When telecommunications giant Telefonica warned in 2016 of disastrous consequences as defenses against cybercrime continued to lag behind development of internet of things (IoT) solutions, that should have been a wake-up call1. Yet, security breaches continue.
Earlier this spring, news came out about a casino that was apparently hacked via an internet-connected thermometer inside an aquarium in its lobby. From there, the hackers got into the casino’s network, accessing a database of customer information. In spring of 2017, the massive WannaCry ransomeware attack impacted computers in at least 150 countries in Europe, South America, Asia, and North America, hampering hospitals, universities, manufacturers, businesses, and government agencies. The fall of 2016 saw a massive internet outage caused by hacked CCTV video cameras and DVRs, courtesy of a botnet based on the Mirai malware strain. For each of these major, well-publicized incidents, there are many smaller occurrences that should be just as worrisome to consumers and businesses alike. It also goes without saying that as more products and systems become connected, and hackers grow increasingly sophisticated, there are new risks that every vertical industry must address.
Neglecting design security is costly in terms of lost revenue, damage to brand reputation, and even personal harm. Patching up systems after a breach is often too little, too late. The earlier in the design cycle you can build in security, the better. Hardware-based security has proven itself to be more effective than its software-based counterpart (see the white paper, “Why Hardware-Based Design Security is Essential for Every Application,”). And fortunately, a hardware-based approach using secure ICs doesn’t necessarily require a lot of effort, security expertise, or time.
When Lax Security Cuts Into Profits
You might face great pressure to get your product to market quickly while also keeping development costs down. But have you calculated the costs associated with a breach? As a hypothetical end product in Table 1 shows, foregoing security can actually be more harmful to your bottom line.
Table 1. Loss of assets from counterfeiting ultimately outweighs the cost of implementing security.
Hardware-based security is robust in part because it is difficult for cybercriminals to alter the physical layer in a design. Additionally, the presence of a physical layer makes it impossible for malware to infiltrate the operating system and penetrate the virtualization layer in a design. By starting at the beginning of your design cycle, you can integrate security into the base level of your design and all of the layers that follow. Using a secure IC, such as a microcontroller that executes code from an internal, immutable memory, protects against attacks that attempt to breach an electronic device’s hardware. The microcontroller’s ROM stores the start-up code that is considered to be the “root of trust” because it cannot be modified. This non-modifiable and, therefore, trusted software can be used to verify and authenticate an application software’s signature2. When a hardware-based “root of trust” approach is implemented from the bottom up, you can close off more potential entry points into your design.
Embedded security ICs, such as secure microcontrollers and secure authenticators, provide turnkey solutions that protect entire systems, from each sensor node to the cloud. Not all security ICs are created equal, however. Some secure microcontrollers, for instance, aren’t suited for IoT devices or endpoints because of their cost, power consumption, or the complex firmware development required. Then there are cryptographic controllers that implement full security for embedded, connected products without any firmware development. One such example is Maxim’s MAXQ1061 DeepCover® device (https://www.maximintegrated.com/en/products/microcontrollers/MAXQ1061.html). The coprocessor can be designed in from the beginning or integrated into an existing design to guarantee confidentiality, authenticity, and device integrity. As for secure authenticators, devices should offer a core set of fixed-function crypto operations, secure key storage, and other related functions that are suited for IoT and endpoint security. With these capabilities, secure authenticators can be a cost effective means to protect IP, prevent cloning, and authenticate peripherals, IoT devices, and endpoints.
What else should you look for when evaluating embedded security technology? Seek secure microcontrollers with built-in cryptographic engines and secure boot loader that can guard against threats such as cryptanalysis intrusions, physical tampering, and reverse engineering.
PUF Technology for Stronger Protection
A more advanced level of cryptography that we’re seeing in security ICs is the physically unclonable function (PUF). A PUF is derived from the complex and variable physical/electrical properties of IC devices. Because PUF is dependent on random physical factors (unpredictable and uncontrollable) that are introduced during manufacturing, it is virtually impossible to duplicate or clone3. PUF technology natively generates a digital fingerprint for its associated IC, which can be used as a unique key/secret to support algorithms providing authentication, identification, anti-counterfeiting, hardware-software binding, and encryption/decryption.
Maxim’s PUF circuit relies on the naturally occurring random analog characteristics of fundamental MOSFET devices to produce cryptographic keys; the solution is called ChipDNA™ technology (https://www.maximintegrated.com/en/design/partners-and-technology/design-technology/chipdna-puf-technology.html). A patented approach ensures that the unique binary value generated by each PUF circuit is guaranteed to be repeatable over temperature and voltage and also as the device ages. The high level of security comes from the fact that the unique binary value is not actually stored anywhere on the chip in nonvolatile memory. It is generated when needed by the PUF circuit, then disappears. Thus, unlike previous secure devices, which can suffer from invasive physical attacks on nonvolatile memory in an attempt to discover secret key(s), a PUF-based device is not susceptible to this type of attack because you cannot steal what is not there. Furthermore, if a PUF-based device is subjected to an invasive physical attack, the attack itself can cause the electrical characteristics of the PUF circuit to change, further impeding this type of attack. ChipDNA PUF technology has demonstrated excellent reliability over process, voltage, temperature, and aging. Additionally, PUF output evaluation to the NIST4-based randomness test suite is successful with pass results. Figure 1 depicts different use cases for ChipDNA PUF technology: internal memory encryption, external memory encryption, and authentication key generation.
Figure 1. Different use cases for ChipDNA PUF technology.
First Secure IC with PUF Technology
Maxim’s first secure IC featuring ChipDNA PUF technology is its DS28E38 (https://www.maximintegrated.com/en/products/embedded-security/secure-authenticators/DS28E38.html) secure authenticator, designed to deliver cost effective protection against invasive physical attacks. The DS28E38 (Figure 2) provides:
- FIPS186 ECDSA-based challenge/response authentication
- ChipDNA secured stored data, optional ECDSA-P256 private key source
- 2kb EEPROM array for user memory and public-key certificate
- Decrement-only counter with authenticated read
- Unique factory-programmed read-only serial number (ROM ID)
- Single-contact, 1-Wire® parasitic interface, providing a versatile, rugged, and reliable interconnect method for secure authentication in areas where this was not previously possible
Figure 2. Block diagram of DS28E38 DeepCover secure ECDSA authenticator with ChipDNA PUF protection.
Today’s embedded security ICs provide turnkey technologies to protect your designs from the ground up with layers of advanced security, support for cryptographic algorithms, tampering detection, and many other safeguards. PUF technology, in particular, offers strong protection against invasive and non-invasive attacks alike. After all, you can’t steal a key that isn’t there.
For More Information
Learn more about embedded security solutions that can safeguard your next design from our Embedded Security Solutions Selector Guide.