By Kurt Sowa
Numonyx Software Product Manager
Numonyx® Krypto® Authenticated Operations use specialized flash memory commands to protect flash memory contents from unauthorized access, including modification of the contents. This article discusses the use of Krypto® Authenticated Operations to protect devices (such as mobile phones) from unauthorized changes. Unauthorized changes include changing the International Equipment Identity (IMEI) number.
Platforms are increasingly at risk from external threats that take advantage of weaknesses in platform security. The software configuration of a device can be modified, allowing usage restrictions to be removed (for example, unlocking a phone) or changing functionality (cloning an IMEI number). These modifications present a potential of interfering with the licensed operation of other devices, and can also reduce expected revenue from a device. Krypto® Authenticated Operations protect devices from unauthorized modifications while still allowing code updates via authorized methods.
Krypto® Authenticated Operations require additional security functionality to be incorporated within the flash device. Numonyx® flash memory devices that support Krypto® Authenticated Operations add Secure Hash Algorithm (SHA) signature calculation and random number generator hardware blocks to the device. This allows simplified device management that is independent of any CPU host support, and can protect the entire flash memory device or ranges within the device. Federal information processing standard Keyed Hash Message Authentication Code (FIPS Pub 198) is used as the underlying cryptography standard in Krypto® Authenticated Operations.
Krypto® Authenticated Operations use a secret key that is programmed into the device during the initial factory programming. If desired, a unique key can be used for each device.
Any modification requests must be signed with a signature generated using the key. This signature is verified by the device during an update command, and if the signature matches the internally generated signature, the update is allowed. By using a signature, the OEM can keep the key private. Krypto® Authenticated Operations also allow a Random Challenge Value (RCV) to be used to protect against replay attacks. A RCV is a random value requested from and generated by the device that is used to validate a command sequence. The challenge value is entered as part of the command sequence to validate the operation and is only valid for that single operation. The key and the RCV are independent methods of authentication.
The following diagram illustrates an example of zero overhead factory programming initial program load. This is a typical flow used for configuring the authentication method within a production environment. Once these operations are complete, Krypto® Authenticated Operations will be required to update protected ranges.
Figure 1: Configuring Krypto® Authenticated Operations
With this use case, it is important to note that the flash memory can be programmed and reprogrammed multiple times with zero overhead in the factory. Key and ACL can be programmed at any time before the DCC bit, and once the DCC bit is programmed, authentication for protected ranges will now require the signature. Also, Krypto® Authenticated Operations can accommodate factory returns with zero factory overhead, if required.
The following diagram illustrates an example of an authenticated buffer program with a RCV. This demonstrates the steps to update a secured region once Krypto® Authenticated Operations are required.
Figure 2: Authenticated Buffer Program Flow
Krypto® Authenticated Operations must be configured prior to usage. Typically, it is desired to protect the boot code, along with device configuration settings.
There are three basic steps for configuring Krypto® Authenticated Operations:
- The key must be programmed into the device.
- The protected ranges must be defined (along with the rights).
- Authentication must be enabled.
Once authentication is enabled, any modification requires a signature that is generated using a secret key and verified using a signature calculated within the device using the key programmed in the factory.
Numonyx devices with Krypto® Authenticated Operations support have 16 access control slots. This allows 16 flash ranges to be protected. Each range has independently defined access rights. An erase block is the minimum area of flash that can be erased, so protected ranges must be defined as multiples of erase blocks.
There are two basic categories of Krypto® Authenticated Operations commands:
- Commands used to configure and initialize Krypto® Authenticated Operations
- Commands used to perform Krypto® Authenticated Operations
The following table provides a description of each of the Krypto® Authenticated Operations commands:
| Configuration |
Write Security Data (HMAC) |
This command is used to:
- Install the HMAC key onto the device.
- Define the Access Control List (ACL) entries. The ACL entries define the protected range of flash and rights. Authenticated program and authenticated erase can be enabled independently.
- Set the visible blocks. The visible blocks command configures read protection for a block after a cold reset (regardless of the ACL protection).
- Set the DCC Bit. This enables Krypto® Authenticated Operations.
|
| Configuration |
Get Security Data (HMAC) |
This command is used to read the ACL entries and HMAC key. Once Krypto® Authenticated Operations have been enabled, the security data can no longer be read. |
| Configuration |
AO Init |
This command must be issued to the device before any operations to the flash memory device. This is normally executed once during platform initialization. |
| Authenticated Operations |
Get Random Challenge Value (RCV) |
This is used to request a random challenge value. Authenticated Operations can be performed using the RCV, or without if desired. The RCV helps prevent replay attacks by incorporating a random value into the command data for Authenticated Operations. |
| Authenticated Operations |
Authenticated Word Write |
This is used to issue a word write command to a protected range. |
| Authenticated Operations |
Authenticated Buffer Program |
This is used to write a buffer to a protected range. |
| Authenticated Operations |
Authenticated Erase |
This is used to erase a block in a protected range. |
Krypto® Authenticated Operations can use a RCV to prevent an operation from being captured by an unauthorized user and replayed on a secondary device. To use a RCV, the system first requests and reads a RCV from the device. This RCV is then transmitted to the authority and used along with the secret key to generate a signature. The authenticated command is issued along with the signature, followed by the regular write or erase command. If the range is in the protected area, the device will verify the signature before proceeding with the command. If desired, Krypto® Authenticated Operations can be used without the RCV.
Krypto® Authenticated Operations are a simple way to prevent unauthorized modification of your platform. Krypto® Authenticated Operations simplifies the process of maintaining the integrity of your code and data. Contact your Numonyx representative for more information about Krypto® Authenticated Operations or for a list of Numonyx® flash memory devices that support this feature.