feature article
Subscribe Now

The Industry Locksmith

CRI Behind the Scenes

When we are worried about our security at home, we usually call a locksmith – a security expert that can analyze our defenses, weigh them against threats (both known and imagined), and help us implement security measures that will meet our goals. This is a difficult job for people to do on their own. Paranoia creeps in, as does complacency. We have a difficult time doing a realistic assessment of our own vulnerabilities and of the capabilities and determination of our adversaries. It helps to bring in a professional.

For example, we may want to wear a foil hat to protect us against prying brain scans deployed from silent black helicopters. This cranial faraday cage is our security blanket. A professional, however, may have additional insight. He may understand that “they” aren’t willing to pay thousands of dollars per hour in helicopter deployment – just to snatch the secret recipe for blueberry crumbcake out of our heads as we’re preparing our morning breakfast. He may also understand the limitations and practical considerations of current mind-reading rays. He might advise us that our security anxiety would be better focused by not having the password for all of our online accounts set as “password.”

This same problem, perhaps in a more down-to-earth sense, arises in our electronic designs. We know there are bad guys out there. We regularly read about various schemes and attacks that could potentially affect our projects. We hear about cloning, overbuilding, counterfeiting, and similar horrors, but it’s almost impossible to figure out on our own what our real risks are, what capabilities the bad guys actually have, and what practical steps we need to take to protect ourselves. Here, too, a professional can be a huge help.

If we’re designing with FPGAs, these problems become layered. We need to take the appropriate steps to protect our own designs, but we also need to know that our FPGA supplier has implemented proper measures to protect us from behind-the-scenes attacks. Putting a top-flight crypto engine into our FPGA design doesn’t help if the FPGA itself is vulnerable to reverse-engineering or key extraction. Every layer of our implementation has to be secure before we are. It doesn’t help to lock the front door if the side door is standing wide open.

In our industry, some of the best-known “professionals” in the security space are at Cryptography Research, Inc. (CRI) These folks make a living studying attacks on electronic systems, inventing defense mechanisms, and trying to find new vulnerabilities in existing defenses. These guys have forgotten more about security than most of us will ever learn. OK, that’s not a good meme here. Talking with CRI President and Chief Technologist Paul Kocher, it quickly becomes clear that these guys have never forgotten anything about security. Security is in their DNA (encrypted with 128-bit AES, of course).

CRI is probably best known for their discovery of a super-creepy vulnerability known as Differential Power Analysis (DPA). With DPA, a single attacker armed with a scope, a PC, some duct tape, and some bailing wire can (relatively) quickly and easily extract the crypto keys from most systems. Oh, and they don’t even need the duct tape and bailing wire – we just put those in for effect. Basically, an attacker can just monitor the power consumed by your device, do some DSP and statistical analysis of the signal, and your crypto keys come dancing right out the other side – no special invasive procedures or exotic equipment required. Hey, wait – your crypto keys spell out “password.” We TOLD you that was a bad idea.

In the FPGA industry, the company probably most closely associated with secure design is Microsemi – or, more specifically, the portion of Microsemi formerly known as Actel. These guys have made a business for decades selling FPGAs to some fairly security-conscious folks like the US Military, the CIA, the NSA… Wait, we didn’t say those last two. We have no evidence of that. We made it up, honest. (Re-donning foil hat now).

When Microsemi went to develop their new SmartFusion2 devices (which are, as far as we can tell, the most secure FPGAs on the market at the moment) even THEY enlisted the help of CRI. CRI reportedly consulted on the overall security measures in SmartFusion2, and they licensed IP for countermeasures to Microsemi – and by a pull-thru license, to Microsemi’s customers. This is a testament to the competence of CRI, and to the fact that CRI holds active patents on a lot of the best countermeasures.

SmartFusion2 includes a secure key storage capabiity using a “physically unclonable function” (PUF) key enrollment. A PUF basically takes advantage of random manufacturing variations in each individual device to provide a unique challenge-response mechanism. Even an exact physical duplicate of the device would yield different challenge-response results, so every device is uniquely identifiable. You can’t drop a different SmartFusion2 device into a circuit and get past the security scheme. The SmartFusion2 device itself also employs CRI countermeasures for DPA protection. FPGAs have been known to be vulnerable to attacks to the encryption in their bitstream configuration process, where it has been possible to extract the encryption keys using techniques like DPA, and thus capture (and reverse-engineer) the design being loaded into the FPGA itself. These CRI countermeasures are meant to stop these types of attacks.

CRI also licensed crypto accelerators to Microsemi for re-license to SmartFusion2 users. That means you can use a built-in CR AES-256, SHA-256, or 384-bit elliptical curve cryptographic ECC engine and a non-deterministic random bit generator built right into SmartFusion2. In addition to giving you a proven, secure piece of critical IP, having these blocks implemented as hard IP on the device should dramatically reduce the power required by these sometimes compute-intensive operations.

As an aside, because SmartFusion2 is a flash-based FPGA, it has certain other security benefits that do not come from CRI. For one thing, it can be configured as a non-volatile FPGA, and the ability to re-configure can be permanently disabled. That means there is no configuration bitstream to intercept or corrupt, so the device will basically behave as an ASIC. Info stored in flash cells is considered impossible or very very difficult to retrieve by inspection (unike fuses and anti-fuses). Overall, the combination of Microsemi/Actel and CRI technology probably make SmartFusion2 the most secure FPGA on the planet. With the increase in density and performance that SmartFusion2 brings to the table, we’re likely to see these guys competing in places they never appeared before.

In today’s age of increasingly integrated, mobile, and wireless system designs – security will be an issue for just about every system designer. Gone are the days when only military and cloak-and-dagger folks had to worry about protecting their designs, their IP, and their data. Most system designers are woefully under-prepared and under-informed on the threats, mitigation techniques, and best practices when it comes to design and data security. With that reality, it’s nice to know that there are experts like CRI available to help us out.

2 thoughts on “The Industry Locksmith”

  1. “…we may want to wear a foil hat to protect us against prying brain scans deployed from silent black helicopters.”

    What’s this with “We”?

Leave a Reply

featured blogs
Feb 28, 2021
Using Cadence ® Specman ® Elite macros lets you extend the e language '”€ i.e. invent your own syntax. Today, every verification environment contains multiple macros. Some are simple '€œsyntax... [[ Click on the title to access the full blog on the Cadence Comm...
Feb 27, 2021
New Edge Rate High Speed Connector Set Is Micro, Rugged Years ago, while hiking the Colorado River Trail in Rocky Mountain National Park with my two sons, the older one found a really nice Swiss Army Knife. By “really nice” I mean it was one of those big knives wi...
Feb 26, 2021
OMG! Three 32-bit processor cores each running at 300 MHz, each with its own floating-point unit (FPU), and each with more memory than you than throw a stick at!...

featured video

Silicon-Proven Automotive-Grade DesignWare IP

Sponsored by Synopsys

Get the latest on Synopsys' automotive IP portfolio supporting ISO 26262 functional safety, reliability, and quality management standards, with an available architecture for SoC development and safety management.

Click here for more information

featured paper

Making it easier to design with mmWave radar sensors using the TI third-party ecosystem

Sponsored by Texas Instruments

If you are new to radar or interested in replacing your existing sensing technology with radar, there can be a significant learning curve to both designing your product and ramping to production. In order to lower this barrier, Texas Instruments created a third-party ecosystem of radar experts who can provide solutions no matter how much help you need.

Click here to download the whitepaper

featured chalk talk

Minitek Microspace

Sponsored by Mouser Electronics and Amphenol ICC

With the incredible pace of automotive innovation these days, it’s important to choose the right connectors for the job. With everything from high-speed data to lighting, connectors have a huge impact on reliability, cost, and design. In this episode of Chalk Talk, Amelia Dalton chats with Glenn Heath from Amphenol ICC about the Minitek MicroSpace line of automotive- and industrial-grade connectors.

Click here for more information about Amphenol FCI Minitek MicroSpace™ Connector System