Application Note How to combat Counterfeiting using VaultIC100 TPR0503AX
TPR0503AX Application Note How to combat Counterfeiting using VaultIC100 2 TPR0503AX – VIC – 11Feb11 VaultIC100 Table of Contents Introduction .............................................................................................5 1 2 3 Fraud, Counterfeiting and Cloning .......................................................5 1.1 Risks to Health ...............................................................................................5 1.2 What is the scale of counterfeiting? ................................................................6 VaultIC100 as an anti-cloning solution ................................................9 2.1 Overview .........................................................................................................9 2.2 How does it work? ........................................................................................10 2.3 What advantages does the VaultIC100 provide over competing solutions? 12 2.4 FIPS 140-2 Product Profile ...........................................................................12 2.5 Starter Kit and support ..................................................................................14 Conclusion ...........................................................................................14 Reference List .......................................................................................15 TPR0503AX – VIC – 11Feb11 Revision History....................................................................................16 VaultIC100 3 4 TPR0503AX – VIC – 11Feb11 VaultIC100 Introduction Counterfeiting is the «second scourge of the XXIth century after terrorism», said Michel Danet, secretary of the WCO (World Customs Organization) [R1] in 2006. Besides the economic impact due to counterfeiting, it also carries health risks when it concerns drugs. No country or sector of activity is spared from counterfeiting : it is everywhere, although the purchaser of the goods is often unaware. 1. Fraud, Counterfeiting and Cloning «A counterfeit is an imitation, usually one that is made with the intent of fraudulently passing it off as genuine. Counterfeit products are often produced with the intent to take advantage of the established worth of the imitated product.» (Wikipedia). Counterfeiting and cloning (or imitation) is then fraud and liable to fines and even imprisonment. But it does not prevent counterfeiters becoming more numerous, and more intrusive: In the past, the most frequently counterfeited products were luxury items such as perfumes or fine leathers. Nowadays, we can find this practice everywhere, even in everyday articles such as clothes, shavers, soaps, toothpastes and drugs that may pose health risks. Examples of cloned products (batteries and IPhone®) shashinki.com Figure 1-1. FAKE www.mis-asia.com/ ORIGINAL ORIGINAL FAKE Counterfeiting also impacts semiconductors and high-tech goods (DVD, battery, ink cartridge...). The theft of valuable Intellectual Property is also involved in counterfeiting. Due to this growing phenomenon, governments are taking actions, such as the U.S.A. by editing a «2010 Joint Strategic Plan on Intellectual Property Enforcement»[R2]. TPR0503AX – VIC – 20Jan11 1.1 Risks to Health Toothpaste with dangerous amounts of diethylene glycol (a chemical used in brake fluid), auto parts of unknown quality that play critical roles in securing passengers and suspect semiconductors used in life-saving defibrillators are examples of counterfeit products that can pause serious health risks, not to mention counterfeit drugs sold on the Internet or in African markets. VaultIC100 5 Drugs being sold in a market source: www.rfi.fr Figure 1-2. From a study made by the american laboratory Pfizer in march 2010, 21% of Europeans, or 1 European in 5, have bought drugs without prescription from illicit sources. This study also reminds us that these fake drugs «can contain noxious ingredients such as rat poison, boric acid and paint containing lead 8,9», that can have fatal consequences. 1.2 What is the scale of counterfeiting? Due to its underground and clandestine nature, counterfeiting is very difficult to measure. Except for customs seizures, no precise numbers are available however estimates show that this phenomenon is increasing: according to PriceMinister (first French platform of e-commerce), the number of brands becoming victims of counterfeiting is rising: +69% from 2007 to 2008. Counterfeiting concerns mainly high-tech goods: +170% in 2008 (mainly smartphones, software, MP3 readers and memory cards), "only" +13% for fashion items such as clothes, fine leathers, perfume... Regarding drugs, the Pfizer laboratories 2010 estimate puts the loss of profit for the drug companies at around 10 billion euros. 6 VaultIC100 TPR0503AX – VIC – 20Jan11 In April 2010, the report "Impact of counterfeiting seen by companies in France” [R3] has been delivered by the French Manufacturers Association (UniFab) to the French minister of economy to help against counterfeiting. This report states that counterfeiting costs the G20 countries more than 100 billion of dollars per year (70 billion of tax loss, 20 billion to fight against criminal networks and 14.5 billion for costs related to deceases assigned to counterfeiting). In France, the direct loss in turnover of French companies due to counterfeiting is estimated at 6 billion euros per year. Figure 1-3. Sevenfold increase in seizures in 10 years Millions of items seized at the borders of the European Union source : UniFab According to the World Customs Organization, the counterfeit market has risen from $5.5 billion in 1982 to over $500 billion in 2005, equivalent to about 7% of world trade, but that proportion could be much higher because many domestic markets have not yet been identified. The best estimate puts the real figure at around 10% of world trade. The field of electronics alone totals between 100 and 200 billion dollars, for a global market which is around a trillion. The pharmaceutical sector and counterfeit drugs reached 10% worldwide (one drug in 10 sold in the world is a fake), and between 25 and 60% in developing countries. Finally, in the computer industry, over a third of software in use is pirated. A study (2007) realised by Pricewaterhouse Coopers who canvassed 5400 companies in 40 different countries revealed that counterfeiting has cost more than 1.9 billion between 2005 and 2007 [R4]. The loss in the USA is estimated to be between 200 and 250 billion dollars per year (according to IACC [R5]). Worse still, in the present context, the negative impact of counterfeiting is "particularly significant" in terms of innovation, but also jobs for companies. The European Union estimates that counterfeiting removes 100,000 jobs per year. According to Microsoft, "a 10% decline in the rate of software piracy would benefit the entire industry by creating 36,000 new jobs in France and almost 864 000 worldwide”. TPR0503AX – VIC – 20Jan11 As previously mentionned the electronic market is the main target: the main brands copied in 2008 are Apple® (+328% from 2007), Microsoft® (+295%) and Nintendo® (+133%). VaultIC100 7 Figure 1-4. Apple Ipod copied T I E headset connector F R E control panel T N U CO random read linear read on / off source: www.base2.ch source: www.macplus.net Electronic accessories, batteries, chargers, printer ink cartridges form a large portion of counterfeited products. To combat this fraud, the manufacturers of ink cartridges use increasingly complex technology, such as holograms or RFID tags. Figure 1-5. Hologram on HP ink cartridge 8 VaultIC100 TPR0503AX – VIC – 20Jan11 source: www.hp.com Another low cost technique and much more efficient since it is very difficult to reproduce, is to authenticate the consumable (an ink cartridge, a battery, a game accessory...) to the host element (the printer, the smartphone, the game console...). To do this, the ink cartridge, for example, implements a secure microcontroller embedding a specific firmware which allows a strong authentication between the printer and the consumable. The VaultIC100 (or ATVaultIC100) exactly fits this application. 2. VaultIC100 as an anti-cloning solution The VaultIC100 is one member of the VaultIC™ Family of products. These are secure microcontrollers which embed a complete firmware dedicated to IP protection, anti-cloning and countering Identity theft. This firmware uses a variety of cryptographic mechanisms such as digital signature generation/verification, on-chip public key-pair generation, message digest, random number generation and private key encryption to provide a number of protection and authentication capabilities. Note 2.1 For more information, please contact your local INSIDE Secure sales office or [email protected]. Overview TPR0503AX – VIC – 20Jan11 Based on banking and smart cards product hardware, the VaultIC100 is a turnkey solution for people who want to add security in their system at low cost and without any software development. The VaultIC100 is the smallest of the VaultIC Family in terms of die and memory sizes. Embedding 1.5KBytes of file system for secure data storage (keys, certificates, user data...), the VaultIC100 features authentication with asymetric cryptography (Elliptic Curves), digital signature generation/verification and public key-pair generation, all using standards such as FIPS-196 and ANSI X9.62. The following diagram shows the architecture of the VaultIC100. VaultIC100 9 Figure 2-1. VaultIC100 block diagram Application Interface Security Domain (Security Policies, Access Controls, Role Management) Firmware Platform Crypto services (Key Gen, signature...) Crypto Library (ECDSA) Application management & Data Storage Administration Services (File System) (Key Management) Communication Stack Memory Management (I2C + 1-wire) VaultIC100 Hardware RNG Hardware Platform Public Key Crypto Engine Hardware Security EEPROM RISC CPU RAM 1-wire (software) / I²C (software) Power Management I/Os Device 2.2 How does it work? The host (a printer for instance) sends a challenge to a device (battery, ink cartridge...) embedding the VaultIC100 to check if it is an authorized device. The VaultIC100 responds by sending back the ECDSA signature of the challenge, so that the host can perform the signature verification and then decide whether to authenticate the device (see Figure 2-3). The first concept of a PKI is the Certification Authority (CA). The CA confirms who the owner of the private key corresponding to the public key is and fixes the correspondence between both. The CA issues and controls a so-called "electronic certificate" as the authorization of this correspondence. In particular, set up as an organization with responsibility for checking the certification of the key holder with the CA. The Registration Authority (RA) verifies the identity of the key holder in a face-to-face manner (the RA might or might not be separate from the CA). 10 VaultIC100 TPR0503AX – VIC – 20Jan11 Beyond this simple but robust mechanism of security, VaultIC100 can also be used in a more complex but also more secure architecture: a Public Key Infrastructure (PKI). The main advantage of the PKI is the ease of access and distribution of keys. As the second key concept in PKI, a Validation Authority (VA) is set. The VA is a body for checking the legality of electronic certificates; namely, whether a certificate is valid and whether that certificate was issued by a trustworthy CA. Since the PKI is a system to prevent spoofing, the procedure that checks the validity of the electronic certificate is said to be the most important among the PKI operations. Figure 2-2. Public Key Infrastructure diagram Source : Wikipedia In short, a PKI is essentially a means of distributing public keys in a secure way. In the printer example, the public key and its certificate can either be embedded in the printer or can be stored in the VaultIC100 and retrieved by the printer. The private key is protected in the VaultIC100. The advantage of the PKI here is that the host (printer) has no secret to keep. Figure 2-3. VaultIC100 in the printer example TPR0503AX – VIC – 20Jan11 Non Secure Software in Host! Public Key only Genuine ? Genuine ! VaultIC100 Challenge Private Key is protected by VaultIC100 Response 11 In brief, VaultIC100 features the following: • Strong challenge-response authentication (FIPS 196) • Digital signature generation/verification (ECDSA, ANSI X9.62 over GF2N) • On-chip public key-pair generation (ANSI X9.62 ECDSA key pair generator) • Certificate X509 storage • Secure Hash SHA-256 (FIPS 180-3) • Deterministic Random Number Generator (DRNG, NIST SP 800-90) And more: • Dedicated hardware for security including active shield, environmental monitors and protection against SPA/DPA/SEMA/DEMA attacks • Strong Authentication (Manufacturer/User) and Password used for chip administration operations • Secure Data Storage in Static File System • I2C and OWI (One Wire Interface) communication interfaces • Low Power and Small Form Factor Package 2.3 What advantages does the VaultIC100 provide over competing solutions? Targeted for the PC world, a Trusted Platform Module (TPM) is not well adapted for small parts such as consumables. Usually TPMs are used in applications such as disk encryption, software licences or digital rights management. Even if their future may concern the embedded market, TPMs remains too expensive for companies that wish to add security in their low cost mass market products. The VaultIC100 is a very low cost solution which has added advantages of low power consumption and a small footprint: it is available in very small packages such as DFN6 (2mm x 3mm) with a very low pin count. The Key management can also be freely customized and is not as stringent as on TPMs. Another main advantage of the VaultIC100 is its capability to use various elliptic curves up to 303 bits including FIPS recommended curves B233, K233, B283 and K283, thanks to its hardware Advanced Crypto Accelerator µAd-X™. Compared to similar solutions such as Crypto Memory, the VaultIC100 is based on cryptographics standards rather than unproven implementations which may not provide adequate strength. Also, it is designed for FIPS 140-2 Security Level 3 compliance, including enhanced physical security and identity-based authentication. 2.4 FIPS 140-2 Product Profile According to FIPS 140-2, a Cryptographic Module is: «... a set of hardware, software, firmware or combination thereof that implements crypographic FIPS 140 Publication Series is issued by the National Institute of Standards and Technology (NIST). This U.S. Government computer security standard defines the Security Requirements for Cryptographic Modules which include both hardware and software components. FIPS 140-2 [R6] is a standard for protection of valuable and sensitive but unclassified information. It integrates and implements existing security standards such as ANSI X9, Secure Hash 12 VaultIC100 TPR0503AX – VIC – 20Jan11 logic or processes». Standards and Digital Signature Standard. FIPS 140-2 defines four levels of increasing security, from ’Level 1’ to ’Level 4’. FIPS 140-2 requires the use of FIPS-Approved cryptographic algorithms. In addition, the module may support other Non-Approved cryptographic algorithms, which is the case of VaultIC100. Additional FIPS 140-2 requirements for Security Level 3 are: • Ports and interfaces: Data ports for unprotected critical security parameters physically separated or logically separated and using a trusted path. • Authentication: Identity-based operator authentication • Physical Security: Tamper detection and response for covers and doors • Key Management: Secret and private keys established using manual methods shall be entered or output encrypted or with split-knowledge procedures • Design assurance: High-level language implementation In order to receive FIPS 140-2 certification, Inside Secure had submitted the VaultIC100 to an independent lab for testing (see figure below). Contrary to other solutions coming from competitors, VaultIC100 is fully certified FIPS 140-2 Security Level 3 (2011 version). Figure 2-4. FIPS 140-2 certification process flow TPR0503AX – VIC – 20Jan11 source: NIST VaultIC100 13 2.5 Starter Kit and support To help our customers when first using VaultIC products, a Starter Kit is available for each member of the family which includes samples, documentation, boards and software components. These kits allow easy and fast evaluation of VaultIC, without any software development. Some demonstration software is also provided in these kits. Figure 2-5. VaultIC 100 Starter Kit What's in the Starter Kit? - VaultIC Samples with one dedicated test socket - One generic USB to I2C adaptor - One USB Cable - One CD-ROM What's in the CD-ROM? - Support documentation set (Getting Started, Applications Notes...) - Demonstrations to get an insight into the VaultIC features - VaultIC Manager Tool to personalize the VaultIC file system - Hardware independant cryptographic API (with source code) Note The VaultIC Starter kit or samples require a Non Disclosure Agreement signed with Inside Secure and an Export License due to cryptographic modules. For more information, please contact your local INSIDE Secure sales office or [email protected]. 3. Conclusion Due to the increasing cost of counterfeiting for high-tech goods and consumables, industry is ready to add security mechanisms to their products, but at low cost. The VaultIC100, with a low pin count, an easy customization and a very low power consumption, has negligible cost compared to the derived benefits. Moreover PKI and use of standards make it reliable and easy to implement. 14 VaultIC100 TPR0503AX – VIC – 20Jan11 INSIDE Secure has chosen the most stringent standard for data protection and cryptographic functions, and accepts the discipline required by FIPS-140 to certify its VaultIC100. Reference List [R1] [R2] [R3] [R4] [R5] TPR0503AX – VIC – 11Feb11 [R6] VaultIC100 WCO or OMD: World Customs Organization or Organisation Mondiale des Douanes. http://www.wcoomd.org/home.htm Report "2010 Joint Strategic Plan on Intellectual Property Enforcement”. http://www.whitehouse.gov/sites/default/files/omb/assets/intellectualproperty/intellectualproperty_strategic_plan.pdf Report "The Impact of counterfeiting seen by companies in France” http://www.unifab.com/downloads/RAPPORTUNIFABavril2010.pdf Pricewaterhouse Coopers, Economic crime : people, culture and controls, the 4th biennial global economic crime survey, 2007. http://www.pwc.com/extweb/pwcpublications.nsf/docid/ 1E0890149345149E8525737000705AF1 IACC, The thruth about counterfeiting. http://www.iacc.org/counterfeiting/counterfeiting.php FIPS PUB 140-2. Security requirements for Cryptographic Modules. May 2001. 15 Revision History Document Details Title: How to combat Counterfeiting using VaultIC100 Literature Number: TPR0503AX Date: 11Feb11 • Revsion A : 16 VaultIC100 TPR0503AX – VIC – 11Feb11 – First Release TPR0503AX – VIC – 11Feb11 VaultIC100 17 Headquarters Product Contact INSIDE Secure 41, Parc Club du Golf 13586 Aix-en-Provence Cedex 3 France Tel: +33 (0)4-42-39-63-00 Fax: +33 (0)4-42-39-63-19 Web Site www.insidesecure.com Technical Support [email protected] Sales Contact [email protected] Disclaimer: All products are sold subject to INSIDE Secure Terms & Conditions of Sale and the provisions of any agreements made between INSIDE Secure and the Customer. In ordering a product covered by this document the Customer agrees to be bound by those Terms & Conditions and agreements and nothing contained in this document constitutes or forms part of a contract (with the exception of the contents of this Notice). A copy of INSIDE Secure’ Terms & Conditions of Sale is available on request. Export of any INSIDE Secure product outside of the EU may require an export Licence. The information in this document is provided in connection with INSIDE Secure products. No license, express or implied, by estoppel or otherwise, to any intellectual property right is granted by this document or in connection with the sale of INSIDE Secure products. EXCEPT AS SET FORTH IN INSIDE SECURE’S TERMS AND CONDITIONS OF SALE, INSIDE SECURE OR ITS SUPPLIERS OR LICENSORS ASSUME NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS, IMPLIED OR STATUTORY WARRANTY RELATING TO ITS PRODUCTS INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. IN NO EVENT SHALL INSIDE SECURE BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, SPECIAL OR INCIDENTAL DAMAGES (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, LOSS OF REVENUE, BUSINESS INTERRUPTION, LOSS OF GOODWILL, OR LOSS OF INFORMATION OR DATA) NOTWITHSTANDING THE THEORY OF LIABILITY UNDER WHICH SAID DAMAGES ARE SOUGHT, INCLUDING BUT NOT LIMITED TO CONTRACT, TORT (INCLUDING NEGLIGENCE), PRODUCTS LIABILITY, STRICT LIABILITY, STATUTORY LIABILITY OR OTHERWISE, EVEN IF INSIDE SECURE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. INSIDE Secure makes no representations or warranties with respect to the accuracy or completeness of the contents of this document and reserves the right to make changes to specifications and product descriptions at any time without notice. INSIDE Secure does not make any commitment to update the information contained herein. INSIDE Secure advises its customers to obtain the latest version of device data sheets to verify, before placing orders, that the information being relied upon by the customer is current. INSIDE Secure products are not intended, authorized, or warranted for use as critical components in life support devices, systems or applications, unless a specific written agreement pertaining to such intended use is executed between the manufacturer and INSIDE Secure. Life support devices, systems or applications are devices, systems or applications that (a) are intended for surgical implant to the body or (b) support or sustain life, and which defect or failure to perform can be reasonably expected to result in an injury to the user. A critical component is any component of a life support device, system or application which failure to perform can be reasonably expected to cause the failure of the life support device, system or application, or to affect its safety or effectiveness. The security of any system in which the product is used will depend on the system’s security as a whole. Where security or cryptography features are mentioned in this document this refers to features which are intended to increase the security of the product under normal use and in normal circumstances. © INSIDE Secure 2011. All Rights Reserved. INSIDE Secure ®, INSIDE Secure logo and combinations thereof, and others are registered trademarks or tradenames of INSIDE Secure or its subsidiaries. Other terms and product names may be trademarks of others. TPR0503AX – VIC – 11Feb11
© Copyright 2024