By Chowdary Yanamadala, Senior Vice President of Business Development, ChaoLogix
The advent of Internet-connected devices, the so-called Internet of Things (IoT), offers myriad opportunities and significant risks. The pervasive collection and sharing of data by IoT devices constitutes the core value proposition for most IoT applications. However, it is our collective responsibility, as an industry, to secure the transport and storage of the data. Failing to properly secure the data risks turning the digital threat into a physical threat.
Properly securing IoT systems requires layering security solutions. Data must be secured at both the network and hardware level. As a hardware example, let’s concentrate, on the embedded security implemented by semiconductor chips.
Authentication and encryption are the two main crypto functions utilized to ensure data security. With the mathematical security of the standardized algorithms (such as AES, ECDSA, SHA512, etc.) is intact, hackers often exploit the implementation defects to compromise the inherent security provided by the algorithms.
One of the most dangerous and immediate threats to data security is a category of attacks called Side Chanel Analysis attacks (SCA). SCA attacks exploit the power consumption signature during the execution of the crypto algorithms. This type of attack is called Differential Power Analysis (DPA). Another potent attack form of SCA is exploiting the Electromagnetic emanations that are occurring during the execution of the crypto algorithm – or Differential Electromagnetic Analysis attacks (DEMA).
Both DPA and DEMA attacks rely on the fact that sensitive data, such as secret keys, leaks via the power signature (or EM signature) during execution of the crypto algorithm.
DPA and DEMA attacks are especially dangerous, not only because of their effectiveness in exploiting security vulnerabilities but also due the low cost of the equipment required for the attack. An attacker can carry out DPA attacks against most security chips using equipment costing less than $2,000.
There are two fundamental ways to solve the threat of DPA and DEMA. One approach is to address the symptoms of the problem. This involves adding significant noise to the power signature in order to obfuscate the sensitive data leakage. This is an effective technique. However, it is an ad-hoc and temporary measure against a potent threat to data security. Chip manufacturers can also apply this technique as a security patch, or afterthought, once and architecture work is completed.
Another way (and arguably a much better way) to solve the threat of DPA is to address the problem at the source. The source of the threat derives from the leakage of sensitive data the form of power signature variations. The power signature captured during the crypto execution is dependent on the secret key that is processed during the crypto execution. This makes the power signature indicative of the secret key.
What if we address the problem by minimizing the relation between the power signature and the secret key that is used for crypto computation? Wouldn’t this offer a superior security? Doesn’t addressing the problem at the source provide more fundamental security? And arguably a more permanent security solution?
Data security experts call this Security By Design. It is obvious that solving a problem at the source is a fundamentally better approach than providing symptomatic relief to the problems. This is true in the case of data security as well. In order to achieve the solution (against the threat of DPA and DEMA) at the source, chip designers and architects need to build the security into the architecture.
Security needs to be a deliberate design specification and needs to be worked into the fabric of the design. Encouragingly, more and more chip designers are moving away from addressing security as an afterthought and embracing security by design.
As an industry, we design chips for performance, power, yield and testability. Now it is time to start designing for security. This is especially true for chips used in IoT applications. These chips tend to be small, have limited computational power and under tight cost constraints. It is, therefore, difficult, and in some cases impossible, to apply security patches as an afterthought. The sound approach is to start weaving security into the building blocks of these chips.
In sum, designing security into a chip is as much about methodology as it is about acquiring various technology and tools. As IoT applications expand and the corresponding demand for inherently secure chips grows, getting this methodology right will be a key to successful deployment of secure IoT systems.
Related data security articles: