Inside Secure. George Kuan Greater China Country Manager. November 8th, 2018

Transcription

1 Inside Secure George Kuan Greater China Country Manager November 8th,

2 Publicly Traded - Euronext: INSD Over 25 years of experience and expertise in advanced security 600+ patents and patented applications Solutions protect more than two billion products Security is not an add-on, we are 100% security company! 2

3 Focusing on Selected Markets IoT/ Automotive Root-of-Trust Cryptos, TRNG Key Prov. TLS Tiny TLS Tiny HDCP, DRMs Networking Security MACsec Packet Engines TLS client/server Telecom & Enterprise Video Content & Entertainment Mobile Applications IPsec, TLS Packet Engines HDCP, DTCP-IP cores IPsec Client/Server IPsec Client/Server TLS client/server Fin., Insurance, Health, Gaming HCE and Pay. Embedded DRMs Downloadable DRMs 3

4 INSIDE Secure IP Cores Portfolio (more than 500 configurations) Crypto Building Blocks Ultra Fast AES-XTS Disk Encryption AES & Symmetric All All Chaining Chaining All All AES Modes Chaining Modes Chaining Modes Modes Ultra Fast AES-GCM 1-100G MACsec G MACsec MACsec Packet Engines Family Other Symmetric crypto Algorithms Wireless Algorithms HASH Algorithms Random Number Gen PKA Asymmetric SSL / TLS / DTLS / IPsec 3GPP Root-of-Trust Embedded HSM 1-5G IPsec RoT (firmware) 100G IPsec PRoT (RISC CPU) TLS / IPsec Packet Engines Family HW Secure Module 4 Ultra Fast PKA

5 IoT Market & Challenges 5

6 IoT Security Market Size Gartner Says Worldwide IoT Security Spending Will Reach $1.5 Billion in 2018, a 28 percent increase from 2017 spending of $1.2 billion Endpoint Security Gateway Security Professional Services ,221 1,589 2,071 Total 912 1,174 1,506 1,931 2,457 3,118 Source: Gartner (March 2018) 6

7 Challenge # 1: Many Different Verticals Infotainment Video / gaming / VR Toys wearables Smart home Access control Surveillance and physical security Energy management Maintenance Appliance Smart City Parking meters Traffic control Waste management Public safety Lighting Retail Inventory management Smart payments Smart displays Shoppers tracking IIoT Robotic control Production monitoring Process control Maintenance Health Medication management Health monitoring Remote diagnostic Maintenance Transportation Vehicle diagnostics Autonomous driving car Fleet management Environment Air/water quality Noise Radiation flooding Agriculture Corp yield monitoring Soil monitoring Irrigation control 7

8 Challenge # 2: Different Devices, Different Constrains, Different Needs Resource constraint Resource rich High volume; Low margins Low volume; high margins Consumer Mission critical application Challenge # 3: Connectivity Interoperability 8

9 Challenge # 4: Fragmented Device Architecture Challenge # 5: Fragmented Cloud Architecture 9

10 Security Standards Briefing 10

11 What is NIST & FIPS It was produced by the U.S. National Institute of Standards and Technology (NIST) to outline general requirements for cryptographic modules within computer and telecommunication systems Federal Information Processing Standard (FIPS) " 140-2" designates a standard entitled "Security Requirements for Cryptographic Modules." A cryptographic module is defined as any combination of hardware, firmware or software that implements cryptographic functions such as encryption, decryption, digital signatures, authentication techniques and random number generation. The FIPS security requirements cover 11 areas related to the design and implementation of a crypto module. In each areas, the overall security level of the module matches the lowest level of any of the areas. In FIPS mode, FIPS HW Crypto Modules may only use ALLOWED algorithms! 11

12 FIPS levels Different FIPS levels within the standard provide different levels of security and in the higher levels, have different documentation requirements. Level 1: The lowest level. No physical security mechanisms are required in the module beyond the requirement for production - grade equipment. Level 2: Tamper evident physical security or pick resistant locks. Level 2 provides for rolebased authentication. It allows software cryptography in multi-user timeshared systems when used in conjunction with equivalent trusted operating system. Level 3: Tamper resistant physical security. Level 3 provides for identity-based authentication. Level 4: Physical security provides an envelope of protection around the cryptographic module. Also protects against fluctuations in the production environment. Inside Secure silicon IP acquried FIPS CMVP level 2 certification Inside Secure software crypto library acquired FIPS CMVP level 1 certification 12

13 OSCCA Office of the State Commercial Cryptography Administration (OSCCA) is an organization to formulate Commercial Cryptography in China. Commercial Cryptography is a set of algorithms and standards used in the commercial area, e.g. banks, telecommunications, third party payment gateways, enterprises, etc. OSCCA provide different levels of security requirements in different parts. Level 1 : the lowest security requirement Level 2 : the middle security requirement, some form of physical protection Level 3 : the highest security requirement, high level physical protection required 13 From 2019 commercial products in China will all need OSCCA and related certification! IC with security modules (e.g. IoT, SSD, automotive) Password keypad Hardware token including Public Key Infrastructure (PKI) One Time Password (OTP), and its supporting system Hardware security machine / card Digital signature and verification system(e.g. SSD) IPSEC / SSL VPN Gateway Value Added Tax (VAT) audit system

14 Attack Landscape & Root-of-Trust Root-of-Trust-S Camo Cells Root-of-Trust Logical Side Channel Analysis (SCA) Fault Injection Chip Tampering (Physical) Hostile SW Replay Buffer overflow Timing Attack Power & EM radiation analysis (SPA/DPA) Power glitch Clock glitch Electromagnetic pulse injection Laser Probing & modifying (FIB, e-beam) Optical reverse engineering Cost & Expertise 14

15 Introducing CAMO Technology to Protect Your Design & IP! 15

16 The Problem: Vulnerabilities of Fabricated Circuits It can be highly profitable for adversaries to clone an IC Chip development is very expensive Cloning is not forbidden and hard to prevent; copies may be sold through regular channels Chips can be copied to the same technology or to different/cheaper technologies Significant advancements in automated reverse engineering over past 10 years Reverse engineering tools can easily reconstruct the complete netlist Conventional designs without Inside Secure Circuit Camouflage consisting of 1,000,000 gates or less can be reverse engineered and cloned in less than 3 months Smaller feature sizes (geometries) only marginally increase the level of difficulty Liability issues: a copied chip is hard to recognize, but can cause in-field safety issues (medical / automotive) 16

17 FT232RL Original Die vs. Counterfeit Genuine die (left) versus counterfeit die (right) 17

18 Attack 1: Computer Automated Reverse Engineering Automatic software driven imaging system, very sophisticated Microscope control Stitching / alignment across multiple design layers Identifies and simulates logic cells Creates schematic, netlist, and GDS2 Camo is like a 3D jig saw puzzle. Different tricks are contained in each design layer. Many tricks are deployed in parallel Combinations of tricks creates uncertainty & increases difficulty After solving tricks in each layer, reverse engineer must then interconnect the layers Layout A D DFFRCKB R Q 18 Netlist

19 How It Works: Camo Logic Cells Camo Logic Cell libraries designed to thwart reverse engineering, Trojan insertion & cloning of ICs Delivered as standard cell library IP Foundry s logic cells are augmented with Camo cells Camo cells appear to be foundry cells, but perform different logical functions Placed and connected in an existing design, appearing to alter the circuit, but the functionality is unaffected Misleads reverse engineers when analyzing an IC Unable to use automated recognition methods Physical circuit extracted from silicon has a different logical function Rapid development time; Camo cells are designed in parallel with the IC 100% DRC and LVS compliant Typically does not require a test chip! M1 Foundry Standard Cell AND2 M1 Contact, Poly, Active Contact, Poly, Active Protects design logic, keys and data Inside Secure Camo AND2 lookalike 19

20 How Camo Logic Cells Resists Reverse Engineering Because scanning electron microscope (SEM) imagery cannot obtain perfect images of every design layer, it is possible to hide camouflaged structures in non-imageable layers Fabrication processing has mask layers Silicon Camo modifies 4-10 mask layers Reverse Engineer wrongly copies Foundry Standard mask layers Since camouflage structures cannot be seen in imageable layers, reverse engineer uses Foundry Standard manufacturing mask layers to fill in non-imageable layers when reconstructing the entire GDS stack 20

21 How it Works: Camo SmartFill Final (and optional) element of Silicon Camouflage process applied after place & route and GDS file generation After Camouflage Cell design has been completed and GDS data has been produced, Camo SmartFill techniques may be applied leaving no gaps in the design for attackers to insert Trojan circuitry Camo SmartFill is applied to each GDS layer: contact, metal, via, poly, active Consists of overlaying dense, realistic patterns of camouflage metal, via, and cell structures over original design layers Compatible with separate FrontEnd of Line (FEOL) and BackEnd of Line (BEOL) manufacturing processes Inhibits Focused Ion Beam (FIB) attacks & probing Prevents Trojan insertion of unintended circuits Significantly complicates reverse engineering Pre & Post Poly, Contact, Active Camo SmartFill 21 Pre and Post Metal Camo SmartFill

22 Development Process Camo Cell designer receives frontend and backend cell library files Fabs make this data available Development process Design Camo Cells and Camo SmartFill patterns Camo cell development is in parallel with Customer development Conduct development trial to validate tool flow Camo Cell designers use their own development tools to create Camo Cells Proposed Camo Cells are packaged in a separate library Frontend and backend design tools reference both the Fab standard cell library and Camo Cell library Camo Cell models integrated into customer s flow Scripts automatically modify netlist to insert Camo Logic Cells Deliverables Frontend models: Library and MNL Verilog (.v), Liberty (.lib) Backend models: GDS2, Circuit (CDL), LEF Integration Process: TCL Scripts 22

23 You Build We Provide the Tools We Secure the Castle the Castle! Your Silicon Design Camo Cell Library, Camo SmartFill, and Integration Scripts Your Secure Silicon Design 23

24 Thank You! Amy Wang/China Sales Manager Gary Huang/Taiwan Sales Manager Stephen Wu/Greater China FAE Aken Wang/Greater China /FAE Download your free copy of IoT Security for Dummies By INSIDE Secure Here 24