Encryption: The key to embedded security

Embedded electronics are almost everywhere you look in just about every industry. Whether a microcontroller is being used to monitor a CAN bus in a vehicle, reading sensor data in an IoT device, or controlling a kitchen appliance, the ability to integrate low-cost microcontrollers into everyday applications has revolutionized the electronics industry as well as the industries that electronics find their way into.

The same factors that make embedded designs so advantageous can also put them at risk. The very nature, flexibility, and customization of embedded systems, whether part of a more extensive system or functioning independently, can leave them prone to serious security risks.

Designers of embedded systems must keep up with the latest cyber threats and develop robust, long-lasting, layered security solutions and incorporate both software and hardware encryption. Continue reading to learn about the challenges embedded system designers face implementing secure encryption solutions.

Why do embedded designs face challenges?

To start, embedded systems are designed to be low cost. While this can make them cheap to mass-produce, it also sees them heavily restricted in processing capabilities and memory storage. As such, embedded design may only have enough system resources to run a particular task and not additional malware detection or hardware monitors.

Other embedded design security challenges include not updating software or patching software bugs regularly, or making incorrect assumptions about the security risks associated with the design. Embedded devices are often mass-produced, making them vulnerable to mass attacks once their vulnerabilities are discovered. The longevity of some embedded design systems is a risk factor that designers must consider.

Another factor that can leave embedded systems vulnerable is exposed I/O and programming ports (Figure 1). In some cases, injecting unusual voltage spikes and pulses onto I/O can confuse a microcontroller, and during this state of confusion, a hacker may be able to gain entry into critical systems such as program memory, private data, and possibly even execute arbitrary code. The exposure of programming ports also allows for hackers to use their own programming devices to read back the contents of memory or reprogram the device and insert malware.

Figure 1: Microcontrollers have exposed pins that make them vulnerable to hardware attacks.

What is encryption?

In its most basic form, encryption is the act of making data unrecognizable to those who are not the designated recipient of that data. For example, when a password is sent to a website, the password is encrypted so that only the user and the receiving website can decrypt the data.

While there are many different types of encryption algorithms (AES, TLS, XTEA), almost all forms of encryption require a key that is used to encrypt and decrypt a message. Without the key, an encrypted message cannot be decrypted; making it essential to protect the key by restricting who has the key to only the sender and receiver.

Keys used in encryption algorithms fall under one of two categories: asymmetric and symmetric. Asymmetric keys are those whose value is different for each key. They are used in applications where two parties need to create a pair of symmetric keys without either party sending that key to the other (see public key exchange). Symmetric keys are identical and are used to encrypt messages at higher speeds.

The size of a key also determines how secure an encrypted message is. A key that is only 4 characters long could very easily be cracked in less than a second using a brute force method to try every combination of 4 characters. A 256-bit key, however, is obscenely long. No computer currently developed by humankind could brute force a 256-bit key encrypted message in any practical time frame. It is said that a 256-bit key would require a computer up to 2.29x10³² years to brute force. This demonstrates the need for long keys that are truly random as they cannot be guessed and would take too long to crack.

How can encryption help secure designs?

Data can exist in one of three states, in storage, in transit, and process, and each of these states is vulnerable to attack. Stored data (such as on a flash drive), can be copied by a hacker. Data in transit (such as between RAM and the CPU), can be read by a hacker. Data in process (such as in the CPU), may be accessible to the hacker if the processed data lingers in the memory.

With the rising need for strong security measures in embedded designs, security solutions involving encryption now exist for each of these states. For example, data can very easily be encrypted when stored in memory, data sent between different chips can now be encrypted on the fly, and new encryption algorithms even allow for encrypted data to be processed without the need to decrypt it.

What challenges does encryption face?

One of the biggest challenges faced by encryption systems is the need to securely store the key. If a hacker gains access to an encryption key, then any data encrypted with that key will be instantly accessible with no effort. Furthermore, the moment a key is discovered, it can no longer be used with any confidence, and thus a new key needs to be generated.

Encryption executed in software is also a resource-intensive task. While there are algorithms such as XTEA, these are nowhere near as secure as industry-standard encryption methods such as AES-256 and TLS. But such industry-standard encryption methods can require large amounts of memory and rely on the processor to perform complex mathematical operations.

This high resource demand can then slow down a system to the point that trying to encrypt data on the fly becomes impractical. The performance penalty from strong encryption algorithms also has the effect of increasing energy usage, thereby making it impractical for mobile applications.

How is hardware your friend?

The need for strong security features in embedded designs has seen hardware security play an increasingly important role. Simply put, hardware security integrates security functions into physical circuitry thereby freeing system resources to focus on the main application. The use of hardware security also eliminates the need for engineers to design their security algorithms and routines which could very easily contain vulnerabilities.

One of the most important features of modern microcontrollers is the Secure Boot. This system checks the status of configuration bits, the firmware, and system ROM, and compares the resulting signature to some pre-defined signature. If there is any change in the signature, the system then knows that something has been tampered with.

Hardware encryption peripherals are now becoming commonplace in microcontrollers that can encrypt and decrypt data on the fly without the need for CPU resources. They are also being used between devices to encrypt and decrypt busses so that hackers cannot extract data via physical attacks.

The use of on-chip encryption keys also provides designers with the ability to instantly wipe all data on the device without needing to erase any memory. A design that detects tampering or interference could potentially scramble the on-chip key, and this would instantly make any encrypted data unrecoverable.

A good example of a hardware cryptographic add-on for embedded designs is the Maxim Integrated DeepCover Crypto Controller (Figure 2). This security coprocessor offloads complex cryptographic functions, including encryption, from a central processor that may lack such features. Encryption methods integrated into the coprocessor include AES with both 128-bit and 256-bit keys, SHA-2 compute engine, true random number generator, support for secure communication including TLS, certificate storage, and tamper detect pins to resist hardware attacks.

Figure 2: Internal diagram of the Maxim DeepCover cryptographic coprocessor.

Conclusion

Encryption is an incredibly powerful tool for protecting intellectual property, personal data, and system data, but a system is only as strong as its weakest link. An insecure key or poor implementation of an algorithm can leave a system completely exposed. Keys must be protected, hardware security must be used, and above all else, never customize or create an encryption algorithm from scratch.

For more information: https://www.mouser.com/new/analog-devices/maxim-deepcover-crypto-controller/.

Top image credit: iStock.com/Kuzmik_A