Mitsubishi DS907x SIP, DS5000TK manual Application Advanced Security Techniques

APPLICATION: ADVANCED SECURITY TECHNIQUES

The Secure Microcontroller family has been used for numerous applications requiring security. Different lev- els of security are required depending on the sensitivity of the application and the value of the protected informa- tion. As mentioned above, the goal of the microcontrol- ler security is to make stealing the protected information more difficult than the information is worth. This task actually has two pieces. First, the Secure Microcontrol- ler makes attack difficult. This is combined with the user's physical security to make information retrieval difficult. The second part is to make the protected information less valuable. To this end, the NV RAM nature allows a user to frequently alter the firmware based security aspects of the system. Thus if the critical information changes before the security can be broken, the information that is actually retrieved will be worth- less.

To assess the security of a system, the total imple- mentation must be examined. The DS5000FP or DS5002FP provide a high level of security, but the user's firmware can accidentally defeat some features. Below are a sampling of implementation issues that will make the DS5000FP or DS5002FP more difficult to crack. There are also suggestions on making a system more secure using external circuits.

Avoid Clear Text

The encryption algorithms used by DS5000FP or DS5002FP are generally adequate to prevent analysis when combined with well developed code. However, the encryption is defeated to some extent if the user stores text that appears on a display in encrypted form. This gives the pirate a starting point to look for the clear text in encrypted storage and analyze the encryption algo- rithm. The ªdata answerº is already known. If clear text is required, then preferably store it in nonencrypted memory. If this is impractical, then disperse it so that it is hard to find. Avoid at all costs reading the clear text from memory then immediately displaying it. This is a sure means to identify the encrypted values of the text for the attacker.

Avoid CRC or Checksum

Running a checksum on power up provides the pirate with a sequential listing of the addresses in encrypted form. Therefore the attacker has a great advantage in deciphering the Address Encryptor. Preferably avoid a

checksum. If one is needed, then check the minimum amount of memory and perform the check in non±se- quential fashion.

Avoid Long Straight Runs of Code

A common coding practice is to run numerous sequen- tial operations. This is common knowledge and should be avoided. The pirate can use this in the same way as a checksum process. It provides a sequential listing of encrypted addresses and assists with analysis of the address encryption.

Use Jumps

To address the prior problem, jumps are advised. These can be jumps for no reason other than to space out straight runs of code. However, using jumps also pro- vides several other techniques to make bus analysis more difficult. As an example, the code can jump into Vector RAM. While in this area, dummy access will occur on the bus.

Use Random values

The Random Number Generator of the DS5002FP can be used to make a pirate's task more difficult. When time is available, the software should perform random actions at random time intervals. As an example, the Random Number Generator can be used to select a timer interrupt value. Thus the microprocessor will be interrupted at random intervals making characterization very difficult. Software can elect to out of Vector RAM for a random period of time. Also as discussed above, the microprocessor generates dummy RAM reads when possible. However, it can not generate dummy writes. However the user's code can. Random numbers can be written to address that are known to be unused. If this is done while the microprocessor is visibly performing a meaningful task, it will make analysis very difficult.

Vector RAM

As mentioned above, the Vector RAM can be used for many things beside vectors. This is the most secure storage in the system. It resides on±chip behind tamper protection. Thus it is useful for storing the most sensitive data. Thus even an attacker could break the encryption, this information would still be secret. For EFT or similar applications, this is a good location for the storage of DES keys. Since DES is a public algorithm, the real protection is keeping the DES key secret. As this is only 8 bytes, it fits well within the Vector RAM.