Z. L. XIONG ET AL.
Copyright © 2013 SciRes. CN
specified hardware. They assume that the information in
the specified hardware can’t be got by the pirate. But the
pirates often get the information when they pretend to be
the manufacturer.
Our aim is to prevent the manufacturer from producing
embedded products stealthily. In other words, if the de-
signer wants to produce one million products, we should
insure that the production quantity of the manufacturer
will be not more than one million. To achieve it, the an-
ti-piracy embedded products should have some special se-
curity features. Now let’s formulate these security features.
3. The Security Features of Anti-Piracy
Embedded Product
Some terms are defined as follows:
E (The abbreviation of “embedded products”) is the
collection of embedded products.
H (The abbreviation of “hardware”) is the collection of
the embedded hardware. We use the hardware identifier
to represent it, for example we always use the serial
number of the CPU to represent hardware.
S (The abbreviation of “software code”) is the collec-
tion of the embedded software. We use the software
identifier to represent it, for example we often use the
consumer data to represent the embedded software.
e is an element of colle c tion E.
h, g is an element of collection H.
s is an element of collec tion S.
We assume that e is the design information of embed-
ded products. Because embedded products are composed
of hard ware and so ftware. We can represent e as
,
namely ,e hs
. Then the design house sends it to
manufacturer for production.
The properties of the anti-piracy embedded products
are as follows:
Firstl y they can’t be d uplic ated by the manufac turer.
Namely e is unable to be duplicated.
, and s is able to be duplicated, so h can’t
be duplicated by the manufacturer.
Of course, h
must be unique.
What’s more, the embedded software should have
the non-portability.
Namely, if
,
(,hg H∈), tha t mea ns ther e
is function relatio n bet ween h and g.
Of course s
must be unique.
By analysis above, the security features of anti-piracy
embedded product can be summarized as follows:
h is unique and immutable. And it can’t be dupli-
cated or modified.
s is uniq ue.
If we represent the above function relation as f,
we can get the function equation:
h fs=. We call it
“the blinding function equation”. In practice, the
manufacturer is easy to get the hardware information.
It would be best to design the blinding function
as an irreversible function, so that the manufacturer
can’t conclude the information of s from h on the bas e
of the blinding function f.
Firstly, I will introduce the immutability of h. Many
desig ner s use OT P o r security chip to record the software
information. In such a way, users can’t modify the in-
formation. So, they can’t transplant the software. How-
ever, the manufacturers have the access to that informa-
tion. What’s more, the money people spend on getting
the information can be neglected, compared with the
benefit people can get from the piracy. So this method is
invalid. T he immutability means that if the manufac tures
rewrite the infor mation, it will p ay a huge price. And the
price is much higher than the value of embedded prod-
ucts.
Secondly, h should be unique, which means that dif-
ferent products can’t have the same hardware identifier.
For example, each processor has its unique identifier.
Thirdly, s should be unique, which means that differ-
ent products can’t have the same software identifier.
Though the main software code is always the same, we
can add some unique consumer data to make sure that no
two software code can be the same.
Finally, f would better be irreversible. The SHA can be
a good choice. Tho ugh this req uireme nt is not nece ssar y,
we believe that it can improve the securit y of the pro duct.
For example: if embedded product is Set Top Box, the
serial number of the CPU could be h. It is unique and
immutability. And the manufacturer can’t duplicate or
modify it. The consumer data could be s. And we can
design the SHA as the blinding function f.
4. The Anti-Piracy Measure Using
Encryption of Embedded Products May
Mitigate the Security Strength
So, by analysis, the manufacturer is unable to duplicate
or modify the hardware identifier h. Consequently, they
can’t copy embedded products simply. In order to pirate,
they have to transplant the embedded software. The key
to transplant the embedded software is to break the rela-
tion between h and s. In other worlds, their main object
of attack is bli nding functio n f and the software identifier
s. So our main protected targets are s and f. If we design
the blinding function f as the one-way hash function, the
integrality o f f will be more important than the confiden-
tiality of f. Because, e ven if the pirate knows the blinding
function f, he can’t derive s from h, the o nl y way for him
to transplant the embedded software successfully is to
modify f.
It is commonly observed that encryption techniques
are preferred and regarded as top choice. It is the best
choice for the confidentiality and the encryption tech-
nology such as digital si gnature is used to guard the inte -