The issue of security is often neglected in relation to embedded systems especially. The result: Industrial spies can use hacked devices to penetrate the entire corporate network, gaining access to the company's intellectual property (IP) and business secrets, and manipulating data. Users of smart devices in the home might unintentionally disclose information to potential thieves through their security cameras, or even open doors and windows for them by way of automated control systems. Automobiles, too, are subject to virtually infinite vulnerabilities thanks to autonomous driving and over-the-air firmware updates.
When such cases become known, customers' trust in the device - or even the entire business - is lost. In view of this, encryption should be top of the priority list for all manufacturers of connected products.
In order to understand encryption, it is helpful to consider what its aims are. These are focused on three key areas: authenticity, confidentiality, integrity. When a user wirelessly connects multiple products in his home, for example, it is important that only authorized products can join the network, and that both the data in the network and the complete system are protected. That is to say, protection must be in place against unauthorized access to the network (authenticity), data tapping (confidentiality) and manipulation (integrity). State-of-the-art cryptography covers all three aspects. It is available in two fundamentally different modes: symmetric and asymmetric encryption.
In symmetric encryption, the same key is used for both encryption and decryption. The best-known and most frequently used encryption method is AES (Advanced Encryption Standard). AES works with either 128, 192 or 256bit keys. Even 128bit AES keys are classed as secure according to the current state of the art.
It is noteworthy that the principle of modern cryptography formulated by Auguste Kerckhoffs in 1883 still holds true: The security of an encryption method is founded on the secrecy of the key and not on the secrecy of the algorithm. This is particularly important in relation to a symmetric encryption method such as AES, as the same key is used on both ends (encryption and decryption). If the key is known, or is disclosed, the entire encryption process is nullified. Consequently, the greatest challenge of AES lies in the management of the keys. In this, it must above all be ensured that the keys are generated using a genuine random generator; that they are deposited in a secure element; and that they cannot be intercepted the first time they are transferred. https://en.wikipedia.org/wiki/Cryptography
Asymmetric encryption always uses two different keys: a private key and a public key. They are always generated as a pair. The private key remains permanently with the originator of the keys, while the public key goes to the receiving party. The recipient can use the public key to encrypt messages which can only be decrypted with the linked private key. The private key can also generate a signature by which the recipient can uniquely identify the sender using the linked public key.
Asymmetric encryption is based on one-way mathematical functions. They must be as simple as possible to calculate, but very complex to reverse. Continually increasing computing power is also steadily improving the ability of computers to calculate complex reversing functions. To ensure adequate security, therefore, the keys must be of a certain length. Keys with 2048bit, such as RSA 2048, are currently classed as secure. Because encryption and decryption speeds decrease as keys get longer, asymmetric methods are only practical for handling small amounts of data.
Elliptic curves for more speed
An alternative to this conventional asymmetric encryption is Elliptic Curve Cryptography (ECC). It is based on the same approach, but utilizes points on elliptic curves. That makes computing operations much more complex, so ensuring that even 256bit keys offer a secure level according to the current state of the art. And ECC 256 does not take much more time than comparably secure symmetric methods.
Hybrid encryption eliminates disadvantages
If symmetric encryption of user data is chosen, but the security it offers is not adequate, it can be improved by means of hybrid encryption. In this, the symmetric key is sent again in encrypted form by means of an asymmetric public key. This means only the authorized recipient is able to decrypt the symmetric key with the matching private key.
At the same time, the sender of the symmetric key can use his private key to generate a signature which enables the recipient to uniquely identify him using the matching public key. Once these keys have been exchanged and decrypted, the foundation has been laid for symmetrically encrypted communications.
This combination method eliminates the disadvantages of the two separate methods - namely the insecure key transfer of symmetric encryption and the slower speed of asymmetric encryption.
Hardware or software?
Each encryption method can be implemented by software or hardware. Software-based encryption entails the major disadvantage that the program is not an autonomous self-contained unit, but is always dependent on its environment, such as the operating system. It is susceptible to errors and attack as a result. And there is another negative: As the microcontroller or processor of an embedded system additionally has to handle the complex encryption and decryption, loss of performance is inevitable.
The opposite case is represented by encryption using specially developed ICs. Their sole function is encryption, so there is no performance loss. Many encryption ICs are additionally protected against physical attacks. The security of those components - and so also of the keys - is thus independent of the security of the overall system.
Encryption ICs in different designs meet the requirements of a range of applications: Simple authentication chips, such as the Infineon OPTIGA™ Trust B SLE95250, use asymmetric encryption (ECC 131), and are good choice for the authentication of original accessories in consumer electronics for example. OPTIGA™ Trust E SLS 32AIA high-end security controller offers advanced cryptographic algorithms with ECC 256 and SHA 256 for secured authentication of medical equipment, in smart homes, in industry, or in cloud computing authentication for license management for example. The OPTIGA™ Trust P SLJ 52ACA programmable high-end security controllerwith ECC 521 and RSA 2048 features a Java-based operating system, in which dedicated applets can be programmed. The STSAFE (ECC 384, SHA 384, AES 256) products from STMicroelectronics also offer the highest protection, based - among other features - on secured authentication, encrypted communications, secured depositing of keys, and protection when running firmware updates. Standardized Trusted Platform Modules (TPMs) combine highly complex encryption and secured depositing of large numbers of keys and signatures with protection against physical readout of the data stored in them. They are offered by Infineon for example.
Encrypted smart home
A simple practical example illustrates the use of encryption ICs: In a smart home, simple authentication chips such as the OPTIGA™ Trust B SLE95250 enables only authorized devices - such as shutter controls or surveillance cameras installed by the user - to log in to the central smart home gateway. An STSAFE Secure microcontroller encrypts the communications between the cameras and the central gateway. A TPM in the central gateway assures key storage, firmware updates, and the transfer of all data to the Cloud. As a result, the homeowner can be certain that authenticity, confidentiality and integrity are assured.
Components are available at www.rutronik24.com.