conf graphics hardware 2006

8/6/2019 Conf Graphics Hardware 2006

1/25

Georgia Institute of Technology, Motorola*

A Digital Rights Enabled

Graphics Processing System

Weidong Shi*, Hsien-Hsin S. Lee,

Richard M. Yoo, Alexandra Boldyreva


2/25

Why DRM

id co-owner Kevin Cloud

"this (piracy) is whats killing

PC games" but you may literally have more games being

played illegitimately than being playedlegitimately.

it is a very serious problem.

There isnt any magical solution, or else wed solveit.


3/25

Graphics As Assets

Protect graphics apps byprotecting the graphics

assets instead of the sw. Avatars, in-gamegraphics assets sale raise

steadily $10million per monthin-game assets sale

in Korea alone


4/25

It is not a trivial task

If security is easy to add,

it is easy to remove.

Never underestimatethe hackers (XBOX case)

Graphics DRM

Protect against SW attacks

Protect against simple

radio - shack HW attacks


5/25

SW DRM

Disadvantages Insecure

Not tamper proof

Advantages Easy to change

Flexible

3D apps

mesh texture shader

OpenGL/Direct3D SW

DRM

FrameBuffer


6/25

DRM Design Space

Many design choicesfor unlocking DRMedcontents.

Hackers can alwaysgo to the levelbelow to defeat a

DRM system. Typical SW DRM

unlocks at App level.

Real time3D apps

GraphicsAPI(OpenGL/Direct3D)

DeviceDriver

DRMed Contents

Unlock atApp level

Unlock atAPI level

Unlock atDriver level

Unlock at

Device level


7/25

Our Idea DRM Enabled GPU

DRM Enabled GPU

Protected Graphics Assets

(mesh, textures, shaders)

Protect graphics assetswith encryption and rights

Licenses.

Decrypt graphics assets by DRM enabled GPU

DRM


8/25

DRM Enabled GPU

Advantages Strong security protection, contents decrypted

right before consumption Against SW tampers/attacks (API hijack, graphics

file reverse engineering, )

High performance (hw decryption vs. swdecryption)

Disadvantages Less flexible


9/25

Issues

DRM Issues

Graphics API Extension GPU Design


10/25

GPU with DRM Block

PCI-Express

Host/MemoryInterface

Graphics/VideoMemory

GPU Pipeline

VertexCache TextureCacheCryptographic

UnitLicense

Processing Unit

Context

Information

DRM

Block


11/25

Rights License

Graphics contents or assets are licensed. Textures, meshes, shaders

Graphics contents or assets are encrypted withcontent keys (symmetric keys). Encrypted contentkeys included in graphics content licenses.

Graphics content licenses are certified anddistributed over a variety of means.

Standard DRM license distribution problem (not the focusof this paper)

Distributed on network, storage media, on-demand, pre-distributed, etc.

Only targeted GPU can extract or use the contentkeys from the licenses.


12/25

Binding Context

Constraints of binding among vertex data,textures, and shaders

Created based on graphics assets licenses Security context (protected when stored in

exposed storage)

Contains all information for decrypting graphicsassets by a GPU

Binding Context

Vertex Attr Decryption Key, Digest Key

Texture Decryption Key, Digest Key

Shader Digest Key


13/25

Why Do WeConstrains GraphicsBinding?

A malicious shader may disclosure vertex data ortexture data in passthrough processing (assumeno frame buffer encryption)

Texture may be disclosed by binding with quad.

It is not necessary to encrypt shaders.

Use digital digest/MAC to protect shader integrity.


14/25

Graphics API Extension

Encrypted Data Array/Texture Types Encrypted{234}f, Encrypted_R8G8B8A8,

Encrypt collection of vertex attributes or texture tile as a

chunk. Compute a digest or MAC (HMAC) for each encrypted

chunk

Protected Graphics ObjectsglVertexAttribPointerEncryptedARB(0,

Encrypted4f,GL_FALSE, 0, 0);

glVertexAttribPointerPrivateARB(8, Encrypted2f, GL_FALSE,0, 0);


15/25

Graphics API Extension

API Extension GenBindingContext(int size, int* ptr_to_handles)

ConfigBindingContext(int handle, enum type,

int graphics_object_handle, unsigned char* license)

type = Encrypted_VERTEX_ATTR0..15

type = PRIVATE_TEXTURE0..7

type = VERTEX_SHADER|FRAGMENT_SHADER| graphics_object_handle = handle to vertex,texture,or shader

license = license byte array

EnableBindingContext(int handle)

DisableBindingContext(int handle)

DeleteBindingContext(int handle)


16/25


17/25

Division of LaborCPU-GPU Level-of-Detail

CPU

GPU

Collision detection

Coarse culling

Transformation

Lighting

Animation

Unprotected Graphics Data

Protected Graphics Data

CPU processes unprotected coarse level graphics data

GPU processes protected fine-grained graphics data


18/25

Fetching Encrypted TexelsTexture Fetch Unit/Texture Cache

Fetch AddressCal/Translation

Memory Unit

GraphicsMemory

GraphicsMemory

Texel TileCoord Offset Padding

AES EngineDecryptionPadEncrypted

Texel

XOR

BindingContext

Decryption Key


19/25

Optional Depth BufferProtection

Frame BufferOperation Unit

Depth Buffer

DepthDecryption Unit

Depth

Buffer

Symmetric Key

Context

DepthEncryption Unit

Z-tile Z-tile

Depth buffer key is applied to an application.


20/25

Evaluation

Setting

Apps Quake3D four demo maps

GPU Simulator QsilverAES unit # 8 (400K gate x 8)

DecryptionThroughput/Laten

cy

40Gb/ps x 8, 2.5ns per stage x12

HMAC Unit # 8

HMAC Latency 74ns

Graphics Memory GDDR3 latency


21/25

Frame Rate

Frame rate using protected assets/frame rateusing regular assets

Small impact on frame rate

Normalized Frame Rate (%)

50

60

70

80

90

100

q 3 d

m 1

q 3 d

m 7

q 3 d m

1 7

q 3 t o u r n

e y

a v e r a

g e


22/25

Decryption Latencyvs. Frame Rate


50556065707580859095

100

q 3 d m

1

q 3 d m

7

q 3 d m 1

7

q 3 t o

u r n e y

a v e r a g

e

27.5ns Decryption Lat 40ns Decryption Lat


23/25

Frame Rate vs.Cache Miss Rate


505560657075

80859095

100

q 3 d m 1

q 3 d m 7

q 3 d m

1 7

q 3 t o

u r n e y

a v e r

a g e

Baseline Medium Miss RateHi h Miss Rate


24/25


25/25

Questions

conf graphics hardware 2006

Documents