1 / 23

A Digital Rights Enabled Graphics Processing System

A Digital Rights Enabled Graphics Processing System. Motorola Labs Georgia Tech Georgia Tech Georgia Tech. Weidong Shi Hsien-Hsin “Sean” Lee Richard M. Yoo Alexandra Boldyreva. Why Digital Rights Management (DRM) and Content Protection?. id software Kevin Cloud

sadah
Download Presentation

A Digital Rights Enabled Graphics Processing System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Digital Rights Enabled Graphics Processing System Motorola Labs Georgia Tech Georgia Tech Georgia Tech Weidong Shi Hsien-Hsin “Sean” Lee Richard M. Yoo Alexandra Boldyreva

  2. Why Digital Rights Management (DRM) and Content Protection? • id software Kevin Cloud • "this (piracy) is what’s killing PC games" • “… but you may literally have more games being played illegitimately than being played legitimately.” • “… it is a very serious problem.  There isn’t any magical solution, or else we’d solve it.”

  3. Graphics As Assets • Protect graphics apps by protecting the graphics assets instead of the sw. • Avatars, in-game graphics assets sale raise steadily • $10M per month in-game assets sale in Korea alone • $880M trading in US (2004)

  4. It is a non-trivial task • If security is easy to add, it is easy to remove. • Never underestimate the hackers (XBOX incidence) • Graphics DRM • Protect against SW attacks • Protect against simple “Radioshack” HW attacks

  5. Software-based DRM 3D apps • Disadvantages • Insecure • Not tamper proof • Advantages • Easy to change • Flexible mesh texture shader OpenGL/ Direct3D DRM SW Frame Buffer

  6. DRM Design Space DRMed Contents • Many design choices for unlocking DRMed contents. • Hackers can always go to the level below to defeat a DRM system. • Typical SW DRM unlocks at App level. Unlock at App level Real time 3D apps Unlock at API level Graphics API(OpenGL/Direct3D) Device Driver Unlock at Driver level Unlock at Device level

  7. Our Idea – DRM Enabled GPU • Protect graphics assets with encryption and rights licenses. • Decrypt graphics assets by a DRM enabled GPU DRM • DRM Enabled GPU • Protected Graphics Assets • (mesh, textures, shaders)

  8. DRM Enabled GPU • Advantages • Strong security protection, contents decrypted right before their consumption • Against SW tampers/attacks • API hijack, graphics file reverse engineering, etc. • High performance • HW decryption vs. SW decryption • Disadvantages • Less flexible

  9. GPU with DRM Block Graphics/Video Memory PCI-Express Host/Memory Interface DRM Block Context Information Vertex Cache Texture Cache Cryptographic Unit License Processing Unit GPU Pipeline

  10. Public(GPU) license license Private-pair(GPU) Content keys Rights License and Content Keys • Graphics contents or assets are licensed • Graphics contents or assets are encrypted with content keys. Encrypted content keys included in graphics content licenses. • Content licenses are certified and distributed • Only targeted GPU can extract/use the content keys from the licenses.

  11. Binding Context • Constraints of binding among vertex data, textures, and shaders • Created based on graphics assets licenses • Security context (protected when stored in exposed storage) • Contains all information for decrypting graphics assets by a GPU

  12. Graphics API Extension • Encrypted Data Array/Texture Types • Encrypted{234}f, Encrypted_R8G8B8A8, … • Encrypt collection of vertex attributes or texture tile as a chunk. • Compute a digest or hashed MAC for each encrypted chunk • Protected Graphics Objects glVertexAttribPointerPrivateARB( 0, Encrypted4f, GL_FALSE, 0, &vertex); glVertexAttribPointerPrivateARB( 8, Encrypted2f, GL_FALSE, 0, &text_coord);

  13. Graphics API Extension • API Extension • GenBindingContext(int size, int* ptr_to_handles) • ConfigBindingContext( int handle, enum type, int graphics_object_handle, unsigned char* license) type = Encrypted_VERTEX_ATTR0..15 type = PRIVATE_TEXTURE0..7 type = VERTEX_SHADER|FRAGMENT_SHADER|… graphics_object_handle = handle to vertex,texture,or shader license = license byte array • EnableBindingContext(int handle) • DisableBindingContext(int handle) • DeleteBindingContext(int handle)

  14. Graphics Data Protection Check Encrypted Vertex Attr/Tex Tiles Digest/ HMAC Encrypted Vertex Attr/Tex Tiles Digest/ HMAC … Encrypted Vertex Attr/Tex Tiles Digest/ HMAC Binding Context Vertex/Tex Cache & Vertex/Tex Fetch Unit Decryption Unit ? HMAC Unit GPU Front-End

  15. Texel Tile Coord Offset Padding Counter Mode Example (Encrypted Texels) … Graphics Memory Graphics Memory Memory Unit Fetch Address Cal/Translation AES Engine Decryption Pad Encrypted Texels Vertex/Tex Cache & Vertex/Tex Fetch Unit XOR Counter value GPU Front-End Binding Context

  16. Unprotected Graphics Data Protected Graphics Data Division of Labor CPU-GPU Level-of-Detail Collision detection Coarse backface culling CPU Transformation Lighting Animation GPU • CPU processes unprotected coarse level graphics data • GPU processes protected fine-grained graphics data

  17. Optional Depth Buffer Protection Depth Buffer • Depth buffer key is applied to an application. Z-tile Z-tile Context Depth Decryption Unit Depth Encryption Unit Frame Buffer Operation Unit

  18. Evaluation

  19. Frame Rate Impact • Frame rate slowdown using protected assets against regular assets • Reasonable impact on frame rate

  20. Decryption Latency Sensitivity

  21. Sensitivity of Cache Miss Rate

  22. Conclusions • Time to introduce DRM protection on real time graphics assets. • The trend of GPU advancement enables new ways of protecting graphics assets. • Graphics assets protection advocates joint research from DRM, Graphics, and GPU community. • GPU-based graphics assets protection is more effective. • We studied feasibility of GPU based graphics DRM. • Further research is required.

  23. Thank You! http://arch.ece.gatech.edu

More Related