( ESNUG 331 Item 5 ) --------------------------------------------- [10/7/99]

Subject: ( ESNUG 329 #9 )  IP Encryption Doesn't Need To Be Bullet Proof

> Encryption packages operate on the priciple that *both* the sender and
> the receiver of the encrypted data actually want to keep it secret.
> Otherwise, you don't need the encryption in the first place.
>
>     - Matt Christiano, CEO
>       GLOBEtrotter Software                          San Jose, CA


From: Gil H Herbeck <gilherbeck@home.com>

Hi John,

I have to chime in on the IP protection topic.

Any model that involves decrypting the file to disk is kind of flawed.  In
most real design environments there will only be a few people who view that
the file was someone's IP.  Maybe a design manager, a CAD manager, or a
system administrator that were actually involved with the keys and the
decryption process.  The designers themselves will be too busy with their
designs to be worrying about what files they shouldn't read.  And once they
study the contents and "learn" what's there, the damage is done.  I'm not
talking about intentional theft.  You just shouldn't leave files on disk if
you don't want people to read them.

As an IP provider I would be interested in licensing also.  Module Compiler
combines licensing and encryption.  This model makes sense to me.  The file
is only decrypted in memory, and only if a valid license is available.  MC
uses a proprietary scheme, but an open encryption scheme could be used.

Here are the basic ideas for a model that I think could work:

  1. The "applications" decrypt - simulators, synthesizers, etc.
  2. Decryption is done into memory only.
  3. IP providers issue licenses to their customers (like EDA providers).
  4. The license also has the decryption key built in.
  5. The end user has to supply the license name for an encrypted file
     to the application.
  6. The application then checks out the license.
  7. The license server provides the decryption key to the application.

You could jazz it up with multiple keys, and different encrypted files per
customer, etc....  But I think I've described the basic idea.

This model is as secure as the weakest link.  The encryption mechanism, or
the licensing mechanism.  The idea is to keep honest people honest, and try
to make it hard for the casual criminal.  I would be more concerned about
an honest engineer "finding" my design work on his/her network and reading
it because it's there.

    - Gil Herbeck, an ex-MC CAE
      Radix20 Design Services                     Livermore, CA
 Sign up for the DeepChip newsletter.
Email
 Read what EDA tool users really think.


Feedback About Wiretaps ESNUGs SIGN UP! Downloads Trip Reports Advertise
"Relax. This is a discussion. Anything said here is just one engineer's opinion. Email in your dissenting letter and it'll be published, too."
This Web Site Is Modified Every 2-3 Days
Copyright 1991-2024 John Cooley.  All Rights Reserved.
| Contact John Cooley | Webmaster | Legal | Feedback Form | 

   !!!     "It's not a BUG,
  /o o\  /  it's a FEATURE!"
 (  >  )
  \ - / 
  _] [_     (jcooley 1991)