You Can’t Steal a Key that Isn’t There
November 21, 2017
|By: Ben Smith
Principal Member of the Technical Staff, Embedded Security, Maxim Integrated
DNA. It's funny–it's the stuff that connects us to every other human being on the planet, but at the same time, it's the stuff that makes each of us unique. Nobody in the world–nobody–has exactly the same DNA as you.
In recent years, we've learned how to use that uniqueness as a means of positive identification. Some, wrongly convicted of a crime, have been exonerated because DNA evidence cleared them. For others, DNA provided clinching proof of their guilt. Every one of us carries, in every cell of our bodies, the absolute proof of our personal identities.
What a contrast with the world of technology. In that world, every instance of a type of device must be utterly identical, right down to the last micron, microvolt, and byte. Every device must look the same, feel the same, and act the same. Mostly, that’s a good thing–as a maker of modern technology, you have to provide a consistent user experience. But that minute sameness plays havoc with security.
How Do You Ensure Authenticity?
Here's why: because every device is identical, it's hard to know whether messages that claim to come from a particular device actually originate with that device. Those messages might be coming from an impersonator. For example, a door actuator might receive a message from an access keypad that the correct code had been entered, and that the door should be opened. But how can the actuator know that the message is authentic?
In face-to-face communications that’s never a problem. We know the person we’re talking to because we know the shape of their chin, the set of their ears, the sound of their voice–that is, we know the expressions in their physical characteristics of the DNA that makes each of us unique. If only our devices had that kind of uniqueness.
That's why Maxim created ChipDNA™ technology. Devices with ChipDNA technology contain an element that makes each of them unique, even though each device is functionally identical. Deep inside devices equipped with ChipDNA is a circuit element that measures certain physical characteristics of the chip itself. Now, these physical characteristics are stable over time, but they do vary from device to device. The ChipDNA logic uses these device-specific variations to compute a value that remains the same every time it's computed, but that is unique to the particular instance of the device. This value uniquely identifies the device, just as your DNA uniquely identifies you.
To see why assuring the identity of a sender and the integrity of messages is important, consider a simple scenario. Let's say you have a sensor at a remote location, and the sensor sends a message that there's a problem. How can you trust that the message is authentic? You have a few options:
Option one: a shared secret
You could, before you deploy the sensor, program in a secret–a password, perhaps. Then, when the sensor sends a message, it incorporates the password into the message in some agreed-upon way. When you receive the message, you check to make sure the password was sent correctly, and if it was, you accept the message.
The problem is, if that password is the same for all such sensors, then an adversary could potentially reverse-engineer the device and steal the password. Then, they could impersonate messages from any device of that type. Worse, if the password is sent without cryptographic protection, an adversary wouldn't need to touch the device at all–they could just eavesdrop on the conversation and get the password. And that would mean they could impersonate any sensor anywhere they are deployed. Shared secret schemes are not the answer.
Option two: public-key cryptography
If you program a private key into your device, your device can digitally sign messages with the private key that can be verified using a corresponding public key. Messages signed in this way can be authenticated with near certainty. A signed message is practically impossible to modify or forge, and by "practically impossible," I mean that there is no known way to impersonate a signer in any reasonable amount of time without the signer's private key.
The problem is that the secret, private key has to live somewhere in the memory space of the target device. And if an attacker can slip in malware, it's easy for the malware to leak the private key. Once the malware is developed, firmware update mechanisms can be used to propagate the malware, and soon, a large population of the affected devices has been compromised. It’s better than a simple shared secret, but it's not the best option.
Option three: ChipDNA technology
ChipDNA technology overcomes the problems of traditional public-private key systems with a private key that is never disclosed, not even to its owner. In fact, the private key doesn’t even exist in the device until it's actually needed. Instead, the value computed by the ChipDNA logic is generated in hardware only when a message is ready to be signed, and then immediately destroyed. The computed value never appears in the microcontroller’s memory map. Here's one way you might use ChipDNA:
Before a device manufacturer deploys an internet of things (IoT) device, it commands the ChipDNA hardware to compute a public key that corresponds to the ChipDNA value–the private key. The actual ChipDNA value is never disclosed. The device manufacturer then signs the public key with their own corporate private key to create a certificate that they then write back to the device. That certificate can later prove that the public key that the device presents is the same one that was computed at the factory, because nobody can create a valid certificate without the corporate private key.
Once deployed, when the IoT device wants to send a message, it can sign the message by recomputing the ChipDNA value and using that value as the private key. If the receiver of the message has the public key for that device, it can verify, with a high degree of assurance, that the message is authentic, unmodified, and came from that particular device.
ChipDNA technology is based on a physically unclonable function (PUF) to protect against invasive attacks
But with millions of IoT devices in the wild, who keeps a database of the public key belonging to every IoT device? Anyone receiving a message from an IoT device is unlikely to have that particular device's public key. But they can send a request to the device itself, asking for the device's public key certificate. When the device sends the certificate, the receiver can check the validity of the certificate using a two-step process: first, the receiver verifies the certificate's signature using the signer's public key. Once the certificate has proven valid, the receiver can go on to step two: test the validity of the device's message by using the public key contained in the certificate. While this may seem like a complex system, the whole process takes less than a second.
Protect the IoT from Invasive Attacks
The question is, how secure is this system? Well, consider: the private key doesn't even exist until the physical properties of the chip are measured, and even then, the private key is destroyed once it is used. The private key can't be discovered by using rogue firmware because the private key only exists in secured, walled-off hardware, and never in the actual memory space of the microcontroller. And even if an attacker tries to probe the chip itself, the very act of probing the device will change the characteristics that are measured to determine the ChipDNA value, and so will destroy any hope of recovering the private key ever again!
We've seen how you can use ChipDNA to absolutely guarantee that messages that come from IoT devices are both authentic and unmodified, but ChipDNA can be used for many other purposes as well–from validating firmware images to managing authorized use of a device. ChipDNA can be used anywhere the identity of the devices involved in a transaction have to be absolutely assured-the possibilities are truly endless.
So as you contemplate the security needs for your next product, don't settle for anything less than the tightest, strongest protection available: ChipDNA technology. After all, you can't steal a key that isn't there!