Some time ago, a classmate made a localized substitution of encryption chips. The author has been in the field of encryption chips for more than ten years and has accumulated some experience, so I can summarize this issue.
1. Function selection
There are many types of encryption chips, such as logic encryption, ASIC, CPU card and so on. The domestic encryption chip also has more commercial secret algorithms, and the selection is more complicated.
Example: A customer does conditional access to a set-top box, and the demand point is user identity authorization + data secure transmission and storage. A domestic card was recommended, but he insisted on choosing an ATXXX16XX card to complete. The reason is that this customer has a friend. The company uses ATXXX16XX cards to make gas meters. It is safe to use for many years and no illegal recharge occurs.
The application characteristics and usage methods of the gas industry are very special. For example, the gas meter has a lead seal and fails as soon as it is opened, so no one disassembles the meter for analysis; the remote meter is connected to the background cloud, and the terminal meter is tampered with, and it will immediately alarm. Some use the staff to visit the meter reading method, abnormal recharge will be found immediately.
The communication and transmission security between the CPU and the card required by the customer cannot be achieved on ATXXXX16XX cards; and the identity authentication only supports plain text authentication PIN passwords. ATXXX16XX has been used safely for many years, and it is more determined by the way of industry application rather than high security. On the surface, it seems that the customer's needs are realized, but the safety protection effect is not good. In order to highlight product selling points and recognize international brands, the selection is rather blind. For example , most set-top boxes require the terminal to be connected to the background to transmit authorization information. At this time, the most suitable card function should be the function of key secure storage and data encryption to protect the transmitted data, but ATXXX16XX does not have it. For another example, ATXXX16XX has a fuse function to prevent the settings from being tampered with, and this function is not used on the set-top box, so I think this selection has some problems, or it is not appropriate.
On the other hand, the recommended LK series cards have a sound identity authentication authority mechanism, superior data storage algorithms, strict authority control, and significantly better security than ATXXX16XX. However, customers are helpless if they don't use it.
2. Performance parameter evaluation
One project requirement is to realize the encrypted transmission of terminal data, and at the same time, the key storage and operation security must be ensured. After careful selection, two models have been determined. From the manual parameters, the functions are similar and the performance is similar. In the feasibility evaluation, the theoretical calculation is similar, but the actual operation is far different. The final positioning is the difference in communication rate. The encryption speed in the manual refers to the internal operating speed of the chip, but in the application, the MCU (or FPGA, DSP) also needs to communicate with the encryption chip. The communication speed (uart and IIC) limits the encryption bandwidth, which seems to be a low-level error, but basically You have to step on the pit to know .
Some projects have requirements for power consumption, which are in line with the manual. In the actual test, the standby power consumption is higher than expected, and it will not be used in the end.
3. Scheme design
Mainstream encryption schemes mainly include three categories: identity authentication, data confidential storage, and algorithm transplantation .
Identity authentication: In-vehicle terminals, bus card readers, access control systems and other scenarios require identity authentication. The internal encryption chip is responsible for storing keys and data encryption, and authentication with the server (or cloud). After success, log in to the platform and enable the response function permission. The design scheme should focus on the safety and performance of the chip itself. The random number participating in the authentication shall be a true random number.
Confidential storage of data: Taking the automobile detector industry as an example, collecting and analyzing core data can improve product quality and make products more in line with consumer needs. The design plan should consider the security of stored data. The default MCU (or flash or EEPROM storage) has poor security. The conventional method is to store it in an encryption chip, encrypt it and read it back when used, and use it after the MCU decrypts it. The security of MCU and encryption chip transmission is controllable, which greatly improves product security. With two-way authentication before transmission, the scheme is more reliable.
算法移植方案:安防设备、工控机具等通常对程序防盗版有很高的要求,前述2种方案相对程序保护效果有限,后诞生了算法移植方案。这是国内公司凌科芯安最初提出的方案。流程是将MCU部分程序移植到加密芯片(高安全等级)中存储运行,芯片具备内部程序数据区离散存储、固有函数隐蔽性强、客户独立设计方案自由等特点。此时单独破解MCU无效,而破解加密芯片面临成本高难度高等棘手问题,投入产出不成正比,以此防盗防抄。以凌科芯安的LKT和LCS系列为代表,在防盗版领域优势相对明显。
四、调试壁垒(调试难度)
硬件方面,设计电路过程尽可能按照原厂demo电路进行设计,上拉电阻、复位电路器件参数选取,一般是厂家多年心血总结,比较靠谱,没必要尽量不改。
电源方面,处理好电源滤波。软件通信调试,务必仔细看厂家提供的通信协议手册,避免私有产品协议导致调试不通。以前有次通信采用ISO7816接口,默认所有指令按7816规范开发,卡了好几天,最终发现有一条E3开头命令是私有指令,有别于ISO7816。希望大家引以为鉴。
稳定性测试、老化测试必须重视。这是合格产品的必由之路,有些问题开发环节无法浮现,必须要经过批量测试和老化测试才能暴露。避免正式批量时出现问题。
五、量产发行(初始化问题,发行中的密钥保护问题)
加密芯片除了要求自身安全稳定,也要考虑发行(初始化和应用烧录)条件,手工发行和机械发行的效率和成本差别巨大,还有就是找第三方发行。
第三方代发行要考虑安全性,这个问题在合作过的芯片厂家中,凌科芯安比较有特色,可根据需求定制个人化加密发行方案,保证密钥和数据安全,第三方无法超发多发。
综上所述,加密保护首选方案,对功能和性能具备不同要求,开发调试和量产发行注意细节和安全,如何快速有效完成生产开发工作是一门很大的学问,希望此文有所裨益!