© Synopsys IP Licensing Recommendations for P1735 Rev 4/16/12

© Synopsys Introduction Motivation –Encryption and rights management covers per-tool rights –Also need per-user rights –A license can be used to allow any use or to expand rights Internal licensing (SNPS tool checking out snpslmd feature for example) is a good mechanism for EDA company’s own IP. Contractual restrictions on commercial licensing plus EDA company’s operations make internal licensing a bad choice for licensing third-party IP. Focus on external licensing where EDA tool communicates with a new licensing application.

© Synopsys Requirements Syntax in IP rights block supports internal and external licensing External licensing application can be on different machine/platform Communication standard allows new parties to participate without updates to EDA tools No shared secrets among parties

© Synopsys External Licensing EDA Tool IP IP License Proxy FLEXnet client or other authorization EDA Vendor IP Vendor

© Synopsys License Proxy Features Standardized secure communication with EDA application Socket-based communication for platform-independence, simplicity, and reliability Proxy has two parts. One communicates with the EDA tool. Other can be FLEXnet, Reprise, Safe-net, etc. client or can use arbitrary other authorization mechanism P1735 working group should supply a sample implementation

© Synopsys License Specification Specification is in rights block (common or tool-specific) The license can be associated with permission to use the IP at all or as a condition for granting other rights Example where license is required for any use: –control use=1,license a b c d e Example where license grants additional rights –control visibility=none –control visibility=all, license a b c d e Note that one IP can contain multiple envelopes. If more than one has the same license specification, proxy sees multiple requests but counts only one license

© Synopsys License Attributes (labeled a b c d e in previous slide) –Licenseproxy_name −Name of proxy. Tool will find proxy through an environment variable ${NAME}_LICENCE_PROXY. Value will be –Licenseproxy_pubkeymethod −Asymmetric cipher such as rsa2048 –Licenseproxy_symkeymethod −Symmetric cipher such as aes128-cbc –Licenseproxy_pubkeyblock −The public key that matches the private key hidden in the proxy. Encoding is same as for key block. –Licenseproxy_licensestring −A fixed feature name and/or string containing tokens that the EDA tool replaces with user name, host name, etc. for the case that license will only be granted for certain values.

© Synopsys License Attributes For case of internal licensing –Licenseproxy_name −Daemon name; must match daemon name of EDA tool –Licenseproxy_pubkeymethod −The digit 0 –Licenseproxy_symkeymethod −The digit 0 –Licenseproxy_pubkeyblock −The digit 0 –Licenseproxy_licensestring −A fixed feature name and/or string containing tokens that the EDA tool replaces with user name, host name, etc. for the case that license will only be granted for certain values.

© Synopsys Cryptography EDA Tool to Proxy –Key exchange −Generate a random session key −Encrypt session key with public key and transmit to proxy –Messages −Use session key with random IV to encrypt message −Transmit to proxy Proxy to EDA Tool –Messages −Use session key with random IV to encrypt message −Transmit to EDA tool

© Synopsys Message Details Initial message for key exchange –2 bytes indicating Length –1 byte indicating message type –The message Other messages after key exchange –2 bytes indicating Length –1 byte indicating message type –One block containing the initialization vector –The message

© Synopsys Communication Steps Launch the Proxy Contact the Proxy Initial Handshake License Request Grant or deny a license Heartbeats Release a license Details on each coming in white paper before end of April