Crypto to defend chip IP: snake oil or good idea?
Leichter, Jerry
leichter_jerrold at emc.com
Wed Jul 26 11:28:42 EDT 2006
| EE Times is carrying [a] story ... about attempts to use cryptography
| to protect chip designs from untrustworthy fabrication facilities,
| including a technology from Certicom.
|
| Unlike ordinary DRM, which I think can largely work in so far as it
| merely provides a (low) barrier to stop otherwise honest people from
| copying something they find inexpensive in the first place, it seems
| to me that efforts like this are doomed.... I'd be interested in
| other people's thoughts on this. Can you use DRM to protect something
| worth not eight dollars but eight million?
What's completely unclear to me is exactly what "IP" is being protected
and from whom. Without a better understanding of those issues, it's
impossible to analyze what they are doing. (Certicom is pretty
experienced at this sort of stuff, so I wouldn't dismiss it out of
hand.)
An example of a problem that *could* be solved: I wish to create a
semi-custom chip, where the unique value is derived in substantial part
(but not completely) from a gate array. I don't trust the chip
manufacturer - if I give him the information necessary to configure the
gate array, he may create extra chips. So I have him build the whole
thing with an unconfigured gate array, then ship the unfinished chips to
a smaller-scale operation that I *do* trust to configure the array and
"pot" the chips to make reverse engineering very expensive.
No crypto so far. But suppose I don't trust the second chip house
either. So I add a crypto module on the address inputs. The first chip
house gets the keys for the module; the second gets encrypted inputs.
Neither alone can create a finished chip. The second chip house could,
in principle, reverse engineer the whole thing, but that's a rather
large investment, and I'll bet Certicom has some tricks to keep their
crypto core from being analyzed. You can probably make the risk of
this attack much lower than the risk that the two chip houses collude.
Yes, I'm doing a lot of hand-waving about how the actual manufacturing
process could work. But the general approach should be workable.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list