Q: When is a disk drive not a disk drive? A: When it becomes your next memory chip.
We’ve seen how flash memory chips are steadily replacing hard disk drives in MP3 players, laptop computers, and all sorts of embedded systems. Now, in a weird reversal of technology fortunes, disk-drive technology is moving into nonvolatile memory chips.
The perpetrator of this counter-intuitive strategy is Crocus, a French startup named after a Mediterranean flower bulb. Just as the crocus competes with the tulip in horticultural circles, Crocus competes with flash memories among technophiles. Its technology provides many of the same benefits as conventional flash, but it paradoxically does so using magnetic read-head technology spun off from hard disk drives.
That makes Crocus one of a handful of companies dabbling with so-called MRAMs, or magnetic random-access memories. Perhaps the best-known MRAM supplier (if that adjective applies here) is EverSpin, the spin-off from Freescale Semiconductor. In addition to Crocus and EverSpin, tech giants like IBM, Toshiba, and Hitachi have also been steadily developing MRAM technology for years.
Crocus’s chips use the intriguingly named “spin-transfer torque” technology, a term that suggests some kind of dark and arcane dabbling in the subatomic arts. The reality isn’t far off. The underlying technology seems to be equal parts physics, magic, and magnetism, with a bit of Schrödinger’s cat thrown in. A single-sense transistor is biased (or not) based on polarizing layers implanted just above it. When these layers are charged in the right combination, the transistor can be used to sense a slight current… more or less forever. The science was originally intended for read/write heads in high-capacity hard drives, but it’s been tweaked by Crocus for semiconductor applications.
Crocus chips do what all good NVRAM chips should do: they retain data for a long time (about 20 years) without power, and they read and write fairly quickly. This last characteristic is a Crocus strong point: its chips don’t have to be erased the way flash chips do, so it’s just as quick and easy to write to a Crocus MRAM as it is to read from it. This symmetric read/write time makes them much more like SRAMs or DRAMs, but with longer memories.
A traditional drawback with most MRAMs is that they’re, well, magnetic. That doesn’t mean you can erase them by waving a refrigerator magnet (that’s a myth) but it does mean they’re hard to manufacture in a conventional semiconductor fab or foundry. Chip-making plants are painstakingly designed to handle silicon, aluminum, gold, and a handful of other materials; they’re not set up to deal with magnetic materials, which are generally considered contaminants.
Crocus gets around much of this problem (though not all) by limiting its magnetic materials to just a few deposition layers. Most of an MRAM chip can be manufactured using normal CMOS processes, then sent outside to have its magnetic magic added before returning to standard processing. Or, the manufacturer can do all the work in-house by making a few small adjustments to the production line. The equipment already exists and is commonplace in disk-drive plants. It’s just not normally found within the confines of semiconductor clean rooms.
Today, Crocus’s chips are manufactured at Tower Semiconductor, which produces chips on its 130-nm line, with 90-nm chips on the horizon. The company also has its own small clean room within the headquarters building near Grenoble, France. Beyond the 90-nm node, Crocus is looking to sign up additional manufacturing licensees to complement Tower’s capacity. Crocus expects samples of its 1-Mbit spin-transfer torque MRAMs around the middle of next year. By the end of the year, those chips should be production-worthy. And worthy of your attention if you’re shopping for nonvolatile memory.
Crypto Silicon, Minus the Cloak and Dagger
While we’re on the subject of “spooky action at a distance” (to borrow Albert Einstein’s phrase), did you know you can crack a cryptography system merely by measuring its power consumption with an oscilloscope?
Neither did I, but apparently that’s a well-known trick among the black hats, and just one of many surprising attacks employed against seemingly impenetrable security systems. Here’s where the appropriately named Cryptography Research comes in. The San Francisco–based company employs about 50 engineers and crypto-spooks who produce security countermeasures for chip designers and embedded developers like you and me.
Cryptography Research licenses its circuit designs as IP, the way you’d include an 8051 or a UART in your own chip. The circuitry’s designed to augment whatever security measures you think you’ve included – features that, likely as not, are more crackable than we’d like to believe.
Apart from the “simple power analysis” (SPA) trick described above, the company provides blocks against chip decapitation, brute-force key cracking, scan chains that were intended only for manufacturing testing, and they address power-glitch vulnerabilities, fix reset weaknesses, and much more. The list of countermeasures is as surprising as the attacks they’re designed to thwart. The details are strictly on a need-to-know basis, of course, but include such fun-sounding features as “entropic arrays,” on-chip light sensors, and “canary logic” (as in coal mines).
The company’s technology currently appears in more than 3 billion chips, mostly smartcards. Consumer electronics is a growth area, however, as more and more devices (like cell phones, video games, or satellite-TV receivers) are sold at a loss but bundled with a service subscription. That creates a lucrative opportunity for hackers who can defeat the product’s encryption or security features, thus divorcing the low-cost product from its high-profit service. Cryptography Research says it’s not uncommon for hackers to spend well over $2 million to crack a popular device. Could your product withstand such a concerted attack?
Back to the oscilloscope attack: most encryption algorithms running on microprocessors or microcontrollers break down large keys into smaller chunks, so that a 128-bit key, for example, is often calculated 8 bits at a time. Moreover, most such algorithms make heavy use of the processor’s multiplier for cycling through bits of an exponent. And that activity makes heavy use of the chip’s carry and/or zero flags, signals that are often routed to so many places throughout the chip that they measurably affect its power consumption. By watching power spike as the firmware iterates through bits of the key (while also compensating for other on-chip activity), it’s possible to tease out the state of the flag bits and, eventually, the entire encryption key. Sure, this technique may require a little practice before you get good at it, but if the same key – or even the same encryption technique – is used throughout a product’s entire production run, you’ve just cracked every product on the market at once.
Like a lot of security products, Cryptography Research’s business depends on what its customers don’t know. Is their chip really vulnerable? How easy would it be to crack? What would be the financial impact if it were compromised? When and how would they ever know if it was? And how much can Cryptography Research really alleviate the problem – enough to satisfy the investors, partners, and service providers? On one hand, it seems likely that some of the company’s current customers probably have never been hacked, so they’ve essentially wasted their money. But on the other hand, it’s absolutely certain that some non-customers have been the target of attacks and could have used it. How much do you value your product design and the important information it contains? Like an insurance policy, you don’t want to find out how good it is.
