CryptoAuthentication
This presentation is the property of its rightful owner.
Sponsored Links
1 / 46

CryptoAuthentication ™ Real. Easy. PowerPoint PPT Presentation


  • 51 Views
  • Uploaded on
  • Presentation posted in: General

CryptoAuthentication ™ Real. Easy. Agenda. Cryptography Introduction Use Cases for Hardware Security Devices Authentication, Trusted Identification, Secure boot, Download Protection, Anti-cloning, Consumption tracking, and more Crypto Authentication Product Portfolio ATSHA204(A) ATAES132

Download Presentation

CryptoAuthentication ™ Real. Easy.

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Cryptoauthentication real easy

  • CryptoAuthentication™

  • Real. Easy.


Agenda

Agenda

  • Cryptography Introduction

  • Use Cases for Hardware Security Devices

    • Authentication, Trusted Identification, Secure boot, Download Protection, Anti-cloning, Consumption tracking, and more

  • Crypto Authentication Product Portfolio

    • ATSHA204(A)

    • ATAES132

    • ATECC108(A)

  • FIPS certified Embedded Systems

    • Trusted Platform Module


Does security matter

Does Security Matter?

What Happened?

  • Hackers loaded unauthorized code into system

  • Common system architecture to store program in Flash and let users download updated versions from the web

  • How Can Atmel Help?

  • Put ATSHA204 in system to enable firmware validation capability upon any software download or update event


Does security matter1

Does Security Matter?


Does security matter2

Does Security Matter?

What Happened?

  • Hackers exploited bug in crypto code

  • Hard for every system designer to be a cryptographic expert, open-source crypto code may be imperfect

  • How Can Atmel Help?

  • Add ATSHA204 for:

  • Secure key storage

  • Hardware implementation of algorithm

  • Random number generator


Concepts of cryptographic algorithms

Concepts of CryptographicAlgorithms


Encryption vs authentication

Encryption

Decrypt

Encrypt

Cipher Text

Text

Text

Only Receiver can see the text in the clear

Encryption vs. Authentication

Authentication

Signature

Sign

Verify

Text

Text

Receiver can determine identity of sender,

make sure text wasn’t changed


Hashing vs encryption

Hashing vs. Encryption

  • Data is scrambled/compressed into a fixed length digest

  • Constant input always generates the same digest

  • Can be used to verify the identity of the sender

  • Can verify the integrity of the message - that it hasn’t been changed

  • Usually SHA, but AES can be used as a hash algorithm

Hash

(1 Way)

Encryption

(2 Way)

  • Data can be scrambled and unscrambled

  • Provides confidentiality so that data can only be understood by authorized users

  • Common algorithms: AES, DES, RSA, ECC


Cryptoauthentication real easy

SymmetricAuthentication

  • Notice System A and System B MUST Share Knowledge of a Secret Key

  • All Systems with Secret Key can create and verify

System B Compares the Hash of M with the Response to verify the shared Secret

System A

KEYSECRET

System B

KEYSECRET

SHA256

SHA256

Challenge

M

Response


Cryptoauthentication real easy

Asymmetric Authentication

  • The Signer has a unique Private Key

  • Only the System with the Private Key can Sign the message

  • All Systems can verify the signature

  • Verify uses only public data

    • Message to Sign

    • Signature generated by the private key

    • Public Key associated with the private key

Verifies Message with the Signature and Public Key of the Signer

KEYPUBLIC

KEYPRIVATE

Verify

Sign

Signature

M

Message


Hardware security system use cases

Hardware Security System Use Cases


Cryptoauthentication

CryptoAuthentication

  • Authentication

    • Mobile devices: Chargers, batteries, adapters, speakers, keyboards, etc.

    • Industrial devices: Sensors

  • IP Protection

    • Prevent copying/cloning of system and software, authenticate phone/tablet software to OEM hardware, manage licensing revenue

  • Secure Communication

    • Wireless Systems, Wired Systems (PLC, Ethernet, ...),

  • Trusted Operation

    • Secure boot to ensure that system works as desired – medical, industrial, metering

    • Encrypted downloads: ensure OEM approved software


Symmetric authentication example

Symmetric* Authentication Example

Symmetric Authentication occurs when host verifies that its key and the client’s key match.

Host

Client

Challenge

SecureStorage

SecureStorage

MCU

Random Number

HASH VALUE (Digest)

Verified

HASH Function (SHA)

Not Verified

HASH VALUE (Digest)

HASH Function (SHA)

Response

=?

Verify

  • *With symmetric authentication the host and client always have the same secret key.


Asymmetric authentication phases

Asymmetric Authentication Phases

The authentication of ECC108 is done in two phases

First Phase: Verify Certificate Signature

  • Is the device certificate signed by my trusted certificate chain?

  • Perform ECDSA verify (signer public key, signature, digest of cert)

    After First Phase, you can trust the device public key

    Second Phase: Verify Private Key

  • Send random message to be signed by the device private key

  • Perform ECDSA verify (device public key, signature, random message)


Asymmetric authentication

Asymmetric Authentication

Phase 1

Host Public

Key

Digest Function

Certificate

Data

+

Verify Public Key

Host requests & receives certificate from client

Host extracts signature, client’s public key, & certificate data. Then hashes certificate data to create a digest.

Host runs ECDSA Verify Calculation on its public key, digest & client’s signature. If it succeeds then client’s public key is verified, and can go to phase 2.


Cryptoauthentication real easy

  • Asymmetric Authentication

Phase 2

Verify Private Key

ATECC108

Host creates random number challenge

Host sends challenge to client.

Client uses ECDSA engine to sign random number with client’s private key.

Client sends signature to host

Host runs ECDSA Verify using client public key verified in phase 1, random number, & new signature from client. If it succeeds then the Private Key is verified.


Asymmetric authentication1

Asymmetric Authentication

  • The two phases of ECDSA put together

Host

Accessory (Client)

MCU

ATECC108

Host

Public Key

Digest Function

Accessory

Certificate

Certificate

Data

Signature

Verify Public Key

Client Public Key

Client Public

Key

ECDSA

Verify

Calculation

Success

Fail

Client

Private

Key

Random

Challenge

Random Number Generator

Challenge

Verify Private Key

Signature

ECDSA

Signature

Engine

ECDSA

Verify

Calculation

Fail

Success


Authentication can mean many things

Authentication Can Mean Many Things

User Identity – Validate that a user is who he says he is without having to reveal the user’s secret. Authenticate serial numbers

Sensor Location – Identify which sensor, where it’s located, validate source of the control message

Data Integrity – Verify that the message (file/packet/data) hasn’t been compromised when in transit/storage

Consumables – Maintain OEM revenue flow (razor/razor blade business model). Ensure that device are not used beyond their expected life

Spare Parts – Verify only factory genuine parts are used


Secure communication secure session key generation

Secure CommunicationSecure Session Key Generation

  • Session Key Generation for Symmetric-key Based Systems

  • Tamper-resistant Hardware Security IC Provides Root of Trust

  • Achieve Both Machine Authentication and Secure Communications


Firmware ip protection method of protection

Concept: Software Communicates with Security Device

Send challenge message to security chip, check response for correctness

Only systems with properly programmed security devices will work correctly

Goal: Increase Cost of Attack!

If properly implemented, each check in the code must be found and removed separately

Require a new and separate attack with each revision of program

Firmware IP protection - Method of Protection


Security devices can help prevent piracy

Software communicates with security device

Send challenge message to security chip, check response for correctness

Only system with properly programmed security device will work correctly

Multiple checks in software

10, 100, 1000 – as many as are practical

Different values for each check

Be creative!

Use diverse methods to send challenge and deal with response

Some methods should include fixed challenge-responses, some should include random challenges and compiled in keys

Change methods with each software update

Use all key slots, check different set of slots with each version

Security Devices Can Help Prevent Piracy


Simple example

// 0x1234 is challenge to ATSHA204*

// 0xABCD is correct response from ATSHA204

. . .

if (sendChallenge(Slot0, 0x1234) != 0xABCD)

{ error(“System Fault”); exit(-1); }

. . .

Simple Example

  • ATSHA204 in every system has same secret in Slot0

  • Practically infinite number of possible challenges

    • Only one correct response for each challenge

  • Each system could optionally have unique challenge-response pairs compiled in

  • This code construct may be easy to find and remove via reverse compilation

*These examples show the challenge and response as a 16 bit integer for clarity and simplicity. They will actually be 32 byte arrays for ATSHA204.


Cryptoauthentication real easy

Anti-Piracy Example Technique using

  • Fixed Challenge Response

CLIENT

MICRO

Challenge

RESPONSE

CHALLENGE

ad00 10e0 d467 25de 8c60 8f60 5b93 5f7e 2354 a436 cb44 1486 f18d 03b2 d911 81cf

ad00 10e0 d467 25de 8c60 8f60 5b93 5f7e 2354 a436 cb44 1486 f18d 03b2 d911 81cf

ad00 10e0 d467 25de 8c60 8f60 5b93 5f7e 2354 a436 cb44 1486 f18d 03b2 d911 81cf

ATSHA204

SHA256

Secret Key

Response

=?

68b1 282b 91de 2c05 4c36 629c b8dd 447f 12f0 96d3 e3c5 8797 8dc2 2484 4463 3483

68b1 282b 91de 2c05 4c36 629c b8dd 447f 12f0 96d3 e3c5 8797 8dc2 2484 4463 3483

0100011001011110000011110100010110010111001111110101010010111110000111110010

Yes

Authentication Verified

  • But what if the authentication verification answer is no?

Select Insert > Header & Footer > Type Title in Footer field

03/14/2012


Slightly more complicated example

// 0x1234 is challenge to ATSHA204

// 0xABCD is correct response from ATSHA204

. . .

intresp, chal = 0x1200;

chal += 0x0034;

resp = sendChallenge(Slot0, chal);

answer += resp;

answer -= 0xABCD;

. . .

Slightly More Complicated Example

  • Vary the constructs

  • Use state variables as the challenge

  • Use responses as part of calculation, jump vector, etc.

  • An attacker with a logic analyzer on the bus may be able to record all the correct responses


Even more complicated example

Even More Complicated Example

Microcontroller

ATSHA204

Secure

Key

Storage

Challenge

SHA-256

Hash

Engine

Unique

Nonce

Date, Time, RNG, etc.

Intermediate

Keys

SHA-256

Hash

Engine

SHA-256

SW

Response

Challenges

Compiled

into Software

Intermediate Keys

Compiled

into Software

Do They

Match ?

Yes

No

Can’t be attacked with a logic analyzer


Measures that could be taken if the system fails the validation process

Measures that could be taken if the system fails the validation process

Send Error message

Blacklist a device

Make a device in-operable

Have code do something unexpected or incorrect (ex. Cell phone always dials wrong numbers)

Limit/Reduce functionality of device

Display message stating that the required (legitimate) software must be downloaded

Some other creative idea


No l imits to programmer s c reativity

Multiple checks in software, each different

10, 100, 1000 – as many as are practical

Change methods with each software update

Program multiple slots, each version works differently

Use all the key slots & methods

Vary the slots used with date, revision number

Make sure that some methods require runtime analysis

Chain or combine one response as the next challenge

Use response as part of a jump vector or table pointer

Consider web-based system enablement

Server can use ATSHA204 dongle for secure checks

ATSHA204 includes password handler

May provide useful capability in some situations

Maintain blacklist of invalid serial numbers

Can be updated with software revisions

and so on…

No Limits to Programmer’s Creativity!


Increase the complexity

Increase the Complexity

RK=Rolled Key

TK= Move the Challenge to Temp Key

RC= Random Challenge Response

DC=Dynamic Challenge on the Stack

CM=Code Misdirection

PA= Periodic Authentications

CC= Chaining Challenge Responses

MU=Multiple Unordered Fixed Chall/Resp

FC =Fixed Challenge Response

CC + PA + CM + DC + RC + TK + RK

CC + PA + CM + DC + RC + TK

CC + PA + CM + DC + RC

MU + CC + PA + CM + DC

MU + CC + PA + CM

MU + CC

MU

FC

Increased

Protection

None


Cryptoauthentication products

CryptoAuthenticationproducts


Cryptoauthentication real easy

CryptoArchitecture

  • Optimized for high security, ease-of-use and low cost

Isolates any attack to a single device

Attackers cannot see what’s inside

Tamper-hardened Hardware Boundary

Unique Serial Number

ECC / SHA /AES Cryptographic Engine

Standards based crypto engine between interface and memory

Monotonic Counters

Tracks number of authentications

Secured

EEPROM

High Quality Random Number Generator

Secured EEPROM for keys & data

Required for every crypto protocol

I/O options simplify design in

Multiple

Serial I/O options


Hardware security features

Hardware Security Features

Strong Multi-Level HW Security:

Active shield over entire chip

All memories internally encrypted

Data independent crypto execution

Randomized math operations

Internal state consistency checking

Voltage tampers, isolated power rail

Internal clock generation

Secure test methods, no JTAG

No debug probe points, no test pads

No package or die identification

Designed to Defend Against:

Microprobe attacks

Timing attacks

Emissions attacks

Faults, invalid command attacks

Power cycling, clock glitches

Partial personalization attacks

ATMEL CryptoAuthentication

Standard

Devices

Cannot achieve this level of security with software alone!


High level device comparison

High Level Device Comparison

World Class Hardware Security to Complement Every Micro

  • ATSHA204

    • Standard SHA256 hash algorithm

    • Secure key storage (16 slots)

    • Turnkey authentication, validation, key derivation, password checking

    • Functionality for both Host and Client configurations

  • ATECC108

    • Full 256-bit Elliptic Curve Cryptography (ECC)

    • No requirement for secure storage in the host system

    • Fast execution reduces code and performance requirements

    • Complete compatibility with ATSHA204

  • ATAES132

    • Secure storage for both data (32Kb) and keys (16 slots)

    • Rich command set to support every system architecture

    • Drop-in compatibility with industry standard 32Kb Serial EEPROM


Where to use atecc108 atsha204 or ataes132

Where to Use ATECC108, ATSHA204 or ATAES132

  • Customers Who Are Most Price Sensitive – Use ATSHA204

  • Host hardware cannot be easily changed – Use ATECC108

  • Compatibility with Serial EEPROM is a benefit

    • All Three Parts use same packages & pinout when configured for I2C

    • Systems that need full software compatibility or SPI – Use ATAES132

  • All components of system come from same OEM – Use ATSHA204

  • Systems w/many partners, complex ecosystem – Use ATECC108

  • Need to Secure up to 4Kbytes of data for Fingerprints, Calibration data, Firmware blocks, etc.. – Use ATAES132


Standards based security targeting os based embedded systems

Standards-Based Security Targeting OS-Based Embedded Systems


Cryptoauthentication real easy

What is a TPM?

TPM is a Hardware-based Key Storage device providing a “Secure Vault” for any Embedded System

  • Four Primary Capabilities

    • Platform Integrity

    • Authentication

    • Secure Communication

    • IP Protection

  • Asymmetric Algorithm (RSA)

    • Supports 512, 1024, & 2048 keys

    • SHA-1 Hashing & HMAC

  • Industry Standard Specification

    • Trusted Computing Group

    • In every commercial PC, most servers


Tpm way beyond pcs

TPM… Way Beyond PCs

Anything on a network!

LTE base stations

Servers

Multifunction printers

Gambling / gaming machines

Access points

Smart appliances with network connectivity

Test & measurement devices

Mobile payment terminals

Inventory control terminals


Support tools

Support Tools


Aces demonstration evaluation software

ACES Demonstration/Evaluation Software

  • ACES

    • Demo

    • Evaluate

    • Educate

    • Design

  • A platform to exercise CryptoAuthentication devices

  • Demos & Wizards to visualize end uses

  • Learn the memory and commands of CryptoAuthentication devices

  • See properly formatted commands for firmware

  • Stores and reloads configurations

  • Works with any CryptoAuthentication kit

www.atmel.com/cryptokits


Cryptoauthentication tools and support

www.atmel.com

Stand alone Library for Atmel CryptoAuthentication Devices

ATSHA204

http://www.atmel.com/tools/CRYPTOAUTHENTICATIONATSHA204DEVELOPMENTLIBRARY.aspx

ATECC108

http://www.atmel.com/tools/CryptoAuthentication_ATECC108_Development_Library.aspx

ATAES132

http://www.atmel.com/tools/CRYPTOAUTHENTICATIONATAES132DEVELOPMENTLIBRARY.aspx

CryptoAuthentication Tools and Support


Logic analyzer

Logic Analyzer

  • Built In Atmel Protocol Analyzer

  • Saleae

    • Low cost Logic Analyzer with support for both I2C and Atmel’s Signal Wire Interface (SWI)

    • App note available at:

    • http://www.atmel.com/Images/Atmel-8847-CryptoAuth-ATSHA204-SWI-I2C-Debugging-Saleae-Logic-Analyzer-ApplicationNote.pdf


Cryptoauthentication tools and support1

Application Notes

ATSHA204 Authentication Modes

ATSHA204 Single-Wire and I2C Seamless Debugging Using Saleae Logic Analyzer

Secure Session Encryption Key Exchange with ATSHA204

Secure Boot Simplified

Designing with CryptoAuthentication Client Devices

Application Brief: Analyzing Strength of Security

CryptoAuthentication Tools and Support

  • The ATECC108 supports all the functionality of the ATSHA204


At88ck490 cryptoauthentication demonstration evaluation kit

AT88CK490 CryptoAuthenticationDemonstration & Evaluation Kit

ATSHA204

ATECC108

ATAES132

Software: Atmel Crypto Evaluation Studio (ACES)


At88ck101 cryptoauthentication development kit

Development Tools Reduce Time to Market

Easily connect to any AVR or ARM development platform

100% support for Atmel MCUs and development kits

Complete Development Environment

Source code libraries and example code available for free at www.atmel.com/cryptokits

Libraries fully tested for AVR micros

ACES Software Exploration tool

Ordering Codes based on package type

AT88CK101- ()CryptoAuthenticationDevelopment Kit

Evaluate and Develop with AT88CK101STK

* AT88CK101STK8-MAH (UDFN) shown


Cryptoauthentication real easy

Start sending commands to the TPM immediately

Includes…

TPM SMBus Module

Mounted on AT90USBKey Board

Standard A to Mini B USB device cable

Mini A to receptacle A USB host adapter

USB flash drive

Alternate 9V battery supply cable

Introducing Atmel’s

Embedded TPM Starter Kit!

Flash Drive includes Sample Code & All Necessary Documentation!


Cryptoauthentication low volume personalization

The AT88CK9000 Board is design for stand-alone secure programming of CryptoAuthentication family.

The board support a XML configuration file generated by ACES and is securely stored within the programmer board.

For large annual volumes, contact Atmel for other solutions.

Ordering Codes based on package type

CryptoAuthentication Low Volume Personalization

AT88CK9000-xxx


  • Login