With an increasing need for security in the Card Payments industry, there is a growing trend for secure microcontrollers. With an increasing need to reduce card-originated fraud, the Pay TV industry tries to control media fraud, while the ID industry strives to reduce immigration fraud and the Smart Grid to reduce energy fraud. The security market is forecasted to grow at a CAGR (compounded annual growth rate) of 45% over the next five years, as more new applications move from R&D into production.
Figure 1 shows the different market segments addressed by secure microcontrollers
Attacks against Embedded Systems
Each market segment uses end equipment in the form of secure terminals to incorporate the latest security features to be compliant to industry standards. The aim of these secure terminals is to limit any external attacks and render the device inoperable in the case of an intrusion. By using a mixture of hardware, software and anti-tamper features, the manufacturer can seriously limit intrusions and cloning of their terminals. It is the role of secure microcontrollers to safeguard sensitive information within the terminal and ensure secure communication with external devices. Industry security specifications have evolved over time to keep pace with more sophisticated attacks. As a result, the need to improve cryptography and tamper resistance is driving the need for more embedded secure microcontrollers. End equipment using secure microcontrollers includes:
End Equipment Certification
Each market segment has its own equipment certification specification (EMV, PCI/PED, FIPS, Common Criteria, ZKA, Sesame Vitale, etc) managed by their respective organizations. These certifications are used to prove the security levels of the end equipment and are carried out in approved laboratories using the agreed SFR (Security Functional Requirements). Engineers design end equipment in accordance with their SFR and leverage the security features of secure microcontrollers to ensure that they pass all necessary end equipment testing.
Security Features are becoming a key differentiator for terminal manufactures and reflect the state of the art in cryptography and anti-attack design practices. Security features that are commonly used in different market segments include:
Development Flow Secure design implementation is not simply a matter of stringing together a number of security features and ticking the boxes but must follow normalized Development Flow and Verification processes. The task of normalization has been realized by several organizations, providing industries and governments valuable methods to achieve security. Among the normalization organizations, the National Institute of Standard and Technology (NIST) defines security requirements through FIPS and NIST documents. With other certifications, the Common Criteria certification defines a Development Flow and certification control to obtain scaled security levels.
NIST requires that developers ensure AES or RSA cryptographic algorithms use sufficiently strong keys and run within approved modes of operations including secure hardware functions to protect sensitive data against physical attacks. In addition, it is vital that the software executes securely. The protection must counter a large range of Side Channel Attacks that can go from non-intrusive Simple Power Analysis (SPA) to intrusive chip opening and analysis. Researchers and Normalization Organizations invent and propose new methods for algorithms and protocols with increasing security strength including:
• Triple Data Encryption Standard (triple DES)
• Advanced Encryption Standard (AES)
• Secure Hash Algorithm (SHA)
• Rivest Shamir Adleman Algorithm (RSA Algorithm)
• Elliptic Curve Cryptography Algorithms (ECC Algorithms)
Hardware vs. Software
It is possible for high-end CPUs to calculate cryptograms like DES, AES, SHA, etc. in software. However, computing these functions eats up large amounts of clock cycles and system resources and needs to be done in a sequential manner - thereby impacting overall system performance. Software implementations run the risk of being ‘hacked’ and false results being generated. Hardware implementations decrease significantly the risk of manipulation and when combined with physical anti-tamper features deliver very high levels of security as need in meeting CC EAL4+, FIP140-2, ZKA, PCI/PED 3.0, etc certifications.
Real-time secure systems need high performance embedded functions including:
• Mutual authentication within a few millisecond
• On the fly encrypting/decrypting of a video streaming
• Secure data/code storage (Secure Boot)
• Device to device authentication (3DES, AES)
• Data and Program integrity (SHA, key management)
• Secure application environment (TrustZone, SC100)
• Secure code execution (Key Management)
• Countermeasures against attack (Anti-Tamper)
• Secure Data transfers (Secure DMA)
• Digital signature (PGP)