|
By Dr. Helena Handschuh, Chief Security Architect, Intrinsic-ID
At Mobile World Congress 2012, MIPS Technologies showed a MIPS-Based Android™ 4.0 tablet using Intrinsic-ID’s Confidentio IP product to secure the remote provisioning of media content to the tablet. Secure provisioning is a feature most OEMs require to meet the security demands of major content providers. It is also a feature consumers increasingly desire as theft and exposure of personal digital information is on the rise.
Confidentio is the world’s first decryption module that has built-in key storage functionality without requiring embedded non-volatile memory. In this short article we investigate how to achieve such secure content download by combining any appropriate DRM scheme running on a MIPS-Based platform with Intrinsic-ID SRAM Physically Unclonable Functions (PUFs).
How it Works
We start by modifying the boot sequence of an Android 4.0 MIPS-Based tablet for secure content download purposes, such that we can reserve a fraction of 1kbyte of uninitialized SRAM for our SRAM-PUF based secure boot and node-locking mechanism.
At every power-up, the random yet device-specific initial values contained in the SRAM are read and error-corrected back to the original value that was first discovered during enrolment (initialisation) of the device. This stage is called the information reconciliation phase.
Next, the error-corrected start-up value is hashed into a 128-bit secret encryption/decryption key. With this original key, reconstructed at every power-up of the device, any encrypted content can be downloaded onto the tablet, decrypted and streamed to the content protection application. Thus, any content such as videos, movies, games or pictures can safely be consumed on any MIPS-Based SRAM-PUF enabled tablet.
The idea is that the key which is needed for content decryption is uniquely bound to the hardware of the device, or even better, uniquely protected by a device-specific key. Therefore, encrypted content can be broadcast to several enabled devices using a common key. However, this key can only be reconstructed on those devices which generate the correct device-key upon every start-up.
Interestingly, SRAM PUFs use so-called activation codes, or helper data in literature, to allow for error correction and key reconstruction. Those codes are used during the boot sequence of the tablet, but need not reside in protected or internal non-volatile memory. They can be made public, are non-sensitive and can even be broadcast together with the encrypted content. Updating them periodically has the same effect as to broadcast new content decryption keys protected with the device-specific key.
One of the major advantages of a PUF-based security mechanism such as our node-locking mechanism, is to actively stop any cloning or counterfeiting of devices. Indeed, copying encrypted content and an activation code from one device to another will not allow for access of the content. The key reconstruction mechanism will fail because activation codes are device-specific.
Even more complex mechanisms can be implemented since any information, be it symmetric keys, ECC private keys, RSA private keys or even public keys for secure boot and signature verification purposes, can be encoded into the SRAM-PUF node-locking mechanism during enrolment. This opens the way for a multitude of content protection and DRM schemes which uniquely tie consumable content to a specific platform.
Intrinsic-ID is pleased to work with MIPS licensees to enable this secure content provisioning on their systems. For more information, contact sales@intrinsic-id.com.
|
