How to Stop an Invasive Attack on Your Design
January 18, 2018
|By: Christine Young
Blogger, Maxim Integrated
"Almost everything is connected these days. With that connectivity, these products really do face a lot of threats," Scott Jones, managing director of embedded security at Maxim, told an audience at the recent Embedded Security Conference (ESC) in San Jose.
Large-scale attacks such as the Mirai malware in 2016 began when network-connected consumer devices such as video surveillance cameras were hacked. Some 500,000 internet of things (IoT) devices are expected to be comprised this year, according to research by Forrester. Secure authenticators, argued Jones, could prevent these attacks by delivering strong hardware-based cryptography and secure storage of keys and data.
Left unprotected, pacemakers, security cameras, and ink cartridges can all fall victim to hackers.
Typical features of secure authenticators include:
- Symmetric and asymmetric algorithms
- Bi-directional authentication
- Secure use counting
- System session key generation
- Secure memory settings
- Secure general-purpose IO (GPIO)
- Random number source
These secure ICs can be used in a variety of applications, such as IP protection, device and message authentication, secure communication, data/firmware integrity, and device safety/quality assurance. “You could store keys in these devices that would be used by a microcontroller operating these parts,” Jones said. In a medical device, for example, a secure authenticator can be used to prevent a tool from being used beyond a prescribed number of times and also to safeguard it against modification. While secure authenticators provide fixed-function cryptography, they do have a rich feature set that provides a lot of opportunity for different uses, he said.
Are Security Technologies Advanced Enough to Impede Attacks?
However, as Jones noted, while security solutions are becoming increasingly sophisticated, they are also under relentless and sophisticated attack. Fault injection, side-channel attacks, and invasive measures like probing and reverse-engineering are all cause for concern—and action. Fortunately, physically unclonable function (PUF) technology integrated into secure authenticators provides strong protection against invasive attacks. PUF technology, based on the random electrical properties of IC devices, produces a unique and repeatable root cryptographic key for each IC. As a result, no two such ICs are the same. What's more, the key is generated only when needed, and it is never stored on the chip. Maxim's PUF circuitry is called ChipDNA™ technology and can be found in its DS28E38 DeepCover® secure authenticator.
"PUF really is the decisive countermeasure against these invasive attacks," Jones said. "This PUF solution can also simplify key management within a security IC."
Maxim has been developing ChipDNA technology for a few years now, and is beginning to integrate it into new secure ICs. "We're really good at analog at Maxim. This PUF implementation is based on an analog structure and the random characteristics of that analog structure," Jones noted.
Security expert Scott Jones discussed physically unclonable function (PUF) technology at the recent Embedded Systems Conference.
In an independent reverse-engineering examination of the DS28E38, MicroNet Solutions validated the robust level of security that the IC can provide. "In particular, the…PUF design and implementation of the circuit make it very robust against both physical and electrical attacks, and in MSI's experience, this is one of the most effective PUF designs," the company said in its report. The circuit has also demonstrated high reliability over process, temperature, aging, and voltage. Its key error rate (KER) reliability is at ≤5ppb, and PUF output evaluation to the NIST-based randomness test suite is successful with pass results.
ChipDNA Technology Use Cases
ChipDNA technology can be used in a variety of ways:
- Internal memory encryption, with ChipDNA output used as the symmetric key and AES encrypting everything stored on device
- ECDSA private key for signatures, where the PUF output is used directly as a private key for ECDSA signing
- External memory encryption to encrypt externally stored data, like from flash or EEPROM
- Hardware anchor of trust, where the PUF secret is used by hardware-based cryptography to enable different layers of cryptography that a product would
For a deeper dive into how ChipDNA technology works, read Jones's white paper, "How Unclonable, Turnkey Embedded Security Protects Designs from the Ground Up."