Transcription of Document Title Extensions - AUTOSAR
1 specification of Secure Hardware ExtensionsAUTOSAR FO R19-11 Document TitleSpecification of Secure HardwareExtensionsDocument OwnerAUTOSARD ocument ResponsibilityAUTOSARD ocument Identification No948 Document StatuspublishedPart of AUTOSAR StandardFoundationPart of Standard ReleaseR19-11 Document Change HistoryDateReleaseChanged byDescription2019-11-28R19-11 AUTOSARR eleaseManagement Initial release1 of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO R19-11 DisclaimerThis work ( specification and/or software implementation) and the material contained init, as released by AUTOSAR , is for the purpose of information only. AUTOSAR and thecompanies that have contributed to it shall not be liable for any use of the material contained in this work is protected by copyright and other types of intel-lectual property rights. The commercial exploitation of the material contained in thiswork requires a license to such intellectual property work may be utilized or reproduced without any modification, in any form or byany means, for informational purposes only.
2 For any other purpose, no part of the workmay be utilized or reproduced, in any form or by any means, without permission inwriting from the work has been developed for automotive applications only. It has neither beendeveloped, nor tested for non-automotive word AUTOSAR and the AUTOSAR logo are registered of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO R19-11 Table of Contents1 Introduction62 Definition of terms and Acronyms and abbreviations .. Definition of terms .. 73 Related Input documents & related standards and norms .. 84 Functional Introduction .. Basic Requirements .. Algorithms .. generation/verification .. function .. derivations .. Data storage .. flags for memory slots .. of memory slots .. keys on boot failure .. keys on debugger activation .. wildcard usage for key updates .. usage determination.
3 Key flag .. memory slots .. <n> .. memory slots .. memory slots .. identification item UID .. of memory slots .. Random number generation .. generation .. generation through a pseudo random numbergenerator (PRNG) .. 233 of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO generation trough a true random number gen-erator (TRNG) .. generation .. the seed .. Status Register .. User-accessible Functions .. : CMD_ENC_ECB .. : CMD_ENC_CBC .. : CMD_DEC_ECB .. : CMD_DEC_CBC .. generation: CMD_GENERATE_MAC .. verification: CMD_VERIFY_MAC .. key update: CMD_LOAD_KEY .. key update: CMD_LOAD_PLAIN_KEY .. key: CMD_EXPORT_RAM_KEY .. Initialize random number generator: CMD_INIT_RNG .. Extend the PRNG seed: CMD_EXTEND_SEED .. Generate random number: CMD_RND .. Bootloaderverification(securebooting):CM D_SECURE_BOOT.
4 Impose sanctions during invalid boot: CMD_BOOT_FAILURE Finish boot verification: CMD_BOOT_OK .. Read status of SHE: CMD_GET_STATUS .. Get identity: CMD_GET_ID .. Cancel function: CMD_CANCEL .. Debugger activation: CMD_DEBUG .. Error Codes .. ERC_NO_DEBUGGING .. ERC_BUSY .. ERC_MEMORY_FAILURE .. ERC_GENERAL_ERROR .. Memory update protocol .. of the memory update protocol .. of the update verification message generation . Secure booting .. Measurement before application start-up .. implementation: extension of the boot code 464 of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO Measurement during application start-up .. Autonomous bootstrap configuration of the secure boot pro-cess .. Sanctions on fail of boot measurement .. Optional: Enforcing authenticated software.
5 Optional: Flow charts .. Failure analysis of SHE/Resetting SHE .. Constants used within SHE .. Examples and Test vectors .. AES-128, ECB mode .. AES-128, CBC mode .. compression function .. derivation .. random generation/Seed generation .. new seed .. new random value .. seed .. Memory update protocol .. Failure analysis of SHE/Resetting SHE .. Overview Tables .. 60A Appendix655 of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO R19-111 IntroductionThis technical report represents a republication under AUTOSAR developmentpartnership ofHISSHE- Functional specification , rev 439specifica-tion. Errata and amendments to this specification are published in of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO R19-112 Definition of terms and Acronyms and abbreviationsAbbreviation / Acronym:Description:HISH ersteller Initiative SoftwareSHES ecurity Hardware ExtensionAESA dvanced Encryption StandardTPMT rusted Platform ModuleCBCC ipher Block ChainingECBE lectronic Code BookMACM essage Authentication CodeCMACC ipher-based Message Authentication CodeIVInitialization VectorUIDU nique IDentification itemTRNGTrue Random Number GeneratorPRNGP seudo Random Number Definition of termsTerms:Description:Term7 of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO R19-113 Related Input documents & related standards and normsReferences[1] NIST.
6 Announcing the Advanced Encryption Standard (AES) [2] NIST Special Publication 800-38A: Recommendation for Block Cipher Modes ofOperation: Methods and [3] NIST Special Publication 800-38B: Recommendation for Block Cipher Modes ofOperation: The CMAC Mode for [4] NIST: Updated CMAC [5] Handbook of Applied [6] NIST Special Publication 800-108: Recommendation for Key Derivation UsingPseudorandom [7] BSI: A proposal for: Functionality classes and evaluation methodology for true(physical)random number generators, Version [8] BSI: Application Notes and Interpretation of the Scheme (AIS) [9] Trusted Computing of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO R19-114 Functional IntroductionThe Secure Hardware Extension (SHE) is an on-chip extension to any given microcon-troller. It is intended to move the control over cryptographic keys from the softwaredomain into the hardware domain and therefore protect those keys from software at-tacks.
7 However, it is not meant to replace highly secure solutions likeTPMchips orsmart cards, no tamper resistance is required by the main goals for the design at hand are Protect cryptographic keys from software attacks Provide an authentic software environment Let the security only depend on the strength of the underlying algorithm and theconfidentiality of the keys Allow for distributed key ownerships Keep the flexibility high and the costs lowBasicallySHEconsists of three building blocks, a storage area to keep the crypto-graphic keys and additional corresponding information, a implementation of a blockcipher (AES) and a control logic connecting the parts to the CPU of the microcontroller,see Figure for a simplified block be implemented in several ways, a finite state machine or a small, dedicated CPU of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO R19-11 Figure : Simplified logical structure of SHEThis Document is intended to provide a detailed description of the technical realizationof SHE which will be complemented by a reference implementation.
8 This documentdoes not contain the motivation for every single requirement and neither does it containconcepts how to useSHEin certain thatSHEwill not solve all security flaws by simply adding it to a has to be supported by the application software and ConventionsIn the following chapters several paragraphs are printed italic. These paragraphs arenot meant as a hard requirement but to provide additional explanation of the the whole Document the term "CPU" denotes the actual microprocessorwhile "microcontroller" is used to describe the hardware complete chip, a CPU andall included peripherals. The term "control logic" refers to the system ( a finite statemachine or a small microprocessor) controlling the algorithms and memories inside operations are written asOUTPUT = OPERATIONMODE,KEY[,IV](INPUT [, INPUT2, ..])10 of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO R19-11 Additionally the following symbols are used to describe the operations: bitwise exclusive or|concatenation of two valuesWhenever interfaces to the CPU are described the internal memory slots of SHE, whichare not exposed to the CPU, are identified by their address.
9 An actual key is generallywritten as KEYKEY_NAME while the identifier of the key is written as values are given in the form , the most significant bit/byte is on sequences given in the form" "128shall mean a string of bits with the value 0 and length of of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO Basic RequirementsSHEhas to be realized as an on-chip peripheral of the nothave any other connections except those explicitly specified within this Document . If ad-ditional resources have to be included to assure proper function during the fabricationof the chip, all ports have to be physically and permanently deactivated if accessibleon external be connected to the CPU in several ways, through a dedicated interfaceor an internal peripheral bus. The interconnection must be implemented in a way thatno other peripheral or an external entity can modify the data transferred between theCPU not need to be fabricated in a special process to increase security nor needany actions to be taken to strengthen the system against physical attacks, etchingthe chip casing open, differential power analysis, glitching : No sophisticated secure hardware mechanisms are required to meet the spec-ification of SHE.
10 However, a manufacturer may of course strengthen the design toprovide a higher security level for higher security to be notified by a status signal whenever internal or external debuggers fordebugging software and hardware are attached and active. Examples for debuggersare JTAG, BDM Document does only describe the technical parts ofSHE. Processes and environ-mental conditions, for inserting keys, are not subject of this of 65 AUTOSAR CONFIDENTIAL Document ID 948: AUTOSAR_TR_SecureHardwareExtensionsSpeci fication of Secure Hardware ExtensionsAUTOSAR FO AlgorithmsAll cryptographic operations ofSHEare processed by anAES-128 [1]. The latency oftheAESmust remain <2us per encryption/decryption of a single block, including thekey , the performance of theAESmust be high enough to allow for a secureboot (see Chapter for details) of 5% of the flash memory, but 32kByte at minimumand 128kByte at maximum, of the microcontroller in < case the flash memory is slower than requested, the flash memory must be thelimiting factor for the secure boot and the limit has to be stated in the Encryption/decryptionFor encryption and decryption of data,SHEhas to support the electronic cipher bookmode (ECB) for processing single blocks of data and the cipher block chaining mode(CBC)