I had the pleasure of attending a fascinating tutorial on "hardware hacking" at yesterday's O'Reilly Emerging Technology Conference. The presentation calls into question the premises behind the "compliance and robustness" rules that form the ubiquitous backdrop for all of the content protection schemes under consideration at ARDG (as well as the broadcast flag and DVDs).
In both the broadcast flag and ARDG contexts, there has been wrangling about just how "robust" a compliant product must be against "tampering" (i.e., modification by users). The standard proposed by the MPAA in Section X.17 of their proposed broadcast flag mandate is that content protection systems should be implemented so that they cannot be defeated by using general purpose tools widely available at a reasonable price.
According to presenter Andrew "Bunnie" Huang, achieving this level of security in mass-market hardware devices is very difficult, if not impossible. Hobbyist hardware hackers have an impressive array of general purpose, low-cost tools at their disposal. Consequently, staying "robust" against low-cost tools requires, at a minimum, that all cryptographic secrets (and all code or data from which they could be derived) must be kept inside custom-designed chips, or any bus across which such data could travel must be encrypted. If a secret is available in the clear on any pin or trace on a circuit board, it can be extracted using general purpose tools for, in Bunnie's words, "much, much less than $1000, often less than $100, and frequently for free."
So just how much unnecessary cost is "robustness" going to add to consumer products? Quite a bit, if "robust" means immune from hobbyist hardware hacking.
Posted by fred at April 23, 2003 07:54 PM