The cost of first building and then updating fabrication facilities has forced a number of semiconductor companies that once owned their own foundries to pursue asset light fabless strategies. A fabless semiconductor company develops its own technology and chip designs, but pays a separate, dedicated fabrication facility, such as TSMC, UMC, or Chartered, to produce the chips. The fabless approach has saved integrated circuit (IC) design companies a great deal of money, but it has also enabled the rise of a thriving black market in counterfeit chips. Computer engineers at the University of Michigan and Rice University think they may have the solution to this problem and have designed a hardware lock that could be built into each IC and activated by the IP holder.

According to the engineers who developed the new lock, the rise in IC design piracy is attributable to several factors. Intellectual property rights are often loosely defined in Asian countries, and enforcement policies can be lax. Theft is also an issue and can range from employees pocketing supposedly bad processors to fabrication firms allowing "unauthorized" manufacturers access to a client's masks. At this point, there is no simple way to change a hardware design to fight piracy, and current anti-theft technologies are inadequate to the task at hand. The EPIC (End Piracy of Integrated Circuits) technique is designed to change all this.

EPIC uses public-key cryptography system, in which the IP holder generates a pair of Master Keys, one public, one private. Each IC is engineered with its own true random number generator (TRNG) and support for public-key cryptography; knowledge of the public Master Key (MK-Pub) is also baked into the chip.

Once the circuit's original logic is properly connected to EPIC, a randomly-generated Common Key will be created. This key is communicated to the IP holder and then erased. The chip is then packaged and ready for activation. At power-up, the chip generates a private and public Random Chip Key (RCK-Pri and RCK-Pub), both of which are burned into a set of electrically-programmed fuses. The fab would then send the new IC's RCK-Pub to the owner of the IC itself. Said owner would then transmit an Input Key back to the fab. The Input Key corresponds to the already-communicated Common Key wrapped in a double-encryption layer consisting of the private Master Key and RCK-Pub.

Once it received the validation transmission, the chip would decrypt it using RCK-Pri and the public Master Key. This produces the Common Key (CK), unlocks the chip, and allows it to be sold. Those of you who had trouble following the description of the process might find the following flow chart helpful. It describes how EPIC can be integrated into an already-existing IC design without requiring any dramatic changes to chip layout.

EPIC is not insurmountable, and the paper addresses concerns that it might be breached, but its designers appear confident that the EPIC system will remain secure even in the face of considerable attack. Additional key encryption can be incorporated at the fab level, if such is desired, and the ability to control when and how chip authentication requests are sent creates an additional obfuscation layer for chip pirates to overcome.

Further reading