20090721

FYI : The relevance of tamper-proof designs

The relevance of tamper-proof designs

http://www.edn.com/fpgagurus/blog/890000689/post/1510046151.html?nid=4719&rid=9121315

Altera Corp.'s addition of physical-layer tamper-proof features in the Cyclone III LS jogged my memory regarding the tough uphill battle security experts faced in the last decade, convincing companies that protocol-layer encryption and digital signatures were important for commercial-grade IT designs. It took scares involving the wholesale theft of credit-card numbers and the hacking of corporate Wi-Fi networks before many companies started to treat encryption seriously. Will it take the same valiant effort to make JTAG port analysis and tamper-resistant circuit designs a mainstream feature?

What Altera is offering is not new to the FPGA market.   Xilinx, for example, offers tamper-resistance for IP cores in its military-qual Virtex-5Q family. But Altera's efforts to bring such features to the mainstream of both military and commercial designs is to be commended. In May 2008, when IEEE Spectrum published an article on the Defense Advanced Research Projects Agency's Trust in Integrated Circuits (TRUST) program, there was plenty of eye-rolling among those in commercial designs. Maybe an electronic warfare system was a legitimate platform for physical-layer protection, but was DARPA paranoid? Was the agency suggesting that any IT platform could be a target for hostile hacking at the circuit-board level?

Well, yes. The establishment of the Air Force's 24th Air Force/Cyber Command, and President Obama's subsequent assignment of a civilian cyber initiative under NSA auspices, should convince skeptics that the federal government considers cyber offense and defense primary focus areas for the next decade. And one needn't assume a hostile government is focusing a board-level design. If corporate espionage spends the resources to crack 256-bit keys, it's perfectly feasible to expect future (or maybe even current) efforts to probe the internal layout of an FPGA design.

I'm not so sure most FPGA customers will buy into this until horror stories emerge similar to those experienced in the Layer 2 and 3 crypto community. But I'm glad to see FPGA vendors prod customers into thinking about tamper-proof IC design.

No comments: