Certicom offers embedded security to track outsourced work

- September 14, 2005

BOSTON — Certicom Corp. demonstrated a highly-specialized version of a public-key infrastructure system at Embedded Systems Conference here which may solve the sticky problem of preventing and tracking “gray market” manufacturing of key-enabled systems using content management and digital rights management.

KeyInject can be used to prevent cloning in conditional-access set-top box and media products as well as for tracking manufacturing of high-value replacement parts ranging from inkjet cartridges to medical-imaging parts.

"When manufacturers outsource to small specialists they don’t directly control, you often see very sensitive public keys distributed on CDs,” said Certicom marketing director Brendan Ziolo. “The notion here is to put a small, dedicated hardware system at the manufacturing line that distributes the keys, meters their use, and provides an audit trail back to any manufacturing run that was unauthorized in any way.”

Most DRM or conditional-access systems rely on public-key authentication systems, and Certicom has made inroads into traditional Diffie-Hellman and RSA public-key systems with an encryption scheme that combines elliptic-curve cryptography with the federal Advanced Encryption Standard. The basis for emerging DRM schemes such as High-bandwidth Digital Content Protection and Content Protection for Recordable Media has been to embed unique keying algorithms in a system to control access to streaming media and the use of downloaded media files.

According to Brian Neill, a member of the technical staff at Certicom, “When there were multiple steps in the manufacturing chain, the system designers tended to either send the keys unencrypted, or the set of keys are sent encrypted on a CD. Certain employees on the manufacturing line can represent the weak link, and if the keys provided by the manufacturer end up elsewhere, the system designer can be subject to significant fines by the manager of the content.” Certicom’s answer was to develop a ceramic-encased PCI card similar to a FIPS-140 security module, and make the hardware module the “core root of trust” for a manufacturing line.

A Certicom KeyInject controller manages key distribution, which can be carried out in a networked format over nonsecure networks, or using a file-based system — currently the preferred way to distribute keys.

The KeyInject appliance sits at the manufacturing location, providing one key and uses one “credit” in the metering system for each device manufactured.

Because the set of keys is stored at the manufacturing site and is only decrypted as needed, the possibility of key theft is greatly reduced, and the contract manufacturer provides usage reports to show the system designer.

ATI Technologies Inc. already has been implementing the KeyInject systems for graphics and digital media chip solutions. Ziolo said Certicom is exploring its use in any contract-manufacturing chain where replacement perishable parts must be tightly controlled. The problem not only involves “bootleg” parts that end users might buy on the gray market, but parts which a contract manufacturer might provide to OEMs which do not meet all specs.

“Particularly in medical realms, if the replacement part carries the label of the OEM but does not meet the standards anticipated, guess who’s liable?” Ziolo said.

The launch of KeyInject was part of a multipronged assault to bring elliptic-curve crypto into consumer multimedia markets. Last week, Japan's D&K Holdings Inc., which manufacturers such AV brands as Marantz, Denon, McIntosh and ReplayTV, licensed Certicom’s ECC for internal use.

Ziolo said that current technology licensing agreement may eventually expand to involve Certicom’s provision of software modules or hardware subsystems to D&M, though it is currently limited to algorithm licensing.