Despite its obvious importance, security often takes a backseat when it comes to designing a device or electronic component.
Perhaps one of the most shocking examples of security failure in the electronic world was highlighted last year during the Black Hat conference when a hacker demonstrated how he used a simple microcontroller to compromise hotel room doors by accessing 32-bit keys.
Unfortunately, the above-mentioned breach is hardly an isolated incident, as hacks for poorly secured hardware can be found swirling around the internet ether where they are routinely bought and sold by less-than-savory elements.
While it may seem somewhat daunting, securing a device can be made easier with an optimized authentication chip like Atmel’s ATSHA204 which includes a 4.5Kb EEPROM. This array can be used for the storage of keys, miscellaneous read/write, read-only, password or secret data. As expected, access to various sections of memory can be restricted in a variety of ways, with the configuration locked to prevent changes.
The chip also boasts a number of defensive mechanisms specifically designed to prevent physical attacks on the silicon itself or logical attacks on the data transmitted between the chip and the system. Plus, each ATSHA204 ships with a unique 72-bit serial number. By using the cryptographic protocols supported by the chip, a host system or remote server is able to prove the serial number is authentic and not a copy.
In addition, the ATSHA204 is capable of generating high-quality random numbers and employing them for any purpose, including usage as part of the crypto protocols of the chip. Access to the silicon is granted via a standard I²C interface at speeds up to 1Mb/sec. And last but certainly not least, it is compatible with most UART or serial IO controllers.
So that’s the physical spec rundown, but what about specific attacks ATSHA204 is designed to shield against? Well, the authentication chip is capable of helping to protect devices from a variety of nefarious threats, including algorithmic, protocol, microprobe, environmental, timing, bug, dumpster diving, emissions, fault and power cycling.
Meanwhile, a secure boot system prevents unauthorized modification of host firmware and protects against hackers enabling extra features without payment. And last, but certainly not least, the ATSHA204 helps thwart illicit system copies, piracy and code reverse engineering.
So while securing a device may seem like somewhat of a daunting task, especially in the face of so many critical threats, Atmel’s ATSHA204 is a comprehensive hardware-based solution that offers full applications support for both AVR and ARM systems, while helping to streamline and optimize the lockdown process.