English
Using cryptography to secure embedded device authentication profiles: Part 2
Why not just keep the hash algorithm secret?
By Kerry Maletsky, Atmel
Embedded.com (04/18/09, 06:00:00 AM EDT)
If the attacker doesn't know the algorithm, then implementing a brute force attack is impossible since the attacker can't compute the output even if he knows the key. Systems like this were the historical norm until very recently.
This is still a reasonable strategy in some situations, especially where there is a limit on the complexity of the encryption hardware (perhaps for cost or power consumption reasons) and/or insufficient key storage mechanism.
Good examples of this situation would be RFID tags which cannot consume very much current nor cost more than the value they protect, perhaps a single trip on a subway.
Nonetheless, such systems are being used less and less in favor of systems constructed from widely studied open algorithms. This has been made possible by advances in semiconductor technology that permit logic gates to cost less and consume less power at the same time.
It's very hard to maintain the secrecy around algorithms:
* The German WW2 Enigma machine was secret only until one was captured by the Allies and its weaknesses were uncovered by clever mathematicians
* The encryption algorithm originally encrypting European GSM cell phone conversations was protected by a non-disclosure agreement (NDA) until a university accidentally disclosed it without getting a signature on an NDA. It was promptly broken and the attack published.
* The encryption algorithm in the Mifare chips was teased out of the logic on the chip by another university team that legitimately purchased devices that implemented the algorithm. They studied the logic under a microscope to find out how it worked.
Better hardware design strategies that include countermeasures for historical and anticipated security attack methodologies can increase the useful life of systems with secret algorithms further into the future.
By Kerry Maletsky, Atmel
Embedded.com (04/18/09, 06:00:00 AM EDT)
If the attacker doesn't know the algorithm, then implementing a brute force attack is impossible since the attacker can't compute the output even if he knows the key. Systems like this were the historical norm until very recently.
This is still a reasonable strategy in some situations, especially where there is a limit on the complexity of the encryption hardware (perhaps for cost or power consumption reasons) and/or insufficient key storage mechanism.
Good examples of this situation would be RFID tags which cannot consume very much current nor cost more than the value they protect, perhaps a single trip on a subway.
Nonetheless, such systems are being used less and less in favor of systems constructed from widely studied open algorithms. This has been made possible by advances in semiconductor technology that permit logic gates to cost less and consume less power at the same time.
It's very hard to maintain the secrecy around algorithms:
* The German WW2 Enigma machine was secret only until one was captured by the Allies and its weaknesses were uncovered by clever mathematicians
* The encryption algorithm originally encrypting European GSM cell phone conversations was protected by a non-disclosure agreement (NDA) until a university accidentally disclosed it without getting a signature on an NDA. It was promptly broken and the attack published.
* The encryption algorithm in the Mifare chips was teased out of the logic on the chip by another university team that legitimately purchased devices that implemented the algorithm. They studied the logic under a microscope to find out how it worked.
Better hardware design strategies that include countermeasures for historical and anticipated security attack methodologies can increase the useful life of systems with secret algorithms further into the future.
|
E-mail This Article | 
|
|
Printer-Friendly Page |
|
||||||
Related Articles
- Using cryptography to secure embedded device authentication profiles: Part 1
- Internal JTAG - A cutting-edge solution for embedded instrument testing in SoC: Part 2
- Securing the IoT: Part 2 - Secure boot as root of trust
- Optimizing embedded software for power efficiency: Part 2 - Minimizing hardware power
- Guide to VHDL for embedded software developers: Part 2 - More essential commands