What is CryptoFirewall and how does it work?CryptoFirewall is an embedded silicon core designed only to protect keys and crypto-algorithm, it doesn’t burden itself with additional functionality, and it can be implemented on its own or embedded. If you take the example of the pay-tv system and its conditional access module, a crypto-firewall would be embedded and that would be responsible for the components of the control contribution. It’s essentially responsible for one part and doesn’t get involved with all the various permissions. The application compliments the existing system by securing that specific part of the control world so if the system is compromised the overall pay TV system isn’t. We can apply this in other anti -counterfeiting applications such as printers.
How much of a problem is piracy to the pay-tv industry?
Traditionally it’s been huge and continues to be so. There’s an estimate that if piracy was eliminated the suppliers would gain an extra £6bn in revenue worldwide, it’s staggering. Of course, some territories are better than others, and in instances where our CryptoFirewall technology is being deployed we have an unblemished security record. The first deployment was seven years ago and for something to survive in the field for that length of time is almost unheard of. The CryptoFirewall’s design goals were to be as highly tamper-resistant as possible and in the pay TV industry a lot of the attackers are well funded and well equipped. We see it as quite a compliment to our technology that it has survived the test of time. However, we’re not complacent. We recognize that things move along which is one of the reasons that we design CryptoFirewall with overlapping or complimentary systems. We accept that certain elements may be compromised but the whole thing won’t be, because it’s not a single point of sale.
How much of a problem is piracy to the pay-tv industry?
Traditionally it’s been huge and continues to be so. There’s an estimate that if piracy was eliminated the suppliers would gain an extra £6bn in revenue worldwide, it’s staggering. Of course, some territories are better than others, and in instances where our CryptoFirewall technology is being deployed we have an unblemished security record. The first deployment was seven years ago and for something to survive in the field for that length of time is almost unheard of. The CryptoFirewall’s design goals were to be as highly tamper-resistant as possible and in the pay TV industry a lot of the attackers are well funded and well equipped. We see it as quite a compliment to our technology that it has survived the test of time. However, we’re not complacent. We recognize that things move along which is one of the reasons that we design CryptoFirewall with overlapping or complimentary systems. We accept that certain elements may be compromised but the whole thing won’t be, because it’s not a single point of sale.
What sort of threats are companies at risk from?
One of the big issues in the pay-TV space is that set top boxes are sold at a loss or subsidized so the attacker will compromise the conditional access security. Thus, the attacker will receive the access for free and can bypass the subscription and payment mechanisms as well as re-programming the devices to work in the general case. Regularly, on EBay, people offer to sell conditional access cards or pay subscription cards which will get you access to programmes at the fraction of legitimate cost. In the counterfeit goods area, someone will clone copy a component such as printer ink cartridges, usually be refilling the tank. Technology has begun to be deployed whereby authorization is required to verify that the correct ink supplier is correctly validated.
That’s another area for technology like CryptoFirewall where you would have a cryptographic handshake between the cartridge and the printer head to ensure it’s the legitimate procedure and it’s ok to continue. Cloning is a potentially attractive market as goods are sold significantly in excess of the raw manufacturing cost. Another type of attack, remanufacturing, is when the device is worked upon so it can be re-used such as modifying set-top boxes. The final area is repurposing devices where cell phones, limited to a handset provider, are made available for general use by cracking the security.
How does CryptoFirewall provide the solution to these risks?
What CryptoFirewall is doing is providing a cryptographic authentification of the legitimacy of the product. There are a number of other application areas, such as medical devices. The potential vulnerability goes beyond purely financial, because there are life-threatening consequences of people using dodgy sensors. Another area is the aircraft industry. There are huge financial issues and the temptation to use ordinary bolts as opposed to specialist components so there’s a growing requirement to ensure that legitimate products are used. In general terms, the impact overall globally of counterfeit goods is something like £200 billion, that ranges from bags and perfumes to all sorts. There are legal remedies to catch the perpetrators but the other solution is to use technology to ensure that only legitimate products and parts will be used.
How does CryptoFirewall provide the solution to these risks?
What CryptoFirewall is doing is providing a cryptographic authentification of the legitimacy of the product. There are a number of other application areas, such as medical devices. The potential vulnerability goes beyond purely financial, because there are life-threatening consequences of people using dodgy sensors. Another area is the aircraft industry. There are huge financial issues and the temptation to use ordinary bolts as opposed to specialist components so there’s a growing requirement to ensure that legitimate products are used. In general terms, the impact overall globally of counterfeit goods is something like £200 billion, that ranges from bags and perfumes to all sorts. There are legal remedies to catch the perpetrators but the other solution is to use technology to ensure that only legitimate products and parts will be used.
What challenges or competition does CryptoFirewall face in the industry?
It is undoubtedly a change to the existing legacy, and there’s no doubt there is a cost implication. However, if someone is losing a certain amount of money then it becomes an economic decision to cover the cost of deploying what is essentially a chip solution to solve that problem. There are other approaches that aren’t so rigorous. In the ink cartridge market, there are several manufacturers that provide chip solutions to authenticate the ink. In most part, these are simple and easy to bypass and in some cases it might just be picking a chip off one product and putting it on another. We believe that with the CryptoFirewall we have a very robust and cost-effective solution. We’re keeping the design solely security focused and not burdening it with additional non-necessary functionalities.
Currently, what sort of take-up has CryptoFirewall had?
Currently 75 million CryptoFirewall devices are deployed globally, predominantly in the pay-TV space. To date, as far as we’re aware it hasn’t been compromised. We work in industries where if they have been compromised we’d know about it pretty quickly!
What does the future hold for CRI and CryptoFirewall?
Currently 75 million CryptoFirewall devices are deployed globally, predominantly in the pay-TV space. To date, as far as we’re aware it hasn’t been compromised. We work in industries where if they have been compromised we’d know about it pretty quickly!
What does the future hold for CRI and CryptoFirewall?
We’re working with a number of customers to design CryptoFirewall into their products. We’ve announced initiatives in the pay-tv space and we’re working in other industries as well. The CryptoFirewall is quite a design intensive process and there’s an awful lot of work involved. One of the difficulties in designing something which is secure and tamper proof is that it has an impact on everything because you’re explicitly taking out the testing features that would help you. The verification process is time consuming and we put a lot of effort into that. One of the longer term objectives that we’re looking to achieve is to get a generic CryptoFirewall product supported by major manufacturers and we announced collaboration with Infineon to develop CryptoFirewall products. Ultimately, CRI’s objectives are to increase our capability to be able to relay CryptoFirewall solutions to those that would benefit from it, particularly anti-counterfeiting protection.
(Smartcard News Ltd, 2009)
0 comments:
Post a Comment