1. Know your risks
Find out what risks are realistic for your system and decide upfront what you care about protecting. For example, if you’re putting virtual private network (VPN) acceleration hardware into your communications processor, you need to think about where the crypto keys are stored when they’re at rest. If the keys are sitting on the system disk unencrypted, is it possible for attackers to get their hands on them? This is a realistic risk you should consider protecting against. On the other hand, are you worrying about organized crime funding massive advances in advanced quantum cryptanalysis technology? If so, you need to put down that triple espresso, take a deep breath, and relax. There’s a tiny possibility of quantum crypto doing practical work someday, but we’re a long way from thinking about it as a risk.
2. Don’t underdesign.
Your brand new, cutting-edge, super-fast, streamlined system-on-a-chip (SoC) is going to be in production for at least five years. Unfortunately, that means it’s going to get old. Don’t let the security feature be the first critical organ to fail and put your product out of commission. When you’re deciding what security features to put in your next chip, you must look at what security systems are doing one level up in your food chain today. Your customers are going to look to you to provide those same features in silicon next. If you look at what’s in your competitors’ chips, you’re already looking at history.
3. Don’t overdesign.
Conversely, you still have a gatecount to consider, and cryptography algorithms are notoriously heavy users of gates. It’s the nature of crypto to perform a huge number of mathematical operations very quickly to lock your data for transit from Toledo to Tokyo. Security seems to be a dark art, so there’s a tendency to believe when people tell you they need a certain performance point. Check deeper. Look at the use cases and ask about software support, CPU load, buffer sizes, overhead, network bandwidth, and so on before determining how fast you really need to go in the security core.
4. Think system, not feature.
The most common mistake in security system implementations comes from forgetting to think like the bad guys. This is one area where the security IP vendors have significant value to offer their customers. The bad guys are smart. They don’t bother attacking crypto algorithms head-on. Instead, the bad guys look for ways around the security, cracks in the armor that the system designers didn’t think about or maybe knew about but considered to be someone else’s implementation problem. For example, security systems always rely on a good source of randomness. What’s your system’s source? Is it possible to force it to a known state by a reset or fault condition? If it’s possible, the bad guys will probably do it.
5. Protect those keys.
You and your customers will sleep a lot better at night if you design a secure key storage mechanism into your architecture from the beginning for handling those critical secrets. You and your team are spending time and money to put security into your next silicon products, and the security is only as good as the secrecy of the keys. Think about the lifecycle of your chip. How is it is created and initialized? How does it handle keys throughout their life? Finally, how does it destroy them when they’re no longer needed? Although it seems simple, the security lifecycle is the most important consideration for a successful security system, and it’s one area where it pays to have expert advice.