YFL elite to offer Chip Authentication Technology - calls industry to join Counter Chip Counterfeit efforts

Press Release 16 March 2009

As have been very well portrayed by the Electronic Business Contributing Editor Rob Spiegel in the "Counterfeit components remains a huge electronics supply chain problem" on 3/3/2009:

"Most industry experts claim the problem is escalating and note that while the federal government and several industry associations have taken measures to limit counterfeiting, it continues to plague the electronics supply chain." - Rob Spiegel

Counterfeiting of electronic components is a growing threat to legitimate IP owners in the electronics industry today. Globalization of manufacturing has driven prices down, but has also advanced the means and tools for much more sophisticated counterfeiting than the world could ever imagine before. Reusing e-wastes is already an unnecessary and a rather outdated way of counterfeiting electronic parts. It is much easier to profit from production overage than to earn the OEM or ODM margins the hard way. It is probably just as easy to transfer entire design and layouts to other similarly equipped facilities at less legally constrained places, and reap even heftier profits for even less risks. Counterfeiters of the electronics industry are so much more resourceful and smarter than any mafia the history has ever seen. Today's chips can literally be copied; just like how softwares used to be - and still are - so vulnerable to piracies. There should be no reason why protections shall not be implemented to protect chips' IP. So, perhaps, time has come for the electronics industry to learn a lesson from the software industries in making an effort in protecting the IP; solutions for countering chip counterfeitings may have become a necessity in the world today.

YFL elite believe our Chip Authentication Technology (CAT) can be a spearhead in the Counter Chip Counterfeit (C³-x-feit) efforts.

Using a cryptography based chip authentication method is perhaps as good and secure as it can be in today's available techniques. To be effective in C³-x-feit, a solution should satisfy several essential requirements:

1. Authentication
   Should be secure and with high quality; and should be impervious to forging, duplication, or replay attacks. If the authentication itself can be counterfeited in any way, the solution would be inept.
2. Secure Information
   There are always information that needs verified or communicated from a chip, these information should be exchanged securely as well.
3. Hardware Efficiency
   Chip authentication is a subsidiary function in a chip; in most cases, should not require any substantial area. The solution should also be as much power efficient as possible, and takes least amount of resources of the chip while offering as good a protection as possible.
4. Reliability
   Robustness and reliability are always the most important requirements of a solution, without them, even the most powerful solutions lost the practicability.

CAT is based upon a unique YFL elite crypto technology called SEA - which has the following characteristics:

1. Its cipher and signature are integrally generated and tightly coupled. Thus, a single algorithm provides the abilities to:

   Authenticate

   A message and the identity can be authenticated with the signature generated.

   Secure Information

   With the cipher generated for the message.

   Verify and Error Check

   The signature - that is tightly coupled to the cipher - is also a best mean of verifying and checking any transmission errors. Since any the errors would also result in an incorrect verification signature computed - with highest probabilities, it is much more reliable than the CRC or any other presently available techniques.

2. Literally OTP-like characteristic:
   The ciphers and the signatures generated at different times are unlikely to repeat - even with an exact same message each time; the differences between each the ciphers and the differences between each the signatures are also to dramatic degrees, the ciphers and signatures generated from an identical message at different times would also appear to be random bits.

These unique characters of SEA can readily satisfy the essential requirements for an effective solution to the C³-x-feit; and SEA can certainly be the most suitable core crypto technology for the CAT.

A fundamental CAT system can be made up of two devices: a chip to be authenticated - let's just call it a 'chip' - and a device to verify the authenticity of the chip - let's call it an Authenticity Checker or an 'AC'. The authentication process shall be carried out as follow:

1. The AC shall send a SEA generated communication to the chip with data required by the chip's CAT and to identify itself to the chip.
2. The chip shall verify the received communication and only respond to the AC if the identity is authenticated.
3. The chip then sends a SEA generated communication to the AC with the required information.
4. The AC then can authenticate and verify the received information to determine authenticity of the chip.

CAT enabled chip devices allow legitimate IP owners a means of certifying the product using:

1. A secret key
   that is only known by the legitimate IP owners. This secret key is stored into the AC and the chip products - hopefully by trustworthy parties - and only matching keys can decipher the information and authenticate the chips.
2. The stored authentication information on the chips that can only be verified by - and perhaps only known to - a legitimate AC.

While CAT might not be the miracle technology to stop counterfeiting with the production overage or design thievery just yet, it will be a giant leap forward in making the effort of identifying counterfeiting parts a much easier task. And it will be a valuable tool where IP protection principles are enforceable. Government custom officials, for example, could be given the AC to easily identify counterfeits from legitimate CAT embedded chips. So even if uncertified counterfeit chips can still live in places IP protection is moot, the damages can be limited decidedly elsewhere.

Further on the roadmap is MAOW, a design which combines CAT and AMBIST, enabling chips to be authenticated and to self-test too. Since CAT and AMBIST both require a common SHS function, a major portion of the hardware can be shared; MAOW will be enabled for both chip authentication and on-chip self-test features without needing significant area increase from CAT or AMBIST.

As much as we would like to be a stronger driving force in the C³-x-feit effort, we are a small company with very limited resources at the moment. However, we are diligently working to collaborate with more resourceful companies; and we hope the C³-x-feit effort will become more visible in the coming months.

We welcome any interest of collaboration or discussions. Please contact us for any questions or for licensing. Thank you.