A Secure Content Delivery System Based on a Partially Reconfigurable FPGA

We developed a content delivery system using a partially reconfigurable FPGA to securely distribute digital content on the Internet. With partial reconfigurability of a Xilinx Virtex-II Pro FPGA, the system provides an innovative single-chip solution for protecting digital content. In the system, a partial circuit must be downloaded from a server to the client terminal to play content. Content will be played only when the downloaded circuit is correctly combined (= interlocked) with the circuit built in the terminal. Since each circuit has a unique I/O configuration, the downloaded circuit interlocks with the corresponding built-in circuit designed for a particular terminal. Thus, the interface of the circuit itself provides a novel authentication mechanism. This paper describes the detailed architecture of the system and clarify the feasibility and effectiveness of the system. In addition, we discuss a fail-safe mechanism and future work necessary for the practical application of the system.

[1]  Sean W. Smith,et al.  Fairy Dust, Secrets, and the Real World , 2003, IEEE Secur. Priv..

[2]  Steve H. Weingart Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defenses 2008 (Updated from the CHES 2000 version) , 2008 .

[3]  Mike Bond,et al.  Cryptographic Processors-A Survey , 2006, Proceedings of the IEEE.

[4]  Dritan Kaleshi,et al.  Securing the delivery of digital content over the Internet , 2002 .

[5]  Steven Trimberger Trusted Design in FPGAs , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[6]  Ross J. Anderson Why cryptosystems fail , 1994, CACM.

[7]  Carl Carmichael Virtex FPGA series configuration and readback , 1999 .

[8]  Jae-Cheol Ryou,et al.  A DRM Framework for Distributing Digital Contents through the Internet , 2003 .

[9]  William Stallings,et al.  THE ADVANCED ENCRYPTION STANDARD , 2002, Cryptologia.

[10]  Jeff Mason,et al.  Invited Paper: Enhanced Architectures, Design Methodologies and CAD Tools for Dynamic Reconfiguration of Xilinx FPGAs , 2006, 2006 International Conference on Field Programmable Logic and Applications.

[11]  I. Xilinx,et al.  Virtex-II Pro and Virtex-II Pro X Platform FPGAs: Complete data sheet , 2004 .

[12]  Kenji Toda,et al.  FPGA-based content protection system for embedded consumer electronics , 2005, 11th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA'05).

[13]  デジタルコンテンツ協会,et al.  デジタルコンテンツ白書 = Digital content white paper , 2001 .

[14]  Sergio López-Buedo,et al.  Using Partial Reconfiguration in Cryptographic Applications: An Implementation of the IDEA Algorithm , 2003, FPL.

[15]  Jizhong Zhao,et al.  Secure multimedia streaming with trusted digital rights management , 2005, The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l.

[16]  Steve H. Weingart Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences , 2000, CHES.

[17]  I. Xilinx Virtex series configuration architecture user guide , 2000 .

[18]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[19]  Mike Bond,et al.  API-Level Attacks on Embedded Systems , 2001, Computer.