Abstract
This paper discusses the hardware foundations of the cryptosystem employed by the XboxTM video game console from Microsoft. A secret boot block overlay is buried within a system ASIC. This secret boot block decrypts and verifies portions of an external FLASH-type ROM. The presence of the secret boot block is camouflaged by a decoy boot block in the external ROM. The code contained within the secret boot block is transferred to the CPU in the clear over a set of high-speed busses where it can be extracted using simple custom hardware. The paper concludes with recommendations for improving the Xbox security system. One lesson of this study is that the use of a high-performance bus alone is not a sufficient security measure, given the advent of inexpensive rapid prototyping services and affordable high-performance FPGAs.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Federal Information Processing Standards Publication, FIPS PUB 185: Escrowed Encryption Standard (EES) http://www.itl.nist.gov/.pspubs/.p185.htm
Thomas W. Krygowski, Jeffry J. Sniegowski, M. Steven Rodgers, Stephen Montague, James J. Allen, Jerome F. Jakubczak, Samuel L. Miller, Infrastructure, Technology and Applications Of Micro-Electro-Mechanical Systems (MEMS), Sandia National Laboratories, Intelligent Micromachine Department, http://www.mdl.sandia.gov/Micromachine, also appears in Sensor Expo 1999.
IBM, IBM 4758 PCI Cryptographic Coprocessor, http://www.ibm.com/security/cryptocards/
Gemplus (a smartcard vendor), Gemplus Corporate Website, http://www.gemplus.com
Pil Joon Lee, Eun Jeong Lee, Yong Duk Kim, How to Implement Cost-Effective and Secure Public Key Cryptosystems Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems (CHES), August 1999.
Federal Information Processing Standards Publication, FIPS PUB 140-2: Security Requirements for Cryptographic Modules, http://csrc.nist.gov/publications/.ps/.ps140-2/.ps1402.pdf
distributed.net, distributed.net: Project RC5, http://www.distributed.net/rc5/
HyperTransport Consortium, HyperTransportTM I/O Link Specification, Version 1.03, http://www.hypertransport.org
nVidia Corporation, nForce MCP Product Overview, 06.01v1, http://www.nvidia.com
Microsoft Developer Network, Introduction to Code Signing, http://msdn.microsoft.com/workshop/security/authcode/intro authenticode.asp
Nicholas P. Carter, Stephen W. Keckler, and William J. Dally, Hardware support for fast capability-based addressing, Proceedings of ASPLOS VI, October 1994, pp. 319–27.
Jeremy Brown, J.P. Grossman, Andrew Huang, and Thomas F. Knight, Jr., A capability representation with embedded address and nearly-exact object bounds, Project Aries Technical Memo 5, http://www.ai.mit.edu/projects/aries/Documents/Memos/ARIES-05.pdf
Auguste Kerckhoffs, La cryptographie militaire, Journal des sciences militaires, vol. IX, pp. 5–38, Jan. 1883, pp. 161–191, Feb. 1883.
Marcus Comstedt, Dreamcast Programming-Bootable CD-Rs, http://mc.pp.se/dc/cdr.html.
R. Anderson and M. Kuhn, Tamper Resistance-a Cautionary Note, Proceedings of the Second Usenix Workshop on Electronic Commerce, pp. 1–11, November 1996.
R. Anderson and M. Kuhn, Low Cost Attacks on Tamper Resistant Devices, IWSP: International Workshop on Security Protocols, LNCS, 1997.
Van Hook, et al., High Performance Low Cost Video Game System with Coprocessor Providing High Speed Efficient 3D Graphics and Digital Audio Signal Processing, U.S. Patent 6,239,810, May 29, 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Huang, A. (2003). Keeping Secrets in Hardware: The Microsoft XboxTM Case Study. In: Kaliski, B.S., Koç, ç.K., Paar, C. (eds) Cryptographic Hardware and Embedded Systems - CHES 2002. CHES 2002. Lecture Notes in Computer Science, vol 2523. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36400-5_17
Download citation
DOI: https://doi.org/10.1007/3-540-36400-5_17
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00409-7
Online ISBN: 978-3-540-36400-9
eBook Packages: Springer Book Archive