A) UDPi’s Hard-wired Security
B) Keys
C) Patents
D) Microprocessor and Microcontroller Applications
E) DVD/Music/Gaming/Software Applications
F) Data Transmission Applications and Peer-to-Peer (P2P)
G) General Application Questions
A) UDPi’s Hard-wired Security
1) Is UDPi Register Transfer Level (RTL)?
No. The UDPi key is a low-level circuitry that is physically wired at the gate level into the circuitry on the silicon below the RTL. However, UDPi can adopt an existing RTL to support the UDPi method.
2) Is UDPi part of the logic process?
Yes, the UDPi key is used in the processing of data in the Central Processing Unit (CPU).
3) Is the data encrypted?
Data APPEARS to be encrypted to a secondary observer, but it is not encrypted by means of an algorithm. UDPi is an intellectual property (IP) protection company, NOT an encryption algorithm.
4) What is the importance of Key B?
An important part of the UDPi method is Key B, which is the manufacturer’s key. UDPi can take an existing core and add an 8-bit circuit to create a key circuit (on the bus path of the CPU is the best place for the key circuit). Key B becomes the UDPi hard key, and creates inherent security with hard-wired circuits during the manufacturing process.
5) Does a Linear Feedback Shift Register (LFSR) have to be incorporated into the UDPi hard-wired security method?
No. Incorporating the LFSR is optional to make the system even more complex and unique. If a LFSR is incorporated, it is added before the processor is initialized. The number of bits used depends on the application. If the application doesn’t require a LFSR, it may be suitable to simply use a hashing matrix.
6) Does the UDPi process require an encryption algorithm to create a secure system?
UDPi does not require a secondary encryption algorithm to create a secure system. The process can be used as a stand-alone protection method or in combination with a complex encryption algorithm. If an encryption algorithm is implemented in conjunction with UDPi, the protected media is decrypted using the UDPi process at the customer end and is then decrypted using the accompanying encrypting algorithm.
7) Is it feasible to decrypt source code on the fly as it is being executed? It may be possible functionally, but wouldn’t the performance hit be too great?
Decryption on the fly is feasible with UDPi since the encoding/decoding is performed in the hardware. The overall performance is not affected.
8) Are there requirements that encryption algorithms must be publicly disclosed for crypto analysis or analyzed by a recognized consultant?
UDPi is not an encryption algorithm but a “protection methodology”. UDPi can be used with any existing encryption algorithm that has been disclosed for crypto analysis. UDPi is a method of protecting data. Data storage media is intentionally “corrupted” with an algorithm. Rather than using one known algorithm, it is possible to use multiple algorithms for different portions of the data storage. For example, data saved for the first 120 bytes can use one formula while the next 120 bytes of data uses a different algorithm. Data becomes unique for each device with UDPi and the “key” is device specific. The UDPi “key” is either a value that alters the bitstream received and/or a unique circuit. This new methodology can protect data for a FPGA or a processor.
9) Where in the CPU is UDPi’s technology located?
UDPi is located between the Instruction Fetcher (or Instruction Register) and the Instruction Decoder.
10) How does UDPi work with the Instruction Decoder?
UDPi creates a virtual unique set of instructions. Firmware A in Processor A will look completely different from Firmware A in Processor B. The Firmware A goes through a special encoder that creates a logic set of instructions for Processor A, but these instructions will not work for Processor B. Only Processor A can properly decode its firmware.
11) Does the Program Counter (PC) in a processor have to be sequential with UDPi’s security?
No, with UDPi the Program Counter (PC) does not have to be sequential. For example, to execute the same line in one processor the instruction might be GOTO 0x10010 compared to GOTO 0x2E400 in another. UDPi can randomize the process flow of a program, causing it to jump to different locations from one processor to another.
12) Does the level of security depend upon the bit-size of a microprocessor?
No. Larger processors have longer strings of instruction, and when there is a higher bit-count, more can be executed in one cycle. For example, a 4-bit micro would take many cycles to execute an instruction that a 32-bit could execute in one step. UDPi’s ability to scramble data does not rely on how many bits the micro contains, allowing advanced security for 4-bit micros and beyond.
13) Does UDPi standardize processors?
No. UDPi’s technology can be applied to any processor and layout on the market and the processor is in no way standardized by UDPi.
14) Does UDPi require a second chip for its security capabilities?
There is no separate security chip required for UDPi’s security capabilities. The technology is hard-wired during manufacturing with no added BOM costs. Silicon protection is complete without the use of a second chip.
15) Does UDPi offer “data protection” for stolen data?
Yes. UDPi takes the lead and ensures data is secured at the hardware level with a flexible circuit solution. This technology is not just about data recovery and data loss monitoring, but also takes into account protecting data at every internal, external and peripheral point.
16) What is UDPi’s flexible circuit solution?
UDPi’s security is based around a flexible circuit, which is a variable circuit. Hardware is not generally hacked, but rather the software that uses the hardware can be vulnerable to hacking. Since UDPi’s flexible circuit resides in the hardware portion of a processor, it is not vulnerable to hacking.
For example, if one were to try to hack the physical electrical connection to their house, it would be nearly impossible. To find the circuit, one would have to destroy the walls of the house. However, if the electrical wiring circuit changes depending on which devices were active in the house, there would be too many variables. The above example is what UDPi does for micros, depending on the code executed (thus its location), the codec (coding – decoding) circuit changes.
17) UDPi is located between the Instruction Fetcher and Instruction Decoder. What are the various implementation choices for the security?
The UDPi solution can be incorporated during the manufacturing process as a simple circuit, but can also be implemented in conjunction with a LFSR, XOR, or non-destructive alteration method to encode data.
18) Does UDPi use an “on/off” term from a cryptography perspective? Also, does the polynomial term drop to 0 by multiplying by the CTR position?
No. UDPi does not simply use an “on/off” term. With UDPi, the term can be 0. Many algorithms do not allow a term of 0 to be valid, but with UDPi a term of 0 is acceptable. The polynomial term can be 0 and still be a valid term with UDPi.
19) Why does UDPi’s use of randomness not make code easier to crack?
There is no real randomness in a computer, but rather it must be pseudo-random. The beauty of UDPi is that the flow of firmware in the external memory is unknown. The flow could be a result of a jump, GOTO instruction or simply normal flow, but UDPi makes the execution of flow from one location to another in a random manner. Some of the external addresses are accessed in the same order and some will differ according to an action or status in the processor.
20) What is the UDPi technology? How is it commercialized? How is it delivered and integrated?
UDPi is a real protection method for internal and external intellectual property (IP). It is commercialized through licensing and/or selling. UDPi is delivered through co-designing the CPU with manufacturers and is integrated as part of the CPU code.
[top]
B) Keys for a Secure System
21) Does UDPi have a key management solution, or a particular way to scramble (as opposed to encrypt) data?
UDPi offers both key management and a particular way of scrambling data. The key management is similar to some existing processes but the data scrambling technique is unique from any existing processes.
22) How long is the key in the UDPi solution?
Depending on the implementation, the key can be as long as the software itself, improving on current encryption algorithms that use a 128 bit key (or 256 bits which is only 32 bytes).
23) Is UDPi a key generator?
UDPi is not a key generator or a key authentication processor. UDPi is used to protect the IP (Intellectual Property) in the processor or data used by the processor.
This differentiates UDPi from many security processes available today.
24) Does the solution require secrets in the client module? If so, are the secrets unique or global?
UDPi can support both unique and global secrets. The most simplistic solution (for both the manufacturing end and the media discs) is to use global secrets processed at the customer end. The “de-scrambling” process can be global, but the decoding key is unique to each device.
25) Are keys exchanged between devices before the data stream is sent?
The UDPi solution offers invisible keys, which are not exchanged, and the keys can be device specific, offering increased security. Since the keys are not exchanged between the devices before the data stream is sent to the screen (or receiver), someone cannot listen to the exchanged packet to retrieve the key. With UDPi, there is no exchange between the receiver and transmitter, which can present a security risk, since the key is changeable, detectable and possibly hackable in systems that use this method.
26) How does UDPi store keys?
The key may be recorded within the CPU architecture and/or specific circuits designated by the manufacturer by means of hardwired circuits, possibly using configuration fuses such as are employed in programmable read-only memory (PROM) devices. The key can alternatively be stored in an obscure register. Embedding the encryption/decryption key within the CPU core renders it practically indiscernible to potential memory copiers.
27) How is UDPi’s fixed key secured?
Since the fixed key is hardwired or otherwise hard-coded into the CPU circuitry, this is permanent (i.e. non-volatile), programmable one time only (OTP). Such physical links generally can’t be read by devices which sense magnetic polarization, providing greater security for the fixed key. All peripherals are protected (bus lines cannot be sniffed).
28) Why does UDPi avoid using a programmable register?
This is to avoid the vulnerability of registers to such snooping technologies as magnetic polarization sensors. However, UDPi can support using a programmable register.
29) Can UDPi use a combination of fixed and variable keys?
UDPi can use a combination of fixed and variable encryption/decryption keys to provide further security for stored data. The variable key may be set to vary for each byte or word. The data is altered depending on the location and device used.
30) Does UDPi use non-volatile or one-time programmable memory for storing device keys?
No, because the UDPi key is inherent in the device.
31) How does the UDPi key work? Is it similar to have execute only (no read)
code?
UDPi hides data using pseudo-random block lengths and key lengths. The “key” is really a flexible circuit, residing in the hardware portion of a processor.
32) How does UDPi incorporate XOR functions?
UDPi adds complexity to basic XOR implementation. One example is to have a table of keys relating to a specific location in ROM. Key A is used for some portion of the ROM and Key B is used for another portion, etc…The key can change per block and the block size can change per key with UDPi’s method.
33) Can UDPi’s security be pseudo-random and what is the result?
Yes, UDPi can use pseudo-randomness to get a very long key that is secure. This technique makes sure that a character is not used twice in a key, adding security and not repeatability. It is possible to use two LFSRs to generate a secure pseudo-random table of keys. UDPi can execute code incredibly fast, pairing high security with speed.
Many solutions based on a formula can be broken, but UDPi is not based on a formula. Hash schemes and keys are only effective if there is not a predictable formula used.
[top]
C) Patents: General Information pertaining to UDPi’s Patent-Pending Security Method
35) What are some additions the UDPi technology added to previous patents to improve upon them?
Just to name a few: unique circuits, serialization, SDD™ encoding and Double Axis Security™ among many other new elements have been added to the UDPi patents.
36) What fields of application does UDPi’s patent-pending technology cover?
The patent-pending technology covers the following applications (but there are many more potential applications that are not listed within this text):
• Intellectual Property (IP) in microprocessors / microcontrollers
• Flash USB
• Digital Cameras
• Digital Camescope
• CD / DVD drives and audio / video
• Back up discs
• Portable disc drives
• Cell Phone Smart Cards
• PDAs
• Laptops, Desktop Computers and Servers
• Any form of Data Storage (Optical Discs, etc.)
• AM / FM / XM radio
• Cable / Satellite TV (all formats)
• HDTV
• IPTV
• DSL / Cable Internet Provider
• Gaming (Consoles/Software)
• • Broadcast Data Transmission (eg. TV, Cable TV, Radio, etc.)
[top]
D) Microprocessor and Microcontroller Applications
37) How does UDPi protect at the “lowest level”?
The UDPi solution is hard-wired and the security is in the binary. The beauty of this approach is that it cannot be hacked as software.
38) What are some of the implications of UDPi’s methodology being so light weight?
Implementing UDPi results in either the ability to reduce micro sizes dramatically or freeing up resources for other uses (besides encryption/decryption). There is a minimal saving of 88% in required power of the CPU for comparable performance (or data throughput).
39) Can both internal and external flash be protected?
Both internal and external flash can be protected with UDPi. The internal CPU handles the encoding of the firmware to be stored.
40) What are the basic steps involved in accessing UDPi encoded firmware?
The steps are as follows:
1) Read the memory content*
2) Decode content using the unique device identification
3) Send to the CPU for execution
* For step 1 the data can be stored internally or externally. The data will be decrypted only as it is needed
(on the fly).
41) How does UDPi protect devices against die slicing?
UDPi does not prevent access to the core, but rather prevents the ability to use the information invaders access. This results in a different approach than other protection methods offer. Other methods try to block access to the internal information at different levels. UDPi encodes information in the processor so even if the die is accessed, the information will be useless since it is meant to work only on one specific processor. The best implementation of UDPi to protect against die slicing is to make the protection part of the CPU core as much as possible, so even when analyzing the die, there are no clues as to where the protection algorithm lies within.
42) Does the UDPi security method protect against reverse engineering?
Since some hackers can read machine code, and it is fairly simple to acquire and use reverse engineering tools that can turn standard machine code into something easier to digest, such as assembly, or, in many cases, C source code (using disassemblers and decompilers), there is a need for protection against such reverse engineering techniques.
UDPi incorporates Double Axis Security™ in its protection methodology. This patent-pending technology mitigates the risk of reverse engineering.
43) Can the UDPi security solution protect data in standard external devices?
UDPi can protect data in all external devices. External devices included in these terms are EPROM, FLASH, RAM, SRAM, and DRAM among other standard devices to store data. Some current protection companies offer data protection in an external device in a serial manner. Only a few lines of data exchange are allowed in such applications and the processor must send a key. This in turn challenges the data storage device and the device is able to read the data. There are problems with this method, however, because data is not protected under this regime once it is transmitted to the main processor. Additionally, devices that offer such protection can be quite costly. UDPi protects data in external devices with cost efficiency in mind. Applying the same fundamental principles with UDPi can protect data from a small 4-bit microcontroller up to the most powerful processor available on the market.
44) How efficient is UDPi for protecting a processor’s firmware?
It is more efficient to encode data in a processor with UDPi since all values are valid. Data values in an 8-bit processor can be from 0x00 to 0xFF. If a value was originally 0x5C and has been altered by UDPi to be 0xDF, this last result is still a valid value for the processor as it is a possible value. UDPi, causing random valid values that result in an invalid operation of a device if the encoded code was transported to another UDPi processor using a different signature, has changed the normal flow of values. For a hacker, to find the original code is like re-writing the entire code. If the device is going to be illegitimately copied, the copy will be limited to the BOM (Bill of Material). The Intellectual Property (IP) will still be protected.
All raw level data are hex or binary values (1’s and 0’s). UDPi exploits these low level values to encrypt data. All values at this raw level are valid. But when brought to an upper level, they are more intelligible. Text strings are the simplest form to hack since a stream of letters and spaces is being looked for, and the range of values is limited to 26 letters + 10 numbers and some special characters. UDPi protects these text streams and converts them to look like source code of a file, bitmap, etc.
45) What are the prerequisites for microcontrollers or processors for implementing UDPi?
UDPi is compatible with all micro manufacturers. Additionally, the security can be applied to small micros through to 64-bit machines and beyond (UDPi is not bit wide dependent). UDPi does not need a math/ cryptography processor because it is so lightweight and doesn’t take up processing power for the encryption/decryption process. UDPi performs Double Axis Security™ (combination of byte substitution and bit transposition (Hashing)), at the hardware level so no CPU resources are required.
[top]
E) DVD/Music/Gaming/Software Applications
46) How can UDPi implement micro-based security to protect optical discs?
UDPi bridges the gap between hardware and software. The micro security platform forms the basis of protecting software, optical discs and any form of data storage using the same methodology and incorporating a secure reading device.
47) Does UDPi use a serial number for optical disc security?
The best implementation of UDPi is to have a serial number (SN) on the disc and the reading device. This way, the data is saved using the disc SN.
48) Does UDPi allow for backwards compatibility for optical discs?
UDPi allows for backwards compatibility for classics. The UDPi decoding key is only required to unlock UDPi protected optical discs. If a non-UDPi disc is inserted in the reading device, a decoding key is not required.
49) Does UDPi include blacklisting or blocking reading devices that have been fed potentially pirated optical discs?
There is no blacklisting or blocking of reading devices. The device simply will not read the disc because it has not received a decoding key based on the reading device’s serial number or other identifier and the optical disc’s registration key. This requires a one-time disc registration, but is consumer-friendly.
50) Why is gaming an ideal application for UDPi’s security methodology?
The gaming application incorporates all elements of the UDPi security solution; the game console can implement the micro protection scheme and the gaming discs can be protected with UDPi’s data storage protection methods. UDPi’s gaming protection scheme is fully compatible with manufacturers across the board. Since UDPi is compatible with all existing protection methods, and since a non-UDPi protected game will be detected as such and will not be hindered on the reading device, UDPi will only enhance security without compromising the functionality of any existing protection. UDPi on the other hand, does not require any additional protection methods, and has the potential to provide the highest level of security.
51) Will protecting CDs and musical content alter or deplete the sound quality in any way?
The UDPi solution is “invisible” to the other functions of reading devices and optical discs (CDs, DVDs or next-generation DVDs). The security applied with UDPi will have no effect upon the sound quality of music or movies, protecting the content, while preserving the creative sound quality.
52) Is it possible to make copies of DVDs, CDs, etc? If so, how can UDPi stop exchanges over the Internet?
Back-up copies of discs, DVDs, CDs, and other optical discs/software can be made for personal use. The saved information must be saved in its encrypted form on the hard disk in order to be read on the PC. If sent to a recipient over the Internet, it will not work. A good explanation of this feature is as follows; it is like having a copy of the disc on the hard disk. Personal copies can be made, but can only be played on the PC that did the copying.
53) Can UDPi’s methodology incorporate a potential solution to the Print Screen Method of copying next generation DVDs?
With the Print Screen Method, there can be software that runs and automatically generates the Print Screen and saves in a file. The video stream is captured on a frame-by-frame basis (successive JPEG images).
UDPi can potentially prevent this method of copying because the data sent to the screen could be protected through UDPi’s method so the screen decodes the data and a Print Screen will capture the screen but in its UDPi protected format. With this method, only the specific screen that was used to create the Print Screen file can play back the file. The same file played on another computer will not be interpreted correctly, resulting in scrambled data (UDPi’s Digital Fog™). The Print Screen Method, under the protection of UDPi, simply becomes a method of capturing the UDPi protected stream of data for the screen upon which the capturing is taking place. This process requires a UDPi video card and a UDPi-protected screen (protected integrated system).
[top]
F) Data Transmission Applications and Peer-to-Peer (P2P)
54) Is UDPi compatible with high definition transmissions?
UDPi’s data transmission security method is compatible with all new high definition content with the equipment that can handle bandwidth-intensive HDTV broadcasting, including set-top boxes and dishes required to receive the high definition programming.
55) Does UDPi’s technology cover peer-to-peer (P2P) applications?
UDPi’s patent pending technology covers secure device communication in a closed system and secure peer-to-peer communication.
56) What are the advantages of UDPi’s secure device communication in a closed system?
Once devices in the system are configured to operate in secure mode they can only communicate with the other devices in that system. This means that if a device that has been configured to operate in secure mode is taken out of the system it cannot communicate with any other compatible device. The main advantage to such a system is that it deters thieves from stealing components that are part of such a system since they would be unable to resell them as individual components. This technology can be applied to home entertainment systems, computer systems comprised of a number of peripherals, and other systems comprised of popular theft items.
57) How does UDPi’s technology secure peer-to-peer (P2P) communication between two electronic devices?
Each receiver has a unique key that it uses to decode incoming messages. If the receiver party wants a transmitter to send data, the receiver must provide the transmitter with a unique key. The key however, is not sent to the transmitter over the transmission line, but through another secure channel such as the telephone. Since the key is not exchanged over transmission lines, security is increased as when the key is sent over the transmission line, the line can be sniffed and the key discovered.
[top]
G) General Application Questions
58) What level of protection does UDPi offer?
UDPi offers the most advanced level of protection. With UDPi a simple text string saved on a disc is encrypted at the most efficient level. Many current encryption methods use a block of 32 bytes and a 32-byte key to encrypt data. If the data block is less than 32 bytes, then the processes use padding to fill the unused data fields with blank data. This method of data encryption is easier to break than a process that can adapt to the data string length. Firmware protection is an ideal implementation for UDPi since any values ranging from 0x00 to 0xFF are valid. Only a valid sequence of these possible values can result in a working firmware. The same principle applies to a file saved on a disc.
59) Does the UDPi solution require software to be implemented?
There is no software required to secure IP in devices with UDPi. Double Axis Security™ and SDD™ encoding are performed at the hardware level, creating an embedded form of protection. Since UDPi is hardwired into the circuitry, there is no risk of software being hacked to expose security vulnerabilities.
60) Is the UDPi solution easy to migrate from current protection methods to developing methods and standards?
Yes, since the UDPi solution is lightweight (does not require a cryptography/math co-processor, does not require number-crunching and can be implemented in any size micro without taking up processing power for security), the solution can easily migrate from current methods to adapt to implementations set out by upcoming security methods. UDPi is indeed a new security methodology that creates the potential to reduce processing power required for encryption/decryption and other security measures.
61) Would the UDPi solution adhere to industry standards and government security requirements?
The UDPi solution is currently being investigated and introduced to numerous players for a diverse range of applications in multiple markets. UDPi is a security methodology, and as such is compatible with existing industry and government standards. UDPi is flexible and lightweight, allowing implementation in even the most highly sensitive applications and markets.
62) The UDPi solution is lightweight at the client (user) module, but is the process computationally intensive at the preparation stage?
The process is not intensive at either the user side or the preparation stage. The computation required at the preparation stage is as lightweight as the client (user) module. Lightweight in these terms implies the amount of power resources required (which are extremely low in all applications).
63) Can this methodology be used alongside a current method of protection?
One big advantage of UDPi is that it can be used alongside any existing protection methods and can do so in both small and large controllers. UDPi does not use one specific documented algorithm, but allows the flexibility to choose from any existing algorithm to incorporate into the UDPi protection methodology.
64) What are some basic differences between UDPi’s Micro, Optical Disc/Data Storage and Data Transmission applications?
A) Micros:
• UDPi protects the IP within the processor and also the IP in an external RAM/ROM/Flash or parallel EPROM.
• UDPi protects the data from any invasive and non-invasive attacks to the processor. Even if an invader accesses the
IP by any method, the IP is protected in a way that it can only be decoded on one specific processor.
• UDPi does not affect the overall performance of the processor since it is embedded in the CPU (Central Processing
Unit) of the micro.
• UDPi’s method protects any IP within any device. Any existing processor can use the methodology (UDPi can be
applied to MASK processors (pre-programmed) and flash processors.
B) Optical Disc/Data Storage:
• UDPi creates invisibility for a disc to the reader until a code is entered to decode the disc.
• There is no unlocking code to decrypt the disc, but rather a code to reveal the disc information.
C) Data Transmissions:
• UDPi offers a new way to protect the signals sent to customers. This allows better control over who has access to
channels and when the channels are accessible.
• This same principle is applicable to XM satellite radio and any new broadcast signals. In order for this to be effective, a decoding processor is required, but these are highly available and commonly used in new broadcast signaling.
65) Can UDPi be described as a “Sustaining Technology”?
For the sake of definition, UDPi could accurately be described as a sustaining technology.
In terms of sustaining technology, UDPi could improve existing products in terms of increasing security and could improve a products performance due to the fact that UDPi does not take up system resources, allowing UDPi protected products to use those resources for other tasks.
Since UDPi is a new methodology, a shift in manufacturing will be required in order to implement the technology. However, UDPi would be more cost-efficient than many security technologies currently available, satisfying market demands with lower cost. UDPi would in fact improve market performance through a simple, cost efficient, smaller and more convenient means of security.
66) Can the UDPi technology be manufactured without yield impact at the latest technology node (i.e. 65 nm currently, 45nm next generation)?
UDPi is technology independent and can be implemented no matter what process is used. A device becomes unique by either burning different locations of the FPGA to incorporate a unique ID and/or modifying the architecture to be unique. One possible implementation is to have the exact same circuit in all FPGA’s but only one unique location that contains the UDPi key. The “key” is a value that alters the bitstream received and/or a unique circuit.
67) Are UDPi protected devices resistant to physical attacks?
If data is successfully read, it will be unintelligible. UDPi mitigates physical attacks.
68) What is the difference between current “Platform Approaches” to security and Universal Data Protection Corporation’s UDPiCore™ protection?
Many “Platform Approaches” involve adding a portion to the processor and use an algorithm to validate peripherals. This approach secures silicon, but does so with software-based security, with a key verifying peripherals.
UDPiCore™ protection creates a binary core security method in contrast to the “Platform Approach” of securing silicon. Double Axis Security™ provides the source of binary security and the “key” changes for each of the bytes. The UDPiCore™ has light weight qualities and all-encompassing protection. There are little resources, time, or memory utilized with the UDPiCore™ approach to securing data. Additionally, software is not relied upon, creating a truly unique approach to security.
69) What is UDPi’s Vision Statement?
UDPi provides secure digital data delivery (“S3D”) and end-to-end security.
70) Does UDPiCore technology require storing keys on the media for optical media applications?
No, UDPiCore does not require storing keys on the media. Since the decoding key is not stored on the disc, UDPi does not use “security by obscurity”. Pre-recorded media is encoded with SDD (Stealth Data Delimiters).
71) Does UDPiCore require the use of a LFSR (Linear Feedback Shift Register)?
UDPiCore does not require the use of LFSRs, however, they are an efficient process to generate pseudo-random values. UDPiCore can use as many LFSRs as the customer wants. Attackers cannot access the seed value in order to figure out the decoding process.
72) What are some benefits of UDPiCore for pre-recorded media?
With UDPiCore, there are no encoding/decoding keys stored on the media. UDPi’s Intentionally Corrupted Format (ICF) prohibits data compromise, because there is not readable valuable information on the disc. Additionally, UDPiCore allows personal back-up copies in ICF and Stealth Data Delimiter (SDD) format, preventing mass illegal distribution of copyrighted content.
73) What are some benefits of UDPiCore for the playback device?
The key store is unique to the player, the key may be readable, but cannot be used on other players. The encoding/decoding can be very simple and the format is open, so there is no need for obscurity or hiding keys for security purposes.
74) What are UDPiCore’s core competencies?
UDPiCore’s core competencies are secure digital data delivery, scrambling and unscrambling data and securing any application that uses digital data, protecting the process of data flow.
75) What are some micro-manufacturer improvements offered by UDPiCore?
If the customer must send source code to international production lines, there is a risk that the product will be copied.
With UDPiCore, the processor is protected throughout the entire process. The code sent to the international production line is in an encoded form and remains so at the programming facility, being uniquely programmed.
76) Can UDPiCore provide protection for electronic design intellectual property (IP)?
Yes. Theft of IP in electronic designs can be caused by vulnerable designs that are reverse engineered, copied or stolen. Security for microprocessor chip design is essential for retaining economic value and ensuring a smooth transition to international markets, not all of which recognize IP protection laws. With UDPiCore, IP is secured with inherent, hard-wired protection.
77) Which threats to mobile devices does UDPi protect against?
UDPi protects against the following threats in particular:
- Protection of system boot integrity
- Protection of the operating system integrity
- Protection and isolation of security critical applications (e.g. payment applications)
- Protection of access control information
- Resistance to code vulnerability exploits, depending on the implementation
78) Can UDPi’s technology be hacked through software or patches available on the web?
No, with UDPi one cannot change the code nor download software or patches from the web to hack the system. The UDPi code can be unique for each device.
79) Can UDPi be used with other technologies such as algorithms or authentication processes?
Yes, UDPi can be used as the core, running algorithms or authenticated processes for other technologies. UDPi itself is non-algorithmic and is compatible with many other technologies.
80) Is there a certain type of flash or memory required for UDPi’s technology?
No. For UDPi all that is required is a regular memory. There is no need for an authenticated flash or any other specialized memory product.
81) Can UDPi prevent a hack involving two sets of flash, with a valid flash verifying code at the beginning of the process, and then a “hack flash” executing code once the seal of approval has been provided?
Yes, UDPi can prevent such a hack. The above scenario is impossible with UDPi since the code is uniquely encoded for each processor and in some embodiments of UDPi, the address lines may be accessed in a totally random order. With UDPi, even if an attacker accesses the circuitry, they would have to know the UDPi key for the memory address to decode data. The beauty of UDPi is that the key for an address is different from one device to another, even for the same address.
82) Can EPROM memory be scrambled with UDPi?
Yes, EPROM memory can be scrambled with UDPi and unique for each processor.
83) What affect does UDPi’s security have on an opcode table?
UDPi scrambles data and as a result opcode tables appear “corrupted” or scrambled.
84) Can UDPi be compared to encryption-based securities?
No. UDPi is not an encryption. Currently security is deemed as being a trusted party, but does not involve much in the way of processor security. There may be trusted control over communicating with peripherals, but this security protects against “sniffers” trying to access data traveling from one place to another, rather than actually protecting intellectual property (IP) and data traveling within the microprocessor itself. UDPi protects this IP and is truly a tamper-proof and anti-cloning technology.
85) Can other protection technologies that use software be added to UDPi?
Yes, other technologies can be used in conjunction with UDPi. This is primarily because UDPi is truly a hardware-based method, and does not require software-based formulas or heavy-duty number crunching. UDPi protects data at the hardware level, for example on hard disks as well as the microprocessor code and IP. Software-based solutions can be very desirable for a number of applications and in a number of different markets. UDPi recognizes many companies like to use software for specific security applications, and UDPi is certainly compatible with the use of these solutions.
86) Does UDPi use fuses, which can be seen with Xray and scanning?
Security fuses can be easily traceable with the use of certain technologies (which can be expensive). The best implementation of UDPi is to be programmed at the layering of the die by the laser (optics that expose the die to a light that will cause it to be etched or protected when exposed to a chemical). With this implementation of UDPi, Xray and scanning attacks are useless.
87) Is UDPi valuable in securing off-chip code? Is the protection worth the extra cost?
UDPi is incredibly valuable for securing off-chip code. It is simple to implement and cost effective. Protection and cost are frequently at odds with each other, but with UDPi both large and small processors can benefit from advanced protection at a low cost.
88) Is the encoding for UDPi strong?
If the code is broken, the attacker may have the IP, but with UDPi they cannot do anything with it. Even with the IP, with UDPi the attacker doesn’t have the clean text description of the IP. Also, two codes would have to be broken, including the CPU manufacturer’s code as well as the product’s code.
89) How does UDPi improve on anti-FIB techniques and other security technologies used in the smartcard market?
Many technologies need to be open and must use authentication. If a device must be designed to communicate with many other devices, then the communication must be open and there must be a common method, algorithm or the like to communicate with the other devices. This is why UDPi’s technology does not suit the Internet, email or other applications that require an open communication. UDPi creates a secure link between two devices.
90) What prevents UDPi’s technology from being reverse engineered?
UDPi cannot be reverse engineered because it is not based on a formula and accepts 0x00 as a term.
91) Does UDPi compress data?
The data length remains the same and is encoded. No data is lost during the UDPi process. The data is not compressed. Compressing data can result in a possible loss of quality, but the UDPi process resolves this loss of quality by not compressing the data.
[top]
For information on implementing or licensing
the UDPi IP methodology into your application
please contact us at technicalgroup@udpi.ca
Past Updates:
August 2008 FAQ Updates [Downloadable PDF document]
February 2008 FAQ Updates [Downloadable PDF document]
October 2007 FAQ Updates [Downloadable PDF document]