Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protect Your Hardware from Hacking and Theft

Published byNicholas Allen Modified over 7 years ago

Similar presentations

Presentation on theme: "Protect Your Hardware from Hacking and Theft"— Presentation transcript:

1 Protect Your Hardware from Hacking and Theft
Class 3: Secure Devices - an Overview This class will review several of the current devices that include security capabilities that can be used to protect your design from hacking and theft. Some MCUs, FPGAs and CPUs now include key security features that can be used to protect your design. Additionally, specialized peripherals, memories and accelerators are also available for adding protection. Examples of all of these devices will be described. 11/12/2014 Warren Miller

2 This Week’s Agenda 11/10/14 Stealing and Hacking Your Design- Easy 11/11/14 How Do You Implement Secure Hardware? 11/12/14 Secure Devices- An Overview 11/13/14 Protecting Your System in the Field 11/14/14 An Example Design- in Detail

3 Course Description Your IP… Easy to steal... Must protect it…
This course provides a practical and implementation oriented follow-on to a previous class, given in Dec 2013, that introduced many high level security concepts. You CAN protect your design from reverse engineering or theft.

4 Today’s Topics Goals and Objectives Secure MCUs Secure FPGAs
ST23, ST32F (M2M and Mobile variants) Maxim MAX32590 Secure FPGAs Microsemi SmartFusion®2 SoC FPGA Specialized Secure Devices Atmel CryptoAuthentication™ Devices ST: Microchip:

5 STM ST23 MCU Family SmartCard TPM PC Motherboards Secure Authentication Nescript Cryptoprocessor Option for USB

6 STM ST23ZL48 Secure MCU Serial access MCU for secure smartcard applications. Enhanced ST 8/16-bit CPU core. Secure ROM for boot User ROM Security processors ISO/IEC EMV (card and terminal interface) serial interface (IART).

7 STM ST32F512-M M2M MCU ARM Cortex™-M3 RISC core 12 Kbytes of user RAM
512 Kbytes Flash with OTP IART ISO Two 16-bit timers 1.8V, 3V and 5V supply Environmental Monitoring Protection against faults ISO 3309 CRC calculation block True random number generator Unique serial number on each die Hardware data encryption standard (DES) accelerator ARM Cortex™-M3 32-bit RISC core 12 Kbytes of user RAM 512 Kbytes of user Flash memory with OTP area: –  10-year data retention at 105°C, or 15 years at 85°C –  500,000 Erase/Write cycles per page –  50 million Erase/Write cycles per 64 Kbyte sector –  Page granularity of 128 Bytes –  Block granularity: 1 Kbyte –  128 Bytes of OTP for user –  Page Erase time 4 ms –  Block Erase 1 Kbyte in 20 ms –  Programming performance up to 10μs/byte –  Flash Erase / Write Protection software programmable on 64 Kbyte sectors Asynchronous Receiver Transmitter supporting ISO T=0 and T=1 protocols Two 16-bit timers with interrupt capability 1.8V, 3V and 5V supply voltage ranges External clock frequency from 1 up to 7.5 MHz High performance provided by: –  CPU clock frequency up to 15 MHz –  External clock multiplier (2x, 3x, and 4x) Current consumption compatible with GSM and ETSI specifications Power-saving Standby state Contact assignment compatible ISO ESD protection greater than 4 kV (HBM) 8-pin DFN (6 x 5 mm) ECOPACK® package Security features DFN8 259a.ai Wafer ■ Monitoring of environmental parameters ■ Protection against faults ■ ISO 3309 CRC calculation block ■ True random number generator ■ Unique serial number on each die ■ Hardware data encryption standard (DES) accelerator Software features Flash loader Flash drivers Development environment ■ Software development and firmware generation are supported by a comprehensive set of development tools dedicated to software design and validation: – C compiler – Simulator – Emulator Description The ST32F512-M is designed for machine-to- machine (M2M) applications. Its CortexTM-M3 32- bit RISC core operating at a 15-MHz frequency provides great performance and excellent code compacity.

8 Maxim MAX32590 ARM CPU Peripherals Memory Bootloader AES, DES, SHA
Secure keypad Die shield ARM926EJ-STM Processor Core with 16KB Data Cache and 32KB Instruction Cache 384MHz Core Operating Frequency via PLL 192MHz Multilayer AHB Bus Matrix Security Features Secure Bootloader with Public Key Authentication AES, DES, and SHA Hardware Accelerators Modulo Arithmetic Hardware Accelerator (MAA) Supporting RSA, DSA, and ECDSA Secure Keypad Controller Hardware True Random Number Generator Die Shield with Dynamic Fault Detection Six External Tamper Sensors with Independent Random Dynamic Patterns 256-Bit Flip-Flop-Based Nonvolatile AES Key Storage Temperature and Voltage Tamper Monitor Real-Time External Memory Encryption and Integrity Check Real-Time Clock Memory 384KB System SRAM 4KB Instruction TCM, 4KB Data TCM 24KB AES User-Encryptable NV SRAM Dual External Memory Controller (LPDDR400, SDRAM, SRAM, NOR Flash, NAND Flash) 2KB User-Programmable OTP NAND Flash Controller with Hardware ECC I/O and Peripherals USB 2.0 Host/Device with Internal Transceivers Three UART Ports/One I2C Port Five SPI Ports with I2S Functionality Two ISO 7816 Smart Card Interfaces SD/SDHC/SDIO Interface 10/100Mbps Ethernet MAC Controller Thermal Printer Interface Three Timers with PWM Capability Up to 160 General-Purpose I/O Pins 3-Channel, 10-Bit ADC LCD Controller Supporting STN and TFT Displays Monochrome LCD Controller 16-Channel DMA Controller Advanced Interrupt Controller Power Management Flexible Clock Prescalers Clock Gating Function Low-Current Battery-Backup Operation Configurable Low-Power Modes

9 Other Secure MCUs Texas Instruments Renesas (SmartCard)
MSP430FR59xx, CC430, C28x, C24, AM335x Renesas (SmartCard) AE-5, RS-4 NXP (Secure Authentication) A700x Secure MCU Freescale (Power Train) Qotivva MPC5777M

10 Microsemi SmartFusion2 SoC FPGAs and IGLOO2 FPGAs
NVM Fabric-embedded Configuration Memory Secure encrypted configuration bit stream Licensed DPA protected programming On-chip security accelerators AES, SHA, ECC, NRBG, SRAM-PUF Secure key storage Locks and Passwords

11 SmartFusion2 SoC FPGA

12 SRAM-PUF Example SRAM powers up in unknown (somewhat) state
Use this to create a device unique Activation Code (AC) AC can be used to create VERY secure keys Intrinsic-ID QuidiKey®-Flex How does Quiddikey®-Flex work? With Quiddikey®-Flex you can securely store and manage all your cryptographic keys. Quiddikey®-Flex is prepared for operations by executing a so-called Enrollment phase. Enrollment is done only once in the device’s lifetime. During this phase a so-called activation code is generated based on a readout of the SRAM PUF data. After powering up the device, the activation code (1) that was generated during enrollment is processed by Quiddikey®-Flex in combination with a readout of the SRAM PUF data (2) to prepare for key programming and key reconstruction operations. This process is triggered by a Start command. After the Start operation has been executed, keys can be programmed by calling the Set Key function and keys can be reconstructed by calling the Get Key function. The Set Key operation is used to program both user selected keys and hardware intrinsic keys. Different key lengths can be selected. A Set Key operation results in the generation of a so-called Key Code. The Get Key operation uses the generated Key Code (3) (5) to reconstruct the cryptographic key (4) (6) when needed in the device or application. Activation Codes and key codes are unique for every device and are not sensitive, meaning that they reveal no information about the programmed keys. Therefore they can be stored in the (possibly insecure) non-volatile memory of the chip or anywhere else in the system (where it is accessible to the chip).

13 Other FPGAs with Security Features
Xilinx FPGAs Virtex-6 or Spartan-6: 256b AES with battery back-up or eFUSE OTP) Virtex-5/4: 256b AES with battery back-up Altera Arria, Stratix, Cyclone (256b AES; Volatile with battery back-up, Non-volatile OTP)

14 Specialized Secure Devices
Atmel CryptoAuthentication™ Devices SHA, AES, ECC Secure key storage Random Number Generators Serial Interface (I2C, SPI) EEPROM Data (512-byte, 16 slots, read-only or read write) Configuration (88-byte, serial number, other IDs) OTP (64-byte, read-only or one-way logging) SRAM (Temp data) Physical Security ATSHA204A The ATSHA204A is a member of the Atmel CryptoAuthenticationTM family of high-security hardware authentication devices. It has a flexible command set that allows use in many applications, including the following, among others:   Anti-counterfeiting Validating that a removable, replaceable, or consumable Client is authentic. Example Clients could be printer ink tanks, electronic daughter cards, medical disposables, or spare parts. The device can also be used to validate (authenticate) a software/firmware module or memory storage element.   Protecting Firmware or Media Validating code that is stored in flash memory at boot time to prevent unauthorized modifications (this is also known as secure boot), encrypt downloaded media files, and uniquely encrypt code images to be usable on a single system only.   Exchanging Session Keys Securely and easily exchanging stream encryption keys for use by an encryption/decryption engine in the system microprocessor to manage a confidential communications channel, an encrypted download, and similar items.   Storing Data Securely Storing secret keys for use by crypto accelerators in standard microprocessors. It can also be used to store small quantities of data necessary for configuration, calibration, ePurse value, consumption data, or other secrets. Programmable protection up through encrypted/authenticated reads and writes.   Checking User Passwords Validating user-entered passwords without letting the expected value become known, mapping simple passwords to complex ones, and securely exchanging password values with remote systems. The ATSHA204A incorporates a number of physical security features designed to protect the EEPROM contents from unauthorized exposure. The security measures include:   An Active Shield Over the Part   Internal Memory Encryption   Secure Test Modes   Glitch Protection   Voltage Tamper Detection Pre-programmed transport keys stored on the ATSHA204A are encrypted in such a way as to make retrieval of their values using outside analysis very difficult. Both the logic clock and logic supply voltage are internally generated, preventing any direct attack on these two signals using the pins of the device.

15 Applications Symmetric Asymmetric
The symmetric cryptographic architecture supports the following features:   Authentication Authentication serves to provide proof to a device application processor that a certain peripheral is genuine. This allows an equipment manufacturer to ensure that only authentic peripherals, accessories or consumables can be used in conjunction with the original equipment. The application processor authenticates the AuKey peripheral chip with the help of the companion chip through a challenge-response protocol based on AES.   Secure read/write Secure write operations allow the application processor to write usage or traceability data to one of its peripherals so that it cannot be tampered with by unauthorized users. Secure read operations allow the application processor to authenticate the data read from the AuKey peripheral chip with the help of the AuKey companion chip. This ensures that a peripheral or an accessory is used only as intended and within the limitations defined by the equipment manufacturer.   Secure one-way counters Secure one-way counters limit the usage of a certain accessories or consumable to a value preset by the manufacturer. A secure one-way counter can only be decremented.   Early pairing to application processor (optional) Pairing during the production process between the AuKey cryptographic chip and the application processor on the equipment main board enables the application processor to authenticate the cryptographic chip.   Firmware upgrade and equipment authentication (optional) When the host is connected to a remote server, the AuKey companion chip provides the host manufacturer the capability to secure the upgrade of the application processor firmware or parameters. This contributes to ensure the integrity of the host, and to prevent unauthorized downloading of software. By using the AuKey companion chip for decryption, the remote download can also be encrypted by the remote server. The equipment manufacturer's server can also perform the remote authentication of the host using the AuKey companion chip. The asymmetric cryptographic architecture supports the following features: Authentication serves to provide proof to a device application processor that a certain peripheral is genuine. This allows an equipment manufacturer to ensure that only authentic peripherals, accessories or consumables can be used in conjunction with the original equipment. The application processor requests the AuKey peripheral chip to generate a signature over a challenge using asymmetric cryptography.   Secure one-way counters Secure counters limit the usage of a certain accessory or consumables to a value preset by the manufacturer. Secure one-way counters can only be decremented.

16 Commands

17 Other Secure Devices Secure Memory Secure Board ID Maxim Deep Cover®
DS28C22 Secure Board ID Renesas R5H30211 DeepCover® embedded security solutions cloak sensitive data under multiple layers of advanced physical security to provide the most secure key storage possible. The DeepCover Secure Memory (DS28C22) combines crypto-strong, bidirectional, secure challenge-and-response authentication and small message encryption functionality with an implementation based on the FIPS 180-specified Secure Hash Algorithm (SHA-256). A 3Kb user-programmable EEPROM array provides nonvolatile storage for application data and additional protected memory holds a read-protected secret for SHA-256 operations and settings for user memory control. Each device has its own guaranteed unique and unalterable 64-bit ROM identification number (ROM ID) that is factory programmed into the chip. This unique ROM ID is used as a fundamental input parameter for cryptographic operations and also serves as an electronic serial number within the application. A bidirectional security model enables two-way authentication and encryption between a host system and slave-embedded DS28C22. Slave-to-host authentication is used by a host system to securely validate that an attached or embedded DS28C22 is authentic. Host-to-slave authentication is used to protect DS28C22 user memory from being modified by a nonauthentic host. The SHA-256 message authentication code (MAC), which the DS28C22 generates, is computed from data in the user memory, an on-chip secret, a host random challenge, and the 64-bit ROM ID. The device also facilitates encrypted read and write between host and slave using a one time pad computed by the SHA-256 engine. When not in use, the DS28C22 can be put in sleep mode where power consumption is minimal.

18 Additional Resources Previous Course: “Securing Your Embedded System”

19 This Week’s Agenda 11/10/14 Stealing and Hacking Your Design- Easy 11/11/14 How Do You Implement Secure Hardware? 11/12/14 Secure Devices- An Overview 11/13/14 Protecting Your System in the Field 11/14/14 An Example Design- in Detail

Download ppt "Protect Your Hardware from Hacking and Theft"

Similar presentations

Categories of I/O Devices

Categories of I/O Devices
Dr. Rabie A. Ramadan Al-Azhar University Lecture 3

Dr. Rabie A. Ramadan Al-Azhar University Lecture 3
MC68HC11 System Overview. System block diagram (A8 version)

MC68HC11 System Overview. System block diagram (A8 version)
POC Security System High security system combining PIN-on-Card, information security, physical access, control and alarm – all in one system.

POC Security System High security system combining PIN-on-Card, information security, physical access, control and alarm – all in one system.
Microcontroller – PIC – 4 PIC types PIC architecture

Microcontroller – PIC – 4 PIC types PIC architecture
TigerSHARC and Blackfin Different Applications. Introduction Quick overview of TigerSHARC Quick overview of Blackfin low power processor Case Study: Blackfin.

TigerSHARC and Blackfin Different Applications. Introduction Quick overview of TigerSHARC Quick overview of Blackfin low power processor Case Study: Blackfin.
IO Controller Module Arbitrates IO from the CCP Physically separable from CCP –Can be used as independent data logger or used in future projects. Implemented.

IO Controller Module Arbitrates IO from the CCP Physically separable from CCP –Can be used as independent data logger or used in future projects. Implemented.
Microcontroller based system design

Microcontroller based system design
BLDC MOTOR SPEED CONTROL USING EMBEDDED PROCESSOR

BLDC MOTOR SPEED CONTROL USING EMBEDDED PROCESSOR
Engineering 1040: Mechanisms & Electric Circuits Fall 2011 Introduction to Embedded Systems.

Engineering 1040: Mechanisms & Electric Circuits Fall 2011 Introduction to Embedded Systems.
Fundamental of Microcontrollers

Fundamental of Microcontrollers
ATMEL AVR 8 bit RISC MICROCONTROLLERS

ATMEL AVR 8 bit RISC MICROCONTROLLERS
Programmable Logic- How do they do that? 1/16/2015 Warren Miller Class 5: Software Tools and More 1.

Programmable Logic- How do they do that? 1/16/2015 Warren Miller Class 5: Software Tools and More 1.
Camera Interfacing using ARM7

Camera Interfacing using ARM7
Renesas Electronics America Inc. © 2010 Renesas Electronics America Inc. All rights reserved. Secure MCU REA FAE Training – June 2010 00000-A Rev. 0.00.

Renesas Electronics America Inc. © 2010 Renesas Electronics America Inc. All rights reserved. Secure MCU REA FAE Training – June A Rev
AT91RM9200 Boot strategies This training module describes the boot strategies on the AT91RM9200 including the internal Boot ROM and the U-Boot program.

AT91RM9200 Boot strategies This training module describes the boot strategies on the AT91RM9200 including the internal Boot ROM and the U-Boot program.
1 SERIAL PORT INTERFACE FOR MICROCONTROLLER EMBEDDED INTO INTEGRATED POWER METER Mr. Borisav Jovanović, Prof.dr Predrag Petković, Prof.dr. Milunka Damnjanović,

1 SERIAL PORT INTERFACE FOR MICROCONTROLLER EMBEDDED INTO INTEGRATED POWER METER Mr. Borisav Jovanović, Prof.dr Predrag Petković, Prof.dr. Milunka Damnjanović,
DLS Digital Controller Tony Dobbing Head of Power Supplies Group.

DLS Digital Controller Tony Dobbing Head of Power Supplies Group.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.

Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Class ID: Renesas Electronics America Inc. © 2012 Renesas Electronics America Inc. All rights reserved. Implementing Bootloaders on Renesas MCUs.

Class ID: Renesas Electronics America Inc. © 2012 Renesas Electronics America Inc. All rights reserved. Implementing Bootloaders on Renesas MCUs.

Similar presentations

Ads by Google