Secure personalization service safeguards your IP

Written by Steve Jarmusz

Afraid of having your IP/firmware stolen?  Don’t want unauthorized accessories in the marketplace taking revenue that’s rightfully yours and potentially damaging your brand equity?  Security concerns are serious and worth addressing, but what if you don’t have the expertise in cryptography or infrastructure?

Well, one turnkey solution that does not require security expertise are Atmel ATSHA204 CryptoAuthentication™ ICs.  Atmel provides a personalization service to customers of CryptoAuthentication products. This personalization service (configuring the CryptoAuthentication device for a specific application) is performed at final package test. Before this service can be performed, Atmel solicits secrets from the customer while never knowing the value of those secrets. The secrets are received from the customer encrypted and stay encrypted until they are requested by the test program at final package test. Because of the transport key mechanism innate to the ATSHA204 silicon, these secrets are even encrypted at the probe tips while they are being placed into the secure memory of the ATSHA204.

How does Atmel protect the secrets solicited from customers? We use a SafeNet Hardware Security Module (HSM), which are ranked #1 in worldwide markets. HSMs provide the highest performing, most secure transaction security solutions for enterprise and government organizations. They are used in banking, military, and other government applications where information security is paramount.

SafeNet, Hardware Safety Module

Atmel sends customers that are going to use the Secure Personalization Service the public key of a RSA key pair that was generated and stored on the HSM. Atmel also provides a template that represents the CryptoAuthentications memory contents and an encryption utility. Once the customer fills in this template with their specific data, it is encrypted with an AES key generated by the encryption utility. After AES encryption, the AES key is encrypted with the public RSA key and then deleted.

The encryption utility subsequently packages the AES encrypted template with customer secrets, the encrypted AES key and various other non-encrypted data used for data integrity into a file that is sent to Atmel. This file then is placed on the HSM system at locations performing the final ATSHA204 package tests. When the tester has determined that the ATSHA204 has passed all functional and electrical tests, that file is sent into the HSM for decryption. It is here that the secrets are placed into the ATSHA204 device’s secure memory. Both device and the SafeNet HSM are tamper proof. If a physical attack or tamper is detected, all data contents are destroyed.

A Turnkey Security Solution for Accessories Authentication = $$$ in Your Pocket

By: Steve Jarmusz

An accessory could be really anything that works with a host or base system.  It could be a power charger, pair of speakers, cable, or as I mentioned, anything.   There are number of reasons why you would want to authenticate your accessories, to guard them against cloning and counterfeiting.  You may want to protect your brand or company’s reputation.  Apple does this with the “MFI” policy that they have initiated.  You might want to protect  customer safety.  Having a cloned surgical instrument or medical device that does not possess the same quality as the authentic product could be risky.   There have been a number of cases publicized  where the cloned product does not perform as well as the original.  A battery in cell phones and portable devices is one that comes to mind.  You can get really cheap knockoffs on E-Bay, but they may not last or have the storage capability as the OEM versions.  There are a number of authentication schemes that could be used to perform the accessory authentication sequence.  The most popular method that we have found is the Random Challenge Response method.

Atmel CryptoAuthentication

By adding an Atmel ATSHA204 CryptoAuthentication device to the host, the system is able to generate a Random Challenge for the client on the fly. In addition, by generating the challenge internally with the host’s ATSHA204 device, the response is unknown to the system, allowing the use of an unsecured processor without the threat that an attacker will be able to learn the system secrets. This dramatically limits the ability of an unauthorized device from producing the correct response.  You could also do this without a hardware device on the host, but the downside is less security.  Security is also very critical in many other applications. To learn more, check out this white paper on the technology and various use cases.

---

What can a hardware security chip do for you?

By: Maurice Jackson

When you embark on your next design, you should seriously consider what, in your design, is valuable—and, therefore, vulnerable to security breaches by thieves or hackers.   Make a list, check it twice, and I am certain that the Atmel CryptoAuthentication™ family of high-security hardware authentication devices can help.  The devices offer a flexible command set that allows use for many applications, including the following:

•  Anti-counterfeiting

Validate that a removable, replaceable, or consumable client is authentic. Example clients could be printer ink cartridges, electronic daughter cards, or other spare parts. It can also be used to validate a software/firmware module or memory storage element.

•  Protection for Firmware or Media

Validate code stored in Flash memory at boot to prevent unauthorized modifications (aka secure boot), encrypt downloaded media files, and uniquely encrypt code images to be usable on a single system only.

•  Session Key Exchange

Securely and easily exchange stream encryption keys for use by an encryption/decryption engine in the system microprocessor to manage such things as a confidential communications channel or an encrypted download.

•  Secure Data Storage

Store secret keys for use by crypto accelerators in standard microprocessors. It can also be used to store small quantities of data necessary for configuration, calibration, ePurse value, consumption data, or other secrets. Programmable protection up through encrypted/authenticated reads and writes.

•  User Password Checking

Validate user entered passwords without letting the expected value become known, map simple passwords to complex ones, and securely exchange password values with remote system.

•  Guaranteed Unique Serial Number

Each device has a unique 72-bit serial number.  The device can double as a storage for the unique serial number.

•  High-Quality Random Number Generator

The device includes an internal, high-quality random number generator (RNG).  As such, the device can be used as the source of an RNG.

Counterfeited accessories are everywhere. Prevent Hacking with Authentication.

Battery packs, printer cartridges and refrigerator water filters are just a few examples of critical consumable accessories that make appliances and devices function properly.  With their limited lifespan, hundreds of millions of these consumable accessories are manufactured and sold every year. This makes these items a lucrative target for unsavory companies that want to get in on the action with their cheap knockoffs.  “According to The World Health Organization (WHO), 6% to 8% of the total medical device market is comprised of counterfeit goods.” As a result, billions of dollars can be lost by their rightful owners, the OEMs, and, sometimes, consumers can be impacted by subpar quality and incompatibility with their appliances or devices.  When a consumer’s experience is soured due to the use of unauthorized accessories, fingers are often wrongfully pointed at the OEMs, accusing them of building shoddy products when, in fact, the problem is caused by the knockoffs.  At this point, brand equities along with the valuable trust forged between the company and its customers have already been damaged.  As an OEM, one easy way that you can protect your consumable accessories is by designing into them a low-cost security chip, which protects against cloning, counterfeiting and other security breaches.

 

Protecting your revenue stream

From MP3 players to smartphones to tablets, our mobile devices are becoming smarter and more connected by the day. Because these devices can do more for us, we are using them more and, as a result, need to charge them more frequently. In keeping with our on-the-go lifestyles, we’re charging our mobile devices wherever we are, often with any charging cable available. Indeed, accessories are usually a big source of revenue for equipment companies—often, a charging cable can be developed at a cost of just a few bucks but is sold for as much as $20. Some unsavory companies exploit the lack of protection on this equipment by coming out with knockoffs that sell for a fraction of the price that the equipment companies charge.  Sounds great for consumers, but often, not only do the OEMs suffer from revenue loss, the consumers end up spending money on subpar products. Knockoff charging cables could result in longer charge times, have a much shorter lifespan or even damage the devices they are connected to.  OEMs are also exposed to much greater liabilities by allowing knockoffs of their products to be available in the marketplace.

There’s an easy enough way for companies to protect their investment and limit their liability exposures—implementing a security chip into their designs. By choosing a turnkey security chip that is robust and easy to integrate, OEMs can protect against cloning, counterfeiting and other piracy attacks.