Stats

  • Locked Locked
  • Replies 4
  • Subscribers 142
  • Views 15129
  • Members are here 0
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

context versus encypted SKILL?

archive

Hi all,

Which do you prefer for delivering products to 3rd parties?  Context files or encrypted SKILL?

A few years ago, I have had one customer who cracked the encrypted SKILL fairly easily and was able to view the original source code.  However, I do not know what method he used to view the source.

Can context files also be bypassed as easily?  Have all known holes in the encrypted SKILL methodology been closed?

Encrypted SKILL seems to be much easier to maintain, because I don't have to worry about maintaining separate versions for each major version of CADENCE, but I don't want to give away my source code to savvy users.

Any advice?

Just to be clear, I'm not asking for people to identify the known security holes.  I just want to know which method will avoid the most security hazards.

Thanks!


Originally posted in cdnusers.org by m27315
Parents

  • Encrypted SKILL (without a password) is easily decoded, and should be seen as just a means of discouraging editing of the files, rather than real protection.

    If you use a password when encrypting the SKILL, then the usual methods of decoding the encryption no longer work. You do need to know the password to load the file (it's the second argument to the load() function), but knowing the password doesn't help you to decrypt it. That said, the encryption algorithm is not that complex, and so somebody determined enough could decrypt it I'm sure (as opposed to decoding normal encrypted SKILL files which doesn't require any knowledge of the algorithm).

    Context files are a snapshot of the virtual machine's state - and as such are much harder to decode. You'd need to know the machine language of the SKILL virtual machine and how to convert this back into code. Normally this can be done, but only with a license that is normally restricted for Cadence internal debugging use only.

    So Context files are the most secure, followed by password protected encrypted files.

    Regards,

    Andrew.


    Originally posted in cdnusers.org by adbeckett
Reply

  • Encrypted SKILL (without a password) is easily decoded, and should be seen as just a means of discouraging editing of the files, rather than real protection.

    If you use a password when encrypting the SKILL, then the usual methods of decoding the encryption no longer work. You do need to know the password to load the file (it's the second argument to the load() function), but knowing the password doesn't help you to decrypt it. That said, the encryption algorithm is not that complex, and so somebody determined enough could decrypt it I'm sure (as opposed to decoding normal encrypted SKILL files which doesn't require any knowledge of the algorithm).

    Context files are a snapshot of the virtual machine's state - and as such are much harder to decode. You'd need to know the machine language of the SKILL virtual machine and how to convert this back into code. Normally this can be done, but only with a license that is normally restricted for Cadence internal debugging use only.

    So Context files are the most secure, followed by password protected encrypted files.

    Regards,

    Andrew.


    Originally posted in cdnusers.org by adbeckett
Children
No Data

Community Guidelines

The Cadence Design Communities support Cadence users and technologists interacting to exchange ideas, news, technical information, and best practices to solve problems and get the most from Cadence technology. The community is open to everyone, and to provide the most value, we require participants to follow our Community Guidelines that facilitate a quality exchange of ideas and information. By accessing, contributing, using or downloading any materials from the site, you agree to be bound by the full Community Guidelines.