DAC. A closer inspection of the part revealed it had a date code that was before the actual release date of the chip! We contacted Maxim and stopped payment on the parts. Maxim took some parts for evidence (and I believe sent us a few samples to tide us over).

We were building $14000 units that were being deployed in military communications systems.

It turns out the counterfeits were coming from Asia. The distributor in question probably knew that the chips were counterfeit and looked the other way.

Semiconductor companies put a lot of effort in making sure there products are reliable. (If a PC board has 100 parts, what failure rate is acceptable in your chips before you start to have very bad yield issues? What if it's 1000 parts?). We, as a society, have come to count on things being reliable, and real danger can result when their not. It's not as bad as counterfeit pharmaceuticals, but it's not so far off either.

I don't know if this scheme will work or not. But it's a real problem, with real consequences.