[Cryptography] USB 3.0 authentication: market power and DRM?

[John Gilmore]

> This may look odd. There are reasons.  This spec is the first
> part. It's addressing the authenticity of PD (powerdelivery) devices
> by checking that they have been provisioned with certsunder a root
> controlled by the certification body. These devices may nothave USB
> data capability. The PD wires carry a low speed protocol tonegotiate
> volts and amps. The 'problem' is counterfeit chargers anddefective
> cables that can and do damage expensive computers and phones.

I love the concept of the new Power Delivery modes (100w of power, by
sending up to 20v at 5A over suitable cables).  If done right, I can
see people wiring their house and business wall outlets (and cars)
with much safer, more compact, and Internet-enabled USB-PD sockets,
replacing 110v or 220v wiring for a lot of uses.  Particularly in
places where the power source is DC anyway (like solar or cars) and/or
where they want data or video connectivity as well as power.

But I don't see how authentication fits in technically.  It looks like
it's there to build monopolies.

The alleged problem statement seems to be: Some expensive devices will
decline to spend the money to protect themselves from overvoltage or
overcurrent situations, thereby being damaged by out-of-spec power
supplies.  We need to authenticate chargers so this won't happen.
Let's examine this from an engineering point of view, then look at 
the politics.

The One Laptop Per Child folks built their ~$100 laptops with power
inputs that accept 11 to 24 V usable, -32 to +40V tolerated without
damage.  This lets them be used with all kinds of janky third world
power, direct plug-ins to solar panels (the laptop does MPPT to
optimize charging direct from solar too), etc.  So it'll charge at +12
thru +24V, will decline to accept power at +35V or -12V or -24V but be
undamaged.  If you exceed this, e.g. by feeding 220V AC power to that
input by accident, it will blow an internal fuse that's easy for a
hardware tech to repair.  But that's a well designed yet cheap device.

Expensive USB3-PD devices could use similar circuitry to protect their
expensive devices from overvoltage or overcurrent.  Or, they could
spend years in standards committees designing authentication.  But I
don't see how the standards committee solves the problem.

Let's suppose that an expensive phone does USB3 authentication of its
putative power source and decides that the authentication FAILS.  Oh
my god, it's been attached to a "counterfeit" charger or a "defective"
cable!  How does it protect itself?

If it doesn't have circuitry that disconnects it from the power wires,
it will fry anyway.

But if it does have circuitry that disconnects it from the power
wires, why not trigger that disconnect based on measuring overvoltage or
overcurrent, rather than triggering it on failed authentication?

It seems to me that a counterfeit charger could short 110V down
the USB3 cable, with or without authentication.  What protects
the phone from that?

Similarly, what prevents a counterfeit charger from using a chip and a
flash image (including a signed certificate) that's identical to the
one in a certified, tested, approved, paid-up charger.  The
counterfeiter only has to clone that real chip one time, then they can
put it in all their products.  Or they could actually buy the real
chips on the open market, and just clone the firmware and the cert.
Yet their shoddy wiring, Grade Z external components, faulty housing,
etc, around that chip could still short 110V down the cable during the
wrong phase of the moon.  So the authentication will pass, but the
voltages and currents will at sudden times be dangerous.  I guess your
expensive phone will fry anyway, despite the crypto, because you
didn't spend 20c on protective components in the phone.

What am I missing here?  It looks like the alleged solution doesn't
solve the alleged problem.  Perhaps there's something else going on here.

> The 'problem' is counterfeit chargers and defective
> cables that can and do damage expensive computers and phones.

"Can and do" is a misnomer here.  There are no counterfeit USB3-PD
chargers, because there are essentially no USB3-PD chargers on the
market yet.  I've been looking.  So there isn't a problem "yet"
from fake USB3-PD gear...

Perhaps you are talking about counterfeit USB2 chargers, that don't
even negotiate the voltage, just have resistor / capacitor networks
that signal the option to draw >500ma power at 5v?

Now let's look at the politics.

It is well understood in the consumer electronics industry how to use
authentication requirements to exert market power.  To be able to
build a peripheral devie that plugs into an iPhone, you have to
include a chip made only by Apple.  The phone won't talk to you
without having that chip in your thingy to answer a crypto challenge
sent by the iPhone.  Apple will only sell the chip to you if you give
them a significant part of the purchase price of the peripheral.  The
chip authentication is the technical hook that drives you to sign a
contract with Apple to become an "Apple Certified Peripheral".  There
are no "Apple uncertified peripherals" in the market, they don't sell
because they don't work, because Apple forces them to not work, using
Apple's control over the iPhone firmware to not let them work.  Didn't
you wonder why every iPhone dock and iPhone charger and iPhone cable
was vastly overpriced?  Even from a variety of competing third-party
manufacturers?  That's Apple raking in their 40% or whatever.  And if
your gadget competes too well against one of Apple's peripherals,
maybe they won't certify you at all.  Like the authentication-checking
on apps in the "app store": at any time, Apple can put you right out
of business, at their whim, and you have no recourse.

My initial suspicion is that THIS is what the USB3 "authentication"
spec is for.

A very similar scheme is the technical hook that forces you to sign a
contract to put DRM into your products in order to be able to make an
HDMI product that will interoperate with other HDMI products.  In that
case it isn't even to extract money for a single vendor -- it is to
exert market power on behalf of a group that doesn't even make devices
-- Hollywood.  They used business pressure ("negotiation") against
Intel to convince Intel to build this into the HDMI support in their
motherboards, to deny every competitor the ability to build products
that do things that consumers want but that Hollywood doesn't.

So just like the bastards who are trying to put DRM into the HTML
standards at the W3C, I suspect "someone" also trying to put DRM into
the USB standards.  This "USB Authentication" is the "hook" that means
you have to do whatever the "certification body" says you have to do.
Hey dj, who runs the org that will keep the master keys?  Or is that a
political issue that's conveniently outside the scope of the technical
USB Authentication specs?

Or will the certification be vendor-by-vendor, e.g. Apple devices will
look for a cert signed by key X, while Blu-Ray devices will look for a
cert signed by key Y?  How convenient -- a generic "hook" that ANY
vendor can use to make their USB products deliberately incompatible,
unless you enter into a one-sided coerced contract with them!  What a
sneaky way to undermine the intent of the "Universal" Serial Bus!

But never fear, it's all to prevent fried phones from those dastardly
"counterfeiters".  The leaders of our tech industry would NEVER use
this power for evil, only for good.

	John Gilmore