Security is of central importance to most embedded solutions. As readers of Circuit Cellar well know, security is an increasingly complex task in embedded system design. The proliferation of embedded systems means that the targets for potential security breaches have multiplied. At the same time, the tools and methods at the disposal of bad actors continue to grow in sophistication.
This necessitates that embedded system security likewise continues to evolve, and developers and manufacturers must design and implement creative new solutions to keep up with an ever-changing industry. And of course, many have. Analog Devices, Microchip Technology, and others have responded to this need with various IC solutions for authentication and security applications.
Now, Datakey has introduced a versatile new tool in the security arena that uses the functionality of these Microchip security ICs. Its CryptoAuthentication™ memory tokens utilize Microchip’s ATECC608 and ATSHA204 ICs in a portable, proprietary form factor that can be used as a credential or portable memory device for an array of applications, including enabling features, unlocking devices, storing log data, and, of course, transporting data securely. Significantly, the host can also authenticate the memory token, preventing unauthorized devices from connecting and spoofing one.
In this piece, I’ll briefly cover a couple of examples that demonstrate the security this device brings to embedded applications, and that hint at the wide range of solutions in which a Datakey CryptoAuthentication memory token can be an integral component.
TRANSFER CREDITS SECURELY
One interesting aspect of this technology is its ability to securely transfer credits or usage allotment for a device or application. This could be used, for example, in a parking garage metering system (Figure 1). Merchants using the garage could prepay for parking credits, which would then be added to the memory token. Next, the merchant would insert the token into a parking ticket validation machine, thus loading the device with the number of ticket validations purchased. As the merchant validates parking tickets for customers, the credits on the memory token are decremented. Unused credits could be refunded. Also, the memory token can be linked to specific merchants, and credits bought could have an expiration date if needed.
The CryptoAuthentication memory tokens use memory slots that range in size from 32 to 416 bytes (depending on the IC used) to securely store data. For credit transfers, the number of credits and their type would be stored in one or more of these slots. As an example, consider the parking garage system again. $500 of parking credits would be stored in Slot 0. But that, in turn, would be protected by a read/write key, derived from the merchant’s PIN code used to access the memory token, stored in Slot 1. Slot 2 could be used to record each transaction, like a journal, before committing changes to the number of credits in Slot 0—useful in cases of interruptions such as a power loss.
As another example, a CryptoAuthentication memory token can be used to securely save log and diagnostic data for later retrieval from remote embedded systems without network connectivity. As discussed, the data would be stored in one or more slots, each of which is protected with a read/write key. Here lies a particularly clever design detail: attempts to read a protected slot without the right key result in a return of garbled data. By avoiding an explicit read error, a would-be hacker can’t know if the data read is valid or not.
As in the previous example, the read/write key would be stored in a dedicated slot that can’t be read or tampered with. To read an encrypted data slot, the read command combines the slot number of the read/write key, the key itself, and a unique nonce into a hashed value that’s used to decrypt the data. (This is similar to the process used when data is written to an encrypted slot.)
In a remote logging application, the memory token would be inserted into the host, which would use a Challenge-Response method implemented by the MAC command to authenticate it. When logging data, the host can derive the read/write key from different configuration settings on the memory token, or use a pre-defined key. Or, if the host also contains an ATECC608 or ATSHA204 IC like the memory token, then the token can be authenticated via a shared key stored in both devices.
It’s always exciting when a powerful new tool such as the CryptoAuthentication memory token enters the market, because, of course, we don’t yet know all the various ways in which the device will be deployed in particular solutions. That said, Datakey has produced an excellent white paper, “Use Cases for Datakey CryptoAuthentication Memory Token,” exploring some more possible applications of the memory tokens . See Circuit Cellar’s Article Materials and Resources web page for a link to the paper on Datakey’s website; registration is not required to access it.
As you’ll discover in that paper, this article only scratches the surface when it comes to the many creative uses for this CryptoAuthentication technology. These memory tokens can also be used for the secure distribution of new product features, as usage counters, as biometric keys, or for secure control of vending inventory. And of course, the functionalities of this device can be combined as needed for individual cases. Do you need to store sensitive data? Use one of the protected slots. Need to authenticate a device? Use a shared key with the MAC command. The versatility and security Datakey’s new CryptoAuthentication memory tokens deliver ensure that developers will find still more clever and unique uses for this vital tool.
 Datakey’s “Use Cases for Datakey CryptoAuthentication Memory Tokens” White Paper: https://datakey.com/downloads/Use-Cases-for-CryptoAuthentication-Memory-Tokens-White-Paper-Rev-A.pdf