1. Field of the Invention
This invention relates generally to the field of communications occurring on an I2C bus.
2. Background of the Related Art
An inter-IC bus, commonly called an IIC or I2C bus, is a control bus that provides a communication link between integrated circuits in a system. Currently there is no standard way to secure an I2C communications channel and thus, like all unsecured systems, systems employing I2C communications are vulnerable to attack and tampering. As an example, a somewhat sophisticated attacker could surreptitiously open up a machine employing an I2C bus, such as a server, and install a commonly-available I2C writer tool on the I2C bus. The I2C writer tool allows the traffic on the bus to be monitored, or “snooped” as such monitoring is often called in the computer security field. This would allow the attacker to determine how the resources on the bus are being enabled or disabled. Armed with this information, legitimate transactions occurring on the I2C bus could be replicated (and thus appear as legitimate transactions themselves) by the attacker.
One reason that an I2C bus can be attacked so easily is that it is a well-defined open bus and multiple masters can legitimately reside on the bus and co-exist peacefully. In a multiple-master environment of the prior art, each master will be aware that transactions initiated by others are taking place on the bus, but they are unable to determine if these other transactions are legitimate transactions or “rogue” transactions initiated by an intruder. In a single-master environment, the master could be programmed to detect any other transactions occurring (i.e., transactions not initiated by the single master) and operate on the assumption that such transactions are rogue, however, a sophisticated attacker could modify a transaction initiated by the master and such modifications could go undetected. Thus, an attacker can essentially communicate on the I2C bus transparently. This allows rogue masters to enter the bus, communicate with devices on the bus, and change and/or read data that are on those devices without the overall system knowing that those events have happened.
Accordingly, it would be desirable to have the capability to authenticate communications occurring on an I2C bus to assure that the communications are legitimate.