Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Hardware

New Lock Aims To End Chip Piracy 312

Stony Stevenson writes "Pirated microchips based on stolen blueprints could soon be a thing of the past thanks to computer engineers at Rice University and the University of Michigan. The engineers have devised a way to head off this costly infringement by giving each chip its own unique lock and key. The patent holder would hold the keys, and the chip would securely communicate with the patent holder to unlock itself. The chip could operate only after being unlocked. The Ending Piracy of Integrated Circuits (Epic) technique relies on established cryptography methods, and introduces subtle changes into the chip design process without affecting performance or power consumption. With Epic protection enabled, each integrated circuit would be manufactured with a few extra switches that behave like a combination lock."
This discussion has been archived. No new comments can be posted.

New Lock Aims To End Chip Piracy

Comments Filter:
  • Physical DRM (Score:5, Insightful)

    by QMalcolm ( 1094433 ) on Thursday March 06, 2008 @05:32PM (#22669426)
    Great.
      • by pitchpipe ( 708843 ) on Thursday March 06, 2008 @07:23PM (#22670750)
        Not only EPIC FAIL, maybe we could have this chip report you to a patent offenders registry where all of the other chips that are using EPIC could deny your using them to prevent further patent abuse.

        Hurries and puts bleeding child in car. Turns key...
        "I'm sorry sir, your patent offenders registry status prevents you from starting this car."
        But car, I need to get to the emerg... "I'm sorry sir, your patent offenders registry status prevents you from starting this car."
        Oh fuck it!
        Dials phone
        "I'm sorry sir, your patent offenders registry status prevents you from dialing this phone. Please seek the assistance of a non-offender in...

      • by andy_t_roo ( 912592 ) on Thursday March 06, 2008 @07:56PM (#22671056)
        atleast until the people with the hundred million$ plans, and the billion $ chip plant spend a few hundred thousand on analyzing the plans to find the few transistors that do this and take them out, making pre-unlocked chips. - if a bunch of random hackers can do over current DRM, there's not much chance that this would last.
    • by burni ( 930725 ) on Thursday March 06, 2008 @05:55PM (#22669762)
      Yep, "great"!

      .. soon to be cracked, by a great army of brilliant chinese/taiwanese/etc.. engineers,
      specialized in getting to know how everything works.

      Just to remember, how long did it took to crack HD-DVD encryption ?
      Not long enough to survive it's own extinction.

      We all know the story's ending, it just happens too often.
    • Re:Physical DRM (Score:4, Insightful)

      by Lumpy ( 12016 ) on Thursday March 06, 2008 @08:28PM (#22671286) Homepage
      Problem is it wont fly. Chips are made to be as cheap as possible. Paying a licensing fee and then requiring the damn thing to be on the internet to be activated is not only stupid but completely unmarketable.

      There is a reason that Grey market chips get made of popular chips. Because the manufacturers are price whores and get them made at the cheapest plant in China. how about not paying the executive staff obscene salaries for their useless butts and have the items made in a location that is reputable and trustworthy?

      finally, I found a way around the china syndrome of copying. Send them a Test firmware so they can test the product but not operate it, then you simply re-flash with a jtag jig when the good boards arrive. The china operation never get's their hands on the firmware so they cant copy the product.

      The whole article is nothing more than an advertisement for a useless technology that only a uneducated CEO or CTO would read about in a trade magazine and make the rash decision to implement it without talking to his engineering staff.
      • Re: (Score:3, Insightful)

        then they buy a unit at any wall-mart, take it back to china, read the production firmware using a jtag cable, and they're back in the business
        • Re: (Score:3, Informative)

          by Lumpy ( 12016 )
          it dont work that way. most chips that are programmable can be designed to not allow a reverse load. Hell all PIC chips allow me to lock them. Then you need to grind the surface off and try and read what the flash portion is set to with an electron microscope.

          It aint that easy, most current production chips have protection for this built in.
    • by FuzzyDaddy ( 584528 ) on Friday March 07, 2008 @09:17AM (#22674712) Journal
      Chip piracy is a big problem.

      My company got burned by it a few years ago. We had an 8 channel DAC (the MAX5308) in our design which didn't have a drop in replacement from another vendor. We needed some parts, and the lead times from Maxim were too long, so we contacted some distributors and found someone who had these parts.

      We had a bunch of boards built, and we started getting a high failure rate, which we traced back to the DAC. A closer inspection of the part revealed it had a date code that was before the actual release date of the chip! We contacted Maxim and stopped payment on the parts. Maxim took some parts for evidence (and I believe sent us a few samples to tide us over).

      We were building $14000 units that were being deployed in military communications systems.

      It turns out the counterfeits were coming from Asia. The distributor in question probably knew that the chips were counterfeit and looked the other way.

      Semiconductor companies put a lot of effort in making sure there products are reliable. (If a PC board has 100 parts, what failure rate is acceptable in your chips before you start to have very bad yield issues? What if it's 1000 parts?). We, as a society, have come to count on things being reliable, and real danger can result when their not. It's not as bad as counterfeit pharmaceuticals, but it's not so far off either.

      I don't know if this scheme will work or not. But it's a real problem, with real consequences.

  • Sure, great idea (Score:5, Insightful)

    by KublaiKhan ( 522918 ) on Thursday March 06, 2008 @05:32PM (#22669428) Homepage Journal
    Presuming that there's a constant internet connection, that the manufacturer's server is incapable of being cracked and maintains at least 5-9's uptime, and that anyone's stupid enough to buy a crippled chip with this on it.
    • Re:Sure, great idea (Score:5, Informative)

      by bkaul01 ( 619795 ) on Thursday March 06, 2008 @05:36PM (#22669488)
      It doesn't sound like this is a consumer-level activation, but a one-time, manufacturer-side process:

      To activate a chip, the manufacturer would plug it in and let it contact the patent owner over an ordinary phone line or internet connection.
      It's intended to protect against overseas subcontractors who have access to the blueprints making extras and then going and selling them on the black market, behind the patent-holder's back. So, the overseas company would make it, ship it back to the company who owns the rights to it, where it would be activated before being distributed. The outsourced manufacturing company wouldn't have the ability to activate them, so couldn't sell extras to the black market.
      • Re:Sure, great idea (Score:5, Informative)

        by poetmatt ( 793785 ) on Thursday March 06, 2008 @05:43PM (#22669612) Journal
        That's how it starts, but that's not how it would end. Think of how much the government or any power abusing company seeking more of that would be on this like FOS. Especially if it becomes commonly manufactured. Not that this is 100%, but I wouldn't see a situation like this technology being force trickled on consumers to be completely unlikely either.

        We've had it before, I believe it was called trusted computing [wikipedia.org]. Boy do people love how that has turned out [gnu.org], if I recall correctly.

        I understand that a processor blueprint is not something that people want compromised. Throwing a technical attempt to solve the problem rather than dealing with human error is just putting the blame in the wrong places and throwing stuff at the wall hoping things will stick.
        • Human error? I don't see it. Chips need to be manufactured elsewhere and you therefore have to trust the manufacturer with your blueprints. They'll either steal from you or they won't. How can that be the fault of the patent owner?
          • The stuff's mostly made in China now, so the risk of theft is, well, very high. There's no effective way to penalize a criminal subcontractor (not that what they're doing is exactly criminal in China to begin with) so this is maybe a reasonable thing to do. Doesn't matter in the long run: they won't need us for much longer anyway.
            • by insertwackynamehere ( 891357 ) on Thursday March 06, 2008 @06:40PM (#22670280) Journal
              Maybe the answer is to stop outsourcing.
              • by Colin Smith ( 2679 ) on Friday March 07, 2008 @04:12AM (#22673316)
                You do it every day. Do you manufacture your own bread? Butter? Do you manufacture your own hardware components? No, because someone else can do it better and cheaper.

                 
          • How can that be the fault of the patent owner?

            I dunno, maybe it's their fault for getting the chips made by the lowest bidder in a country that doesn't respect IP laws.
          • Honestly, if its not human error then explain how any information can be leaked here. Was it magical? Did someone put it on a laptop [theregister.co.uk] and lose it?

            Information doesn't disseminate itself. Someone has to start it. Who said it was the fault of the patent owner? It's not a matter of fault at all. The fault is not relevant even remotely.

            I said it was a human controllable situation, not something of a technology solution. Aka it is the manufacturer who is at fault here, and whose responsibility is it to find a tru
            • Re:Sure, great idea (Score:5, Informative)

              by x_MeRLiN_x ( 935994 ) on Thursday March 06, 2008 @06:33PM (#22670202)
              You seem to be missing the fact that the patent owner (who this is designed to protect) is a completely separate entity from the manufacturer. The manufacturer is nothing more than a subcontractor. The manufacturer obviously requires the blueprints to produce the chip. It is the manufacturer who is selling the patent owner's chips on the black market. Nothing is being "leaked". You can bet your life that the "signed agreements" you mention are without exception already in place. They're just being flouted.

              Others who responded to my post have argued that you therefore shouldn't hire Chinese or other cheap chip production plants, because they are well known for failing to respect intellectual property and you have no possible recourse against them.

              The thing is, businesses are always going to opt for the cheapest option. If this technological measure is cheaper than opting for a more expensive, "trustworthy" producer, then I don't think you have a case against it. This doesn't harm consumers in any way shape or form, simply because it doesn't involve them. The restrictions will have already been removed long before it reaches their hands.
              • Re: (Score:3, Insightful)

                by poetmatt ( 793785 )
                I do understand what you're saying, but no, this is still on the patent owner. From the last sentence you said sums up the answer: The thing is, businesses are always going to opt for the cheapest option.

                Whose fault is that? Why should anyone other than the business that makes that decision (aka patent owner) bear the brunt of that responsibility? Why should a manufacturer add a cost to their process and what incentive do they have to do so? Answer: none whatsoever.

                It is the patent owner's responsibility to
        • Re: (Score:3, Insightful)

          by DaveV1.0 ( 203135 )
          Wow. You didn't even bother to RTFA. That or you are a dumbass. To be honest, I think it is be both.

          The chip is activated after manufacture but before shipping to the consumer. After it is activated, it never has to contact the patent holder again.

          This is a technology to stop industrial espionage and has nothing to do with DRM or trusted computing.

          Now, please, stop being a reactionary dumbass and STFU.
      • by poot_rootbeer ( 188613 ) on Thursday March 06, 2008 @05:46PM (#22669644)
        The outsourced manufacturing company wouldn't have the ability to activate them, so couldn't sell extras to the black market.

        However, since they have the blueprints to the chips, they can find the sections of the schematic that implement this activation system, create a slightly modified die where they're masked out to always return an "authorized" status, and sell THOSE pirate chips on the black market.

      • Re: (Score:2, Interesting)

        by KublaiKhan ( 522918 )
        Slightly better, but still dodgy in my mind. If someone wants to counterfeit a chip design, then it'll be counterfeited--if by nothing else, then by someone with access to an electron microscope and a solid background in chip design theory, or by someone getting hold of a few of the 'unlocked' chips and reverse-engineering 'em that way.
      • by Chris Burke ( 6130 ) on Thursday March 06, 2008 @05:48PM (#22669678) Homepage
        It doesn't sound like this is a consumer-level activation, but a one-time, manufacturer-side process:

        Yeah, though it's still pretty silly.

        The outsourced manufacturing company wouldn't have the ability to activate them, so couldn't sell extras to the black market.

        Since the whole problem is that the outsourced manufacturing company has the layout (blueprint), then they certainly would be able to activate the chip by removing the "lock" circuitry from the layout and manufacturing chips which require no activation! It may be a non-trivial task to reverse-engineer which parts of the chip are responsible, but if the money is there it is certainly possible and would be worth it.

        In other words this lock would only exist on the legitimate parts, and wouldn't exist on the bootleg ones, and the bootleg chips would operate exactly like an "activated" legitimate part.

        I think it's kind of ironic that the acronym EPIC was also the acronym used to describe the Itanium's IA-64 instruction set (Explicitly Parallel Instruction Computing). Though I doubt this one will even make it out of academia.
        • I think it's kind of ironic that the acronym EPIC was also the acronym used to describe the Itanium's IA-64 instruction set (Explicitly Parallel Instruction Computing).

          And then there's the Faith No More song with that name, which succinctly describes the attitude of the manufacturers who would back this system, as well as the response from users opposed to it:

          "You want it all but you can't have it."
        • Re: (Score:2, Insightful)

          by Some_Llama ( 763766 )
          "In other words this lock would only exist on the legitimate parts, and wouldn't exist on the bootleg ones, and the bootleg chips would operate exactly like an "activated" legitimate part."

          in other words, like every existing anti piracy mechanism to date.
          • by Chris Burke ( 6130 ) on Thursday March 06, 2008 @06:17PM (#22670028) Homepage
            in other words, like every existing anti piracy mechanism to date.

            Yes, but it's actually even worse. Because with normal DRM, you're trying to keep the guy who is watching the DVD from being able to copy the DVD.

            But in this case, it's actually like you're trying to keep the guy who is making the DVD from being able to copy it. They don't even have to break your DRM or work around it, they just have to decide not to build it in.
      • I don't see how it would work. Those same manufacturers have need to test that the chips work every few minutes. There's no way to stop them from figuring it out when they have access to the prints and the manufacturing equipment!

        Realize that it's the LITTLE, high-profit customers (designers, hobbiests, etc) of the chips and their manufacturers that would suffer when they scrounge the supplier network for any available chip and need a special reader to use it you'll get blacklisted faster than you can blin
  • Hardware that locks up when it can't call the mothership? And I though Microsoft Genuine Advantage was bad!
    • by Reziac ( 43301 ) *
      What happens when some genius decides that commodity CPUs and chipsets need the same "protection" -- will every chip in a future PC need to Phone Home before the damn thing will run??

      (And people still wonder why I hoard old hardware...)

    • Hardware that locks up when it can't call the mothership? And I though Microsoft Genuine Advantage was bad!
      Oh, that's ok - there's a phone number on the site [mothership.co.nz]. Email form too!
  • Announcer:

    "The countdown is at 10...9...8..."

    *technician rushes in*

    "Hold everything! We forgot to unlock the MMU processor!"

    "...and ignition!"
  • Chip Piracy, Eh? (Score:4, Interesting)

    by PC and Sony Fanboy ( 1248258 ) on Thursday March 06, 2008 @05:33PM (#22669456) Journal
    Wow, I havn't heard of chip piracy in a long time. Maybe it is because, like other forms of piracy, it isn't a big problem. I have problems with piracy when it involves safety equipment, and large purchases from reputable dealers ... but most of the time, you get what you pay for, and you're not being deceived, you're willingly purchasing counterfeit 'stuff'.

    Isn't it sad when people think of piracy in terms of music, when the REAL piracy problems (counterfeiting) are those which involve fake electrical/safety/baby equipment (or food)?
    • Re: (Score:3, Interesting)

      by Smidge204 ( 605297 )
      Even better, given the sophistication of some of these bootleggers - couldn't they just reverse engineer the blueprints and modify them to bypass the feature?

      The chips need to be activated at the manufacturer's level, not the consumer level. It does this by an internal random number generator. So... Take one genuine chip, find out what it's random number/activation key is, then modify your blueprints to produce the SAME ID number (bypass the RNG) and then activate all of them with the same key.

      This sounds n
      • Alternatively, produce the chips with the "combination lock" set to "open" to begin with and bypass activation altogether.

        That's undoubtedly the tack they will take, since the company that originated the design would notice a large number of identical IDs coming from one source. The thing they really want to do is make it so that the original company never knows they made the chip at all.
    • by Erpo ( 237853 )
      I think the best use of the word piracy is to describe what real pirates ("arr, matey") do. Calling copyright infringement counterfeiting implies that the people receiving the copies of the software/music/whatever else are unaware that the copies aren't authorized or would prefer authorized copies, which is almost never true in my experience. I have friends who buy retail games and then download ripped versions just so they don't have to deal with CD keys and having the disc in the drive.

      I wish I still had
    • by Hatta ( 162192 )
      Isn't it sad when people think of piracy in terms of music, when the REAL piracy problems (counterfeiting) are those which involve fake electrical/safety/baby equipment (or food)?

      Or medicine [plosjournals.org].
      • by Thaelon ( 250687 )
        Oh you mean "patented" medicines? Where they patented the process to make the drug because the government wouldn't grant a monopoly on a chemical?

        Even though those clone (counterfeit is misleading) medicines contain identical chemicals and work identically well?

        Pharmaceutical companies are the biggest scum of the earth. If jacking the price on a medication that people need to live isn't profiteering I don't know what is. Why governments continue to allow this boggles my mind. Actually Brazilian governme
    • Re:Chip Piracy, Eh? (Score:4, Informative)

      by mabhatter654 ( 561290 ) on Thursday March 06, 2008 @06:17PM (#22670032)
      It's bad in China. They like to pass the prints from the "premium" contractor in Taiwan, to somebody cheap on-shore that will knock them off to Southeast Asia markets. Probably half the stuff on the streets of Hong Kong or Seoul is counterfeit made from the actual prints, but at unauthorized manufactures. It's a problem when that gets back to the USA and the equipment builder is held up for liability for a product they didn't make because the parts get into their installed systems as "spares" for cheap.
      • Re: (Score:3, Interesting)

        by asuffield ( 111848 )

        It's bad in China. They like to pass the prints from the "premium" contractor in Taiwan, to somebody cheap on-shore that will knock them off to Southeast Asia markets. Probably half the stuff on the streets of Hong Kong or Seoul is counterfeit made from the actual prints, but at unauthorized manufactures.

        And the vast majority of it is every bit as good as the original, because it's made in the same plants by the same people who do all the other outsourced manufacturing. There is never any particular evidenc

  • Not a good idea (Score:5, Insightful)

    by mlts ( 1038732 ) * on Thursday March 06, 2008 @05:35PM (#22669478)
    In a number of countries that this chip is aimed for, what will happen is that some knockoff fab will disassemble the chip, figure out the masks, and just make and sell the same IC minus the locking circuitry.

    This type of locking mechanism also brings up other points. Once the IC is "unlocked", is it unlocked for good, or just for a time period? Could some criminal organization figure out the method of re-locking it, then lock the machines who belong to the patent holder's customers? This would result in some decent havoc especially in embedded circuitry (HVAC systems, railroad switches.)

    The article seems to be lacking substance as well.
    • Not to mention that if the manufacturer goes out of business, all the equipment stops working.

      As if anyone would take -that- risk...
      • Not to mention that if the manufacturer goes out of business, all the equipment stops working. As if anyone would take -that- risk...

        Yet I see people with DRM-ed music bought from online stores such as iTunes that could go out of business and then the songs won't be able to be redownloaded. I see even more people (including me) who buy virtual games on current generation consoles such as the Wii/360/PS3 that if your HD goes bad or you run out of room (in the case of the Wii its rather easy to) Your stuck and can't get your data if the console gets retired or Nintendo/MS/Sony goes out of business. So yes, I can see people taking that

      • What they're talking about would be at the microcode level. Almost all interesting chips are programmed these days. Intel and AMD program in serial numbers and set memory speeds permanently long before Dell sees the chips to flash for the BIOS. This step would be performed by the Patent holder themselves before they sell them to customers, so only they would have the equipment. This assumes you can make the parts fully testable without the key so manufacturing can't figure it out. The chip going to the a
    • Let me see. US Company A outsources production of chips to fab shop in China. Fab shop in China produces chips for US Company A and a couple hundred thousand for themselves. I'm pretty sure any "counterfeiting" being done in any substantially large quantity is done like this making them identical to the real McCoy thus rendering the locking feature inert. So this is basically a solution looking for a problem.
      • Supposedly, the China Fab reports to the Company A how many chip they built, along with some unique identifier for the chips. When Company B buys chips from Company A, Company A will unlock the Chip (or send them the code to unlock the chip). If well designed, the code is unique per chip.

        As such if China Fab keep 10000 extra unit without reporting it to Company A, they wont be able to unlock them.

        Of course they could always modify the process to remove the locking mechanism or to produce 10000 chips with th
      • by glwtta ( 532858 )
        I'm pretty sure any "counterfeiting" being done in any substantially large quantity is done like this making them identical to the real McCoy thus rendering the locking feature inert.

        Well, yeah, if I'm understanding this correctly, that's the idea here - they want Company A to be the only ones who can unlock the chips, so the extra ones would be useless to the Chinese fab (and anyone they sell them to).

        Still unlikely to work, but the scenario you describe is exactly what they are targeting.
    • Re: (Score:3, Funny)

      by Frosty Piss ( 770223 )

      Could some criminal organization figure out the method of re-locking it?
      Which government agency are you thinking of specifically?
    • by AP2k ( 991160 )
      I also thought immediately of this. They dont even have to disassemble it. The article implies the main way that knockoff fabs get their plans are by blueprints. So chip manufacturers are going to produce chips that have DRM because they cant keep their blueprint designs safe. Makes a hell of a lot of sense....

      If a knockoff gets the blueprints, its fairly trivial to figure out where the DRM stuff is located and they can modify their fab process so that it doesnt include them.
    • by jd ( 1658 )
      Why would a pirate bother with such complicated methods? The lock must be added, which means it'll be stored as a template in a standard format somewhere - possibly VHDL, SystemC or Verilog.

      Thief #1 is ubersmart and simply backdoors the template so he can unlock the chip himself, even though it appears locked to the company.

      Thief #2 is reasonably smart. Mask inspections will be against what the computer says the mask should be, not what the high-level description says it should be. Provided testing is s

  • by FlyByPC ( 841016 ) on Thursday March 06, 2008 @05:36PM (#22669498) Homepage
    ...wouldn't it be pretty straightforward to replace the hardware circuit that does

    if(bignastyDRM(uniqueDRMkey)==TRUE){}

    with

    if(TRUE){}

    ...?

    Yes, I know circuits are usually either designed with a capture program or modeled in VRML/Verilog -- but the logic still holds. Find out what part of the circuit locks the functionality -- and replace it with a wire to Vcc.

    (Unless, of course, they will require the chip to communicate with the mothership every time it has to blow its little digital nose etc...)
  • Giving new meaning to your CPU locking up.
  • by themushroom ( 197365 ) on Thursday March 06, 2008 @05:37PM (#22669516) Homepage
    But my pirated copy of Windows only works on my pirated CPU chip!

    Okay, show of hands, who has a pirated processor? Anyone? Anyone? Buehler? Is this really a huge problem? Doesn't it cost more to produce a pirate CPU than the potential profits from selling it? Methinks the issue is overstated, either that or the chip industry should contact the RIAA & MPAA's media moguls about an advertising deal (which is the same thing, overstatement but loud).
  • by smellsofbikes ( 890263 ) on Thursday March 06, 2008 @05:39PM (#22669536) Journal
    If I read the original article correctly:
    If someone gets the chip design and is copying it to be built in another fab, it'd be possible (difficult, but much less difficult than a complete chip redesign or re-engineering) to remove this part of the chip (and increase the profit margin, since A: no investment on research and B: more die per unit silicon.)

    What this is going to affect is people who run a fab making legitimate parts, but also run the same parts from the same masks but keep them off the books and sell them independently of the company that owns the design -- OEM ripoffs.
    • What this is going to affect is people who run a fab making legitimate parts, but also run the same parts from the same masks but keep them off the books and sell them independently of the company that owns the design -- OEM ripoffs.


      So for instance all those "third shift" stories about Factories in China?
  • Oblig. (Score:3, Funny)

    by Bobb Sledd ( 307434 ) on Thursday March 06, 2008 @05:40PM (#22669560) Homepage
    Dark Helmet: "So the combination is one, two, three, four, five? That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!"
    ...
    President Skroob: "1 2 3 4 5? That's amazing! I've got the same combination on my luggage!"
  • by fallen1 ( 230220 ) on Thursday March 06, 2008 @05:40PM (#22669564) Homepage
    very, very foul [cdt.org] and disturbing. Oh, yeah, P3 chips with unique Processor Serial Numbers. I realize that the goal of this project is not the same as the Intel PSNs, but it still strikes me as a way to get unique IDs into each CPU and end anonymity on the net -- what there is that remains of anonymity. Not to mention the complete foul-ups when some enterprising "hacker" figures out how to remotely lock CPUs or other chips that have been unlocked.

    While it sounds promising, it still raises the little hairs on the back of my neck. Danger Will Robinson, danger!

  • The second (Score:2, Insightful)

    by BigJClark ( 1226554 )

    Perhaps its unlocked once and good to go. I don't think its the consumer that is guilty of pirated chips, but computer companies that purchase elicit copied chips cheaper than from the OEM. This shouldn't affect us that much, besides a perceived increase in quality.

    Nothing to see here, move along.
  • Holy crap (Score:3, Funny)

    by Bobfrankly1 ( 1043848 ) on Thursday March 06, 2008 @05:40PM (#22669572)
    I guess this means I'll have to buy genuine Ruffles and Doritos from now on!
    --
    How many mod points will this bad pun cost me?
  • Just exactly why would the end user want what is essentally hardware DRM? With "pirated" chips the customer had paid for the chip while when you "pirate" music you usally get it for free. With these "pirated" chips you think you actually have a legit product (and really, if it works and is cheap who cares) that is unlike "pirating" music where most people know that its not 100% legal.
  • I understand that the Galactic Empire ordered a batch of this technology in order to protect against stolen blueprints.
  • I don't get it (Score:5, Interesting)

    by Deathlizard ( 115856 ) on Thursday March 06, 2008 @05:48PM (#22669662) Homepage Journal
    If fabless companies are so worried about overseas manufacturing, then why not use a fab that is inside the country your company resides in? That way, you can sue the living hell out of them when they do sell / steal your plans.

    I would think that building the Chips in the US or Europe where the fabs are more reputable would be a better cost effective solution than sending it to an orient fab and watch it pump out pirate chips left and right, or relying on some sort of activation scheme that these pirate hardware companies would most likely reverse engineer out of them anyway.
    • Ya, seems odd to me especially since a number of highly successful companies, like Intel for example, do just that. Intel's fabs aren't all in one place, and aren't all in the US, but they are all in developed countries. Most are in various places in the US (the newest is in Chandler Arizona) but there's one in Ireland and one in Israel.

      It's pretty clear it is working for them and they can make money doing it, as they are doing well and like I said, their very newest fab is in Arizona.
  • If I am copying the chip, I'll just remove those stupid extra "locks" during the manufacturing process. Just remove them from my pirated copy before I make the chip. Seems like a dumb idea.
    • I know this is /. but I took the time to find the actual paper [umich.edu], they cover the typical attacks on the security mechanism quite thoroughly. Apparently its very difficult to scan a mask, especially at the small scales the industry deals in today - they suggest it would be cheaper to simply design the chip yourself.

      (Off-topic: the anti-spam mechanism atm gives an interesting result for my email address..."'poo' in gap" oO)
      • by yakovlev ( 210738 ) on Thursday March 06, 2008 @07:25PM (#22670772) Homepage
        I read the paper (thanks for the link.) I wouldn't say they cover this thoroughly. In fact, I'd argue that they handwaved this, even though it is the most likely and most important attack vector.

        They argue that modifying masks is a problem, which may be true. However, there are several stages of design data before the masks, and I would expect that a corporate-level pirate could have access to something early enough in the process that it could be modified by someone skilled in the art. Design data is probably transfered to the FAB as a flattened layout, with no circuit/design hierarchy. However, it should be possible for someone who knows the chip interfaces related to this unlocking mechanism to work backwards from them and find where to tie things off to make the chip work. The labor cost would probably be pretty low compared to the cost of prepping a second mask to manufacture the modified chips.
        • by LarsG ( 31008 ) on Friday March 07, 2008 @12:34AM (#22672628) Journal
          However, it should be possible for someone who knows the chip interfaces related to this unlocking mechanism to work backwards from them and find where to tie things off to make the chip work.

          From my quick glance a the paper it looks like they scatter a bunch of XOR gates around the chip in non-fastpath areas. Chip won't work correctly unless those gates are set correctly. Those settings are transmitted to the chip using some sort of pki.

          Even if you identify all the XOR gates, you'd have to brute-force test all combinations. 2^64 can get expensive really fast, especially if you only have access to the masks and have to manufacture test-chips instead of running the brute-force in a software simulation.

  • Ending Piracy of Integrated Circuits (Epic)
    So when the server goes down locks up everyone's computers, I guess we can refer to it as epic fail [icanhascheezburger.com].
  • by The Ancients ( 626689 ) on Thursday March 06, 2008 @05:48PM (#22669676) Homepage
    ...will be cost. A 'few extra circuits' may not sound like much, but with chip manufacturers engaged in a protracted price war, every cent counts - especially when multiplied by the chip numbers we are talking here.
  • by CompMD ( 522020 ) on Thursday March 06, 2008 @05:51PM (#22669712)
    Wrong crypto key?

    EPIC FAIL.
  • by ewhac ( 5844 ) on Thursday March 06, 2008 @05:52PM (#22669722) Homepage Journal
    Although the article doesn't expressly say so, I'm guessing chip "activation" occurs at the factory long before it's put in a tube and shipped to an OEM. So end-users will (probably) never see this.

    As I see it, this has two major problems with it. The first, of course, is that copy protection in any form is childish, stupid, and ultimately ineffective.

    The second is a bit more down to earth -- this will become the bottleneck on the manufacturing line. Chips are manufactured in the millions, with hundreds of thousands falling off the line each day. These nimrods propose to authenticate every last one of them, using computationally non-trivial crypto, uniquely before they roll off the line.

    Let's generously assume it takes one second to authenticate and activate a chip (not, that's not a ridiculously long time -- between crypto compute time and network latency to the Pacific Rim, this is entirely realistic). This means you can activate a maximum of 86400 chips per day. Maybe you can parallelize the process, and maybe you can't (depends on whether the people who wrote the authentication server were idiots or not). And if your OC-3 to the Internet gets a backhoe through it, "accidentally" or otherwise, all production in your facility stops dead. Wonderful idea.

    This stunning idea also seems to assume only one patent holder will be interested in a given chip. The most cursory inspection of even a "simple" memory chip will reveal several patent holders, all of whom will doubtless insist on "activation" which, again, may or may not be parallelizeable.

    Like all copy protection "solutions" presented throughout history, this is a really, really stupid idea. I can't think of any fab that would willingly sign on to this.

    Schwab

    • Re: (Score:2, Funny)

      by KublaiKhan ( 522918 )
      I can think of a way to make an obscene profit off of it: negotiate to be paid by the hour rather than by the unit. The longer it takes to authenticate a chip, the better. ;-P
  • by Skirwan ( 244615 ) <skerwin&mac,com> on Thursday March 06, 2008 @05:55PM (#22669766) Homepage
    There was a time when half the USB flash media readers on the market were based on the same pirated designs -- at least according to hardware folks I used to work with who'd be in a better position to know than I am (or, most likely, you are). I'm fairly sure this is a bigger problem than many people realize.
  • the two things that come to mind first are that it could be abused by large nameless (software, music, or movie,,,) companies that want to add "features' based on this technology.

    and second that the authors of various types of malware will find a way to exploit this and use it.
    anything that can be turned on can be turned off.

    one day your IT department gets an email saying that they will kill all your computers if you don't pay X dollars.
  • -Tries to tackle industrial piracy through technology - Check
    -Strong financial incentive to break the scheme exists - Check
    -Can be broken or crippled in a number of ways - Check
    -Attempts to address a problem involving dozens of manufacturers, hundreds of factories, producing billions of microchips which get integrated into everything from toasters to cellphones, planes, and oil rigs - Check
    -Scheme conveniently relies on the Internet for authentication- Check
    -And, last but not least: features cheesy acronym
  • The research paper (Score:2, Informative)

    by cowpiboy ( 1252086 )
    The research paper describing EPIC http://www.eecs.umich.edu/~imarkov/pubs/conf/date08-epic.pdf [umich.edu] will be presented next week in Munich http://date-conference.com/ [date-conference.com]
    • by owlstead ( 636356 ) on Thursday March 06, 2008 @07:16PM (#22670654)
      Interesting paper:
      - relies on the fact that *any* changes in the blueprint would be prohibitively expensive, could be, but just replacing components by pathways does not *sound* very expensive to me
      - RSA key pair generation on chip: bad idea, RSA key pair generation can take a lot of time (ECC key pair generation could be used as a replacement), needs PRNG
      - PRNG on chip might prove expensive (where does it get its entropy???)
      - no mention of X509 or any other PKI scheme, lets hope they are smart enough to see that they need some form of key management scheme
      - cost of maintaining a PKI (public key infrastructure) might be rather expensive, especially if both parties are new to the game

      Overall, interesting idea, but I'm not so sure anyone would want this. Lots of hassle for the buyer without any benefits to him, this makes it 1) expensive, thus a less favourable solution to others without this scheme 2) more likely that they will screw up the PKI system that is needed for this to work.

      Well, they called it EPIC, and we all know that it may take some time before EPIC products come out (e.g. this one [3drealms.com] :)
  • So this would thwart reverse engineering, but not thwart piracy. Pirates are quite advanced. They were capable of slicing the chips thinly enough to examine them layer-by-layers years ago. Of course, once reverse engineering is thwarted, the piracy will become more profitable and proliferate. Well, good luck with that patent, guys.
  • I don't get it. I would assume anybody with the sophistication to actually manufacture such a chip would be able to just remove the locking mechanism from the design, no? Or is it so fundamentally integrated into the design that you'd have to totally redesign the chip to make it work after being removed? The article seems really light on details, but I just don't see how this would work. Then again, it's certainly not an area I have any expertise in.
  • by Fallen Kell ( 165468 ) on Thursday March 06, 2008 @06:48PM (#22670352)
    I mean, these guys are good enough to steal the design and have the knowledge to manufacture the device. What prevents them from modifying the IC to remove the lock? I mean, they are the ones actually making it. I am sure they have someone smart enough to be able to find the "added" authentication portion in the design docs, since the design docs probably have it named exactly what it is (i.e. the Epic lock circuit)....

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...