A. Technical Field
The present invention relates generally to key management in a secure microcontroller, and more particularly, to systems, devices and methods of automatically and transparently employing logic or physical address based keys that may also be transferred using a dedicated secure link between a cryptographic processor and key sources.
B. Background of the Invention
A microcontroller is normally a single integrated circuit comprising a central processing unit (CPU) core, memory, and input/output (I/O) peripherals. A secure microcontroller is used for applications that involve trusted operations on valuable assets in a trusted environment where a thief or hacker may attempt to gain access to sensitive data through processor cores, memory devices or I/O peripherals that are used to communicate and process sensitive data. This sensitive data may include account numbers, access codes, financial transactions/balances, rights management, metering data (e.g., energy, units), program algorithms and other information. The secure microcontroller may use non-volatile RAM rather than ROM for storage, and additional enhanced security features are employed to avoid unauthorized accesses. To date, the secure microcontroller has been applied in a wide range of security-critical applications such as electronic banking, commercial transactions, and pay-TV access control, or any application that requires protection of sensitive assets.
Since the sensitive data may be stored in an external memory of the secure microcontroller, memory content confidentiality and integrity are two distinct characteristics that should be addressed against different threats. The first threat is associated with sensitive information disclosure where confidential data are revealed and weakness in a program is exposed. The second threat is associated with modification of application behavior which involves programs and data being modified in the external memory and results in a data integrity issue.
The secure microcontroller is designed to offer a high level of security to data stored in the memory. For instance, physical security may be established against probing by anti-tampering enclosure. However, this solution may be expensive and does not cover new attack methods based on fault injection from power supply glitch, light, synchronous or asynchronous laser, or radioactive particles. The security features may also comprise memory encryption where data and addresses stored in the memory are encrypted or decrypted during the data exchanging process. As a result, the physical security perimeter can be limited to the microcontroller while the memory and their communication buses can remain exposed physically.
Data integrity control is implemented for the programs and data stored in the memory to detect any willing or unwilling corruption between what was originally sent for storage and what is stored in the memory. Specific integrity check methods are used to generate integrity control data (i.e., a tag or signature) during a memory write operation, and validity of the stored data are verified by its consistency with the corresponding integrity control data during a memory read operation. Integrity control constitutes a sufficient protection against fault injection attacks, and sometimes, it is implemented in software and embedded in the secure microcontroller to ensure a sufficient level of trust to stakeholders.
The aforementioned data security and data integrity concerns may be addressed by incorporating a hardware engine for cryptographic operations (e.g., data encryption, data decryption and integrity check) at the interface of the microcontroller to the external memory rather than relying on software. The hardware engine allows faster reaction to fault attacks, enhanced performance for data encryption or decryption. Also this allows direct porting of standard operating systems to the secure microcontroller without major software modifications. One or several keys may be employed in any cryptographic operation. Although the methods implemented in the hardware engine may be public, these keys are kept confidential to avoid compromising data security or integrity. As a result, a need exists to manage cryptographic keys.