Crypto to defend chip IP: snake oil or good idea?
Anne & Lynn Wheeler
lynn at garlic.com
Tue Jul 25 17:49:11 EDT 2006
Perry E. Metzger wrote:
> EE Times is carrying the following story:
>
> http://www.eetimes.com/news/latest/showArticle.jhtml?articleID=190900759
>
> It is about attempts to use cryptography to protect chip designs from
> untrustworthy fabrication facilities, including a technology from
> Certicom.
>
> Unlike ordinary DRM, which I think can largely work in so far as it
> merely provides a (low) barrier to stop otherwise honest people from
> copying something they find inexpensive in the first place, it seems
> to me that efforts like this are doomed.
>
> It is one thing if you're just trying to keep most people honest about
> something that doesn't cost much money, and another if you're trying
> to protect something worth millions of dollars from people with
> extremely sophisticated reverse engineering equipment. In particular,
> people who operate fabs are also in possession of exquisitely good
> equipment for analyzing the chips they've made so they can figure out
> process problems, and the "key injection" equipment Certicom is making
> could easily be suborned as well.
disclaimer ... although our names are on the patents ... they are
assigned and we currently have no association with the patents or the
company that owns the patents (the most recent allowed happens to be out
in todays regular tuesday update):
http://www.garlic.com/~lynn/x959.html#aads
which basically puts keygen and minimal number of other circuits in the
chip. keygen is executed as part of standard initial power-on/test ...
before the chips are sliced and diced from the wafer. the public key is
exported along with the other power-on/test data and is retained along
with the other standard chip inventory information. no increase in chip
processing and/or handling.
basically it adds dynamic information to static (data) serial number
(which can be easily skimmed and replayed) w/o adding any additional
handling or processing steps (other than incorporating the additional
circuits into the base chip design). not necessarily definding chip IP
... just slight addition to existing chip serial number convention
processing ... somewhat dating back to part of the original aads chip
strawman concepts
http://www.garlic.com/~lynn/x959.html#aads
somewhat related among them:
6,892,302: Incorporating security certificate during manufacture of
device generating digital signatures
6,915,430: Reliably identifying information of device generating digital
signatures
6,978,369: Person-centric account-based digital signature system
6,983,368: Linnking public key of device to information during manufacture
7,047,414: Managing database for reliably identifying information of
device generating digital signatures
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list