チュートリアル 7325

How Secure Authenticators and Coprocessors Can Simplify Cryptography

筆者: Zia Sardar

要約:

This tutorial is part of a series that is designed to provide a quick study guide in cryptography for a product development engineer. Each segment takes an engineering rather than theoretical approach on the topic. In this installment, you'll learn how to easily implement a secure system with secure authenticators and coprocessors. A similar version of this tutorial originally appeared on Electronic Design on June 30, 2020.


Introduction

Let’s recap some of the basics we’ve learned so far from our series of cryptography tutorials and then review how we can use what we’ve learned. In conjunction with a few well-designed secure authenticators, we’ll show how to utilize them in some simple but very secure real-life solutions.

Four Essential Goals of Cryptography

As we have learned in the first tutorial in the series, “Cryptography: How It Helps in Our Digital World,” the four essential goals of any good cryptographic system are: Confidentiality, Authenticity, Integrity, and Non-Repudiation (Figure 1). A broad spectrum of secure authenticators and coprocessors, which can help a busy developer quickly implement a secure system, are currently available from various manufacturers. These coprocessors essentially unload the cryptographic computation and data-handling requirements from the host microcontroller and seamlessly integrate with the coupled secure authenticators that provide the main security functionalities. Next, we will explore a couple of these coprocessors.

Four essential goals of cryptography include confidentiality, authenticity, integrity, and non-repudiation. Figure 1. Four essential goals of cryptography include confidentiality, authenticity, integrity, and non-repudiation.

Using a Symmetric Key Coprocessor

Say you are a developer trying to implement a secure system in a unique gadget that you‘ve developed, and the success of your business model perhaps relies on the sale of high-volume consumables or disposables. In this model, you sell a permanently deployed host system to a customer and then they purchase the consumables from you and you alone. This gadget could be a medical consumable or a printer cartridge, where your system performance depends upon the disposable peripheral to which it’s connected. For a medical consumable such as a disposable sensor or tool, the main issues are quality, safety, and use management. For something like a printer cartridge, issues such as host-printer damage from poor-quality counterfeits and/or poor-quality print output must be addressed. In both cases, there is a loss of revenue associated with counterfeit disposables that results in a breakdown of your business model.

So you need to make sure that the gadgets connected to your main system are authentic and identifiable by your system. This can easily be achieved using secure authenticators such as the DS28E50 DeepCover® secure SHA-3 authenticator with ChipDNA™ and its companion DS2477 DeepCover secure SHA-3 coprocessor with ChipDNA physically unclonable function (PUF) protection. Figure 2 shows a simplified system architecture for such a cryptographically secured system.

 A secure system architecture uses a symmetric key secure authenticator and coprocessor. Figure 2. A secure system architecture uses a symmetric key secure authenticator and coprocessor.

In this system, you attach your favorite microcontroller to the DS2477 and let it handle all the identification and authentication tasks. It also provides the proper electrical signal strengths and timing to drive the DS28E50s situated in each of the gadgets.

The DS2477 is designed to be very flexible and allows greater control. If you want to dig deep and control all aspects of the cryptographic authentication process, it has low-level commands that will let you do exactly that. But if you want it to handle the complexities for you, it has very high-level commands that allows more hands-off ability towards securing your gadget. Both the DS2477 and the DS28E50 have built-in ChipDNA PUF features to secure your data with a key that has not been saved physically in the device but is derived each time it is needed. This technology was covered in a previous tutorial in our series, “Cryptography: Understanding the Benefits of the Physically Unclonable Function (PUF).”

Using an Asymmetric Key Coprocessor

As we have learned in the previous tutorial in our series, “Cryptography: Fundamentals on the Modern Approach,” there are instances when the system requires the use of asymmetric keys to secure a system. This is essential to achieve full cryptographic system integrity and non-repudiation. Figure 3 shows this type of system.

A secure system architecture uses an asymmetric key secure authenticator and coprocessor. Figure 3. A secure system architecture uses an asymmetric key secure authenticator and coprocessor.

Here, just as before, you need to secure your gadget but you want to use a public/private key combination to achieve your cryptographic goals. Figure 3 shows the DS2476 DeepCover secure coprocessor as the cryptographic helper that has a set of built-in tools to carry out asymmetric ECDSA as well as symmetric SHA-256 functions. Both ECDSA and SHA-256 algorithms were covered in a previous tutorial, “Cryptography: A Closer Look At the Algorithms.” The DS2476 also has a NIST-compliant random number generator that can be used by the host microcontroller to generate the nonce required to prevent “man-in-the-middle” attacks.

In the system shown in Figure 3, the DS2476 and the DS28C36 devices (DS28E83/DS28E84 are good for radiation-hardened medical applications) work in tandem to secure your new design from counterfeiting and other malicious intents.

Factory Personalization/Pre-Programming Custom Data

Now comes the last piece of the puzzle to easily and quickly implement a cryptographically secure system using secure authenticators. This includes using a personalization/pre-programming service that is tailored for factory production. This service personalizes or pre-programs your authenticators and coprocessors at the device manufacturer’s facility with either your private or public data. Example data can be a symmetric key/secret or an asymmetric key certificate. An example of the personalization process flow is shown in Figure 4.

This personalization service helps offload the need to program the required data to the authenticators in the production settings. In most cases, a manufacturer will need to develop its own test systems and infrastructure to accomplish this task, which can be time-consuming and very costly. Maxim Integrated has provided this service for decades for a wide variety of customers, effectively helping to safeguard their data.

The process begins when the customer requests and then securely transfers the required data to Maxim. This is shown in the first two sections of Figure 4, where the customer securely inputs data into the Maxim tool in their facility. Once that is completed, the tool encrypts the data and then it is sent to Maxim. At this point, Maxim takes over and completes the sample generation process as shown in Figure 4.

Figure 4. Personalization/pre-programming of private or public data in the device manufacturer’s factory help quickly implement cryptographically secure systems.

Once the samples are approved by the customer, that customer’s part goes into production. From then on, a “ready-to-use” part is shipped to the customer by request.

Conclusion

In the Cryptography Handbook, we covered the basics of cryptography starting with a general overview and then defined the characteristics of a secure cryptographic system. We described the details of various cryptographic concepts such as encryption and symmetric/asymmetric cryptography. We then provided an overview of various cryptographic algorithms such as SHA, ECDSA, AES, 3DES, and RSA. Next, we provided an implementation-centric explanation of physically unclonable functions. We hope that this approach will give the busy engineer a quick understanding of why these features are essential for target applications.

After outlining and discussing basic and detailed cryptographic concepts , we showed examples of how those concepts can be used for real-life applications such as secure boot or IP protection. Lastly, we reviewed some very important features of the latest secure authenticators and coprocessors as well personalization/pre-programming service. We believe that secure authenticators can help an engineer quickly develop and deploy a cryptographically secured system with a very high degree of confidence.