Xylinx FPGA Bitstream Cracked
wjsteele
Posts: 697
This is exactly why I don't bother with encryption or security in my devices. No matter how much work you put in securing your content, someone somewhere will want to crack it... and eventually will.
http://it.slashdot.org/story/11/07/21/1753217/FPGA-Bitstream-Security-Broken
Encryption is just a complex example of security through obscurity, which only slows down a determined mind... it doesn't actually stop them.
Bill
http://it.slashdot.org/story/11/07/21/1753217/FPGA-Bitstream-Security-Broken
Encryption is just a complex example of security through obscurity, which only slows down a determined mind... it doesn't actually stop them.
Bill
Comments
IMO, it's all about managing the risks. I don't care about the guy disolving chips in acid to probe them with electron beams to get my secrets. I['m more concerned about the guy that's able to copy all of my code 60 seconds after downloading .Net Reflector. There's a handful of the first guy out there, and millions of the second.
Wouldn't it just make the device more efficient to abandon it altogether?
It's still not that easy... you still have to have skills, for example, to read the code off the eeprom. Besides, copyright law exists for a reason, so there is legal recourse.
Bill
Oh sure... encryption is very processes intensive task.
Bill
No it is not, more below...
Perhaps true given the number of cipher systems that have been cracked in the past:)
In the cryptographic world "security through obscurity" as a rather specific meaning.
Let's start with Kerckhoffs' principle form 1800 and something which states: "A cryptosystem should be secure even if everything about the system, except the key, is public knowledge."
Later we get Claud Shannon saying "The enemy knows the system."
In the modern world such systems, that rely on have their operation hidden from attackers, are described by the derogative term "security through obscurity".
What about these FPGA's though? And many other such systems like DRM encumbered games consoles and locked mobile phones.
Well guess what, you have just given the keys to the enemy, sorry I mean your valued customers. The keys are by necessity in the device and the devices is in the enemies hands. Game over eventually.
I understand your comment, however, I disagree with the pretext that obscurity isn't the key.
Interestingly enough, in the same article you refer to, is my exact point, "However, it can be argued that a sufficiently well-implemented system based on security through obscurity simply becomes another variant on a key-based scheme, with the obscure details of the system acting as the secret key value."
:-) It seems, we're both right. (http://en.wikipedia.org/wiki/Security_through_obscurity)
Bill
Yes, sometimes I agree with that point of view as well.
I get the feeling that traditionally crypto gurus viewed the problem in terms of friends and foes. You want to get information to your friends. You don't want your enemies to understand those messages.
An extreme case of "security by obscurity" would be if I built some mechanism or algorithm that had no keys at all. It just scrambled and de-scrambled the data in some complicated way. I give you a copy of my mechanism/algorithm and we can now communicate using it happy that the enemy cannot decipher our messages.
This has a major problems:
What if some enemy gets hold of your mechanism and copies it? Now he can read everything we say. To repair that situation I have to devise a new, different, mechanism.
If I get a new friend I want to communicate with I have to give him a copy of the mechanism as well. But what if I want some messages to between us to be secret from the new friend? Damn, now I have to devise a whole new mechanism for my new friend.
OK, to make life simple the system evolves into a mechanism, which is always the same, plus some configuration, the key, that can be different for each communicating pair. I arrange that all my friends have the same mechanism but different keys. If a snooper gets hold of one of those mechanisms who cares, as long as he does not have a key. If a key gets compromised we change the key we are using. Or we change it regularly anyway just to be sure.
But here is the problem with FPGA vendors and DRM restricted device manufacturers. They have "friends" that is the customers who use their products. And they have "enemies", the guys who want to clone the products or hack into them for other undesirable reasons. Well, the "friends" and the "enemies" are indistinguishable. Not only that they all have the device and necessarily the keys are in the device.
My conclusion is that ultimately this whole idea is is doomed to failure eventually.
OTOH if your company has a hot product using Virtex FPGA's selling internationally, you're gonna be a target of some very good hackers who not only have the resources to crack protection but to reverse engineer the product.. Witness the rampant IP theft in China where even fake Apple stores are sprouting up like so many mushrooms.