Meeting date: 23 may 2006
Members (asterisk for those attending):
Arpad Muranyi, Intel Corp.
*Bob Ross, Teraspeed Consulting Group
Todd Westerhoff, Cisco Systems
*Mike LaBonte, Cisco Systems
Paul Fernando, NCSU
Barry Katz, SiSoft
Walter Katz, SiSoft
Ken Willis, Cadence Design Systems
*Ian Dodd, Mentor Graphics
Lance Wang, Cadence Design Systems
*Richard Ward, Texas Instruments
Doug White, Cisco Systems
Sanjeev Gupta, Agilent
Joe Abler, IBM
John Shields, Mentor Graphics

-------------
Review of ARs:

- no ARs

-------------

Continuation of encryption discussion

- Accellera IP protection proposal presented by John Shields last week:
  - John made some documents public and Bob Ross sent link to list.
  - Does encryption cover the AMS extensions of languages?
    - With SPICE we usually leave subckt call line out of the encrypted
      portion.
    - Pure digital models from Mentor had to be protected.
    - An issue with AMS is the common practice of allowing "deep inspection"
      into certain internals of a model.
  - Need to better understand what Accellera is doing
    - If they do a good job maybe we don't need to do anything.
- More details on how the envelope/key chain approach works:
  - All keys come from model vendors
  - The "inner key" is embedded in the envelope file:
    - The model is encrypted with this key.
    - May be the same key for all models sent out, but probably not.
    - Most likely a different key depending on target vendor.
    - Might even use a different key for each user.
  - The "outer key" sent to simulator vendors:
    - The envelope file is encrypted with this key.
    - Model vendors choose the simulator vendors they trust.
    - Each simulator vendor gets a different key.
    - Simulators use this key to decrypt the delivered envelope files.
      - The decrypted envelope contains the key needed to decrypt the
        embedded model.
  - Are model and envelope in separate files?
    - Markup language probably used to embed all in one file.
- How to prevent a leaked/cracked encryption key from compromising all models:
  - The Blu-ray Disc system maintains a list of keys in the disc player.
    - If encryption is compromised, new discs can update the players with
      new encryption keys/system.
- Can this approach be extended to SPICE? Matlab?
  - Vendors may take a wait-and-see approach.
- How to help this proposal succeed:
  - High speed design groups will push for IP protection if IBIS needs it.
  - Would like John Shields to present Accellera IP proposal at DAC summit.
  - Need a way to explain this system quickly
    - A diagram showing model vendor/sim vendor/user and the flow of
      information between them would help.

AR: Bob send summit invitation to John Shields
AR: Mike find/make diagram of key escrow system

-------------
Next meeting: Tuesday 30 may 2006 12:00pm PT