Re: IP security relies on both encryption and obfustication

From: John Shields <John_Shields_at_.....>
Date: Fri Jun 23 2006 - 09:29:27 PDT
Excellent point, John. 

I don't believe it is an either/or.  I actually believe encryption is broadly adequate in this area, both methods together are better, and obsfucation by itself is relatively weak and untrustworthy (sorry, Olivier).

Though I have heard a minority state that encryption is not a good answer, the consensus for the digital HDLs is that it is. It is certainly not the answer to IP protection. I have yet to see a role proposed for obfucation in the language standards. If obfucation has a role at the language standardization level (a question which both Alain and I have asked), perhaps mechanisms that support it such as your keyword remap mechanism will be desired. 

If one believes that the risk of a chosen encryption algorithm is that is will be broken by direct attack, then mitigating it further with obsfucation is worthy.  Where the strength is sufficient so that a direct attack is not a perceived risk,  why bother?  On that basis, obfuscation certainly has merit.

Regards, John

John Willis wrote:
Alain, Oliver, John and members of VHDL-AMS list...

It is perhaps obvious but strangely not being stated here.
The more secure approach is a combination of strong encryption
and obfustication techniques.  With many cypher algorithms, it
is common academic knowledge (I am not breaking the US law by
pointing out (pathetic situation)) the more one knows of the
clear text, the easier it is to break a cipher.  Obfustication
schemes which replace identifiers help.  Stronger obfustication
techniques which re-map the language's keywords are even better
(such as was done with the old PL language series).  If you want
to make VHDL more secure at the expense of slightly slower
lexical scanning, add the capability to re-map keywords.

Example of new concurrent statement where remap is a keyword:
   remap BEGIN COMMENCER;

We are occupied with a large project using VHDL/VHDL-AMS
and I have not had time to follow the earlier discussions,
however it is unclear why there is an implied either / or.
A more secure approach uses both.

Best regards, John

--------------------------------------------------------------
John Willis                     jwillis@ftlsystems.com
FTL Systems Inc.                FTL Systems UK Ltd.
1620 Greenview Drive SW         2 Venture Road
Rochester, MN 55902             Chilworth Science Park SO167NP
+1.507.288.3154 (Land)          +44.2380.767.700 (Land)
+1.507.358.0841 (Cell)          +44.7951.572.068 (Mobile)
--------------------------------------------------------------



Received on Fri Jun 23 09:29:33 2006

This archive was generated by hypermail 2.1.8 : Fri Jun 23 2006 - 09:30:02 PDT