Things to know ... about security in silicon

Dr. Bill Anderson
Vice President of Encryption Products
SafeNet, Inc.

Support for cryptographic security has become a basic requirement for many networking and mobile silicon devices. The complex nature of cryptographic security processing often creates a challenge for semiconductor designers to achieve the levels of protection and throughput required by today's systems and applications. Implementing security functionality on dedicated hardware enables designers to achieve higher throughput performance, lower power consumption, and a higher degree of security over software-based implementations running on a general-purpose processor.

Security IP enables chip manufacturers to benefit from re-using semiconductor designs for new applications-designs that have been optimized and proven in previous security processor implementations.

IP security solutions deliver the advanced levels of security mandated by new industry standards and market requirements for improved protection of networking and communication systems. Security IP comes in many flavors and configurations, from simple cipher cores that accelerate only specific crypto algorithms, such as AES or 3DES, to highly integrated security systems that can handle the complete processing of security protocols, such as IPSec, SSL, or pattern matching.

Key reasons why semiconductor manufacturers select silicon IP designs

• Security is extremely difficult and time-consuming to design in-house.
• Leveraging existing know-how reduces the need for full-blown security engineering team on staff.
• Proven, innovative, best-in-class security solutions that have been integrated numerous times significantly reduce the risk for costly errors (such as recalling a chip after final production) and guarantee standards compliance.
• Integrating silicon-proven IP significantly shortens design, testing, and integration cycles.
• Proven quality leads to better security designs as best-in-class IP has been continuously optimized for various design requirements (such as gate count, performance, and features).
• Chip vendors avoid patent issues with owners of security algorithm patents.

Even with the multiple commercial options available to system designers, the process of selection and implementation remains a daunting one. Here are a few simple guidelines to help you through your next security design:

1. Know Your Risks. Find out what risks are realistic for your system, and decide up front what you care about protecting. For example, if you're putting VPN acceleration hardware into your communications processor you need to think about where crypto keys are stored when they're at rest. If the keys are sitting on the system disk unencrypted, is it possible for an attacker to gain access to them? This is a realistic risk you should consider protecting against. On the other hand, are you worrying about organized crime funding massive research in advanced quantum cryptanalysis technology? If so, you need to put down that triple espresso, take a deep breath, and relax. There's a tiny possibility of quantum crypto doing practical work some day, but we're a long way from thinking about it as a risk.

2. Don't Under-Design. Your brand new, cutting-edge, super-fast, streamlined SoC is going to be in production for at least five years, and, unfortunately, that means it's going to get old. Don't let the security feature be the first critical organ to fail and put your product out of commission. When you're deciding which security features to put in your next chip, you must look at what security systems are doing one level up in your food chain today. Your customers are going to look to you to provide those same features in silicon. If you look at what is in your competitors' chips, already you are looking at history.

3. Don't Over-Design. Conversely, you still have a gatecount to consider, and cryptography algorithms are notoriously heavy users of gates. It's the nature of crypto that it performs a huge number of mathematical operations very quickly to lock your data for transit from Toledo to Tokyo. Security seems like a dark art, so there is a tendency to believe when someone tells you they need a certain performance point. Check deeper-look at the use cases, ask about software support, CPU load, buffer sizes, overhead, network bandwidth and so on before determining how fast you really need to go into the security core.

4. Think System, Not Feature. The most common mistake in security system implementations comes from forgetting to think like the bad guys. This is one area where the security IP vendors have significant value to offer their customers. The bad guys are smart. They don't bother attacking crypto algorithms head-on. Instead, the bad guys look for ways around the security, cracks in the armor that the system designers didn't think about, or maybe knew about but considered to be someone else's implementation problem. For example, security systems always rely on a good source of randomness - what is your system's source? Is it possible to force it to a known state by a reset or fault condition? If it is possible, then the bad guys will probably do it.

5. Protect Those Keys. You and your customers will sleep a lot better at night if you design a secure key storage mechanism into your architecture from the beginning for handling those critical secrets. You and your team are spending time and money to put security into your next silicon products and the security is only as good as the secrecy of the keys. Think about the lifecycle of your chip. How it is created, and initialized? How does it handle keys throughout their life, and, finally, how does it destroy them when they're no longer needed? Although it seems simple, the security lifecycle is the most important consideration for a successful security system, and one area where it pays to have expert advice.

View SafeNet's IP here

Bill Anderson is the Vice President of Encryption Products at SafeNet, Inc., where he manages SafeNet's encryption product line, which includes high-speed encryption appliances, data-at-rest security solutions, and OEM security solutions sold as intellectual property, chips, and software to OEMs, such as Cisco, Texas Instruments, AMD, AMCC, and Samsung. Dr. Anderson has Bachelors and Doctorate degrees in Electrical Engineering, with specialization in cryptography, from the University of Waterloo, Ontario, Canada.