Dr Vachoux, Thank you for your answer that I want to comment here. Providing an example of an obfsucated VHDL-AMS model is not a problem regarding the mailing list policy. However, I think important to clearly define the context and the objective of such an exercise. The context is to define a standard based on well-defined, well characterized and open methods and algorithms. The IP protection mechanism currently in development for VHDL, Verilog and their AMS extensions (and probably also for other design languages or formats) is proposing a standard way to use existing encryption/decryption methods that have been extensively studied and published. As John said, the secret here is in the keys. The obfuscation method you are advocating is based on a private algorithm you are obviously not going to publish and share since it is the key (and the secret) of a commercial tool. I can hardly see a way to make a standard out of that. /Answer: 1) See my last answer to John where well the secret is in the key, but the secret is shared by more people/agencies that everybody wants to get shared. It just doesn't work on a worldwide basis. 2) As long as you deal with obfuscated models, there is no need anymore to think about setting a encryption standard since obfuscated models are treated like source code models by simulators. You then save a lot of time and effort in the standard commitee./ Now the objective. What do you want to show with the challenge? Assuming nobody will be able or have the time or resources (or even care) to win your challenge, what would then be the conclusion? To me, as far as I can say, there would not be any evidence that the obfuscation approach is secure in all cases. Again, the result of the exercise would not bring more light for developing a standard. /Answer: 1) What I want to show with this challenge is that if nobody can crack the obfuscated model, there is a serious opportunity for the community to get a excellent solution to protect its IP. 2) Getting something secure in all cases will never be guaranted whatever the protection scheme used. Anyway, in most of the cases, the security issue comes from the company employees themselves. 3) Have a look on my last answer to John where an well known encryption method has been crack down by chinese mathematician (http://www.infosecurity-magazine.com/news/050331_crypto.htm) and the low security level of some encryption algorithm (http://www.cnn.com/TECH/computing/9901/21/descrack.idg/). Whats about encryption and VHDL models where security should last at least until patent expiration (10 or 20 years ?) 4) On top of it, if you back go to the roots, an encryption scheme is build two way (so its a question of time, effort ,IQ to get the original source code back) where an obfuscation method is one way (so there is formally no way to recover the original source code). It means that legally you will always been able, via obfuscated code exchange, to desmonstrate who is the real code owner vs. who has counterfait it. 5) If nobody care about such issues in the community then there is no need to spend even a minute over potential encryption standards. Thank you in advance for your answer . Olivier Rolland/ Dr. Olivier Rolland Systems'ViP c/o SEMIA 4, rue Boussingault F-67000 Strasbourg Tel: +33 671 128 130 Email: olivier.rolland@systemsvip.com Web: http://www.systemsvip.com Systems'ViP: Your innovation capitalization partner This e-mail, including attachments, is intended for the person(s) or company named and may contain confidential and/or legally privileged information. Unauthorized disclosure, copying or use of this information may be unlawful and is prohibited. If you are not the intended recipient,please delete this message and notify the sender Alain Vachoux wrote: > Olivier, > >> In order to make the point clear to evrybody, my proposal is to >> provide, to all of you ,an obfuscated VHDL-AMS model (with its spec >> documents and testbench and simulation results) running on the three >> VHDL-AMS platforms avalaible (Ansoft, Mentor Graphic and Dolphin), >> and to give you 15 days to re-engineer this model back (having all >> initial value, variables names and comments provided back). >> I do not want to go against the mailing list policy, this is why I >> aske here the moderator authorization to share an obfuscated model >> with everybody. > > Providing an example of an obfsucated VHDL-AMS model is not a problem > regarding the mailing list policy. However, I think important to > clearly define the context and the objective of such an exercise. > > The context is to define a standard based on well-defined, well > characterized and open methods and algorithms. The IP protection > mechanism currently in development for VHDL, Verilog and their AMS > extensions (and probably also for other design languages or formats) > is proposing a standard way to use existing encryption/decryption > methods that have been extensively studied and published. As John > said, the secret here is in the keys. The obfuscation method you are > advocating is based on a private algorithm you are obviously not going > to publish and share since it is the key (and the secret) of a > commercial tool. I can hardly see a way to make a standard out of that. > > Now the objective. What do you want to show with the challenge? > Assuming nobody will be able or have the time or resources (or even > care) to win your challenge, what would then be the conclusion? To me, > as far as I can say, there would not be any evidence that the > obfuscation approach is secure in all cases. Again, the result of the > exercise would not bring more light for developing a standard. > > Best regards, > Alain Vachoux
This archive was generated by hypermail 2.1.8 : Fri Jun 23 2006 - 01:29:33 PDT