While designing for system-level security
may protect against many of these
various forms of attack, attacks at the
device level are more difficult to defend.
De-processing of the device (removing
layers of metal and oxide), microscopy,
and side-channel attacks (such as power
analysis) are prominent methods. Hackers
with a higher degree of sophistication may
resort to voltage contrast and magnetic
scan, leaving invasive forms of attack for
those with the highest levels of sophistication
and those with the largest budgets.
Embedded OTP memory cells, such as
those used in Kilopass’ patented CMOS
Logic Antifuse or eXtra Permanent Memory
(XPM) bit cell, can provide a high level
of security. As indicated in Figure 3, which
contains programmed and un-programmed
cells adjacent to each other, there’s no visible
physical or electrical indication as to which
cell is or isn’t programmed. This is true
whether the chip is cross-sectioned, viewed
from the top, or observed using a focused
ion-beam voltage-contrast imaging scheme.
This lack of any noticeable difference is
due to the inherently small size of physical
changes that occur to the CMOS transistor’s
gate oxide when programmed from
its original “0” state to a programmed “1”
state. Since the oxide breakdown (antifuse)
occurs in a random location within a
bounded region and is extremely small, the
state of the bit cell stays well hidden in the
CMOS antifuse’s silicon atoms. Likewise,
no charge is stored as with flash, EPROM,
or EEPROM technologies, so there’s no
charge to externally detect as a “1” state.
Most security experts prefer OTP
memory technologies for the simple fact
that state changes or programming “0”s
to “1”s are destructive, as is the case with
XPM. This may be used at the system level
to prohibit tampering, as well as to protect
against side-channel attacks and glitching.
This level of physical-layer security at
the NVM device level is unique to antifusebased
technologies such as XPM technology
and antifuse solutions from other vendors.
Since XPM cells are embeddable in
an ASIC or ASSP, they can be fabricated
on standard CMOS logic processes at 90,
65, and 45 nm. As a result, there are no
additional process steps, keeping manufacturing
costs low.
SECURING THE MANUFACTURING
SUPPLY CHAIN
In spite of an NVM technology that provides
security at the physical layer, if sensitive
keys are exposed during the exchange
of key information in the fabless semiconductor
company’s supply chain, the
security scheme may be compromised or
broken (Fig. 4). This becomes more critical
with technology industries that outsource
design and manufacturing to countries
where legal IP protections are weak, driving
the need for system-level protections
in the final microelectronic product.
As stated previously, in the case of DVI
and HDCP keys, the licensor may charge a
penalty of up to $8 million per exposed key.
Other security key licensors are following
suit to help protect the integrity of their
overall security schemes for the duration of
the industry standard they are protecting.
This legally imposed penalty is deemed
necessary to protect that system from the
exposure of keys that, as suggested above,
would likely result in compromising the
storage solution’s security.
For example, if a fabless semiconductor
company uses a back-end test house
in another country with poor legal protections
for the final programming of encryption
key information into the target chip,
that key information may easily be exposed
to corruption (Fig. 4, again). In this case,
any legal recourse and damage recovery
may be difficult at best.
To protect against such a case, the fabless
company may decide to encrypt the sensitive
key information prior to transmitting
keys to the test house for programming. An
embedded decryption module inside the
target device would then unlock the key for
programming internal to that device.
The combination of manufacturing
security for sensitive data and physicallayer
security defends against key and ID
exposure, as well as any liabilities assumed
through the licensing of industry-standard
keys. Security keys are encrypted by the
manufacturing key management solution
and communicated through secure server
technology within the manufacturer’s supply
chain. The hardware security embedded
in the microchip decrypts the sensitive information. All of the keys are tracked and managed
for auditing by the manufacturer or Certificate
Authority as needed.
To summarize, hardware security is rapidly becoming
the norm when enhancing system-level security
and extending the life of a security scheme for the duration of the life
of the standard that it protects. This is evident with the prevalence of
smart cards in countries around the world, as well as unique device
key/ID requirements in standards like HDMI, Blu-ray, and WiMAX.
The same principles apply to security schemes that protect storage
solutions. A technology-based security solution with physicallayer
security is needed to ensure the survivability of these important
electronic standards in the face of increasingly sophisticated
attacks in a modern global society.
REFERENCE
1. Scott Crosby, Ian Goldberg, Robert Johnson, Dawn Song, and
David Wagner, “A Cryptanalysis of the High-Bandwidth Digital
Content Protection System,” Carnegie Mellon University, Zero
Knowledge Systems, and University of California at Berkeley