Why Should You Consider Hardware Security on the Host Side?

By: Rocendo Bracamontes

Over the last year, I’ve come across many different applications and systems that require security. The majority of them can be categorized as follows:  accessory authentication, consumables, system anti-cloning and session key exchange.

Since the ATSHA204, the latest Atmel CryptoAuthentication™ device, uses a symmetric algorithm, the system where the security is implemented requires the same key at the host and the client.

To provide the best security, designers are recommended, with few exceptions, to include a “host” chip ATSHA204 that holds the system’s symmetric keys.

The following example illustrates a critical application where the usage of hardware security on the transmitter (host) is crucial to perform a receiver (client) authentication over a network. For example, this applies to smart meters, industrial lighting and sensitive sensor networks.

Without it, the transmitter would have to store the secret keys in Flash and perform the cryptographic functions by software, making the system vulnerable to malicious hacks, and impacting overall system performance.  To learn more about why hardware security is recommended over software security, check out our previous blog post on this topic.

Hardware Security on Host Side

Protecting your revenue stream

From MP3 players to smartphones to tablets, our mobile devices are becoming smarter and more connected by the day. Because these devices can do more for us, we are using them more and, as a result, need to charge them more frequently. In keeping with our on-the-go lifestyles, we’re charging our mobile devices wherever we are, often with any charging cable available. Indeed, accessories are usually a big source of revenue for equipment companies—often, a charging cable can be developed at a cost of just a few bucks but is sold for as much as $20. Some unsavory companies exploit the lack of protection on this equipment by coming out with knockoffs that sell for a fraction of the price that the equipment companies charge.  Sounds great for consumers, but often, not only do the OEMs suffer from revenue loss, the consumers end up spending money on subpar products. Knockoff charging cables could result in longer charge times, have a much shorter lifespan or even damage the devices they are connected to.  OEMs are also exposed to much greater liabilities by allowing knockoffs of their products to be available in the marketplace.

There’s an easy enough way for companies to protect their investment and limit their liability exposures—implementing a security chip into their designs. By choosing a turnkey security chip that is robust and easy to integrate, OEMs can protect against cloning, counterfeiting and other piracy attacks.