By Charles Ng
Vice President Worldwide Sales
Kilopass
Picking the right non-volatile memory
to implement digital content protection could mean the difference between
a successful, profitable product and one that stays on the shelves or
has the potential for significant liabilities.
What is needed to support DCP for consumer
equipment is a physically secure, inexpensive to implement, field-programmable
NVM technology that resides inside the SoC.
Two aspects of IP protection increasingly important to many consumer
applications are hardware security protections for third party IP and
protection of the design IP of the SoC itself. The high costs
of media content development whether in the form of movies, video programming,
music, or video games drives the need for increased hardware security
in order to assure profitability within these industries and reduce
losses due to the global problem of copyright piracy. Likewise,
increasing global competition within the technology sector makes protecting
a company's design IP both more complex and a higher priority.
Increasingly, companies are looking toward technology based security
solutions rather than legal ones.
Crypto Key Storage
Security keys such as HDCP (High bandwidth
Digital Content Protection) are needed for protecting the entertainment
IP of the A/V streams that multimedia devices send and receive. Just
like a secret that becomes harder to keep as more people share it, digital
content becomes harder to protect as more devices for sending and receiving
this content become available. Digital Content Protection (DCP) has
become a critical issue in the development of any equipment involved
in the transfer or playback of music and movies, including HDTVs, set-top
boxes, DVD players, iPod-like personal entertainment players, and even
your cell phone and PC. Of course, as with most consumer devices, the
cost of adding an acceptable level of DCP must be low and the protection
inviolate. Among available protection mechanisms, secure storage of
an encryption key is critical to prevent illegal copying.
The most common way to make sure digital content is received by only
authorized equipment is by using encryption and decryption keys, where
the correct key values are known only by authorized devices. An example
of a system which uses encryption for DCP is Intel's HDCP protocol,
which is commonly employed with the HDMI (High-Definition Multimedia
Interface) interface for sending and receiving high-definition video
and audio streams.
The HDCP protocol employs three processes for DCP: an authentication
process that only allows authorized devices to receive high-definition
content; encrypting the content sent over the HDMI interface to prevent
eavesdropping or "man in the middle" attacks on content; and
procedures to revoke keys for equipment that is no longer licensed to
receive HDCP content, blocking that equipment from receiving the content.
HDCP-compliant and HDMI-enabled equipment use non-volatile memory technology
for storing the forty 56-bit keys and the Key Selection Vector (KSV)
that HDCP requires and/or for storing proprietary boot code associated
with these keys. A compromised device has its KSV placed on a revocation
list, signed with a digital signature to prevent unauthorized users
from revoking legitimate devices.
ThreePrimary Permanent Memory Technologies
There are several available embedded
technologies that, at first glance, would seem to be viable for content
protection in applications such as those that support the HDCP protocol.
However, due to a variety of requirements beyond just those involving
cost and security, the choices for the consumer marketplace are limited
primarily to three non-volatile memory technologies:
Electric Fuse
Floating Gate
Antifuse
The DCP requirements for its chosen
technology include low incremental cost, secure storage of the cryptographic
keys, compatibility with standard logic CMOS, and field programmability.
Secure key storage means a NVM storage technology that does not give
away its contents through typical passive and invasive attacks including
magnification, voltage-contrast and magnetic scan, and device de-processing.
Compromising the encryption keys is akin to distributing pirate copies
of movies or music on DVDs and CDs. In addition, the NVM must be field-programmable,
since key values are not known and thus cannot be assigned to equipment
until well after the silicon has been processed and packaged - each
DCP-enabled chip has its own set of key values. Field-programmability
means that ROM, which is cheap and secure, cannot be used for key storage.
Electric Fuse Technology. Embeddable electric fuses (e-fuses),
metal and polysilicon, can store both security keys and IDs. However,
both types of e-fuse are low-density technologies that are typically
not capable of storing more than 1K-bits and are programmed in the factory
at the wafer level. These limitations do not meet the requirements
for HDCP key storage, since the device keys and KSV are more than 4K-bits
and are not known until the fabricated chips are embedded in the receiver.
In addition, the KSV and keys may need to be field-updated if the keys
are compromised. Another e-fuse disadvantage is that it is not physically
secure -- it can be easily reverse engineered by high-magnification
visual inspection of the silicon, which compromises key security.
Floating Gate Technologies. Embedded floating gate technologies
are also a possibility, since they are easy to program. However, technologies
such as EEPROM or Flash raise security questions, since floating gate
memory programming can be easily read by voltage contrast or other scanning
techniques. These technologies are also more expensive to implement,
adding die area and/or additional masks and programming steps to the
SoC which can raise its cost by as much as 50%.
CMOS Logic Antifuse Technology. What is needed to support
DCP for consumer equipment is a highly secure, inexpensive to implement
and manufacture, and field-programmable NVM technology that resides
inside the SoC device. A reconfigurable technology is not required provided
that the OTP (one-time programmable) technology is a high density, low-cost
technology in standard logic CMOS. For a Limited-MTP (multi-time programmable)
application, such as HDCP key storage, an OTP memory technology that
provides physical layer security is more ideal. The trick is to include
one or more uncommitted sectors in the OTP memory along with the sectors
storing the security keys. To upgrade the security keys or KSV, the
updated key is programmed into an unused memory sector and the link
table pointer is updated to point to the updated key location. In this
fashion, the memory, which is OTP on an individual cell basis, emulates
field updatable MTP functionality at the system level - ideal for
HDCP applications.
Physical Layer Security
An aspect of utilizing Kilopass'
embedded non-volatile memory technology based on the unique invention
of a standard logic CMOS antifuse is that this innovative NVM technology
is physically secure (see Figure 1 below).
Figure 1. Magnified
Views of Kilopass XPM (Extra Permanent Memory)
The widespread availability of a antifuse-based
Logic NVM technology that provides physical layer security for information
programmed inside it is without precedent. The SoC architect protects
against bit stream intercepts with a single chip (embedded) NVM solution.
Additionally, security key information stored within the XPM memory
is protected from traditional reverse-engineering attacks. This
is demonstrated in Figure 1 with three physical views of a memory with
"1"s programmed in a checkerboard pattern. The state of the
bit cell is not physically evident even under extreme magnification
and/or FIB voltage contrast scanning. Since there is no stored
charge, even side channel attacks are in-effective.
Summary
When choosing an embedded non-volatile
memory solution for your next project, remember that the underlying
permanent memory technology can make the difference between one that
is secure and one that is quickly and cheaply reverse-engineered.
With liquidated damage penalties for HDCP ranging up to $8 million for
each incidence, picking the right NVM solution is even more important.
Charles Ng is the vice-president
of worldwide sales at Kilopass.
Mr. Ng has more than 22 years of experience in the semiconductor industry.
Prior to joining Kilopass, he held senior management and executive-level
positions with Cadence Design Systems, Inc., Compass Design Automation,
and VLSI Technology Inc. Mr. Ng was the key contributor in establishing
and expanding the business for these companies in North America, Japan,
and Asia Pacific. He graduated from California Institute of Technology
with a Master degree in Computer Science and a Bachelor's Degree in
Computer Engineering, and he also holds a Master of Business Administration
degree from University of California at Berkeley.
