ATMEL AT98SC008CT

Secure Your Embedded Devices
1. Introduction
High-tech goods counterfeiting, multimedia content copying,
and identity theft are all major concerns today. The proven
cryptographic protocols implemented in Atmel’s tamper-resistant microcontrollers offer a powerful turnkey solution to fight
these threats. This paper presents examples of efficient and
cost effective IP protection applications utilizing secure chips
in various embedded systems.
Secure
Microcontrollers
Application Note
1.1. High-tech Goods Counterfeiting
According to the 2005 report [KMPG05] by accounting firm
KPMG® International, fake high-tech goods (cell phones,
computers, printer cartridges, etc.) account for about $100
billion in sales lost to counterfeiters each year. This means
that around 10 percent of all high-tech goods sold each year
worldwide are fakes! Therefore, 10 percent of all high-tech
sales are lost to the Intellectual Property (IP) owners.
Besides financial considerations, counterfeiting presents
noticeable collateral risks for the consumers – no guarantee
that faulty goods will be replaced and fake goods may even
injure the customer due to improper testing, poor quality of
consumables, etc. Counterfeit goods can also severely
degrade the public image of companies by deteriorating customer satisfaction not to mention that fake automotive or
aeronautic spares present a real concern for public health
and safety.
Examples of the counterfeiting of high-tech goods are given
in [MERC]. Some renowned companies have been targeted
by international criminal organizations, which have sold thousands of counterfeit-branded products in several countries.
Generally speaking, famous brand-name products are more
exposed to counterfeiting because they are seen as “must
have” goods and therefore are easier to sell on the counterfeit market. Many accessories and peripherals (for mobile
phones, personal digital assistants, portable MP3 and video
players) are the target of criminals that use increasingly
sophisticated manufacturing means and industrial production
techniques.
Any high-tech product, whatever the market (mass marketed
items such as music players or even industrial equipment,
machines, etc.) is vulnerable to counterfeiters who aim at
Rev. 6528A–17 May 06
1
Secure Your Embedded Devices
making money, taking advantage of the public image of famous brands by cloning equipment/parts
and selling similar products at a much lower price. Another strategy may only be cost reduction.
Some companies may prefer cloning expensive equipment (e.g. network equipment) they have
already purchased for their own use, thus stealing IP, rather than buying new certified products.
1.2. Digital Content Copy
Intellectual and artistic property (music, movies and software) piracy is also a real problem for the
electronics industry. Even if the full cost of illegal multimedia content duplication cannot be quantified, the availability of multiple perfect copies of copyrighted materials is seen by most of the media
industry as a threat to its viability and profitability. Digital media publishers have business models
based around charging a fee for each copy or performance of the multimedia product. As a consequence, Digital Rights Management (DRM) was designed as a means to allow them to control any
duplication and dissemination of the content.
However, hackers are actively trying to crack the DRM systems. The famous Content Scrambling
System (CSS) algorithm used for DVD copy protection was revealed three years after its creation
to be easily susceptible to a brute force attack (refer to [WPD-DE]). Many other recent copy protection systems have already failed. For example, the hacker of the CSS system has also hacked a
famous music store system, allowing the removal of the copy protection from the purchased music
files (refer to [CNN]).
Governments are now backing the fight against counterfeiting. Among these initiatives are the US
Strategy Targeting Organized Piracy (STOP [USPTO]), the European Association for the Protection of Encrypted Works and Services (AEPOC [AEPOC], and the UK Foundation for Art and
Creation Technology (FACT [FACT]).
1.3. Identity Theft
Another burning issue is the identity theft of web applications. According to [JAV06], the amount
lost to fraud over a one-year period for online applications (banking, shopping, etc.) is estimated at
$54.4 billion in 2005 in the U.S. alone.
User credentials are mainly stolen through offline means (stolen wallet, theft of paper mail, misappropriation by friends). Online attacks are relatively rare (11.6%), but according to [GAR05],
phishing (1) attacks are growing exponentially.
In reaction to the growing threat, the US Federal Financial Institution Examination Council (FFIEC)
has established a guidance ruling for user online authentication to banking services. As reported in
[FINE], US banks will have to comply with these rules by the end of 2006 and deploy two-factor
authentication solutions (explained below) whenever needed.
Microsoft® also believes that passwords are no longer reliable and will enforce new strong authentication means in its new Windows VISTA™ operating system. With strong authentication, each
party involved in the transaction process can be confident of the other party’s identity. This
enables trusted e-commerce and transactions, secure logon, protection against phishing, pharming (2) and more.
1.
Phishing: technique consisting in stealing user credentials (login/password) through fake e-mails
2.
Pharming: advanced technique consisting of the creation of fake web sites (e.g. banking) that perfectly mimic the real ones. Users are seamlessly
directed to these fake sites, and enter their login and password that are recorded by hackers! Seamless redirection can be achieved through false
URLs (that surprisingly look like the right one) sent by e-mail, or by Internet Domain Name Servers hacking (DNS cache poisoning) that will erroneously translate good URLs to the hackers IP address.
2
6528A–SMIC–17 May 06
Secure Your Embedded Devices
1.4. Atmel’s Secure Microcontroller Family
This paper will show how to prevent the threats mentioned with the use of Atmel’s secure microcontrollers. The high-level examples presented herein only show principle methods. Detailed
references will be given for full technical explanations and implementation recommendations.
Moreover, the solutions exposed herein may be patented.
The proven technology used in Atmel secure microcontrollers is already widespread and used in
national ID/health cards, e-passports, bank cards (storing user Personal Identification Number,
account numbers, authentication keys among others), pay-TV access control and cell phone SIM
cards (allowing the storage of subscribers’ unique ID, PIN code, and authentication to the network), where cloning must definitely be prevented. More than one billion (1) of such microcontrollers
have been already sold by Atmel and successfully implemented in many secure systems.
Atmel’s secure products will advantageously replace complex and expensive proprietary anti-tampering protection system. Their advantages include low cost, ease of integration, higher security,
proven technology.
Versatility
Three secure microcontroller families are available: AT90SC, AT91SC and AT98SC. The AT90SC
and AT91SC are “open” solutions where the implementer can develop their own on-chip application using available Atmel software libraries. Beyond this, the AT98SC family chips feature
comprehensive embedded firmware that provides standard, public domain-proven cryptographic
algorithms. This is deemed safer than using proprietary algorithms, since their strengths or weaknesses are well studied by the scientific community. The AT98SC will be further described later in
this paper.
Tampering Resistance
AT9xSC microcontrollers are designed to keep contents secure and avoid leaking information during code execution. While on regular CPUs, measuring current consumption, radio emissions and
other side channels attacks may give precious information on the processed data or allow the
manipulation of the data. Atmel’s secure microcontrollers’ security features include voltage, frequency and temperature detectors, illegal code execution prevention, tampering monitors and
protection against side channel attacks and probing. The chips can detect tampering attempts and
destroy sensitive data on such events, thus avoiding data confidentiality being compromised.
These features make cryptographic computations secure in comparison with regular microcontrollers whose memories can be easily duplicated. It is much safer to delegate cryptographic
operations and storage of secret data (keys, identifiers, etc.) to an Atmel secure microcontroller.
Success Stories
Atmel secure microcontrollers already have successfully been integrated into embedded systems
using various form factors. Applications include franking machines, tachographs, set-top boxes,
network routers, etc.
1.
The billionth was sold in March 2006
3
6528A–SMIC–17 May 06
Secure Your Embedded Devices
2. Secure Your Hardware – Anti-cloning Solutions
Atmel secure microcontrollers are perfectly designed to secure embedded systems. For example,
the AT98SC is especially good at preventing the connection of an unauthorized/fake sub-system
to a wider system of interconnected devices (refer to Figure 2-1). This applies to scenarios as simple as a mobile phone authenticating its battery (ensuring the battery is genuine), or a little more
complex such as a server authenticating a network device. When an unauthorized/counterfeit part
is detected by the system, the overall functionality can be limited or even denied depending on the
manufacturer’s policy.
Anti-cloning protection does not need not to be 100% efficient as the research presented in the
June 2006 RSA® Conference by Cryptographic Research [CRI06] explains. The implemented protections must make cloning unprofitable to hackers: “[…therefore] using hardware tamper-resistant
microcontrollers forces attackers to be invasive, or use very complex and expensive equipment.”
Figure 2-1. Authentication
Are you a genuine device?
Are you a trusted host?
HOST
ATMEL
ATMEL
DEVICE
2.1. Prevent the Cloning of Your High-tech Goods
Anticloning is safely implemented through one-way or mutual strong authentication (1). Various
authentication protocols exist (refer to [ISO9798], [FIPS196]), but the principle method is the
following:
1. The authenticator sends a challenge (e.g. a random number) to the equipment that must be
authenticated (“the claimant”).
2. The claimant computes a digital signature of the combination of this challenge with an
optional identifier, using a private or secret key. The requested signature is then returned to
the authenticator.
3. The authenticator checks the signature using either the same secret key or the public key
associated to the claimant’s private key and decides whether the claimant is authorized or
not based on the signature verification result.
Let us illustrate this process with the example of a cell phone (the authenticator) authenticating a
battery (the claimant). This example (refer to Figure 2-2) is based on the ISO/IEC 9798 standard
[ISO9798]. This application can be implemented using two AT98SC chips – one in the phone and
one in the battery. The battery-side AT98SC chip contains a secret key (loaded during battery
manufacturing) that can never be extracted and is utilized to compute signatures. Consequently,
the AT98SC must be cloned in order to make counterfeit batteries which is practically impossible.
1.
Strong authentication: exchange of messages during which a claimant proves its identity to a verifier by demonstrating its knowledge of a secret but
without revealing it.
4
6528A–SMIC–17 May 06
Secure Your Embedded Devices
The phone’s AT98SC contains the same secret key, either loaded during phone manufacturing, or
remotely updated through an encrypted communication channel.
The battery does not need a microcontroller other than the AT98SC – the phone can be connected
directly to the battery’s secure microcontroller through the battery contacts.
Figure 2-2. Cell phone battery anti-cloning system example
ATMEL
ATMEL
Are you genuine?
Battery
secret key
Generate a
random « Ch »
Battery
secret key
Smart phone
Battery
(authenticator)
(claimant)
Get Challenge
Challenge Ch
Internal Authenticate (Ch)
Sign challenge
with secret key
Signature
Verify signature
with secret key
External Authenticate
+ Signature
OK / NOT OK
A more detailed description of the scenario is shown below:
1. The phone sends a challenge (random number) to the battery.
– The phone sends a “Get Challenge” command to its AT98SC. The AT98SC sends back
the requested challenge.
– The phone sends an “Internal Authenticate” command to the battery’s AT98SC with the
generated challenge. The battery’s AT98SC then computes a signature of this
challenge using the secret key.
2. The phone receives the battery’s computed signature and forwards it to its own AT98SC for
verification:
– The phone sends an “External Authenticate” command, with the battery’s signature, to
its AT98SC.
– The phone’s AT98SC returns the validation.
The same technique can be applied to printers authenticating cartridges, a video game console
authenticating a joystick, a PC (or remote web site) authenticating a portable MP3 player, a server
authenticating a network device, etc. Depending on the customer’s infrastructure, symmetric key
systems (DES) may be preferred to public key systems (RSA™). As a general rule, the host must
be carefully designed so that the peripheral authentication process cannot be bypassed.
5
6528A–SMIC–17 May 06
Secure Your Embedded Devices
3. Secure Your Digital Content – DRM and Software Copy Protection
Atmel secure microcontrollers will help when protecting multimedia data. They are designed for
key and certificate management used in DRM, and software protection areas. DRM systems that
do not run on tamper-resistant hardware cannot, theoretically, be secure since digital content can
be copied at a hardware level.
3.1. Digital Rights Management
As an example (refer to Figure 3-1), let us see how to bind a music file to a single music player by
using an AT98SC microcontroller. The ultimate goal of DRM is to prevent access to a digital cleartext music file that could be copied infinitely without any degradation in sound quality.
Figure 3-1. Secure media player
Equipment part
ID
User public
key
4)
2) Is public key valid?
Purchased music file
download
3)YES
Online music store
Certification
Authority
Purchased Music file
Internet
Encrypted
decryption
key
1)
Encrypted
DATA
Purchase order
ID :
Play music!
6)
Decryption
key
Main controller
12
34
5)
Decrypted
decryption key
Equipment part
ID
User
public key
ATMEL Secure
Micro controller
User
private key
User
Media player
1. Provisioning (1): in a preliminary personalization phase, the manufacturer makes the equipment
generate a specific key pair.
– The manufacturing equipment sends a “Generate Key Pair” command to the AT98SC.
The generated “user private key” remains internally stored in a file on the AT98SC and
can never be extracted. The associated “user public key” is read from the equipment
and certified (i.e. signed with a “certification authority” private key). The certificate is
stored back in the AT98SC. This makes it impossible to have valid public keys
generated by something else other than an AT98SC personalized for this purpose.
Moreover, this certificate binds the generated public key to the equipment identifier.
1.
Provisioning: activity consisting in loading/generating user credentials, cryptographic keys, identifiers into equipment.
6
6528A–SMIC–17 May 06
Secure Your Embedded Devices
2. The customer sends a purchase order (refer to step 1) in Figure 3-1) together with its equipment part ID and public key certificate. The media player sends the command:
– “Read Record” to fetch the certificate from the AT98SC file system.
3. The music provider checks the “user public key” validity (steps 2 and 3). Verifying the public
key is necessary otherwise anyone could create their own public key pair, send it to the
music store and then decrypt music files outside of DRM-enabled products.
4. The music provider encrypts the purchased music file with a random, single-usage “encryption key” that is in turn encrypted with the customer’s “user public key” (as a consequence,
no one else can decrypt this decryption key).
5. The customer downloads the encrypted music file into their media player (step 4). To play it,
the player’s main controller sends the following command:
– “Decrypt Data”, where the provided data is the encrypted “decryption key”. The
“decryption key” is decrypted thanks to the customer’s “user private key”.
6. The decrypted “decryption key” is sent back to the main controller (step 5). The main controller can now decrypt the music data and play it (step 6).
As a general design rule, the transmission of the decrypted keys between the secure
microcontroller and the main controller must be secured either logically, by encrypting the communications, or physically (offering tamper protection), or both. However, storing cryptographic keys
into a controller that is not designed to be secure is dangerous.
3.2. On-the-fly Encryption
Atmel secure microcontrollers feature on-the-fly encryption/decryption functions that can be
applied to data streams with a reasonable baud rate, for example, encrypted voice
communications.
On-the-fly encryption requires the use of a symmetric cipher algorithm (3DES, AES, etc.), because
public key algorithms are too slow. In such applications, a symmetric session key is exchanged
using a public key cryptographic protocol (refer to step 1) in Figure 3-2). For the sake of simplicity,
this step is not detailed here. Some of the possible protocols include Kerberos, Authenticated Key
Exchange Protocol, Diffie-Hellman, El-Gamal, and more.
Figure 3-2. Encrypted voice communication
1: Initiate call (session key exchange)
ATMEL
2: Encrypted Voice stream
ATMEL
Once the phones have established a communication channel with symmetric session keys:
1. Load the encryption/decryption key into the AT98SC:
– Each phone sends a “Manage Security Environment” command containing the session
key to its AT98SC.
7
6528A–SMIC–17 May 06
Secure Your Embedded Devices
2. Then voice stream can be ciphered/deciphered for as long as the communication lasts
(step 2):
– For an outgoing voice stream, the AT98SC will instantly encrypt the digitized voice
stream with the “Encrypt data” command.
– For an incoming voice stream, the AT98SC will instantly decrypt the digitized voice
stream with the “Decrypt data” command.
3.3. Software Protection
Software copy protection is securely achieved by putting vital sensitive functions into a secure
microcontroller integrated in a USB dongle. If the dongle cannot be cloned, the software is useless. The software design needs to be resistant to reverse engineering so the dongle is always
mandatory to the software functioning.
8
6528A–SMIC–17 May 06
Secure Your Embedded Devices
4. Secure Your Privacy – Multi-factor User Authentication Solutions
The methods to authenticate humans are generally classified into three cases: physical attribute
(e.g. fingerprint, retinal pattern, facial scan, etc.), security device (e.g. ID card, security token, software token or cell phone), and something the user knows (e.g. a password/passphrase or a
personal identification number).
To fight against identity theft, the multi-factor authentication is a stronger alternative to the classical login/password authentication (called weak authentication). It combines two or more
authentication methods (often a password combined with a security token). Two-factor systems
greatly reduce the likelihood of fraud by requiring the presence of a physical device used together
with a password. If the physical device is lost or the password is compromised, security is still
intact. The reader can refer to NIST’s [SP800-63] for further details.
Multi-factor authentication requires a strong authentication. Anticloning is safely implemented
through one-way or mutual strong authentication. Various authentication protocols exist (refer to
[ISO9798], [FIPS196]), but the principle method is the following: method to complement the password authentication and this strong authentication method requires storing secret data. Pure
software multi-factor solutions are thus not reliable. If sensitive data is stored in files on a hard
disk, even if those files are encrypted, the files can be stolen, cloned and subjected to various
kinds of attacks (e.g. brute force or dictionary attack (1) on passwords). Therefore secure microcontrollers-based hardware tokens are a must. Placing secrets outside the computer avoids risking
exposure to malicious software, security breaches in web browsers, files stealing, etc.
Numerous companies are now providing authentication solutions based on USB tokens. Tokens
connected through USB are a convenient solution since they require no additional hardware.
Atmel’s turnkey USB secure microcontroller solutions can help providers focus on their security
model and their application without loosing too much time on tamper protection and other complex
hardware security concerns.
4.1. USB tokens common features
The USB tokens are generally able to (refer to Figure 4-2):
•
1.
Perform challenge response authentication
This challenge response protocol is considered a strong authentication method. As shown in
Figure 4-1, hk is a digital signature operation (such as DES, RSA, elliptic curve (ECC) signature, etc.). The “||” operator is the “concatenation” operator. Figure 4-1shows how a device can
require assistance from a secure microcontroller to identify itself to the host. Note that the
usage of “challenges” (random numbers, in fact) prevents obvious replay attacks.
In such a protocol, the claimant entity (in this case, the device) can produce a correct signature
only if it knows the right secret/private key. If many devices share the same key, identifiers can
also be involved in the authentication process to distinguish between devices.
Brute force attack, dictionary attack: hacking techniques that consist in trying commonly used passwords (dictionary attack) or every character combination (brute force) to guess a password.
9
6528A–SMIC–17 May 06
Secure Your Embedded Devices
Figure 4-1. Challenge-response unilateral authentication
DEVICE
HOST
Secure
Microcontroller
Generate a random
host challenge
Mutual authentication
request +
host challenge (Ch)
Internal authenticate
+ Ch
Device signature hk(Cd||Ch)
+ Device challenge (Cd)
Verify signature
using host challenge,
device challenge and
a public/secret key
Generate a random
device challenge
Generate signature
using host challenge,
device challenge and
a private/secret key
Device signature
•
Perform one-time password generation. One-time password (OTP) is another strong
authentication method that has the advantage of being usable over simple media such as
phones (the OTP is dialed). This method does not require complex computations as with
challenge-response authentication.
The principle method of one-time passwords is as follows (please refer to [RFC 1760] for further details). Let us assume we have a client and a server. In a preliminary provisioning step, a
list of passwords is generated on the client side using a client’s secret passphrase and a
seed (1) from the server (it is computationally infeasible to guess password N+1 from password
N, but on the server side, verifying that password N+1 is correct is straightforward knowing
password N). Then, during normal usage, the user identifies himself to the “authenticator” and
provides the next password in the list. Since a new password is used on each authentication
attempt, and this password cannot be re-used, there is no risk of it being compromised.
Besides RFC 1760, many other OTP implementations exist but standardization is pending to
enable interoperability between various authentication systems (refer to [OATH], [RSA-OTP]).
•
Perform token holder authentication. This feature is used to unlock the token and protect
against loss or theft. This authentication can be done using a simple password, or through
biometric authentication, and is necessary to prevent token access when lost or stolen. Note
that biometric authentication methods must never be used in place of a password for online
submission (if stolen, your identity is compromised forever) but they prove useful for offline
usage (e.g. unlock hardware) because:
– They have no risk of being forgotten
– There is no need to write it down somewhere
– They are impossible to counterfeit (whereas bad passwords can be guessed)
1.
seed: (pseudo-)random number
10
6528A–SMIC–17 May 06
Secure Your Embedded Devices
Figure 4-2. Hardware token common features
Web server
Local
Area Network
LOGIN
AUTHENTICATION
USB Token
PKCS#11 API
US
B
Web browser
USB interface
Secure
microcontroller
Flash memory
Crypto
Authentication
Signature
Digest
Encryption
Random
File System
Biometric
sensor
Certificates
Passwords
Keys
PKCS#11 Driver
UN
LO
CK
S
BR
OW
SE
S
Laptop
User
Besides the multi-factor authentication, the following secondary features are often used in such
tokens:
– Single sign-on. Single sign-on enables users to enter, once, a master login/password
on the USB token and then gain access to a personal database of login/password
entries associated to web site URLs. This enables a seamless user login on various
web sites during browsing.
– Certificate storage. USB tokens can store user certificates for authentication and
private keys for document signature. Storing private keys on a protected hardware
token prevents anyone other than the legitimate user signing documents.
– Token sharing. Currently, most web applications require their own hardware token
(one for each bank, one for the online book store, etc.). The multiplication of tokens
currently deters their utilization. So token sharing is an attempt to put multiple
authentication applications into a single token.
– PKCS #11 API (RSA™) or MS-CAPI (Microsoft®). These are standardized PC
computer software libraries that offer high-level cryptographic services (digital
signature, key generation and storage, encryption/decryption, etc.) that are mostly used
by web browsers but are available to virtually any application. The cryptographic
services can be implemented as pure software or rely on a hardware token through a
dedicated driver. Atmel secure microcontrollers perfectly fit as [PKCS11] or [MS-CAPI]
compliant hardware tokens.
11
6528A–SMIC–17 May 06
Secure Your Embedded Devices
4.2. Implement a high-end USB token
The following example shows how to use an Atmel secure microcontroller to rapidly develop simple, yet very secure, hardware tokens for multi-factor authentication solutions. As a
comprehensive example, we are going to show how to interface an Atmel USB secure
microcontroller with Atmel fingerprint sensors (refer to [ATM-FIN]) and Atmel Flash memory mass
storage through an SPI bus (subsets of this comprehensive solution can be even more easily
implemented). Refer to Figure 4-3 below.
USB
ATMEL
SPI Bus
Figure 4-3. OTP-enabled, mass storage biometric USB token
FLASH
Fingerprint sensor
Scenario #1: The user wants to log into their favorite e-banking web site which requires a
one-time password.
1. The user connects their USB token to the PC.
2. The user provides a password/fingerprint to their USB token to prove they are a legitimate
user. In the case of a password lock and depending on the system, the password may be
entered on the USB token device, if it has an entry device, or typed on the PC and transmitted to the token. Direct entry is the preferred method because when entered on a PC,
keyboard loggers or USB spies may intercept the user’s secret data. A fingerprint must
always be captured directly on to the USB token. In the case of a password lock, the following sequence of commands must be sent to the secure microcontroller:
– Select the authentication application (Select command)
– Request a random number (Get Challenge command)
– Combine the password with the challenge (using a mathematical function called “hash”)
and submit the combination (Submit Password command). If successful, access to the
secure microcontroller cryptographic features and user personal data is then unlocked.
PC applications (e.g. web browser) can then request cryptographic operations through
the PKCS#11 API.
3. The user types the URL of the online banking web site into the web browser and enters its
identifier on the user identification screen.
4. The web browser application now calls the PKCS#11 API to retrieve an OTP using the
C_Sign function. In turn, the PKCS#11 driver sends a “GetOTP(n)” command to the USB
token which will return the nth OTP, since the user has unlocked their token. This password
is then transmitted to the web site. A user two-factor strong authentication has been
performed.
12
6528A–SMIC–17 May 06
Secure Your Embedded Devices
Scenario #2: The user signs an important document stored on a Flash mass storage device.
1. As in scenario #1, the user connects the token and unlocks it through the relevant holder
authentication method.
2. Special commands now allow the PC to access the Flash memory, decrypted on-the-fly by
the secure microcontroller, which holds the encryption keys. The user gets the document
onto their PC.
3. Upon the user’s request, the document is signed by the token using the “Generate Signature” command.
13
6528A–SMIC–17 May 06
Secure Your Embedded Devices
5. The New AT98SC Family
The AT98SC is a new microcontroller family based on the technology implemented on the
AT90SC and AT91SC series. Its embedded firmware provides a turnkey solution for the applications explained above and many more! The AT98SC family provides a generic solution to the
security threats stated in this paper.
The AT98SC family is an alternative to Trusted Platform Modules (TPM) for the embedded market
(refer to [ATM-TPM]). AT98SC family members offer more-flexible interfaces than TPMs with a
lower pin count. The key management can also be freely customized and is not as stringent as on
TPMs.
5.1. Flexibility. Rapid Development/Integration for Embedded Products
Currently, the AT98SC family members feature (refer to [ATM-AT98] for further details):
•
Various communication interfaces including SPI (Serial Protocol Interface) and USB
(Universal Serial Bus)
•
Low pin count (Reset, Vcc, GND, and communication interface specific pins) so integration
into an existing board is simple. AT98SC chips are available in small packages (QFN44) to fit
into the most size-constrained devices.
•
Low power consumption, in order to extend battery life in portable devices and low-power
systems. AT98SC devices consume less than 100 µA in standby mode, and only 5 to 15 mA
during CPU (1)-intensive operations depending on the required action.
•
Embedded firmware that provides advanced functions:
– Secure file system: a fully user-defined nonvolatile storage of sensitive or secret data.
Parts of the file system can be password-protected. It also stores the configuration of
the cryptoalgorithms.
– Administration mode to manage chip internals, security features, cryptographic
configuration and file system contents. It allows downloading data into the AT98SC file
system using an encrypted channel with session keys.
– Command set to perform cryptographic operations using keys and data from the file
system including: authentication, digital signature, encryption/decryption, hash,
random, public key pair generation.
– Cryptographic algorithms: RSA PKCS#1 v2.1 [PKCS1], EC-DSA [FIPS186], [ISO9797]
MAC using 3DES.
– Cryptographic protocols: [ISO9798] secret-key unilateral or mutual authentication and
[FIPS196] public key based unilateral or mutual authentication.
– Robust communication protocol stacked over the physical communication interfaces.
•
An evaluation kit (AT98SC-EV1)
Please refer to the AT98SC family roadmap (2) for a detailed schedule of new features such as:
– X.509 certificate verification/generation
– HOTP algorithm (refer to [OATH])
– TWI (Two-Wire interface), UART(Universal Asynchronous Receiver Transmitter)
– SOIC-8 package or similar
1.
CPU: Central Processing Unit
2.
Contact your local Atmel sales office.
14
6528A–SMIC–17 May 06
Secure Your Embedded Devices
5.2. Customize Your Security?
Currently, it is not possible to load user code on the AT98SC devices. For that reason, the
Python® programming language support is planned. A virtual machine-based Python execution
environment will allow a full customization of the AT98SC operation. Customers will be able to
easily develop their own set of applications embedded in the AT98SC chips using a high-level language without bothering with low-level hardware considerations.
The Python language is already successfully used within the industry (Philips®, NASA, Lucasfilms
Ltd, AstraZeneca® International, Nokia®, etc.) and offers a low-cost solution because it is licensefree. The Python language is also used in portable devices, the most famous example being the
Nokia Series 60 Smartphone embedding a full Python interpreter (see [NOKIA]). Moreover, free
yet efficient development tools are already available (based on IBM®’s Eclipse™ IDE). Python is
appreciated for its fast learning curve, fast application development, maintainability, and readability of source code (See [PYTH-ST]).
6. Conclusion
High-tech goods counterfeiting, multimedia content copying and identity theft have an increasing
cost to industry and consumers. Besides the few examples presented herein, AT9xSC series
microcontrollers can successfully protect a broad range of applications against these threats
among others. Typically, the extra cost of a security chip remains negligible compared to the
derived benefits. With their embedded firmware, AT98SC microcontrollers allow an even easier
implementation of secured embedded systems.
15
6528A–SMIC–17 May 06
Secure Your Embedded Devices
7. References
[AEPOC] European Association for the Protection of Encrypted Works and Services,
Web: http://www.aepoc.org
[ATM-AT98] AT98SC008CT Description, Atmel,
Web: http://www.Atmel.com/dyn/products/product_card.asp?part_id=3882
[ATM-FIN] AT77C105A- FingerChip sensor description, Atmel,
Web: http://www.Atmel.com/dyn/products/product_card.asp?part_id=3609
[ATM-TPM] Trusted Platforms for Homeland Security,
Web: http://www.Atmel.com/dyn/resources/prod_documents/doc5062.pdf
[CNN] Web: http://www.cnn.com/2003/TECH/internet/11/27/itunes.code.ap
[CRI06]Attack of the Clones: Building Clone-Resistant Products, RSA 2006,
Web: http://www.cryptography.com/resources/whitepapers/Clone-Resistance2006.pdf
[FACT] Foundation for Art and Creative Technology, Web: http://www.fact.co.uk
[FINE] US banks given authentication deadline, Oct 2005,
Web: http://www.finextra.com/fullstory.asp?id=14389
[FIPS186] FIPS-PUB 186, Digital Signature Standard, 1994,
Web: http://www.itl.nist.gov/fipspubs/fip186.htm
[FIPS196] Entity authentication using public key cryptography, 1997 February 18,
Web: http://www.itl.nist.gov/fipspubs/fip196.htm
[GAR05] Gartner Survey Shows Frequent Data Security Lapses and Increased Cyber Attacks
Damage Consumer Trust in Online Commerce, 2005 Press Releases, Web:
http://www.gartner.com/press_releases/asset_129754_11.html
[ISO9797] ISO/IEC 9797, “Information technology – Security techniques – Data integrity mechanism using a cryptographic check function employing a block cipher algorithm”, International
Organization for Standardization, Geneva, Switzerland, 1994 (second edition).
[ISO9798] ISO/IEC 9798-2, “Information technology – Security techniques – Entity authentication
– Part 2: Mechanisms using symmetric encipherment algorithms”, International Organization for
Standardization, Geneva, Switzerland,1994 (first edition).
[JAV06] 2006 Identity Fraud Survey Report, Javelin Strategy and Research, January 2006.
[KPMG05] KPMG Report - Managing the Risks of Counterfeiting in the Information Technology
Industry, 2005
[MERC] Counterfeits inundating high-tech market, D. Takahashi (Mercury News),
Web: http://www.siliconvalley.com/mld/siliconvalley/13774284.htm
[MS-CAPI] The Cryptography API, or How to Keep a Secret, Robert Coleridge (MSDN Technology
Group), August 19, 1996, Web: http://msdn.microsoft.com/library/default.asp?url=/library/enus/dncapi/html/msdn_cryptapi.asp
[NOKIA] Python TM for series 60, Web: http://www.forum.nokia.com/python
[OATH] IETF HMAC OTP Draft 4 - Initiative for Open AuTHentication,
Web: http://www.openauthentication.org/pdfs/HMAC_OTP_DRAFT_4.pdf
[PKCS1] PKCS #1: RSA Cryptography Standard, Web: ftp://ftp.rsasecurity.com/pub/pkcs/pkcs1/pkcs-1v2-1.pdf
[PKCS11] PKCS #11 v2.20 : Cryptographic Token Interface Standard,
Web: ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
16
6528A–SMIC–17 May 06
Secure Your Embedded Devices
[PYTH-ST] Python Success Stories, Web: http://www.python.org/about/success
[RFC 1760] The S/KEY One-Time Password System February 1995,
Web: http://rfc.net/rfc1760.html
[RSA-OTP] PKCS #11 v2.20 Amendment 1: PKCS #11 mechanisms for One-Time Password
Tokens, Web: ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20a1.pdf
[SP800-63] Electronic Authentication Guideline, NIST Special Publication 800-63,
Web: http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63v6_3_3.pdf
[USPTO] United States Patents and Trademarks Office,
Web: http://www.uspto.gov/main/profiles/stopfakes.htm
[WPD-DE] DeCSS article, Web: http://www.wikipedia.org/wiki/DeCSS
17
6528A–SMIC–17 May 06
Atmel Corporation
2325 Orchard Parkway
San Jose, CA 95131, USA
Tel: 1(408) 441-0311
Fax: 1(408) 487-2600
Regional Headquarters
Europe
Atmel Sarl
Route des Arsenaux 41
Case Postale 80
CH-1705 Fribourg
Switzerland
Tel: (41) 26-426-5555
Fax: (41) 26-426-5500
Asia
Room 1219
Chinachem Golden Plaza
77 Mody Road Tsimshatsui
East Kowloon
Hong Kong
Tel: (852) 2721-9778
Fax: (852) 2722-1369
Japan
9F, Tonetsu Shinkawa Bldg.
1-24-8 Shinkawa
Chuo-ku, Tokyo 104-0033
Japan
Tel: (81) 3-3523-3551
Fax: (81) 3-3523-7581
Atmel Operations
Memory
2325 Orchard Parkway
San Jose, CA 95131, USA
Tel: 1(408) 441-0311
Fax: 1(408) 436-4314
Microcontrollers
2325 Orchard Parkway
San Jose, CA 95131, USA
Tel: 1(408) 441-0311
Fax: 1(408) 436-4314
La Chantrerie
BP 70602
44306 Nantes Cedex 3, France
Tel: (33) 2-40-18-18-18
Fax: (33) 2-40-18-19-60
ASIC/ASSP/Smart Cards
Zone Industrielle
13106 Rousset Cedex, France
Tel: (33) 4-42-53-60-00
Fax: (33) 4-42-53-60-01
RF/Automotive
Theresienstrasse 2
Postfach 3535
74025 Heilbronn, Germany
Tel: (49) 71-31-67-0
Fax: (49) 71-31-67-2340
1150 East Cheyenne Mtn. Blvd.
Colorado Springs, CO 80906, USA
Tel: 1(719) 576-3300
Fax: 1(719) 540-1759
Biometrics/Imaging/Hi-Rel MPU/
High Speed Converters/RF Datacom
Avenue de Rochepleine
BP 123
38521 Saint-Egreve Cedex, France
Tel: (33) 4-76-58-30-00
Fax: (33) 4-76-58-34-80
1150 East Cheyenne Mtn. Blvd.
Colorado Springs, CO 80906, USA
Tel: 1(719) 576-3300
Fax: 1(719) 540-1759
Scottish Enterprise Technology Park
Maxwell Building
East Kilbride G75 0QR, Scotland
Tel: (44) 1355-803-000
Fax: (44) 1355-242-743
Literature Requests
www.atmel.com/literature
Disclaimer: The information in this document is provided in connection with Atmel products. No license, express or implied, by estoppel or otherwise, to any
intellectual property right is granted by this document or in connection with the sale of Atmel products. EXCEPT AS SET FORTH IN ATMEL’S TERMS AND CONDITIONS OF SALE LOCATED ON ATMEL’S WEB SITE, ATMEL ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY
WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL ATMEL BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF INFORMATION) ARISING OUT
OF THE USE OR INABILITY TO USE THIS DOCUMENT, EVEN IF ATMEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Atmel makes no
representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications
and product descriptions at any time without notice. Atmel does not make any commitment to update the information contained herein. Atmel’s products are not
intended, authorized, or warranted for use as components in applications intended to support or sustain life.
© Atmel Corporation 2006. All rights reserved. Atmel ®, logo and combinations thereof, Everywhere You Are ® and others, are registered
trademarks or trademarks of Atmel Corporation or its subsidiaries. Other terms and product names may be trademarks of others.
6528A–SMIC–17 May 06