Let’s recap some of the basics we’ve learned so far from our series and then review how we can use what we’ve learned. Along with a few well-designed secure authenticators, we’ll show how to utilize them in some amazingly simple but very secure real-life solutions.
Four Essential Goals of Cryptography
As we learned in the first article in the series, the four essential goals of any good cryptographic system are confidentiality, authenticity, integrity, and non-repudiation (Fig. 1). A broad spectrum of secure authenticators and coprocessors, which can help a busy developer quickly implement a secure system, are currently available from various manufacturers.
These coprocessors essentially unload the cryptographic computation and data-handling requirements from the host microcontroller and seamlessly integrate with the coupled secure authenticators that provide the main security functionalities. Let’s explore a couple of these coprocessors.
Using a Symmetric Key Coprocessor
You’re a developer trying to implement a secure system in a unique gadget that you‘ve created, and the success of your business model perhaps relies on the sale of high-volume consumables or disposables. In this model, you sell a permanently deployed host system to a customer and then they purchase the consumables from you and you alone. This gadget could be a medical consumable or a printer cartridge, where your system performance depends on the disposable peripheral to which it’s connected.
For a medical consumable such as a disposable sensor or tool, the main issues are quality, safety, and use management. For something like a printer cartridge, issues like host-printer damage from poor-quality counterfeits and/or poor-quality print output must be addressed. In both cases, there’s a loss of revenue associated with counterfeit disposables that results in a breakdown of your business model.
So, you need to make sure that the gadgets connected to your main system are authentic and identifiable by your system. This can easily be achieved using secure authenticators such as the DS28E50 DeepCover secure SHA-3 authenticator with ChipDNA and its companion DS2477 DeepCover secure SHA-3 coprocessor with ChipDNA PUF protection. Figure 2 shows a simplified system architecture for this type of cryptographically secured system.
In this system, you attach your favorite microcontroller to the DS2477 and let it handle all of the identification and authentication tasks. It also provides the proper electrical signal strengths and timing to drive the DS28E50s situated in each of the gadgets.
The DS2477 is designed to be very flexible and allows greater control. If you want to dig deep and control all aspects of the cryptographic authentication process, it has low-level commands that will let you do exactly that. But if you want it to handle the complexities for you, it has very high-level commands that allows more hands-off ability toward securing your gadget.
Both the DS2477 and the DS28E50 have built-in ChipDNA PUF features to secure your data with a key that hasn’t been saved physically in the device, but is derived each time it’s needed. This technology was covered in a previous article in our series.
Using an Asymmetric Key Coprocessor
As was discussed in another series article, there are instances when the system requires the use of asymmetric keys to secure a system. This is essential to achieve full cryptographic system integrity and non-repudiation. Figure 3 illustrates this type of system.
Here, just as before, you need to secure your gadget. However, you want to use a public/private key combination to achieve your cryptographic goals. Figure 3 shows the DS2476 DeepCover secure coprocessor as the cryptographic helper that has a set of built-in tools to carry out asymmetric Elliptic Curve Digital Signature Algorithm (ECDSA) as well as symmetric SHA-256 functions, both of which were covered in a previous article. The DS2476 also has a NIST-compliant random number generator that can be used by the host microcontroller to generate the nonce required to prevent “man-in-the-middle” attacks.
In the system shown in Figure 3, the DS2476 and the DS28C36 devices (DS28E83/DS28E84 are good for radiation-hardened medical applications) work in tandem to secure a new design from counterfeiting and other malicious intents.
Factory Personalization/Pre-Programming Custom Data
Now comes the last piece of the puzzle to easily and quickly implement a cryptographically secure system using secure authenticators. This includes using a Personalization/Pre-Programming service that’s tailored for factory production. This service personalizes or pre-programs your authenticators and coprocessors at the device manufacturer’s facility with either your private or public data. Example data can be a symmetric key/secret or an asymmetric key certificate. An example of the personalization process flow is shown in Figure 4.
This personalization service helps offload the need to program the required data to the authenticators in the production settings. In most cases, a manufacturer will need to develop their own test systems and infrastructure to accomplish this task, which can be time-consuming and very costly. Maxim Integrated has provided this service for decades for a wide variety of customers, helping to safeguard their data.
The process begins when the customer requests and then securely transfers the required data to Maxim. This is shown in the first two sections of Figure 4, where the customer securely inputs data into the Maxim tool in their facility. Once that’s completed, the tool encrypts the data and then it’s sent to Maxim. At this point, Maxim takes over and completes the sample generation process (Fig. 4, again).
Once the samples are approved by the customer, that customer’s part goes into production. From then on, a “ready-to-use” part is shipped to the customer by request.
In “The Cryptography Handbook,” we covered the basics of cryptography starting with a general overview and then defined the characteristics of a secure cryptographic system. We described the details of various cryptographic concepts such as encryption and symmetric/asymmetric cryptography. We then provided an overview of various cryptographic algorithms such as SHA, ECDSA, AES, 3DES, and RSA.
Next, we provided an implementation-centric explanation of physically unclonable functions. We hope that this approach gives the busy engineer a quick understanding of why these features are essential for target applications.
After outlining and discussing basic and detailed cryptographic concepts, we showed examples of how those concepts can be used for real-life applications, such as secure boot or IP protection. Lastly, some very important features of the latest secure authenticators and coprocessors were reviewed, as well as a personalization/pre-programming service. We believe that secure authenticators can help an engineer quickly develop and deploy a cryptographically secured system with a very high degree of confidence.
Zia Sardar is an Applications Engineer at Maxim Integrated.