Hardware Security for a Worldly-Wise Internet of Things

Even the smallest devices sitting on the Internet are potential targets for hackers seeking to steal information, falsify data, or corrupt or disable the device itself. Trusted Computing principles developed in the Internet of People are now powering low-cost, low-power hardware-based security for the Internet of Things.

An Internet of hackable things

All kinds of organizations are becoming keen to exploit the Internet of Things (IoT) to streamline activities, cut costs and improve profitability. Tiny, low-cost, low-power smart “things” can be easily connected to the Internet, opening up possibilities that are simply irresistible for engineers compelled to explore new technical avenues, and also for business managers who see opportunities to increase sales and improve operations. Consumers, also, are enticed by the “cool” factor that comes with controlling smart devices remotely using a mobile product, and the chance to reduce household bills.

In the excitement, however, one key issue may have been overlooked. Security can be a low priority for developers rushing to create advanced new products and roll them out to customers, and is also likely not be a core skill. As far as IoT applications are concerned, it can be difficult to identify the interest a hacker may have in gaining access to a device. However, establishing a connection is easy, and if the device is not properly secured a hacker can gain valuable information such as user passwords simply by observing data flows.

Researchers at Symantec have carried out experiments by intercepting Bluetooth® transmissions between the fitness trackers and smartphones of passers-by in public places. The data intercepted contained un-encoded passwords used to connect the wearers’ devices. Given that many people use the same password for multiple logins, this information in the hands of a hacker can leave important assets vulnerable to unauthorized access, such as financial accounts or personal data kept in the cloud.

Another recent experiment, reported by the BBC, exposed security weaknesses in smart meters used in Spain. Encryption keys embedded in the software were found to be easily accessible. A hacker knowing these keys can spoof transmissions from the meter to send false usage data amounting to energy theft.

Product developers can prevent some of these vulnerabilities by making sound security choices when configuring connectivity software, such as by changing default settings to prevent the application making sensitive data such as port numbers readily accessible. Moreover, new security patches for software such as webservers are being issued continuously, as weaknesses are discovered and rectified.

Even so, software-based security remains vulnerable to certain types of attack. If a device can be accessed, it may be possible to clone the device or alter its behavior by loading malware. This can allow unauthorized users to take control of the device and carry out various activities such as passing information to hostile parties, or to disable the device altogether. Replay attacks pose another type of threat, by intercepting poorly secured password exchanges between a client and host, and re-using the password to gain access to the network.

Hardware root of trust

Cloning or infecting devices with rogue code is difficult to prevent effectively using software-based security alone. In the PC world, personal users, and particularly enterprises, have been vulnerable to these types of attacks, which are directed at a very low level so that software security measures are often unable to detect them. An example is bootkit malware, which corrupts the boot-up sequence causing the device to load and run hostile code. This kind of attack cannot be prevented using higher-level software-based security.

The concept of Trusted Computing emerged to deal with these below-software security threats to PC-based equipment. The Trusted Computing Group has developed a number of specifications aimed at preventing cloning or corrupting of individual computers in a network. One of these is the Trusted Platform Module (TPM), which is implemented in a standalone secure microcontroller or can be integrated within devices such as memories.

The TPM has a number of functions, including pre-boot authentication, which can prevent an unauthorized user from booting the machine with a bootable disk that allows the machine to be hacked. The TPM also supports software-based security such as hard-drive encryption by verifying the integrity of the platform at boot-up and providing secure storage for encryption keys.

By providing the means to verify that a platform will behave as it should, the TPM helps establish a hardware root of trust. To achieve this, the TPM performs measurements on system firmware, software and configuration data before execution begins, and compares the measurements with expected values stored securely on the chip. The software or firmware is allowed to run only if the respective sets of values match. If a mismatch is detected, the system may roll back the module in question to a last-known good state.

Protection by hashing

Measured system values and other secret data such as encryption keys are stored securely on the TPM by hashing. The TPM performs a cryptographic hash function on the measured data, or message, which generates a result, otherwise known as the digest, of fixed length. This digest is then stored and compared with the known correct digest already stored in memory. This nature of the cryptographic hash function makes it practically impossible to generate a digest of a given value, or to modify a message without altering its digest. This effectively prevents tampering or unauthorized replacement of software, even at very low levels in the stack, such as the system BIOS. In addition, the TPM is resistant to brute-force attacks during pre-boot authentication.

A TPM, like the Infineon SLB9635 security controller for PC applications, connects to the main processing subsystem via a Low Pin-Count (LPC) interface. Internally, the TPM is a microcontroller with functions such as a Random Number Generator (RNG) and cryptographic coprocessor running alongside the main CPU, which enable the device to execute a cryptographic hash algorithm such as SHA-1 at high speed. The TPM can also generate cryptographic signatures such as RSA signatures very quickly. These digital signatures allow the system to authenticate the sender of a received message. Figure 1 shows the internal functions of the Atmel AT97SC3204, which is a TPM similar to the Infineon SLB9635. Both of these devices implement version 1.2 of the Trusted Computing Group TPM specification.

Figure 1: Functional blocks of a typical TPM for PC-security applications, showing LPC interface for connecting to the PC.

Trusted computing for embedded systems

The trusted computing principles embodied in these TPMs are also accessible for embedded systems such as low-power, resource-constrained IoT devices. The Atmel AT97SC3204T is a variant of the AT97SC3204 that provides a two-wire I2C connection to the host processing system. Compared to the LPC interface, I2C is more commonly featured in embedded microcontrollers, and requires fewer I/O pins.

For handheld devices or other applications where space is at a premium, the Atmel ATSHA204A provides client and host security capabilities in a tiny 3-pin SOT23 package with a single-wire interface to the host. This device provides the key storage and hash algorithm execution functionality of a TPM, and supports standard challenge-response interactions with the host controller. The command set allows various uses including validating the authenticity of software, firmware, or replaceable system components such as daughter cards. Other possible uses include encrypting code images to prevent alteration, exchanging session keys, secure data storage, and checking user passwords. In the most basic operation, the host issues a challenge and a Message Authentication Code (MAC) command requesting the ATSHA204A to hash the challenge and send back the digest. The ATSHA204A integrates a high-quality 256-bit Random-Number Generator (RNG) and SHA-256 algorithm implemented in hardware to perform the calculations. The device also has physical security features including built-in shielding over the device, internal memory protection, glitch protection and voltage-tamper detection. The logic clock and logic supply voltages are generated internally, and cannot be accessed directly via external pins.

The Maxim DS5002FP secure microprocessor offers an alternative approach. This device integrates encryption logic alongside the host processor used to run the application code. This device prevents observation and analysis by loading program memory via its serial port and encrypting the program in real time prior to storing it in SRAM. Unencrypted information only exists inside the processor chip when decrypted. This ensures that the contents of the RAM and the execution of the software appear unintelligible to the outside observer. This device uses a proprietary encryption algorithm based on a 64-bit key, and provides additional security features including a self-destruct input that can be used with external tamper-detection circuitry.


The IoT is growing quickly, bringing devices such as smart meters, smart homes, wearable electronics and a host of other applications to the attention of businesses, governments, the general public, and hackers. Basic security flaws have been identified in some systems, which could carry serious risks for consumers and for operators such as utility companies.

Hardware-based solutions developed to secure computers connected to the Internet of People can also be used to overcome the challenges facing IoT applications, and are quickly adapting to meet the needs of resource-constrained embedded systems.