Locking top secrets, security analysis of smart card encryption chips

As domestic piracy and cracking become increasingly rampant, seriously affecting the interests of product developers, it has become increasingly important to protect the intellectual property rights of developers' products from a technical perspective.

There are many different types of encryption chips on the market. Which encryption chips can play the role of encryption protection? There are several major types of encryption chips on the market:

The first type is a logic encryption chip, which is generally composed of an EEPROM plus a peripheral logic circuit, and is protected and authenticated by a simple ID number or a logic authentication password. The characteristics of this chip are that it is cheap and the development is the simplest, but the cracking difficulty is the lowest. At present, Shenzhen Huaqiangbei can basically crack this chip immediately, and the cracking fee ranges from 150 yuan to several hundred yuan. It is very simple. This chip is generally used for products that have little pressure on piracy, just to add a protective appearance, or basically have no profit.

The second type is an encryption chip with a fixed algorithm and a comparison authentication mode. This chip is more complicated than the above chip, but because it uses a comparison mode, even if the line transmits a random number or an encrypted random authentication code, it does not provide much protection, because the program in the protected CPU is complete, and there are only a few isolated comparison points with the encryption chip. When pirates try to crack the system, they will not crack the encryption chip, but directly crack the CPU to obtain all the codes, and then skip all the comparison points. In this way, the cracking is completed. The development of this encryption chip with a fixed algorithm comparison mode is relatively not too difficult. As long as it is developed according to the authentication process in the manual, of course pirates also like this chip because they are also familiar with its encryption process. At present, the cracking cost of several domestic and foreign encryption chips that have been sold well in the market in the past few years is already very low, and the cracking methods are already familiar to everyone in the cracking circle.

The third type of encryption chip is a high-end (EAL5+) smart card chip core that has emerged in recent years. Software and hardware developers can download part of the algorithm and code in their software to the chip for operation. Users use standard C language to write operation codes. In the actual operation of the software, the program segment in the smart chip is run by calling functions, and the operation results are obtained, and the results are used as input data for further operation of the user program. The encryption chip has become part of the software product. The program in the encryption chip cannot be read or copied, which fundamentally eliminates the possibility of the program being cracked. This product is currently the most advanced and the most difficult to crack, both in terms of hardware foundation and internal operating system solution.

2. Security of Smart Card Encryption Chip

However, not all encryption chips based on smart card platforms are the most secure. The following is an analysis of the security of the dual 32-bit (EAL5+ 32-bit kernel 32-bit operating system) LKT4200 encryption chip, which has received the most attention in the market recently and has the highest performance and security in the encryption chip field:

High-end security smart card chips are mainly used in banking and other fields: such as credit cards and bank cards. Currently, European bank cards have fully adopted smart cards, and China has scheduled to use smart cards to completely replace the current magnetic stripe cards before 2015. Smart card-type bank cards have electronic wallets and electronic passbooks inside, and can store cash for offline transactions, so smart cards have extremely high or even the highest security requirements. In addition, they are also used in electronic passports, ID cards, conditional access cards, etc. in the fields of government, public utilities, and cable television.

At present, people who may launch cracking attacks on smart card chips mainly come from three fields.

1. Major professional testing and evaluation laboratories

Such personnel have very high professional knowledge, very advanced and complete analysis equipment, and have insider knowledge of various chips. For such personnel, the money and time required to crack smart card chips are: at least 500,000 euros, 3 months to half a year or more. Of course, these are the basis of investment, whether it can be cracked and the time to crack it depends on the actual situation.

2. Organized crime groups

Such organizations generally have large amounts of capital, relatively advanced technology, better equipment, and are relatively professional. The money and time they can invest are: at least 200,000 to 1 million euros, and several months to several years.

3. Amateur organizations and student scientific research activities

This type of person does not have very high skills and basically has no professional analysis equipment. He has relatively good public knowledge (or can understand some company product information). This type of person does cracking purely out of interest or to challenge some technology. The money and time conditions they can invest are: 1-5000 euros, a few months or N years, only God knows.

3. Common attack methods on LKT4200 encryption chip

1. Intrusive attacks

Kaifeng

Etching

microscope

Reverse Engineering

Mechanical detection

Focused Ion Beam

2. Semi-invasive attack

- Single Fault Attack (SFI)

-Static/Differential Fault Analysis (SFA/DFA)

Outside the normal working range

- Reset

-clock ​

- Supply voltage

-temperature

-Light disturbance attack

- Lights flashing

-Interference Attack

-Electric and magnetic field sensing

- Radiation Attack

3. Local non-invasive attacks

- Simple Power Analysis

-Timing and waveform attacks

- Power supply traces (VCC, RST, I/O) on the contact sheet

- Power supply due to electromagnetic radiation traces

-Differential power consumption analysis

-Multiple measurements

-Reverse engineering of code

-Attack button

4. Protection measures for LKT4200 encryption chip

1. Hardware protection measures

- Sensors (voltage, clock, temperature, light)

-Filters (to prevent spikes/glitches)

- Independent internal clock (reader CLK)

- (SFI) detection mechanism

- Passive and active shields

- Glue logic (difficult to reverse engineer circuits)

-Handshake circuit

-High density multi-layer technology

- With metal shielding protection layer, internal data will be self-destructed after detecting external attack

-Bus and memory encryption

- Virtual Address (SW = Hardware Address!)

- Chip tamper-proof design, unique serial number

-Hardware error detection

-True Random Number Generator (RNG)

-Noise generation (for side channel attacks)

-Pre-silicon power analysis

2. Software-operating system protection measures

-Internal data cannot be read or copied

- Encrypt sensitive information (keys, PINs)

-Double execution (such as encryption and decryption verification)

-check

- Verify program flow

- Unpredictable timing (such as random NOP)

- No direct access to hardware platform, HAL (assembly), C

- Prevent buffer overflow

-Prevents false excursions.

- Firewall mechanism

-Exception Counter

-Execute the captcha

-Key and pin for zeroing

Since the LKT4200 encryption chip has the high security of EAL5+, it can protect against 3-40 types of attack measures, which cannot be listed here due to space limitations. It can be seen that at present, LKT4200 is in the leading position in the field of anti-piracy encryption chips, both in terms of hardware platform and internal operating system.