No need to worry about the risk of data leakage from wearable products, secure chips protect you

The rapid popularization of wearable devices has promoted the rapid development of related industries, while its security issues have become increasingly prominent. Wearable devices usually integrate various physiological sensors, GPS positioning and cameras, etc., and have stronger privacy perception capabilities. Therefore, IoT devices not only face illegal network intrusions, but also face security issues such as privacy data leakage. The security requirements of wearable products mainly include identity authentication, software security and network security. Identity authentication requires a secure identity to represent the identity information of the device, and to identify and prevent counterfeiting of accessories such as sensors; software security must not only achieve IP protection and authorization management, but also support complete software boot and upgrade management solutions; network security must use identity identification to achieve a secure handshake between the two parties, and then use algorithms to implement encryption and decryption of transmitted data.

Introduction and application of security algorithm

In response to the above security requirements, mathematicians have created a large number of practical algorithms to solve the corresponding problems. Security algorithms can be roughly divided into two categories. One category is to encrypt and decrypt data. Commonly used algorithms include AES, RSA, 3DES, ECC, etc., which are mainly used for secure transmission of some data, secure data storage, etc., such as encryption and decryption of online data, scrambling and descrambling of code streams in DVB systems, etc. The other category is secure identity authentication and data integrity verification. Commonly used algorithms include MD5, SHA-x, ECDSA, etc., and typical applications are all scenarios that require secure identity identification, such as product anti-counterfeiting, online identity identification, system accessory identification, etc.

All data encryption algorithms can be applied to secure identity authentication. Encryption algorithms are generally divided into two types: symmetric encryption algorithms and asymmetric encryption algorithms. In the former, both the sender and the receiver use the same password for calculation, so the password must be kept safe. Under the same security level conditions, the implementation of the former is usually based on some logical operations, so it is simpler and takes less time than the latter. In the latter, both the sender and the receiver use different passwords for calculation, and the public key is generated from the private key or the private key is generated from the public key. If one party uses the private key to encrypt, the other party must use the public key to decrypt, and vice versa. The public key is public information, and the private key must be properly kept. The latter can implement digital signatures more effectively.

Introduction to ADI security chips and the security functions they implement

Introduction of ADI security chip

Excelpoint, a technical authorized agent, gave a detailed introduction to ADI's security chips. ADI's security chips include SHA-3 symmetric encryption algorithm products, ECDSA asymmetric encryption algorithm products, and security products used in IoT. First of all, SHA-3 symmetric encryption algorithm products have multiple interfaces, such as 1-Wire, I2C, and contactless interfaces (NFC/RFID). The 1-Wire interface can realize the power supply, clock and data transmission of the chip through one I/O line, which can greatly simplify the accessory interface design, so it is very suitable for system accessories.

The more popular SHA-3 symmetric encryption algorithm products include DS28E16/DS28C16, DS28E50/DS28C50, DS2477, etc. Among them, DS28E16 is the lowest cost and most cost-effective product in ADI's current SHA-3 series. In addition, the popular SHA-3 NFC/RFID products include MAX66301, MAX66250, etc.

ECDSA asymmetric encryption algorithm products not only provide 1-Wire/I2C interface, but also provide versions with multiple voltages. The ECDSA algorithm engine includes a unique 64-bit ROM ID, 10K-bit secure OTP memory, and 17-bit irresetable down counter, etc. Some are specifically used for automotive electronics and medical applications. This article introduces several special products.

Among them, DS28E30 is a product with low cost and excellent cost performance among ECDSA asymmetric encryption algorithm products. At the same time, PUF products such as DS28E38/E39/DS28C39 are also provided for use scenarios with higher security requirements. IoT security chips include MAXQ series and DS28S60. These chips contain the security algorithms required by the application. At the same time, the MAXQ series has a built-in complete TLS protocol stack to simplify the design of IoT software.

Security functions implemented by ADI security chips

In terms of the security functions implemented by ADI security chips, we first introduce how devices based on the SHA-3 symmetric encryption algorithm generate unique identity information (based on the preset device password). The SHA-3 device contains a SHA-3 engine, and the chip contains a password. The password plus the external authentication data is calculated by the SHA-3 engine to obtain the HMAC result as a digital signature to represent the identity of the device, so different passwords will correspond to different digital signatures.

Usually, a unique password is placed in the chip in a secure production process that is unknown to third parties. The system's master password System SECRET is combined with the device's ROM ID to calculate the corresponding HMAC result through the SHA-3 algorithm engine, and the HMAC result is injected into the chip. Each device has a different ROM ID so that it will get a unique password. Therefore, each device has a unique identity information. In order to prevent it from being intercepted by a third party, it needs to be indirectly compared by comparing the SHA-3 algorithm result.

When the host authenticates a SHA-3 device, it first obtains the device's ROM ID. The device's password can be calculated using the ROM ID + master password. The host then generates a random number for authentication. The encryption chip sends the ROM ID, random number, and password to the SHA-3 algorithm engine. The result of the algorithm is sent back to the host, which then performs the same algorithm authentication internally. If the results are consistent, the device is legitimate.

To create secure identity information for asymmetric algorithm ECDSA devices, a paired public key and private key are required to represent the identity of an ECDSA device, and a digital certificate signed by the system administrator is required to prove that the paired public and private keys were created by the system administrator. Therefore, when creating a secure ECDSA device identity, a password pair must be generated internally first, and then the system administrator must install the certificate based on the device's unique ID information and public key.

The generation of ECDSA password pairs is relatively simple. The device's private key is generated by a random number generator and placed in the device. Then the corresponding public key is calculated by the ECDSA algorithm engine and placed in the device. Finally, the certificate is installed using the ECDSA-256 algorithm. It is important to use the system-level private key defined by the system administrator to issue the certificate. The result of the algorithm is written into the device as a certificate to complete the certificate installation.

Practical applications and recommended models of ADI security chips

DS28E16

ADI's security chip can realize IP protection and authorization management of FPGA/uC/PC software. When the program runs to the authentication node, the software can run normally if the digital signature verification is passed. If the verification fails, the software refuses to execute to protect the IP. Excelpoint has cooperated with ADI for more than 30 years. Based on ADI's product and solution portfolio, it has created many solutions that are close to customer application needs and have been recognized by the market. Regarding ADI's security chip, Excelpoint focuses on recommending DS28E16 in combination with the current market.

The DS28E16 secure authenticator combines a FIPS202-compliant Secure Hash Algorithm (SHA-3) challenge and response authentication secure EEPROM with a core set of cryptographic tools, including a SHA-3 engine, a 256-bit secure EEPROM, a decrement counter, and a unique 64-bit ROM identification number (ROM ID).

The DS28E16 has reliable countermeasures to defend against security attacks. All stored data is encrypted to prevent detection. The unique ROM ID is used as the basic input parameter for cryptographic operations and as an electronic serial number in the application. Through single-contact 1-Wire® bus communication, the ROM ID serves as the node address in a multi-device 1-Wire network. It is often used in scenarios such as accessory/peripheral security authentication, battery authentication/charging cycle tracking, medical tool/accessory authentication and calibration.

DS28E30

The DS28E30 provides a highly secure and easy-to-deploy turnkey authentication solution based on the FIPS-186 ECDSA standard. The secure authenticator combines ECDSA challenge and response authentication with a secure EEPROM for storing keys and user data.

The device provides a set of core cryptographic tools derived from integrated blocks, including an asymmetric hardware engine, a true random number generator (TRNG), a 3Kb secure EEPROM, a decrement counter, and a unique 64-bit ROM identification number (ROM ID). The ECC public/private key function operates according to the P-256 curve defined by NIST to provide ECDSA signature generation capabilities that comply with FIPS186 to support a two-way asymmetric key authentication model with strong countermeasures to prevent security attacks.