A Digital Rights Enabled Graphics Processing System - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

A Digital Rights Enabled Graphics Processing System

Description:

... have more games being played illegitimately than being played legitimately. ... Protect graphics apps by protecting the graphics assets instead of the sw. ... – PowerPoint PPT presentation

Number of Views:31
Avg rating:3.0/5.0
Slides: 24
Provided by: steve1683
Category:

less

Transcript and Presenter's Notes

Title: A Digital Rights Enabled Graphics Processing System


1
A Digital Rights Enabled Graphics Processing
System
  • Weidong Shi
  • Hsien-Hsin Sean Lee
  • Richard M. Yoo
  • Alexandra Boldyreva

Motorola Labs Georgia Tech Georgia Tech Georgia
Tech
2
Why Digital Rights Management (DRM) and Content
Protection?
  • id software Kevin Cloud
  • "this (piracy) is whats killing
  • PC games"
  • but you may literally have more games being
    played illegitimately than being played
    legitimately.
  • it is a very serious problem. 
  • There isnt any magical solution, or else wed
    solve it.

3
Graphics As Assets
  • Protect graphics apps by protecting the graphics
    assets instead of the sw.
  • Avatars, in-game graphics assets sale raise
    steadily
  • 10M per month in-game assets sale in Korea alone
  • 880M trading in US (2004)

4
It is a non-trivial task
  • If security is easy to add, it is easy to remove.
  • Never underestimate the hackers (XBOX incidence)
  • Graphics DRM
  • Protect against SW attacks
  • Protect against simple
  • Radioshack HW attacks

5
Software-based DRM
  • Disadvantages
  • Insecure
  • Not tamper proof
  • Advantages
  • Easy to change
  • Flexible

3D apps
mesh
texture
shader
OpenGL/ Direct3D
DRM
SW
Frame Buffer
6
DRM Design Space
DRMed Contents
  • Many design choices for unlocking DRMed contents.
  • Hackers can always go to the level below to
    defeat a DRM system.
  • Typical SW DRM unlocks at App level.

Unlock at App level
Real time 3D apps
Graphics API(OpenGL/Direct3D)
Unlock at API level
Device Driver
Unlock at Driver level
Unlock at Device level
7
Our Idea DRM Enabled GPU
DRM
DRM Enabled GPU
  • Protect graphics assets with encryption and
    rights licenses.
  • Decrypt graphics assets by a DRM enabled GPU

Protected Graphics Assets (mesh, textures,
shaders)
8
DRM Enabled GPU
  • Advantages
  • Strong security protection, contents decrypted
  • right before their consumption
  • Against SW tampers/attacks
  • API hijack, graphics file reverse engineering,
    etc.
  • High performance
  • HW decryption vs. SW decryption
  • Disadvantages
  • Less flexible

9
GPU with DRM Block
Graphics/Video Memory
PCI-Express
Host/Memory Interface
DRM Block
Context Information
Vertex Cache
Texture Cache
Cryptographic Unit
License Processing Unit
GPU Pipeline
10
Rights License and Content Keys
  • Graphics contents or assets are licensed
  • Graphics contents or assets are encrypted with
    content keys. Encrypted content keys included in
    graphics content licenses.
  • Content licenses are certified and distributed
  • Only targeted GPU can extract/use the content
    keys from the licenses.

11
Binding Context
Binding Context
Vertex Attr Decryption Key, Digest Key
Texture Decryption Key, Digest Key
Shader Digest Key
  • Constraints of binding among vertex data,
    textures, and shaders
  • Created based on graphics assets licenses
  • Security context (protected when stored in
    exposed storage)
  • Contains all information for decrypting graphics
    assets by a GPU

12
Graphics API Extension
  • Encrypted Data Array/Texture Types
  • Encrypted234f, Encrypted_R8G8B8A8,
  • Encrypt collection of vertex attributes or
    texture tile as a chunk.
  • Compute a digest or hashed MAC for each encrypted
    chunk
  • Protected Graphics Objects
  • glVertexAttribPointerPrivateARB(
  • 0, Encrypted4f, GL_FALSE, 0, vertex)
  • glVertexAttribPointerPrivateARB(
  • 8, Encrypted2f, GL_FALSE, 0, text_coord)

13
Graphics API Extension
  • API Extension
  • GenBindingContext(int size, int
    ptr_to_handles)
  • ConfigBindingContext(

    int handle, enum type, int
    graphics_object_handle, unsigned
    char license)
  • type Encrypted_VERTEX_ATTR0..15
  • type PRIVATE_TEXTURE0..7
  • type VERTEX_SHADERFRAGMENT_SHADER
  • graphics_object_handle handle
    to vertex,texture,or shader
  • license license byte array
  • EnableBindingContext(int handle)
  • DisableBindingContext(int handle)
  • DeleteBindingContext(int handle)

14
Graphics Data Protection Check
Encrypted Vertex Attr/Tex Tiles
Encrypted Vertex Attr/Tex Tiles
Digest/ HMAC
Digest/ HMAC


Encrypted Vertex Attr/Tex Tiles
Digest/ HMAC
Binding Context
Vertex/Tex Cache Vertex/Tex Fetch Unit
Decryption Unit
Vertex Attr Decryption Key, Digest Key
Texture Decryption Key, Digest Key
Shader Digest Key
?
HMAC Unit
GPU Front-End
15
Counter Mode Example (Encrypted Texels)

Graphics Memory
Graphics Memory
Memory Unit

Fetch Address Cal/Translation
Encrypted Texels
Decryption Pad
AES Engine
Vertex/Tex Cache Vertex/Tex Fetch Unit
XOR
Counter value
Decryption Key
GPU Front-End
Binding Context
16
Division of Labor CPU-GPU Level-of-Detail
Collision detection Coarse backface culling
CPU
Transformation Lighting Animation
GPU
  • CPU processes unprotected coarse level graphics
    data
  • GPU processes protected fine-grained graphics
    data

17
Optional Depth Buffer Protection
Depth Buffer

Z-tile
Z-tile
Context
Depth Decryption Unit
Depth Encryption Unit
Depth Buffer Symmetric Key
Frame Buffer Operation Unit
  • Depth buffer key is applied to an application.

18
Evaluation
Setting
Apps Quake 3D 4 demo maps
GPU Simulator Qsilver (UVa)
AES unit 8 (400K gates each)
Decryption Throughput/Latency 40Gb/ps x 8, 2.5ns per stage x 11 27.5ns
HMAC Unit 8 (19K gates each)
HMAC Latency 74ns
Graphics Memory GDDR3 latency
19
Frame Rate Impact
  • Frame rate slowdown using protected assets
    against regular assets
  • Reasonable impact on frame rate

20
Decryption Latency Sensitivity
21
Sensitivity of Cache Miss Rate
22
Conclusions
  • Time to introduce DRM protection on real time
    graphics assets.
  • The trend of GPU advancement enables new ways of
    protecting graphics assets.
  • Graphics assets protection advocates joint
    research from DRM, Graphics, and GPU community.
  • GPU-based graphics assets protection is more
    effective.
  • We studied feasibility of GPU based graphics DRM.
  • Further research is required.

23
Thank You!
http//arch.ece.gatech.edu
Write a Comment
User Comments (0)
About PowerShow.com