Tag Archives: hardware security

The “three-legged stool” of cryptography

Implementing true IoT requires a three-pronged approach, like a three-legged stool. 

Implementing true security in Internet of Things (IoT) devices requires a three-pronged approach. Like a three-legged stool, each of these legs are required to properly achieve security with at least two of these so-called legs demanding a hardware-based approach.


These legs consist of:

  • A strong cryptographic cipher for the job
  • High entropy, cryptographically secure, random number generator (Crypto RNG)
  • Persistent secure key storage with active tamper detection

Now, let’s go over these one by one.

A Strong Cryptographic Cipher for the Job

A cipher is a cryptographic algorithm for performing encryption and decryption, which needs to be strong enough for the application at hand. A one-time pad is considered the only unbreakable cipher, so theoretically all other ciphers can be eventually broken. Time and cost are the two usual measures of breaking any cipher.


The cover time of a secret refers to the amount of time that the message needs to be kept secret. A tactical secret, such as a command to fire a particular missile at a particular target has a cover time from the moment the commander sends the message to the moment the missile strikes the target. After that, there isn’t much value in the secret. If an algorithm is known to be breakable within a few hours, even that algorithm provides enough cover time for the missile firing scenario.

On the other hand, if the communication is the long term strategy of the entire war, this has a cover time significantly longer and a much stronger cipher would be required.


Generally, the time it takes to break any cipher is directly relates to the computation power of the system and the mathematical skills of your adversary. This usually directly coincides with the cost, so the value of your secret will, in a large part, determine how much effort is put into breaking your cryptography.

Therefore, you want to select a cipher which is well known to be strong, has been open to both academia and the public, and survived their scrutiny. Vigorously avoid proprietary algorithms claiming to be strong. The only thing which can speak to a cipher’s strength is for it to be fully open to scrutiny.

These types of proven ciphers are available within Atmel’s line of microcontrollers and microprocessors.

High Entropy, Cryptographically Secure, Random Number Generator

The importance of a Crypto RNG cannot be overstated. Some of the things which rely on the randomness of the random number include:

  • Key stream in one-time pads
  • Primes p, q in the RSA algorithm
  • Private key in digital signature algorithms
  • Initialization vectors for cipher modes

… The list of critically important requirements for high randomness is long.

Any modern cipher, regardless of intrinsic strength, is only as strong as the random number generator used. Lack of adequate entropy in the random number significantly reduces the computational energy needed for attacks. Cryptographically secure random number generators are important in every phase of public key cryptography.

To realize a cryptographically secure random number generator, a high quality deterministic random number generator and a high entropy source, or sources, are employed. The resulting generator needs to produce numbers statistically independent of each other. The output needs to survive the next bit test, which tests the possibility to predict the next bit of any sequence generated, while knowing all prior numbers generated, with a probability of success significantly greater than 0.5. This is no trivial task for randomly generating numbers as long as 2256.

It is incredibly hard to create a Crypto RNG. Even if you had the code right, there is not enough entropy sources in an embedded system to devise a cryptographically secure random number generator. Most embedded systems, especially IoT nodes are, well, pretty boring. At least when considered in the context of entropy. 2256 bits is a larger number than the number of all the stars in the entire universe. How much entropy do you really think exists in your battery powered sensor?

Companies serious about security put a lot of effort into their Crypto RNGs and have their generators validated by the National Institute of Standards and Technology (NIST), the government body overseeing cryptographic standards in the U.S. and jointly with Canada.

Any assurance or statements that a RNG is “compliant” or “meets standards” and is not validated by NIST is unacceptable within the cryptographic community. A Random Number Generator is either on NIST’s RNG Validation List or it isn’t. It’s as simple as that.

Atmel is just such a serious company. The Crypto RNG that Atmel has used in all if its CryptoAuthentication devices is validated by NIST and can be publicly found on the list here.

Persistent Secure Key Storage with Active Tamper Detection

Strong ciphers supported with high entropy random numbers are used to keep adversaries away from our secrets, but their value is zero if an adversary can easily obtain the keys used to authenticate and encrypt.

System security completely relies on the security of the keys. Protection and safeguarding of these keys and primary keying material is critically important to any cryptographic system. Your secret/private keys are, by far, the most rewarding prize to any adversary.

If your keys are compromised, an adversary will have access to every secret message you’ve ever sent, like a flower offering its nectar to a honeybee. To add insult to injury, nobody will inform you the keys have been compromised. You will go on sending “secret” messages, blissfully unaware your adversaries can read them at their leisure… completely unhindered.

A very well respected manager in our crypto business unit puts it this way; Keys need to be protected behind “guns, guards, and dogs.”

Holding cryptographic keys in software or firmware is akin to placing your house key under the front mat, or above the door, or in that one flowerpot nobody will ever think of looking in.

Adversaries will unleash a myriad of attacks on your system in an effort to obtain your keys.   If they can get their hands on your equipment, as is often the case with IoT devices, they will rip them apart. They will employ environmental attacks. They will decapsulate and probe the die of your microcontrollers. There is no limit to what they can and will do.

Atmel’s line of CryptoAuthentication devices offers a long list of active defenses to these attacks as well as providing an external tamper detect capability you can use to secure your devices from physical intrusion and warranty violation.


As stated in this brief of the three elements which enable truly secure systems, the security of the keys and the quality of the random numbers used will complete or compromise any cipher, no matter the mode used.

Inadequate entropy in a random number generator compromises every aspect of cryptography, because it is relied upon from the generation of keys to supplying initialization vectors for cipher modes. Atmel’s hardware crypto-authentication devices ensure you have a NIST validated cryptographically secure random number generator.

Keys, signatures, and certificates require a persistent secure vault to protect them. The very elements which ensure the authority, security and integrity of your system cannot be left in the attackable open.

Keys held in software or firmware are easily recovered. Typical microcontrollers and microprocessors do not contain the protections needed to keep out adversaries. Even newer processors with secure zones have very limited key storage and no generation functionality. From software protocol attacks to environmental and hardware probing, the ways and means of an adversary to recover keys from your software/firmware are nearly unlimited. This is akin to hanging your house key in a flimsy silk pouch on your front door knob.

Hardware security offers a number of benefits:

  • Secure storage of digital signatures and certificates
  • Secure storage of key hierarchy
  • Stopping adversaries from hacking your code
  • Secure boot and program image checking
  • Stopping unscrupulous contract manufacturers from over building your product
  • Creating new revenue streams by allowing premium services to be purchased post deployment
  • Limiting the life of products, e.g. the number of squirts an ink cartridge has, thereby thwarting refill/reuse
  • Streamlining deployed product tracking and warranty services

With regards to creating a truly secure system, active hardware protection for keys and cryptographically secure random numbers are not an option — they are a necessity.

Atmel’s CryptoAuthentication devices offer a high security, tamper resistant, physical environment within which to store and use keys for digital signatures, key generation/exchange/management, and perform authentication. Atmel is very serious about security. In addition to testing, validations and approvals by certifying entities, we employ third party labs to apply the very latest attacks and intrusion methodologies to our extremely resilient devices. The methodologies and results of these tests are available to our customers under non-disclosure agreement.

The 10 challenges of securing IoT communications

From the very beginning of developing an IoT product, IoT security must be a forethought.

One of the hottest topics at last week’s IoT StreamConf was security. In other words, how are we going to secure communication for billions of connected devices? How can we ensure that attackers can’t take control of our devices, steal information, disrupt services, or take down entire networks of expensive, imperative devices?

With IoT is still in its early stages, security is not fully understood and well-defined when compared to other industries, like the financial and e-commerce sectors. From the very beginning of developing an IoT product, whether it’s small-scale like a wearable device, to massive-scale IoT deployments, like an oil field sensor network or global delivery operation, IoT security must be a forethought.


In this talk, Rohini Pandhi, Product Manager at PubNub, walks through the ten challenges of securing Internet of Things communication. Rohini discusses flexible and secure messaging design patterns for IoT communication, and how they can be implemented and scaled. There are a number of security considerations, but after watching this talk, you should have a good idea of how you can secure your IoT deployment.

(Scroll below video for a table of contents of when individual concepts are talked about in the video).

Video Table of Contents

  1. Defining the Internet of Things (10:27)
  2. Unprotected devices will be attacked (13:15)
  3. Encryption (15:46)
  4. Single security model for all communications (17:56)
  5. Access control (20:13)
  6. Tracking device metadata (21:14)
  7. Provisioning in the field (22:38)
  8. Firmware updates in the field (24:07)
  9. Compliance with regulations (25:15)
  10. Reinventing the wheel (26:17)

More Resources on Securing IoT Communication

Below are a couple great pieces on IoT security, and some code tutorials for IoT developers:

Keeping consumables real

The most cost-effective and secure way to keep things real is through symmetric authentication without secret storage on the host using a fixed challenge.

With the ever present threat of counterfeiting, having a cost-effective and highly-secure way to ensure that a consumable product is real is a great idea. In fact, there is a proven industry standard approach to apply sophisticated cryptographic engineering and mathematics to fight counterfeiting; namely, crypto elements like the Atmel ATSHA204A device.

Crypto elements can attach to a consumable good, such as the classic example of an ink cartridge, even without being soldered in. The device can be glued directly outside of the product. When the ink or other consumable is inserted into the host system (where the MCU is), the crypto element makes contact and the host is able to communicate with the item to validate whether or not it is real. This is called authentication.


The most cost-effective yet secure way to authenticate is through symmetric authentication without secret storage on the host using a fixed challenge.

With symmetric authentication, a client and the host run the exact same calculation on each side, and if the client (the consumable) is real, then the results of those calculations (called the “responses”) will match. There is a way to go about using a very inexpensive MCU without running the crypto calculations within the host side’s MCU. That is where the concept of fixed challenge comes into play. The idea of a fixed challenge is that the calculation done for the host is conducted ahead of time, and the challenge/response pair from that calculation is loaded into the host.

The fixed challenge method is ideal when certain considerations are in play, such as the folowing:

  1. Very limited processing power (e.g. low-cost MCU)
  2. Abundance of available memory to easily store challenge-response pairs (e.g. in a smartphone)
  3. Need to get something out quickly or temporarily (e.g. time to market)
  4. Need a very low cost on the host (e.g. can’t afford adding a key storage device)
  5. Desire to not store a secret key in the host

So, how does a fixed challenge work? Like with other challenge-response operations, the process starts with the host controller sending the client a numerical challenge to be used in a calculation to create a response, which then gets compared to a “response” number in the host. What makes this “fixed” is that, because there is no crypto device in the host to generate random numbers (or make digests using hashing algorithms), the challenge cannot be random. That means that the challenges and their corresponding responses must be pre-calculated using the client’s secret key and the challenge and response pair loaded into the memory of the host. This can be looked at as effectively time-shifting the calculations used for authentication.

fixed 1

Let’s look at an example using the ATSHA204A installed in the client.

Step 1: In the factory when the host manufactured challenges are loaded into the host MCU memory together with a response that is calculated by hashing the client’s secret with that challenge.

Step 2: When the consumable is inserted into the host machine out in the field, the host MCU will ask the client (consumable) to prove it is real by sending it the preloaded challenge.

Step 3: The client will then run the hash algorithm on that challenge number using its stored secret key to generate a response, which it sends back to the host.

Step 4: The host will compare the response from the clients with the preloaded response value stored in its memory.

Step 5: If the client is real, the response from the client (which is the hash value based on the secret key and the challenge) will be the same as the response value that was preloaded in the host.

Since each host is loaded with a different challenge/response pair, each product that the host is incorporated into is then unique by definition. Cloning beyond only one copy is impossible; thus, this is a highly-secure and very cost-effective technique as it can be easily implemented with very inexpensive MCUs.

This approach can be used for firmware protection and designs with no secrets in the host (as noted), as well as be implemented with very low-cost MCUs that do not have the processing power to run the hashing algorithms.

The many benefits of fixed challenge authentication:

  • Symmetric authentication is fast
  • No secrets in the host
  • Can use low-cost MCU of host because less computation is needed for a fixed challenge
  • Prevents cloning
  • Protects investments in firmware
  • Enhances safety
  • Protects revenue stream
  • Protects brand image
  • Better control of the supply channel

Atmel crypto element devices — including ATSHA204AATECC108AATECC508A and ATAES132A — implement hardware-based key storage, which is much stronger than software based storage due to the defense mechanisms that only hardware can provide against attacks. Secure storage in hardware beats storage in software every time. Adding secure key storage is an inexpensive, easy, and ultra-secure way to protect firmware, software, and hardware products from cloning, counterfeiting, hacking, and other malicious threats.

Report: Smart home devices have security flaws

Connected home devices like cameras and thermostats can be easy targets for hackers, cybersecurity firm explains. 

With a new breach seemingly every day, consumers are more on-guard than ever before when it comes to ensuring the security of their personal information from cyber criminals. And, rightfully so. Validating the cause for such concerns is a new report from Synack that highlights the ease in which malicious hackers can access a majority of smart home devices on the market today. Quite ironically, many of them are security gadgets — the same products that are supposed to keep you protected.


Writing for Gigaom, Stacey Higginbotham notes that the firm had conducted an in-depth analysis on a number of today’s most-popular smart home gadgets, including cameras, thermostats, smoke detectors and automation controllers. Upon reviewing 16 of these devices, researchers discovered a vast majority of them possess some serious vulnerabilities.

Colby Moore, a security analyst for Synack, told Gigaom that it took him only 20 minutes to break into all but one of the assorted devices during testing. Furthermore, the company believes the lack of security for such products could derive from the fact that there are no set standards for smart home security.

“Right now the internet of things is like computer security was in the ‘90s, when everything was new and no one had any security standards or any way to monitor their devices for security,” Moore says.

Upon finishing the investigation, Synack found the worst performing devices to be, in fact, connected cameras. Each of the five camera products examined had issues either with encryption or password security. As for thermostats, Nest was deemed to be the most secure, although it did lose points for a weak password policy. Others were cited for having problems with password policies, encryption and a long history of flaws across product lines.


Meanwhile, a number of smoke and carbon dioxide detectors didn’t fare so well either. The analyst reveals that this category could fall victim to a supply chain-based attack, meaning someone could intercept the device and change a component.

Lastly, a few of the home controllers are believed to have issues with exposed service and insecure architecture, while others lack proper password policies as well. In all, Moore shares with Gigaom that the security of smart home devices today is “abysmal.” He suggests users hardwire as many devices as possible, enable automatic firmware updates and utilize strong passwords.

“Smart homes are a dumb idea if they are not secure. And that means secure at every node,” Atmel resident security expert Bill Boldt chimed in on the matter. “Who wants a home that allows people to monitor them? There is already a website out there showing pictures of people intercepted from their own home security cameras. That is just the top of the iceberg. Nodes of all types from thermostats to cameras, to meters, appliances need to be authenticated and encrypted. Consumers will soon figure that out and demand it.”

Interested in reading more? Head over to Gigaom’s entire writeup. You can also discover how to add enhanced authentication and encryption into your next design here.

Security researcher discovers vulnerability in talking toy dolls

That doll just said what?! 

Vivid Toy’s best-selling doll My Friend Cayla has vulnerabilities which can be exploited by malicious hackers to make the talking toy say what they want remotely, which was first revealed by security researcher Ken Munro of Pen Test Partners in a recent interview with BBC News. While the actual flaw has not been disclosed, it is known to be in the pairing of Cayla with the mobile device.


Cayla may appear to be like any other doll on the market today — 18” tall, blond hair, jean jacket, graphic t-shirt and pink skirt — but is equipped with a built-in speaker and a necklace that acts as a listening device. She uses uses speech recognition software and Google Translate technology to answer children’s questions, all while transmitting the words to an app on either an iOS or Android device. That device connects to Cayla via Bluetooth and relays what the child says, translates it into text and uses keywords to browse the web for a response.

BBC reached out to Vivid Toys regarding the vulnerability, who stated, “The hacking was an isolated example carried out by a specialist team – but nevertheless the company would take the information on board as it was able to upgrade the app used with the doll.”

The doll’s distributor had noted that if a child were to say a foul word or pose an question, it would refrain from answering with anything more than “That’s inappropriate” or “I don’t know.” However, as Munro’s research reveals, that she can be made to say much worse things to a child if hacked. For instance, Cayla closes out the interview warning, “Be careful parents. Who knows what I may say next?”

As mentioned in a recent Forbes writeup, a lack of security on the mobile app makes it rather easy for a hacker to change her stock responses from child-friendly platitudes to much more offensive content. An attacker would simply need to pair the dolly with their own device, Munro warns, either by quickly grabbing the toy or finding a way to remotely exploit the phone.

“We don’t think it would take much to turn her into a device to spy on and potentially interact with children. You would be well advised to make sure that she is switched off when not explicitly in use and make sure that the mobile device is secured with a strong PIN, also kept and patched up to date. In the longer term the manufacturer should apply a PIN for the Bluetooth pairing process, but we don’t think that can be done without a product recall.”

Coincidentally enough, Atmel resident security expert just examined the issue in-depth, highlighting that while some sort of IoT is possible without security, without security it would really just be a toy. And this incident proves just that… literally.

“Security matters because users must trust that the nodes are who they say they are (i.e. authentic). Additionally, confidentiality of the data is important to keep unauthorized third parties from getting the data and misusing it. Also, without data integrity mechanisms there is no way to ensure that the data have not been tampered with or corrupted. All three of these matter. A lot,” Boldt writes.

What is Ambient Security?

New technology and business buzzwords pop up constantly. Hardly a day goes by that you don’t see or hear words such as “cloud”, “IoT,” or “big data.” Let’s add one more to the list: “Ambient security.”

Ambient 1

You’ll notice that big data, the cloud, and the IoT are all connected, literally and figuratively, and that is the point. Billions of things will communicate with each other without human intervention, mainly through the cloud, and will be used to collect phenomenal and unprecedented amounts of data that will ultimately change the universe.

As everything gets connected, each and every thing will also need to be secure. Without security, there is no way to trust that the things are who they say they are (i.e. authentic), and that the data has not been altered (i.e. data integrity). Due to the drive for bigger data, the cloud and smart communicating things are becoming ambient; and, because those things all require security, security itself is becoming ambient as well.  Fortunately, there is a method to easily spread strong security to all the nodes. (Hint: Atmel CryptoAuthentication.)

Big Data

At the moment, big data can be described as the use of inductive statistics and nonlinear system analysis on large amounts of low density (or quickly changing) data to determine correlations, regressions, and causal effects that were not previously possible. Increases in network size, bandwidth, and computing power are among the things enabling this data to get bigger — and this is happening at an exponential rate.

Big data became possible when the PC browser-based Internet first appeared, which paved the way for data being transferred around the globe. The sharp rise in data traffic was driven to a large extent by social media and companies’ desire to track purchasing and browsing habits to find ways to micro-target purchasers. This is the digitally-profiled world that Google, Amazon, Facebook, and other super-disruptors foisted upon us.  Like it or not, we are all being profiled, all the time, and are each complicit in that process. The march to bigger data continues despite the loss of privacy and is, in fact, driving a downfall in privacy. (Yet that’s a topic for another article.)


The smart mobile revolution created the next stage of “biggering” (in the parlance of Dr. Seuss). Cell phones metamorphosed from a hybrid of old-fashioned wired telephones and walkie-talkies into full blown hand-held computers, thus releasing herds of new data into the wild. Big data hunters can thank Apple and the Android army for fueling that, with help from the artists formerly known as Nokia, Blackberry, and Motorola. Mobile data has been exploding due to its incredible convenience, utility, and of course, enjoyment factors. Now, the drive for bigger data is continuing beyond humans and into the autonomous realm with the advent of the Internet of Things (IoT).

biggering 1

Bigger Data, Little Things

IoT is clearly looking like the next big thing, which means the next big thing will be literally little things. Those things will be billions of communicating sensors spread across the world like smart dust — dust that talks to the “cloud.”

big data

More Data

The availability of endless data and the capability to effectively process it is creating a snowball effect where big data companies want to collect more data about more things, ad infinitum. You can almost hear chanting in the background: “More data… more data… more data…”

More data means many more potential correlations, and thus more insight to help make profits and propel the missions of non-profit organizations, governments, and other institutions. Big data creates its own appetite, and the data to satisfy that growing appetite will derive from literally everywhere via sensors tied to the Internet. This has already started.

Sensors manufacture data. That is their sole purpose. But, they need a life support system including smarts (i.e. controllers) and communications (such as Wi-Fi, Bluetooth and others). There is one more critical part of that: Security.

No Trust? No IoT! 

There’s no way to create a useful communicating sensor network without node security. To put it a different way, the value of the IoT depends directly on whether those nodes can be trusted. No trust. No IoT.  Without security, the Internet of Things is just a toy.

What exactly is security? It can best be defined by using the three-pillar model, which (ironically) can be referred to as “C.I.A:” Confidentiality, Integrity and Authenticity.



Confidentiality is ensuring that no one can read the message except its intended receiver. This is typically accomplished through encryption and decryption, which hides the message from all parties but the sender and receiver.

Integrity, which is also known as data integrity, is assuring that the received message was not altered. This is done using cryptographic functions. For symmetric, this is typically done by hashing the data with a secret key and sending the resulting MAC with the data to the other side which does the same functions to create the MAC and compare. Sign-verify is the way that asymmetric mechanisms ensure integrity.

Authenticity refers to verification that the sender of a message is who they say they are — in other words, ensuring that the sender is real. Symmetric authentication mechanisms are usually done with a challenge (often a random number) that are sent to the other side, which is hashed with a secret key to create a MAC response, before getting sent back to run the same calculations. These are then compared to the response MACs from both sides.

(Sometimes people add non-repudiation to the list of pillars, which is preventing the sender from later denying that they sent the message in the first place.)

The pillars of security can be  implemented with devices such as Atmel CryptoAuthentication crypto engines with secure key storage. These tiny devices are designed to make it easy to add robust security to lots of little things – -and big things, too.

So, don’t ever lose sight of the fact that big data, little things and cloud-based IoT are not even possible without ambient security. Creating ambient security is what CryptoAuthentication is all about.

TPM: The heavy artillery of cryptography

Data security is becoming a virtual battleground — evident by the number of major data breaches that have broken out at retailers such as Target, Staples, Dairy Queen, Home Depot and EBay, at major banks such as JP Morgan, and at many other institutions worldwide. The recent spate of security viruses such as Heartbleed, Shellshock, Poodle, and BadUSB (and who knows what’s next) have been creating serious angst and concern. And, rightfully so. The question is what exactly should you bring to the cyber battleground to protect your assets? This question matters because everyone who is using software to store cryptographic keys is vulnerable to losing sensitive personal data, and today that is just about everybody. So, choose your weapons carefully.


Fortunately, there are weapons now available that are very powerful while still being cost-effective. The strongest data protection available comes from hardware key storage, which beats software key storage every time. Keys are what make cryptography possible, and keeping secret keys secret is the secret to cryptography. Atmel’s portfolio contains a range of innovative and robust hardware-based security products, with the heavy artillery being the Trusted Platform Module (TPM).


The TPM is a cryptographic device with heavy cryptographic firepower, such as Platform Configuration Registers, protected user configurable non-volatile storage, an enforced key hierarchy, and the ability to both seal and bind data to a TPM. It doesn’t stop there. Atmel’s TPM has a variety of Federal Information Processing Standards (FIPS) 140-2 certified cryptographic algorithms (such as RSA, SHA1, AES, RNG, and HMAC) and various sophisticated physical security counter-measures. The TPM can be used right out-of-the-box with standards-based commands defined by the Trusted Computing Group, along with a set of Atmel-specific commands, which are tested and ready to counter real world attacks.

The Arsenal

Platform Configuration Registers and Secure Boot

One of the important weapons contained in the TPM is a bank of Platform Configuration Registers (PCRs), which use cryptographic hashing functions. These registers can be used to ensure that only trusted code gets loaded at boot time of the system. This is done by using the existing data in a PCR as one input to a hashing function with the other input being new data. The result of that hashing function becomes the new PCR value that will be used as the input to the next hashing function with the next round of new data. This process provides security by continuously changing the value of the PCR.


As the PCR value gets updated, the updated values can then be compared with known hash values stored in the system. If the reference values previously stored in the TPM compare correctly with the newly generated PCR values, then the inputs to the hashing function (new data in the diagram) are proven to have been exactly the same as the reference inputs whose hash is stored on the TPM. Such matching of the hash values verifies the inputs as being authentic.

The PCR flow just described is very useful when enforcing secure boot of the system. Unless the hashes match showing that the code is, indeed, what it is supposed to be, the code will not be loaded. Even if a byte is added, deleted, changed, or if a bit is modified, the system will not boot. For secure boot, the data input to the hashing function is a piece of the BIOS (or operating system).

User Configurable Non-Volatile Storage

Another weapon is user-configurable, non-volatile storage with multiple configuration options. What this means is that the user is presented with several ways to restrict the access and use of the memory space, such as by password, physical presence of the user, and PCR states. Additionally, the memory space can be set up so that it can be written only once, not read until the next write or startup of the TPM, not written to until the next startup of the TPM, and others.

Enforced Key Hierarchy

The TPM also incorporates an enforced key hierarchy, meaning that the keys must have another key acting as a parent key (i.e. a key higher in a hierarchy) for that key to get loaded into the TPM. The authorization information for the parent key needs to be known before the child key can be used, thereby adding another layer of security.

Binding and Sealing Data

Another part of the TPM’s arsenal is the ability to bind and/or seal data to the TPM. A seal operation keeps the data contained (i.e. “sealed”) so that it can only be accessed if a particular pre-defined configuration of the system has been reached. This pre-defined configuration is held within the PCRs on the TPM. The TPM will not unseal the data until the platform configuration matches the configuration stored within the PCRs.

A bind operation creates encrypted data blobs (i.e. binary large objects) that are bound to a private key that is held within the TPM. The data within the blob can only be decrypted with the private key in the TPM. Thus, the data is said to be “bound” to that key — such keys can be reused for different sets of data.

The Armor 

So the Atmel TPM has some pretty cool weapons in its arsenal, but does it have any armor? The answer is yes it does!

FIPS 140-2 Certified 

Atmel has dozens of FIPS 140-2 full module-level certified devices with various I/O’s including LPC, SPI, and I2C. The TPM uses a number of FIPS certified algorithms to perform its operations. These standards were developed, tested, and certified by the United States federal government for use in computer systems. The TPM’s FIPS certified algorithms include RSA, SHA1, HMAC, AES, RNG and CVL (find out more details on Atmel’s TPM FIPS certifications here).


Active Metal Shield

The TPM has built-in physical armor of its own. A serpentine active metal shield with tamper detection covers the entire device. If someone attempts to penetrate this shield to see the structures beneath it, the TPM can detect this and go into a fault condition that prevents further actions on the TPM.

Why TPM?

You might be asking, “Why can’t all those functions just be done in software?” While some of the protections can be provided in software, software alone is not nearly as robust as a hardware-based system. That is because software has bugs, despite how hard the developers try to eliminate them, and hackers can exploit those bugs to gain access to supposedly secure systems. TPM, on the other hand,stores secret keys in protected hardware that hackers cannot get access to, and they cannot attack what they cannot see.

The TPM embeds intelligence via an on-board microcontroller to manage and process cryptographic functions. The commands used by the Atmel TPM have been defined and vetted by the Trusted Computing Group (TCG), which is a global consortium of companies established to define robust standards for hardware security. Furthermore, the Atmel TPM has been successfully tested against TCG’s Compliance Test Suite to ensure conformance. Security is also enhanced because secrets never leave the TPM unless they have been encrypted.

With the battle for your data being an on-going reality, it simply makes sense to fight back with the heaviest artillery available. Combining all the weaponry and armor in one small, strong, cost effective, standards-based and certified package makes the Atmel TPM cryptographic the ideal choice for your arsenal.

This blog was contributed by Tom Moulton, Atmel Firmware Validation Engineer.

Video: Vegard Wollan addresses Internet of Things security

In this video segment from my interview with Vegard Wollan, the co-inventor of the AVR microcontroller, we explore in detail the security problems you need to address as an embedded designer.

Let’s face it, it is obvious that security is a way of thinking. You have to assume bad people are going to try and hack your products. With the oncoming revolution in the Internet of Things, it is important you design the security within, rather than try to tack something on after an exploit.


The co-inventor of the AVR architecture notes that security is essential in embedded systems.

The key thing you have to know is that nothing beats hardware security. This is where the security system is implemented in silicon, storing a secret key, hash algorithms and random-number generator (RNG). Atmel makes both standalone security chips and incorporates the security circuits into some of our microcontrollers including Atmel | SMART ARM-based chips used for smart energy meters. The chips are more sophisticated than a simple IP block. In fact, there are extra layers of metal in the die so that hackers cannot probe the chip without ruining it. Many of the chips also dither the supply current, so a hacker cannot infer the code it is running by observing the tiny variations in supply current as it runs.

Atmel makes symmetrical security chips, where both the chip and the microcontroller code know the secret key, and also asymmetrical security chips, which work like that public and private keys systems you might be familiar with such as PGP and RSA security. And, note that you can uses Atmel’s tiny inexpensive security chips with any microcontroller, 8-bit, 16-bit or 32-bit, including all the micros made by Atmel’s honored competitors.

Interested in more? You can watch the entire 1:1 interview with Vegard here.

Got AES? Got security?

Currently in wide use, AES is a great algorithm that has been implemented in a number of hardware and software systems. It has been carefully studied by legions of cryptanalysts, so it’s often assumed that a system which includes AES is secure. But that assumption isn’t always true – in this post, let’s explore three situations that could cause problems.

Like all cryptographic systems and algorithms, AES depends on a key. If an attacker can get the key, he or she can impersonate the authentic party, decrypt all the network messages and generally eliminate every aspect of the system security. However, a few systems have a great place to store keys that is truly isolated from attack. With the increasing commonality of connected systems, software bugs like Heartbleed can easily find keys that you thought you had carefully protected. If you’re not familiar with Heartbleed, see this great panel from XKCD which does a nice job of explaining it.

Like all cryptographic algorithms, there are many variations to the way in which AES can be used. Lots of systems have been cracked because an improper mode, protocol or procedure was used. The illustration below shows a mode of AES which is the right answer in some cases — but definitely not this one!


The last point is a bit trickier. When encrypting something with AES, most modes require an Initialization Vector (IV). The IV should never be repeated, and in some modes it must be random. There are two problems with a repeated IV: (1) If the attacker could discover the plain text of the first message, he could determine the contents of the second; and (2), If the same message is sent with the same IV, the ciphertext will be the same both times, which could be vital information all by itself.

Problem is that it’s hard to generate a random number. One famous random number generator used the hash of an image of lava lamps – for some years an online site (lavarand) was supported by Silicon Graphics to provide online numbers.


Assuming you don’t have lava lamps and a camera in your system, you might be tempted to use ‘random’ keystrokes, noise on a signal wire, the current time to the ms, or some similar thing. Problem is, while the resulting numbers appear to be random there are often a limited number of choices. Given how fast modern computers execute, an attacker can try literally millions of possibilities in a few seconds and guess your random number!

Many designers rely on dedicated hardware cryptographic devices to help resolve this issue. Generally speaking, they offer solutions to the three points mentioned above:

  • Strong protection for cryptographic keys that is not subject to bugs, malware or other aggressive attacks;
  • Proper use of modes and protocols for the operations performed within the devices; and,
  • High quality random number generators that rely on random physical phenomena and which are rigorously tested

Guess what? Atmel’s CryptoAuthentication devices offer all three in a low-cost small package. Start designing security in your next product with a free CryptoAuthentication tool.

Secure your hardware, software and IoT devices

Evident by a recent infographic published by Forbes, it appears people are finally cognizant of the urgent need for security. It’s clearer than ever that hacking has become a real problem over the web and into electronic devices. With the emergence of the Internet of Things (IoT), we consistently find ourselves connecting these gadgets and gizmos to the web. As a result, security becomes a key issue throughout the entire chain.

Analog Aficionado Paul Rako recently had the chance to catch up with Bill Boldt, Atmel’s resident security expert, to explore the latest threats and trends in security as well as how Atmel can help secure products across the spectrum. Not in the reading mood? There’s a pretty sweet playlist of all the footage from the 1:1 interview here.

In the first segment of the interview, Boldt discusses how an engineer or designer can use Atmel’s CryptoAuthentication chips to ensure that the accessories to a particular product are genuine. Here, the security expert talks about using symmetrical authentication to certify that only a drill manufacturer’s batteries will work on its own drill.

If you recall, Boldt provided an in-depth exploration into this same demo, which can be found here. Though securing hardware is great, if you wanted, you could make this symmetrical authentication protect any kind of plug-in or device, even if it is not electronic. In fact, this safeguard is used on things ranging from ink cartridges to e-cigarettes; moreover, medical device manufactures love this technology since it protects them from liability from knockoff products.

This can help secure products with add-ons or attachments, but an even greater value for hardware security comes when you use these chips to make sure that your device has not had its code or operating system hijacked. Since the interface between the microcontroller and the crypto chip is only sending a random number from the micro, and the one-time result from the crypto chip in response, snooping on the SPI port will not help you crack the code. Now, your microcontroller firmware can query the chip and ensure that it indeed gets the proper result — if someone attacks the firmware and puts their own code, it won’t execute since it cannot get past the protected part of the chip code that has to get a valid response from the crypto chip.

You can extend this to secure downloads as well. As long as your code requires the downloaded segment to query and respond to the tiny crypto chip, only your code will work since only you know the secret key programmed into the chip.

“As a hardware engineer, I am just as fascinated by the cool packages we use as well as all the math and firmware algorithms,” says Rako.

In the subsequent video of the interview, Boldt describes the packaging for the crypto chips, in addition to a unique three-pad package manufactured by Atmel that does not need to be mounted on a circuit board at all.

During the segment, Boldt also delves deeper into some security scenarios for the IoT, incuding some great analogies. Furthermore, the security guru reminds viewers that these Atmel CryptoAuthentication chips will work with any company’s microcontroller, not just Atmel’s.

One thing you hear bandies about in security are the dissimilarities between both symmetric and asymmetric. The aforementioned drill demo was symmetric, since both the drill and the battery had the secret key programmed into the MCU and the crypto chip, respectively. Here, Boldt expands on the topic and how Atmel does all the hard math so you don’t have to worry about it.

Concluding his interview with Rako, Boldt addresses the fact that you can use the crypto chip not only in a drill, but in the charger as well to guarantee that only your OEM charge will charge your OEM batteries. The resident security expert wraps up by noticing that people can counterfeit those holograms on a product’s box, but they can’t hack hardware security chips.

Interested in learning more? Explore hardware-based security solutions for every system design here. Look to secure the full stack? You can receive a FREE Atmel CryptoAuthentication™ development tool. For more in-depth analysis from Bill Boldt, you can browse through his archive on Bits & Pieces