Atmel Trusted Platform Module - VersaLogic TPM Overview.pdf · • Sign FW updates and TPM can verify signature before allowing • Keys are stored inside the TPM Hardware “vault”

1 © 2014 Atmel Corporation

Atmel Trusted Platform Module

June, 2014

What is a TPM?

The TPM is a hardware-based secret key generation and storage device providing a “secure vault” for any embedded system

• Four Primary Capabilities

• Platform Integrity

• Authentication

• Secure Communication


• Secure Communication

• IP Protection

• Asymmetric Algorithm (RSA)

• Supports 512, 1024, & 2048 keys

• SHA-1 Hashing

• HMAC

NonNon--VolatileVolatile

StorageStorage

OptOpt--InIn

I/OI/O

uC 8uC 8--AVRAVR Program CodeProgram Code

Volatile Volatile

Atmel TPM Basic Architecture


RNGRNGRSARSA

EngineEngine

Key Key

GenerationGeneration

PlatformPlatform

ConfigurationConfiguration

Registers (PCR)Registers (PCR)

SHASHA--11

Trusted Platform Module (TPM)Trusted Platform Module (TPM)

Packaging

StorageStorage

AIKAIK

Hardware Security Features

• Strong Multi-Level HW Security:• Active shield over entire chip

• All memories internally encrypted

• Data independent crypto execution

• Randomized math operations

• Internal state consistency checking

• Voltage tampers, isolated power rail

• Internal clock generation

• Secure test methods, no JTAG

• No debug probe points, no test pads

• No package or die identificationStandard

ATMEL Crypto Devices


• No package or die identification

• Designed to Defend Against:• Microprobe attacks

• Timing attacks

• Emissions attacks

• Faults, invalid command attacks

• Power cycling, clock glitches

• Partial personalization attacks

StandardDevices

Symmetric Key Encryption

• Symmetric Key Algorithms use the same key to encrypt ANDdecrypt data

• AES & DES are examples of widely used symmetric algorithms


Alice’s

Kingdom

Bob’s

Kingdom

Distributing the SHARED KEY is a major security risk

Asymmetric Key Encryption

• Asymmetric algorithms use two related keys (Public & Private) for data encryption and decryption

• Public keys freely distributed with NO security risk

• Private keys are NEVER exposed

• RSA and ECC are examples of asymmetric algorithms

Only Bob can decrypt using Bob’s


Do you want 1101010111000100010101000111110101011101010010010101

to meet for dinner?

using Bob’s Private Key

Alice encrypts message with Bob’s Public Key

Data is protected no matter who is watching or listening

Platform Integrity – Secure Boot

• Platforms configured with many different SW modules

• Problem: Modules may be maliciously corrupted• Platform may not be trusted

• Files could be intercepted

• How the TPM can help• TPM stores hash value of each boot module in protected HW


• Verifies no unauthorized changes made to any module

• Firmware, Software or Hardware

• Can verify that at a particular time, that a particular system was in a TRUSTED state

• Real time audits can verify platform state at any time

7

Authentication

• In order for devices to gain access to a network or service they should be authentic

• Typical applications are Servers, Routers, AP’s, Switches , MFP’s and Femtocells/Microcells

• Store keys in protected hardware

• Need ability to deny access to unauthorized “user”

• Clone, generic, or non-subscription devices should not be able to access services not paid for

• Problem: Before allowing full access and


• Problem: Before allowing full access and functionality, how do I ensure it is authentic?

• Ways TPM can help

• Keys are generated and protected by TPM

• Certificates can be created and protected by TPM

• Authorization check can be done inside the TPM

• Sign & Verify commands utilize 2048-RSA PKI

• White list of “good” public keys provides for access only by authentic and trusted devices anywhere around the world

Secure Communication and Updates

• May be desire to send FW updates securely

• Add new functionality only to authentic systems

• Smart Home Networking Applications

• Problem:

• This equipment needs to be connected over a network

• Vulnerable to a remote attack with unauthorized FW updates


• How can the TPM help?

• Create session keys for encrypting data transmitted across

a network (Only after authenticating)

• Sign FW updates and TPM can verify signature before allowing

• Keys are stored inside the TPM Hardware “vault”

• Encrypt data to be transmitted using recipient’s public key

TPM Market Trends

• Where?

• Anything on a network!

• Tablets & PC’s

• Access Points

• MFP’s

• LTE base stations

• Servers/uServers

• Gambling gaming machines


• Gambling gaming machines

• Smart Home Networking

• Fiscal Cash Registers

• Why?• Standards based PKI

• > 200 TCG Member Companies

• FIPS 140-2 in end product RFQ’s

Anything networked is a good application for TPM!



TPM Offering Today and Tomorrow

AT97SC3204 Today & Tomorrow

• First TPM vendor supporting Industrial Grade (-40C to +85C)

• Key gen > 4x faster than previous generation• Internal MCU running at 66MHz

• Atmel signed Endorsement Key Full X.509 Certs available• Small certs also available

• Optional Field Upgrade supported

• Configurable Failed-Authorization Attempts Counters (0-1024)

• Supported in both a 4.4mm and 6.1mm 28-TSSOP + 6mm x


• Supported in both a 4.4mm and 6.1mm 28-TSSOP + 6mm x 6mm 40-QFN/MLF (4x4mm 32-QFN 1Q14)

• Interfaces: LPC, I2C

• Introducing FIPS-Flex Mode - AT97SC3204-X4 Series

• Ability to permanently set FIPS or Standard mode at CM or after

AT97SC3204 & 3205 FIPS Certified


• http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2013.htm

Introducing FIPS/Flexible Mode


Atmel Advantages

• Atmel continues to release new generation TPM’s supporting Industry needs

• World’s first FIPS certified vendor

• High speed crypto calculations• SelfTestFull well below the industry target

• Low power auto-hibernation feature

• Supporting 4x4mm QFN

• Widest temp range supported -40C to +85C


• Optional Small & Full-cert & field upgrade support

Documents

Atmel Trusted Platform Module - VersaLogic TPM Overview.pdf · • Sign FW updates and TPM can verify signature before allowing • Keys are stored inside the TPM Hardware “vault”