Embedded security rises and falls with crypto key management

January 02, 2015 // By Stephen Evanczuk, EDN
Embedded systems face ongoing threats of penetration by persistent individuals and organisations armed with increasingly sophisticated tools. On-chip security features do serve as fundamental enablers for secure systems but can provide a false sense of security without a broader view of security policies.

Consequently, the trend toward enterprise-level security lifecycle management emerges as the most promising solution for hardened security in embedded systems underlying the explosive growth of interconnected applications.

Over 130 years ago, Dutch linguist and cryptographer Auguste Kerckhoffs stated that a cipher system should not require secrecy and could even fall into enemy hands without causing a problem -- a rule that has come to be known as Kerckhoffs' Principle. Claude Shannon, the father of information theory and electronic communications, reformulated this simply as "The enemy knows the system," now known as Shannon's Maxim.

Commercial embedded systems promise to test these fundamental principles beyond limits seen in any other application area. In marked contrast to more conventional secure systems, these systems can be openly acquired by potential attackers who, at their leisure, can work to tease out – literally – every bit of secret information using readily accessible tools.

Semiconductor manufacturers have made great strides in providing strong hardware-based foundations for security. More and more MCUs and specialised processors now include on-chip hardware accelerators for crypto operations, allowing secure real-time communications without loss of performance or increased communications latency. The trend continues in 2015 for inclusion of even more comprehensive hardware support for security. For example, the PIC24F GB2 MCU announced this year by Microchip combines a hardware crypto accelerator with secure on-chip key storage (Figure 1). Although trusted computing and trusted platform modules are beyond the scope of this article, these concepts rely fundamentally on persistent, secure key storage for enabling hardware root-of-trust platforms required for secure boot, trusted software execution, and secure communications in production environments.

Figure 1 The Microchip PIC24F GB2 MCU family combines on-chip crypto acceleration with on-chip secure key storage.