A71CH – Plug & trust for IoT Session 1: A71CH product introduction JORDI JOFRE 24/04/2018 PUBLIC
A71CH – Plug & trust for IoT Session 1: A71CH product introduction Get familiar with A71CH key security features, key benefits, use cases and product support package. April 24th, 2018 - 10 AM CEST and 08 AM PDT Session 2: Getting started with A71CH product support package Learn how to get started with A71CH and its support package, including an example with i.MX6UltraLite. April 26th, 2018 - 10 AM CEST and 08 AM PDT Registration link: https://register.gotowebinar.com/rt/6148121966411079939 1
Agenda • A71CH motivation • A71CH product positioning • A71CH product overview and features • A71CH product support package − A71CH development boards − A71CH Host software package − A71CH documentation • Q&A 2
A71CH motivation 3
IoT ecosystem IoT is about … Connections · Data · Control IoT device IoT device IoT device Servers Sensors / Actuator IoT device Host processor Gateway Network Connectivity The IoT is a network of physical objects (or “things”) embedded Fig. Simplified IoT device architecture with electronics, software, sensors and connectivity which enable those objects to exchange data with the operator, manufacturer, IoT device service provider, and / or other connected devices. IoT device IoT device 4
IoT devices are vulnerable to security threats Execution of malware Personal data leakage IoT device IoT device Disclosure of company secrets IoT device Servers Sensors / Actuator IoT device Host processor Insecure Gateway Network connection Connectivity Extraction of Fig. Simplified IoT device architecture device keys Security is like a chain that is only as strong as the weakest link Exploit a SW bug IoT device IoT device Insertion of counterfeit devices IoT device 5
IoT devices must follow a secure-by-design approach Execution Security IC contributes to the chain of malware of trust for provisioning public key Security IC contributes by enabling an Personal data IoT device IoT device encrypted TLS connection with the endpoint. leakage IoT device IoT device Disclosure of Security IC contributes by enabling an IoT device IoT device company secrets encrypted TLS connection with the endpoint. Sensors / Actuator IoT device IoT device Security Host IC Gateway Network Insecure Security IC provides protected storage of the device keys Connectivity connection for creating a trusted and authenticated TLS connection. Fig. Simplified IoT device architecture Extraction of Security IC provides protected device keys storage the device keys. Exploit a SW bug IoT device IoT device IoT device IoT device Insertion of Security IC provides protected storage of counterfeit devices the device credentials signed by a CA. Security IC contributes by preventing the device IoT device IoT device 6 credentials to be compromised
Reasons to consider a security IC in IoT devices Keep secrets secret Why a discrete security IC in IoT devices? Security and key management through the whole value Root of trust chain right from the start On Chip NV Memory with access policy Closed system architecture to isolate memory access Closed system from host system. NV memory only accessible via Chip OS / Applet Scalable and ready to deploy Out-of-the-box security No need to develop secure SW 7
A71CH product positioning 8
A71CH: The fast, easy way to deploy secure IoT connections Plug & Trust, ready-to-use security IC for the IoT ecosystem IoT solution for secure connection with public and private clouds Easy to integrate with different MCU platforms Fast design-in with complete product support package www.nxp.com/A71CH 9
A71CH Plug & Trust for IoT Customer benefits Use Cases • Secure connection to public/private clouds, edge computing • Root of trust for IoT applications platforms, infrastructure • End-to-end security, from chip to edge to cloud • Device-to-device authentication • Plug & Trust: Ready to use solution for easy system integration • Proof of origin / anti-counterfeiting • Protected key storage Product Overview & Features • Secure provisioning of credentials • Secure data protection • Protected access to credentials • ECC key generation & signature verification Packaging • ECC-based authentication and key agreement (TLS-PKI, NIST P-256) • Pre-shared secret based authentication (TLS-PSK, TLS-ECDH-PSK) • HVSON-8 • Connectionless message authentication (HMAC), message hashing (SHA-256) • Encrypted/authenticated interface as secure channel with host MCU Security features • Secure vault for product master secrets with key wrapping, derivation and locking mechanism • The A71CH security concepts include multiple security • Symmetric key derivation measures to protect the chip. • Trust provisioning service by NXP and partners • The A71CH operates completely autonomously based on an • Temperature range: -40C to +90C operational ambient temperature integrated Java Card operating system and applet. Direct • Sleep & deep sleep modes memory access is possible by the fixed functionalities of the • Complete product support package including development kit, host SW package for applet only. With that, the content from the memory is entirely easy integration with the most common MCU/MPU platforms. isolated from the host system. • Protection from attack by integrated design measures in the Interfaces chip layout, the logic and the functional blocks. • I 2 C-bus slave interface: up to 400kbit/s 10
Chain of trust based on Secure Element Cloud / Network onboarding & device ID management Mutual authentication based on credential stored on SE (e.g., certificate based TLS). No key handling necessary at insecure stages of supply chain. Physical / Logical separation Only indirect access by the instruction set of the A71 applet, no direct memory SoC access from SoC. Lifecycle Management protects keys throughout product lifecycle from unauthorized access (overwriting, deleting, manipulation, etc.). Hardware Protection for the secrets Pre-injected keys stored in hardware to identify genuine devices, all cryptographic SE calculations isolated in A71CH with its own resources (CPU, NVM, Co-Processors, etc.), hardware design with basic measures against physical attacks, such as probing, hardware manipulation, glitches and light. 11
A71CH for protected key storage & provisioning of credentials Secure storage, generation Secure storage and and insertion of 4 key pairs insertion of 3 public keys (ECC NIST P-256) A71CH IoT device Secure Storage IoT device Key pair #1 Key pair #3 Public key #1 IoT device Key pair #2 Public key #2 Key pair #4 Host Public key #3 A71CH Sym key #1 Sym key #5 MCU IoT device Secure storage, Sym key #2 Sym key #6 IoT device insertion of eight symmetric secrets Sym key #3 Sym key #7 (8X128 bits) General purpose storage Sym key #4 Sym key #8 Monotonic Monotonic IoT device counter #1 counter #2 IoT device Secure storage of two Secure storage of A71CH can be integrated as a slave device into the IoT to monotonic counters (32 bit) general purpose data provide secure storage of credentials and crypto operations (e.g. digital certificates) 12
A71CH for secure connection to public or private clouds Authenticity Trusted connection Data privacy IoT device IoT device Network Gateway Cloud IoT device Host Public and private A71CH 001010 001010 IoT device MCU cloud service providers IoT device End-to-end TLS connection A71CH Cloud servers A71CH security IC supports the TLS IoT device Handshake protocol version 1.2 IoT device The keys and certificates used to authenticate the cloud connection remain secure in A71CH 13
A71CH for device proof of origin / anti-counterfeit I want to authenticate the device’s I want to make sure I am origin in order to detect clones and communicating with the make sure there’s no counterfeit genuine server IoT device IoT device IoT device Server authenticity authenticity Servers verification verification IoT device 967949 125697 Host A71CH IoT device MCU IoT device Authenticity is proved by the A71CH Server verification of signed random numbers IoT device Certificates are used to bind IoT device public key with its owner. The keys and certificates used to verify device authenticity remain secure in A71CH 14
A71CH for encrypted / authenticated interface to host processor Setting up the SCP03 channel requires 3 128- bit AES keys (both on Host and A71CH side). IoT device IoT device A71CH Host MCU IoT device I 2 C I 2 C Host A71CH IoT device MCU SCP03 secure IoT device SCP03 keys SCP03 keys channel Host interface When using SCP03, Host processor and A71CH provides the option to bind the IoT device Host processor to the security IC by A71CH are mutually authenticated IoT device configuring it to use an SCP03 channel. 15
A71CH trust provisioning models 16
Recommend
More recommend
