Some time ago, a classmate was working on domestic replacement of encryption chips. The author has been working in the field of encryption chips for more than ten years and has accumulated some experience. I would like to make a summary on this issue.
There are many types of encryption chips, such as logic encryption, ASIC, CPU card, etc. Domestic encryption chips also have commercial encryption algorithms, making the selection more complicated.
For example, a customer was doing conditional reception for set-top boxes, and the requirements were user identity authorization + secure data transmission and storage. A domestic card was recommended, but the customer insisted on using the ATXXX16XX card to complete the process. The reason was that the customer had a friend whose company used the ATXXX16XX card to make gas meters, and it had been used for many years and was very safe, with no illegal recharges.
The application characteristics and usage methods of the gas industry are very special. For example, the gas meter has a lead seal, which becomes invalid once opened, so no one disassembles the meter for analysis; the remote meter is connected to the backend cloud, and if the terminal meter is tampered with, it will immediately alarm. Some use the method of staff visiting the meter, and abnormal recharge will be discovered immediately.
The CPU and card communication transmission security required by the customer cannot be achieved in the ATXXXX16XX card; and identity authentication only supports plain text authentication PIN passwords. ATXXX16XX has been used safely for many years, which is more determined by the industry application method rather than high security. On the surface, customer needs are met, but the security protection effect is not good. In order to highlight the selling point of the product, the international brand is recognized, and the selection is relatively blind. For example , most set-top boxes require the terminal to connect to the background to transmit authorization information. At this time, the most suitable card function should have the function of key security storage and data encryption to protect the transmitted data, but ATXXX16XX does not have it. For example, ATXXX16XX has a fuse setting function to prevent the settings from being tampered with, and this function is not used on the set-top box, so I think this selection has some problems, or it is not appropriate.
On the other hand, the recommended LK series cards have a sound identity authentication and permission mechanism, superior data storage algorithms, strict permission control, and are significantly more secure than ATXXX16XX, but there is nothing that can be done if customers do not use them.
2. Performance Parameter Evaluation
One project required the realization of encrypted transmission of terminal data, while ensuring the security of key storage and operation. After careful selection, two models were selected. According to the parameters in the manual, the functions were similar and the performance was close. The theoretical calculations were similar during the feasibility assessment, but the actual operation was far apart. The final focus was on the communication rate difference. The encryption speed in the manual refers to the internal operating speed of the chip, but in the application, the MCU (or FPGA, DSP) also needs to communicate with the encryption chip, and the communication rate (uart and IIC) limits the encryption bandwidth. It seems like a low-level error, but you basically have to step into the pit to know it .
Some projects have requirements for power consumption, etc., which seem to be met in the manual. However, in actual tests, the standby power consumption is higher than expected and ultimately cannot be used.
3. Solution Design
Mainstream encryption solutions mainly include three categories: identity authentication, data confidentiality storage, and algorithm transplantation .
Identity authentication: Vehicle terminals, bus card readers, access control systems and other scenarios require identity authentication. The internal encryption chip is responsible for storing keys and data encryption, and authenticates the identity with the server (or cloud). After success, it logs into the platform and enables the corresponding function permissions. The design should focus on the security and performance of the chip itself. The random number involved in the authentication should be a true random number.
Data confidentiality storage: Taking the automotive tester industry as an example, the core data collected and analyzed can improve product quality and make products that better meet consumer needs. The design plan should consider the security of stored data. The default MCU (or flash, EEPROM storage) has poor security. The conventional practice is to store it in an encryption chip, encrypt it and read it back when in use, and then use it after MCU decryption. The security of transmission between MCU and encryption chip is controllable, which greatly improves product security. With two-way authentication before transmission, the solution is more reliable.
Algorithm transplantation solution: Security equipment, industrial control machinery, etc. usually have high requirements for program anti-piracy. The above two solutions have limited effect on program protection, and the algorithm transplantation solution was born later. This is the solution originally proposed by the domestic company Lingke Xin'an. The process is to transplant part of the MCU program to the encryption chip (high security level) for storage and operation. The chip has the characteristics of discrete storage of internal program data area, strong concealment of inherent functions, and freedom of independent design solutions by customers. At this time, cracking the MCU alone is ineffective, and cracking the encryption chip faces thorny problems such as high cost and difficulty, and the input-output is not proportional, so as to prevent theft and copying. Represented by Lingke Xin'an's LKT and LCS series, the advantages in the field of anti-piracy are relatively obvious.
4. Debugging barriers (debugging difficulty)
In terms of hardware, the circuit design process should be designed according to the original demo circuit as much as possible. The selection of pull-up resistors and reset circuit device parameters is generally the result of many years of hard work by the manufacturer and is relatively reliable. There is no need to change them as much as possible.
In terms of power supply, handle the power supply filtering well. When debugging software communication, be sure to read the communication protocol manual provided by the manufacturer carefully to avoid debugging failures caused by private product protocols. In the past, the communication used the ISO7816 interface, and all instructions were developed according to the 7816 specification by default. It was stuck for several days, and finally it was found that a command starting with E3 was a private instruction, different from ISO7816. I hope everyone can learn from it.
Stability testing and aging testing must be taken seriously. This is the only way to obtain qualified products. Some problems cannot be revealed during the development process and must be exposed through batch testing and aging testing. Avoid problems during formal batch production.
5. Mass production and release (initialization issues, key protection issues during release)
In addition to requiring the encryption chip to be secure and stable itself, the distribution (initialization and application burning) conditions must also be considered. The efficiency and cost of manual distribution and mechanical distribution vary greatly. Another option is to find a third party to distribute it.
Security must be considered when issuing on behalf of a third party . Among the chip manufacturers we have cooperated with, Linkcore is more unique in this regard . It can customize personalized encryption issuance solutions based on needs to ensure the security of keys and data, and third parties cannot over-issue or over-issue.
To sum up, encryption protection is the preferred solution, with different requirements for functions and performance. Development, debugging, and mass production and distribution must pay attention to details and security. How to quickly and effectively complete production and development work is a big science. I hope this article will be helpful!
|