Wednesday, February 08, 2012     Register | Login | Search | Contact Us
     
   
     
     

Many of you already received communications about the move of the Cadence user community into cadence.com. And many of you have already joined, with over 4000 registrations in the first two weeks.

The new Cadence Community enhances the ability of Cadence users to connect and collaborate. In addition to moving the community into cadence.com -- enabling single sign-on for community, Sourcelink and Cadence events -- the new site is organized around nine technology segments, giving you easy access to product information, training, forums and blogs. Some of the new features include:
  • Ability to respond to posts via e-mail
  • Technology-specific blogs
  • Latest Web 2.0 social networking capabilities
  • Public profile options
  • Private messaging
  • Friends lists
Visit the new Cadence Community today at www.cadence.com/community and join the discussions!

Registration note: Due to the scope of the enhancements and the new SSO registration system, we were not able to migrate existing cdnusers.org member accounts. So new registrations are required, but this enables a broader set of functionality we think you'll enjoy.

Forum note: Under the guidance of forum moderators, we have taken the 20+ cdnusers.org forums and consolidated them into 11 forums on the new site. Posts have been brought over so you can leverage that posting history. CDNusers forums will be set to read only starting 7/30, and cdnusers.org will be redirected to the new community on 8/4.

Best regards,
Mike and Tom

Michael A. Catrambone - Steering Committee Chairman
Distinguished Engineer
PCB/Mechanical
UTStarcom, Inc.

Tom Diederich
Cadence Community Manager
Home
Forums
Forums > Custom IC > Shared code - SKILL

Subject: context versus encypted SKILL?
Posting to forums is available to community members only.
Login or Register
Rate this topic:
   
Author Messages
m27315
Posts: 24
Online: User is Offline
3/19/2007 1:38 PM  
Hi all,

Which do you prefer for delivering products to 3rd parties?  Context files or encrypted SKILL?

A few years ago, I have had one customer who cracked the encrypted SKILL fairly easily and was able to view the original source code.  However, I do not know what method he used to view the source.

Can context files also be bypassed as easily?  Have all known holes in the encrypted SKILL methodology been closed?

Encrypted SKILL seems to be much easier to maintain, because I don't have to worry about maintaining separate versions for each major version of CADENCE, but I don't want to give away my source code to savvy users.

Any advice?

Just to be clear, I'm not asking for people to identify the known security holes.  I just want to know which method will avoid the most security hazards.

Thanks!
adbeckett
Posts: 248
Online: User is Offline
3/19/2007 2:38 PM  
Encrypted SKILL (without a password) is easily decoded, and should be seen as just a means of discouraging editing of the files, rather than real protection.

If you use a password when encrypting the SKILL, then the usual methods of decoding the encryption no longer work. You do need to know the password to load the file (it's the second argument to the load() function), but knowing the password doesn't help you to decrypt it. That said, the encryption algorithm is not that complex, and so somebody determined enough could decrypt it I'm sure (as opposed to decoding normal encrypted SKILL files which doesn't require any knowledge of the algorithm).

Context files are a snapshot of the virtual machine's state - and as such are much harder to decode. You'd need to know the machine language of the SKILL virtual machine and how to convert this back into code. Normally this can be done, but only with a license that is normally restricted for Cadence internal debugging use only.

So Context files are the most secure, followed by password protected encrypted files.

Regards,

Andrew.
m27315
Posts: 24
Online: User is Offline
3/20/2007 10:14 AM  
Thanks Andrew!
sury
Posts: 2
Online: User is Offline
12/27/2007 12:33 AM  
Hi there!

On the other side of the coin, what happen if the author quit and leave no documentation what so ever about the code. Is there away to de-crypte the SKILL code? I mean, you know there's no way two different engineers can come up with the same code.

Any ideas?
thanks
adbeckett
Posts: 248
Online: User is Offline
12/27/2007 3:24 AM  
There are no public ways of doing this. Whilst Cadence have internal ways of doing it (which are protected by a special license), we don't do this for customers because there's always a risk that the code being decrypted is not owned by the person requesting the decryption.

So the simple answer is "no". Make sure that source code is backed up and documented.

The same would be true if somebody pgp encrypted some vital bit of data and took the keys with them when they left.

Regards,

Andrew.
Posting to forums is available to community members only.
Login or Register
Forums > Custom IC > Shared code - SKILL > context versus encypted SKILL?


ActiveForums 3.6
     
Copyright 2006 Cadence Design Systems, Inc.