By: Ronnie Thomas
Read almost any major newspaper and you will see companies world-wide that have lost money due to theft of their intellectual property in the form of proprietary software or embedded firmware. The Atmel ATSHA204 CryptoAuthentication device is a great product to protect intellectual property by providing an inexpensive solution to protect software. The ATSHA204 capabilities include challenge-response functionality, diversified key schemes, rolling keys, and other protections to thwart would-be thieves.
In addition, there are other counter-hacker techniques that could be leveraged with the ATSHA204 IC to provide more software theft protection, including:
When you use multiple challenge-response pairs, the system will choose a set of challenge/response pairs based on some algorithm in the system code. This could be a function call to the c library rand() or a fibonchi lfsr. The number of challenge/response pairs are limited by the amount of space that a given system has to store the support code and challenge/response pairs. In addition, this scenario could be made more complex by offsetting the where the challenge and its corresponding response or held in memory (i.e. the challenge could be held in array 5, while the response could be held in array 23.
- Chaining challenge-responses
In the chaining Challenge Response Technique, each response from the ATSHA204 can be fed back out as the new challenge. At some point the response would be evaluated and checked that the authentication verified successfully. By not evaluating the response each time the system gets the response from the client, the chain could execute a specified number of rounds without triggering a negative effect. If a hacker were monitoring the bus and failed the authentication check, they would not know which challenge/response was invalid.
- Code Misdirection
Code misdirection is the addition of code in the equation that obfuscates to some degree the code path that is being executed, thereby making it harder for would-be hackers to clone a device. A function pointer is declared, a check is done with in a local function. Once the answer is received the function pointer is set to null. This makes it harder to de-compile the source code and clone a device. Code misdirection could also be used to point to code that causes severe penalties if the response to a given challenge is incorrect, such as pointing to a infinite loop or code that does something destructive.
- Move the Challenge to TempKey
In this example technique, a challenge could be stored in a reserved 32-byte register. At some point much later, the MAC command could be ran on the stored challenge and the response then could be sent back to the system. In this way it is much harder to pair a given challenge to that response.
- Rolled Key Mechanism
Instead of using a “static” key in the authentication calculation, the rolled key function in the ATSHA204 adds security by changing the key value used in the calculation by combining some offset values and creating a new key. The offset value could be something meaningful like the serial number, time stamp, random number, etc. This new key would permanently remove the original key. After the key has been changed, there is no way to recover the original key. Instead of the challenge and response being the main source of protection, the keys themselves become that protection.
These are just a few examples of techniques that could be used. The examples could be used in combination with one another or with some other technique not mentioned. The end result should be the same when these measures fail by either:
- Reducing functionality
- Making a device inoperable
- Sending error messages
- Blacklisting the device
- Having code do something unexpected or incorrect
- Some other creative approach
If you are interested in learning more about using the ATSHA204 CryptoAuthentication device to protect against these counter-hacker techniques, please contact one of our security experts at firstname.lastname@example.org.