Communications and Network, 2013, 5, 430-433 Published Online September 2013 (
Copyright © 2013 SciRes. CN
The Anti-Piracy Measure Using Encryption of Embedded
Products May Mitigate the Security Strength
Zhilong Xiong, Rui Zhang, Xin Zhan, Zhenglin Liu
School of Optical and Electronic, Huazhong University of Science and Technology, Wuhan, China
Received June 2013
In this paper, firstly we describe the piracy problem of embedded products. Then we formulate the security features of
anti-piracy embedded products. Finally we prove that the anti-piracy measure using encryption of embedded products
may mitigate t he security str ength.
Keywords: Embedded Products; Anti-Piracy; Encryption; Security Strength; Copyright
1. Introduction
There are a vast number of embedded devices in a wire-
less network, such as wireless routers, handheld termin-
als and access points. In the fierce competition of the
communications and consuming electronics market, there
is a real-world problem: A design house takes several
years to design an embedded product. Then they send the
design information to a manufacturer, they find that the
manufacturer produces their embedded products stealthily.
In view of this situation, many design houses have pro-
vided their anti-piracy schemes. Even so, the problem of
piracy is serious. The reason for this issue is that they
don’t realize the security features for the anti-pi rac y em-
bedded products and often misuse the encryption tech-
nology against piracy.
2. Describ e the Embedded Product Piracy
The situation is always like this: The pirate pretends to
be a consumer and buy an embedded product. After that
he can analyze the embedded product and get some de-
sign information about it. Then he produces the pirated
products on large scale based on the design information.
Finally, the manufacturer will be responsible for produc-
tion. And fro m the Figure 1, we know that the manufac-
turer can easily take the design information rather than
Figure 1. Embedded products from design to production
and to sale.
the consumer. So, by analysis, it is evident that the key
problem between the designer and the manufacturer can
be represented in Figure 2:
Figure 2. Embedded products fr om design to production.
Obfuscation, Watermarking, and Tamper proofing for
Software Protection was introduced in [1]. “Code pack-
ing transforms a program into a packed program by com-
pressing or encrypting the original code and data into
packed data and associating it with a restoration ro utine”
in [4]. Security framework for embedded systems was
discussed, and then copyright protection model has been
proposed based on specific crypto memory IC in [3]. In
[5], some software protection solutions in embedded con-
dition, including the implementation schemes in pure soft-
ware witho ut any support from hard ware, and the higher
strength schemes bonding with specified hardware have
been introduced.
Surreptitious software, proposed by C. Collberg and J.
Nagra in [1], is a promising technology which can be
used as the anti-piracy measure of embedded products.
However the main goal of the surre ptitious software is to
protect the software which is running on the embedded
product, not the embedded product itself. Code packing
in [4] is effectively used to protect embedded software
against reverse engineering. But, if embedded software
has the portability, the pirate can simply bypass this se-
curity feature by transplanting embedded software. The
limitation in [3,5] is their security strength based on a
The design information
provided by the designer
to produce
Embedded products
manufactured by the
manufacturer To sellEmbedded products
bought by the consumer
The design information
provided by the designer
to produce
Embedded products
manufactured by the
*Corresponding author.
Copyright © 2013 SciRes. CN
specified hardware. They assume that the information in
the specified hardware can’t be got by the pirate. But the
pirates often get the information when they pretend to be
the manufacturer.
Our aim is to prevent the manufacturer from producing
embedded products stealthily. In other words, if the de-
signer wants to produce one million products, we should
insure that the production quantity of the manufacturer
will be not more than one million. To achieve it, the an-
ti-piracy embedded products should have some special se-
curity features. Now let’s formulate these security features.
3. The Security Features of Anti-Piracy
Embedded Product
Some terms are defined as follows:
E (The abbreviation of “embedded products”) is the
collection of embedded products.
H (The abbreviation of “hardware”) is the collection of
the embedded hardware. We use the hardware identifier
to represent it, for example we always use the serial
number of the CPU to represent hardware.
S (The abbreviation of “software code”) is the collec-
tion of the embedded software. We use the software
identifier to represent it, for example we often use the
consumer data to represent the embedded software.
e is an element of colle c tion E.
h, g is an element of collection H.
s is an element of collec tion S.
We assume that e is the design information of embed-
ded products. Because embedded products are composed
of hard ware and so ftware. We can represent e as
namely ,e hs
. Then the design house sends it to
manufacturer for production.
The properties of the anti-piracy embedded products
are as follows:
Firstl y they can’t be d uplic ated by the manufac turer.
Namely e is unable to be duplicated.
,e hs=<>
, and s is able to be duplicated, so h can’t
be duplicated by the manufacturer.
Of course, h
must be unique.
What’s more, the embedded software should have
the non-portability.
Namely, if
,,hs gs< >=<>
(,hg H), tha t mea ns ther e
is function relatio n bet ween h and g.
Of course s
must be unique.
By analysis above, the security features of anti-piracy
embedded product can be summarized as follows:
h is unique and immutable. And it can’t be dupli-
cated or modified.
s is uniq ue.
If we represent the above function relation as f,
we can get the function equation
h fs=. We call it
“the blinding function equation”. In practice, the
manufacturer is easy to get the hardware information.
It would be best to design the blinding function
as an irreversible function, so that the manufacturer
can’t conclude the information of s from h on the bas e
of the blinding function f.
Firstly, I will introduce the immutability of h. Many
desig ner s use OT P o r security chip to record the software
information. In such a way, users can’t modify the in-
formation. So, they can’t transplant the software. How-
ever, the manufacturers have the access to that informa-
tion. What’s more, the money people spend on getting
the information can be neglected, compared with the
benefit people can get from the piracy. So this method is
invalid. T he immutability means that if the manufac tures
rewrite the infor mation, it will p ay a huge price. And the
price is much higher than the value of embedded prod-
Secondly, h should be unique, which means that dif-
ferent products can’t have the same hardware identifier.
For example, each processor has its unique identifier.
Thirdly, s should be unique, which means that differ-
ent products can’t have the same software identifier.
Though the main software code is always the same, we
can add some unique consumer data to make sure that no
two software code can be the same.
Finally, f would better be irreversible. The SHA can be
a good choice. Tho ugh this req uireme nt is not nece ssar y,
we believe that it can improve the securit y of the pro duct.
For example: if embedded product is Set Top Box, the
serial number of the CPU could be h. It is unique and
immutability. And the manufacturer can’t duplicate or
modify it. The consumer data could be s. And we can
design the SHA as the blinding function f.
4. The Anti-Piracy Measure Using
Encryption of Embedded Products May
Mitigate the Security Strength
So, by analysis, the manufacturer is unable to duplicate
or modify the hardware identifier h. Consequently, they
can’t copy embedded products simply. In order to pirate,
they have to transplant the embedded software. The key
to transplant the embedded software is to break the rela-
tion between h and s. In other worlds, their main object
of attack is bli nding functio n f and the software identifier
s. So our main protected targets are s and f. If we design
the blinding function f as the one-way hash function, the
integrality o f f will be more important than the confiden-
tiality of f. Because, e ven if the pirate knows the blinding
function f, he can’t derive s from h, the o nl y way for him
to transplant the embedded software successfully is to
modify f.
It is commonly observed that encryption techniques
are preferred and regarded as top choice. It is the best
choice for the confidentiality and the encryption tech-
nology such as digital si gnature is used to guard the inte -
Copyright © 2013 SciRes. CN
grality of a software code. Consequently, the encryption
technology is often used to defend embedded products
against piracy. But is it really works? Actually it is not
the case because of following reasons:
1) The protec tion sche mes using e ncryptio n cost so me
overhead, the more overhead we give to it, less overhead
we can give to other prote c tion schemes.
2) The encryption protects the confidentiality of data,
but as s umi n g t ha t a se cr et ke y r e mai n s hid d e n. Thi s means
that we have to add some new protected target such as
the secret key. If we use the encryption to protect our
new protected target, we still have to add some new pro-
tected target for the same reason. At last, we have to use
other protection schemes for the new protected target.
So, by analysis, it is found that anti-piracy measure
using encryption of embedded product may mitigate the
security strength. To prove it, let’s analyze the relation
between our protected targets and the new protected tar-
We can represent the new protected targets as the en-
crypti on fu nctio n equat ion, na mely
y ekx=. And k is
the secret key, x is plaintext, e is the enc rypt io n func tio n,
and y is cip her te xt.
For a specific k, each plaintext x has only one cipher-
text y for it. This is just like our relation bet ween h and s.
In fact, if we have the ability to keep y, e, k and x safe,
we must have the ability to keep h, s, f safe. Because we
can design a secure blinding function S as
and s = x. Furthermore, the new protected target,
y ekx=, has one more protected element ‘k’.
So the new protected target is more difficult to protect
than our original protected ta rget.
We assume that C is the maximum overhead of our
production schemes which embedded products can afford.
is a protection scheme we used, c is the protection
overhead, and
represents the security strength of
the protection scheme
. For the same kind of produc-
tion scheme, we assume that the security strength is pro-
portional to the protection overhead, namely
(c1)( 2)G Gc<. Obviously (C)G represents the maxi-
mum securi ty strength.
is the protection scheme using encryption, while
is not. Obviously 2( )
represents the maximum
security strength of the protection scheme without using
encryption. Now we add the protection scheme
. We
assume that the protection overhead of
is c. A nd we
can record the maximum security strength for the new
mix protection scheme as
{1(),2()}GcG Cc
1) If we are unable to keep the encryption function
y ekx= safe, the protection scheme G1 will be invalid.
And the maxi mum security st rength of the ne w mix pro-
tection scheme
{1(),2()}GcG Cc
will reduce to
{ 2()}GCc, namely
2( )GCc
2) If we have the ability to keep the encryption func-
y ekx= safe. F rom the a na l ysi s give n a b ove , we
know that the added protected target
y ekx= is mo re
difficult to protect than our original protected target
h fs=. And the maximum security strength for the
added protected target is
2( )GCc
. Even if we make
sure that our original protected target is safe so that the
maximum security strength of the new mix protection
scheme is totally depended on our added protected target,
the ma xi mum secur it y str e ngth o f t he ne w mi x p ro t ec tio n
scheme will still re duce to
2( )GCc
In a nutshell, regardless of whether the protection scheme
is valid, the maximum security strength of the new
mix protection scheme will reduce. We can also get three
deductions below:
1) More encryption technology we add, more new
protected targets will be added, and more difficulties in
2) More encryption technology we add, the less max-
imum security strength we can have.
3) When
can’t fulfill the requirement security
strength of our protected target, adding
can’t fulfill
the require ment too.
5. Conclusions
This paper concerns the piracy problem of embedded
products and their anti-piracy schemes using encryption.
We formulate the security features of anti-piracy em-
bedded products and prove that the anti-piracy measures
using encryption of embedded products may mitigate the
secur ity st re ngth.
In this paper, the basic assumption here is that the
embedded software is in NVRAM (non-volatile memory).
Our ongoing research work is to analyze the security fea-
tures when the embedded software is loaded into RAM
(Rando m Access Memory). It is our ultimate goal to pr o-
vide the perfect theoretical guidance for design houses
against piracy.
6. Acknowledgment
This work was supported in part by National Natural
Science Foundation of China (No.60973034, Grant
[1] C. Collberg and J. Nagra, “Surreptitious Software: Ob-
fuscation, Watermarking, and Tamperproofing for Soft-
ware P r otection,” Addison-Wesley Professional, 2009.
[2] H. B. Enderton, “Set TheoryAn Introduce to Indepen-
dence Proof s ,Nor th H oll a nd Pub l is hing Compa ny, 1977.
[3] C. Y. Luo, G. S. Deng and Y. H. Guo, “Copyright Protec-
tion Model of Embedded Systems and Its Applications in
Digital TV SET-Top-Box,” 2008 International Sympo-
sium on Computational Intelligence and Design, Pro-
Copyright © 2013 SciRes. CN
posed a System Copyright Protection Model Based on
Specific Crypto Memory IC, 2008.
[4] Y. Park,Design and Performance Evaluation of Binary
Code Packing for Protecting Embedded Software against
Reverse Engineering,” 13th IEEE International Sympo-
sium on Obj ect /Component/Service-Oriented Real-Time
Distributed Computing, 2010.
[5] Z. Y. Yang, “Software Protection Solutions for Embed-
ded Systems,Computer Applications and Software, Vol.
26, No. 8, 2009 .