Upload
infineon-technologies-ag
View
196
Download
2
Tags:
Embed Size (px)
Citation preview
Product counterfeiting inflicts billionsof dollars in damages to businesses
Page 2February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
IACC (int'l anti-counterfeiting coalition) Daily more news
It is estimated that counterfeiting is a $600 billion a year problem
It's a problem that has grown over 10,000 percent in the past two decades
~5% to 7% of the world tradeis in counterfeit goods
Why device authentication?
Page 3February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Docking station
RELIABILITY
Toner & printer cartridges
BUSINESS
Projector
QUALITY
CompanyBrand
IMAGE
AC adapter
LIABILITY
Medical devices
SAFETY
Example of a Printer Manufacturer
Page 4February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Change of revenue model
Subsidize printer price
Offset costs by sellingpremium ink cartridges
Authentication helps to protect
Revenue stream
Business model
Warranty issues
Cryptography is needed
Cryptography for Authentication
Page 5February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Which authentication mechanism?1
Which algorithms?2
Storage and programming of keys?3
Symmetric Authentication
Page 6February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Keys in printer and cartridge similar, must be protected in both
Complicated key management to avoid "break one, own all" scenario
DECENC
Drawbacks
Asymmetric Authentication
Page 7February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Protection of secret key only in cartridge
Keys are unique per cartridge
DECENC
Advantages
Cryptography for Authentication
Page 8February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Which authentication mechanism?1
Which algorithms?2
Storage and programming of keys?3
Asymmetric cryptography
Rivest-Shamir-Adleman (RSA)
Page 9February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Long keys (e.g. 384 byte, 1920 byte)
Prohibitive performance on embedded devices
Drawbacks
c ≡ me mod N
Elliptic Curve Cryptography (ECC)
Page 10February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Short keys (e.g. 32 byte, 65 byte)
Much better performance on embedded devices
Advantages
Cryptography for Authentication
Page 11February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Choose cryptographic authentication mechanism1
Which algorithms?2
Storage and programming of keys?3
Asymmetric Cryptography
Elliptic Curve Cryptography
Implementation Challenges
Page 12February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Common pitfalls
Implementations need to guard against side channel attacks
Protect against fault injection
Countermeasures against physical key extraction
Source: Dr. David Oswald
Bootstrapping Trust
Page 13February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
PersonalizationDicing Packaging
Secure Facility
Secure manufacturing enables security in the field
Programming keys must happen in a highly secured environment
Challenges due to training, equipment and certification
Impossible if manufacturing is not under control
Cryptography for Authentication
Page 14February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Choose cryptographic authentication mechanism1
Implement suitable set of algorithms securely2
Storage and programming of keys?3
Asymmetric Cryptography
Elliptic Curve Cryptography
Secure hardware in secure environment
OPTIGA™ Trust
Advanced and Low-Complexity Authentication
Page 15February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Host side Documentation
Product Evaluation kit
C-library for host side support
Download from myinfineon.com
Databook
Application notes on ECC authentication, NVM usage, SWI interface
Windows based GUI
USB format
Unique key pair per device
163 bit ECC
3.5 kBit user NVM
SWI interface
Easy Integration
Page 16February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Integration of the OPTIGATM Trust
Keys pre-programmed in secure environment
Single-wire interface
Very compact package (USON-3, 2mm x 3mm)
Software support (C-library) for host side
OPTIGA™ Trust Evaluation Board
Page 17February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
For demo
USB: Simulated Host
Windows based GUI
For evaluation
Based on IFX XMC4500
Built-in JTAG interface for debugging
IDE with free license (HiTOP)
The possible applications are endless
Page 18February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Electronic accessory authentication(e.g. MP3 players)
ICT Infrastructure authentication
(e.g. routers)
Gaming authentication(e.g. slot machines)
Industrial
Printer cartridge authentication
Medical equipment authentication
Cloud computing authentication
Software/ IP authentication
Internet of Things Connected Home
M2M Communication
Interested in more information?
Page 20February 2015 Copyright © Infineon Technologies AG 2015. All rights reserved.
Visit Infineon at Hall 5, booth 360
Contact
Timo GrassmannProduct Marketing Manager
Morewww.infineon.com