Due to the use of weak cryptography in the
IEEE P1735 electronics standard, attackers can recover highly-valuable intellectual property in plaintext.
The Institute of Electrical and Electronics Engineers (IEEE) P1735 standard describes a series of methods and techniques for encrypting information about the hardware and software inner workings of chips, SoCs, integrated circuits, and other electronic equipment.
The standard is used to protect intellectual property (IP) for commercial electronic design and allows hardware and software vendors to mix their code together to create new products, while at the same time protecting their creation from reverse-engineering and IP theft.
In simpler words, IEEE P1735 is a DRM for low-level hardware components that allows code from different manufacturers to work together but remain encrypted.
Almost all hardware and software vendors use IEEE P1735 to protect their work, for obvious reasons.
Academics put P1735 under the microscope
A team of five researchers from the University of Florida has recently reviewed the standard against a series of common cryptographic attacks.
Their investigation discovered numerous problems with IEEE P1735, among which the biggest problem is a vulnerability that allows an attacker to bypass encryption safety guards and access the underlying intellectual property in cleartext.
Access to such information is dangerous, as it could lead to competitors stealing each other's work, putting smaller companies out of business, and the creation of market monopolies or duopolies that would allow corporations to control product prices to the detriment of the regular user.
