Architecture for Non-Copyable Disk (NCdisk) Using a Secret-Protection (SP) SoC Solution Michael S. Wang and Ruby B. Lee Department of Electrical Engineering, Princeton University

1
Architecture for Non-Copyable Disk (NCdisk)
Using a Secret-Protection (SP) SoC Solution
Michael S. Wang and Ruby B. Lee Department of
Electrical Engineering, Princeton University

• 1. Introduction
• Problem of study Digital contents piracy
• Research Examined both software and hardware
  vulnerabilities in existing copy-protection
  methods.
• Proposal Proposed a non-copyable disk (NCdisk)
  that makes it significantly harder for digital
  contents to be copied. Any digital content
  written onto the NCdisk can only be read through
  a predefined set of NCdisk outputs.

5. NCdisk Security Protocol We present a
security protocol to use along with the NCdisk
for an online movie download application.

• 4. NCdisk SP-based SoC Architecture
• The NCdisk concept ultimately boils down to
  achieving two goals.
• The first goal is to protect secret keys inside
  the NCdisk.
• The second goal is to protect data output such
  that the original digital plaintext data is never
  leaked out.
• We achieve these two goals by implementing a SoC
  consisting of existing disk controller
  components, plus a minimal set of additions. This
  new SoC can then be connected to the rest of the
  existing disk components to turn an existing disk
  into an NCdisk.

Manufacturer sends a blank NCdisk to Content
Provider (CP), who initializes the NCdisk.
NCdisk Architecture
Existing Hard Disk Architecture

• 2. Threat Model
• Content providers software is trusted and is
  allowed to use the critical secrets but cannot
  leak these secrets out.
• Any other software is un-trusted and is not
  allowed to use the secrets.
• The attacker is able to mount software attacks.
• Probing inside a System-on-Chip (SOC) is more
  difficult without destroying functionality, so it
  is not in our threat model.
• We also do not consider side-channel attacks.

User buys an NCdisk from store and then connects
to CP through Internet.
SP Instructions for the NCdisk Processor
SP Instruction Description
Begin_TSM (on-chip ROM ) Begins execution of TSM (enables access of TSM scratchpad memory)
End_TSM (on or off-chip) ends execution of TSM (disables access of TSM scratchpad memory)
SecureMem_Set (on or off-chip) Sets StartAddr EndAddr registers to define TSM scratchpad memory
DeviceKey_Read (on or off-chip) Load the Device Key to be used by TSM SW

• 3. NCdisk Concept
• The NCdisk is a data storage device, in which any
  digital content written into the device is
  automatically encrypted using a key that is
  generated by the NCdisk that never leaves the
  NCdisk.
• All data stored on the NCdisk are encrypted. It
  can only be read through a set of predefined
  outputs, such that the digital plaintext form of
  the data never leaves the NCdisk.

CP prepares a movie for the NCdisk
NCdisk APIs for Applications
API Functions Description
TSM_Write Write data into NCdisk
TSM_Read_Analog Output to analog channel
TSM_Read_Trusted Output to trusted display
TSM_Read_Integrated Output to internal display
NCdisk stores the downloaded movie

• Reference
• Michael Wang and Ruby Lee, Architecture of
  Non-Copyable Disk (NCdisk) Using
  Secret-Protection (SP) SoC Solution, Forty-First
  Asilomar Conference on Signals, Systems and
  Computers, November 4-7, 2007.
• Jeffrey S Dwoskin, Ruby B. Lee, "Hardware-rooted
  Trust for Secure Key Management and Transient
  Trust", ACM Conference on Computer and
  Communications Security, pp. 389-400, October
  2007.
• Jeffrey Dwoskin, Dahai Xu, Jianwei Huang, Mung
  Chiang, Ruby Lee, "Secure Key Management
  Architecture Against Sensor-node Fabrication
  Attacks", IEEE GlobeCom 2007, November 2007.