Board ID – REA Sales Training
Document for Internal Use only
June 2010
Renesas Electronics America Inc.
N. Ramatchandirane, Secure MCU
Date: 06/21/2010
Rev. 0.00
© 2010 Renesas Electronics America Inc. All rights reserved.
00000-A
Agenda
 Introduction (Security IC market)
 Use cases (Anti-Cloning, Usage Control, Secure Tracking, IP
protection..)
 Details on Renesas solution
 Customer / prospect list / promotion campaigns with Avnet
 Q&A
2
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
REA Support Organization
Ali Sebt / VP
< C & I BU >
Peter Carbone / Sr. Director, MCU Product Marketing
Bill Hood
/ Sr. Director, Sales
Brian Davis / Director, Segment Marketing
Jun Ueda / Director, Security Product Marketing
(Denis Pochet)
Nadaradjane Ramatchandirane / Sr. Marketing Mgr
Business Development, Design-win support, Tactical marketing
Shotaro Saito / Staff Application Engineer
Reference designs, FAE & customer support,
Engineering Group : Shumpei Kawasaki/ Sr. Director
Murthy Vedula
Security OS, Software
Operation : Masanori Nakano, Mio Arakawa (ROM release, P.O. handling)
REL-Japan: MCU BU – Secure MCU BU (GM: Kenichi Ishibashi, Deputy GM: Kenichi Takahira)
3
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Renesas in the Secure MCU market
General
Promotion
* Under development
Selected OEM support only
RS4 Series
RS4X Series*
AE56U
AE5 Series
NFC Series*
N Series
• Embedded
interface (I2C)
• Small package
AE4 Series
AE41R
M to M
Authentication
Contact
Smart Card
Contactless
Smart Card
USB Secure
Token
Embedded
Banking, ID card
Banking card
Enterprise
4
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
NFC
Mobile Phone
Renesas in the Secure IC market
3 B milestone
Renesas History of Security IC
M to M
Authentication
Contactless Card
SIM
ETC SAM
GSM, 3G SIM Card
Banking Card (Visa, MasterCard, Debit card)
1980
1990
2000
2009
2010
ETC SAM : Electric Toll Collection Secure Authentication Module
M to M : Machine to Machine
5
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Hacks can affect almost any product
POOR SECURITY
=
HIGH RISK
6
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
www.HackADay.com
The Big Bad Wolf
Business risks:









7
Liability
Service Level Agreement
Revenue loss
Unfair competition
Increased costs of operations
License and brand protection
Credibility with partners and customers
Security breaches
Device effectiveness
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Levels of security
Software security
BAD
Memory chip
security
Almost as BAD
Keys NOT protected
CPU intensive (can be
OK for PKI comp. by the host)
(encryption alone is
NOT security)
Outdated key
lengths
(like a ‘2 digits’
PIN code)
We bring proven Web user authentication
technology to Embedded Systems
8
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Board ID
SECURE
Strong crypto
Tamper proof
PKI for Embedded
Systems
Avnet VAS
Low Cost Security Solutions
 Maxim 1-wire Secure EEPROM
– 1Kb
– SHA-1
 Atmel CryptoAuthentication
– SHA-256, authentication only
 Atmel CryptoMemory
– 1Kb to 256Kb
– Proprietary 64bit symmetrical keys
9
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Algorithms for Security
 SHA-1 / SHA-256
 Simple message digest
 Not “true” encryption
– Mostly used for digital signature signing
 SHA-1 retired from use by US government
 Symmetrical Cryptography
 Proprietary, DES, 3DES, AES
– 64, 128, 256bit keys
 Symmetrical keys used on both sides
– Keys must be handled with the highest security
– Sharing of common keys can lead to compromise
– Any key compromise affects every unit
 Asymmetrical Cryptography
 RSA, ECC
 1024, 2048, 4096 bit keys
 Uses public / private key pairs
– Private keys are all different
– Compromise of a single key only affects a single unit
 Can be more complex to implement
10
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Case Study
 Background:
 Large, well known camera manufacturer
 Battery Cloning Issues
– Direct Revenue Loss
– Warranty Issues
– LiIon Battery Safety Issues
 Solution
 Low cost SHA-1 based security device
 Result
 Camera firmware hacked to obtain keys
 Low cost microcontroller used to imitate security device
 Cloned batteries available within 3 months
11
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Characteristics of a Secure Solution
 Must be based on strong cryptography
 Must provide for secure key storage
 Must provide a defense against physical attacks




Physical attack on bare die
Voltage
Frequency
Temperature
 Must include a secure supply chain
 Key generation / provisioning
 Device Programming
12
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Board ID use examples
I2C
13
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Case 1: Anti-Cloning
 Business case
 Implementation example
 Renesas solution with Board ID
14
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Board ID Example – Anti-Clone System
Counterfeited
routers
Router main board
Main CPU
I2C
Security key storage
15
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Plug-in
router card
modules
Board ID
Chips
Case 2: Anti-cloning, Usage control
 Business case
 Implementation example
 Renesas solution with Board ID
16
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Board ID Example – Usage Control
Medical probe(s)
Medical Device unit
and probe(s)
Unalterable Usage Control info
processed by the Security chip
Doctor prescribes Treatment
(usage of probes)
 Security IC in the probe enforces the usage
prescribed (no overuse / misuse possible)
Board ID chip
Main Unit
Peripheral unit
(disposable)
Board ID
chip
Main
CPU
17
I2C
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Case 3: Secure Tracking, IP protection
 Business case
 Implementation example
 Renesas solution with Board ID
18
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Board ID Example – Protect Licensing Model
Medical system
vendor
$
Approved
Partner Co
Main Unit
accessory unit
Board ID chip
I2C
Main
CPU
19
Accessory
MCU
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Details on Renesas solution
 Secure MCU
 Firmware and Security application
 Demo kit and reference software
 A complete solution with Avnet
 Key management and provisioning services
20
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Conventional MCU or memory chip vs. Board ID chip
These are only few examples: many more advanced security features are implemented in the Board ID chip
Conventional MCU or memory chip
Board ID
Current consumption is
scrambled by internal
noise generator
Attacker can read
data by monitoring
current consumption
data cannot be extracted
by current monitoring
Chip is protected with:
Attacker can capture
data by probing
metal patterns
“active” metal shield to
prevent data capture
randomized layout
Chip spec
Frequency
21
Attacker can read
data under
abnormal
operating
conditions
Boundary of normal operation
Voltage
Voltage
Boundary of normal operation
On chip detectors
works
Chip spec
Frequency
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
On chip detectors
force to stop
operation under
abnormal conditions
Board ID 1.0 Specs summary
Hardware Specification
P/N: R5H30211NB03NQ03
Operating Voltage
1.8V - 3.3V
Clock Speed
6MHz with internal oscillator
Communication interface
I2C (100kHz)
Operating Temperature
- 20°C to +75°C
WTR option (please consult with us)
Package
QFN20 (4.2mm x 4.2mm)
Software Specification
22
Authentication Algorithm
PKI (RSA 1024 / 2048 bits)
Anti-Cloning
PKI (Certificate and signature verification)
Usage Control
Limit counter (1 to 4, 294, 967, 295 times)
Secure Tracking
4 bytes (32bits) of condition value
IP Protection
4 bytes (32bits) of condition value
Secure Storage
64 bytes X 8 pages (512bytes total)
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
The Solution
23
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Avnet: A Secure Supply Chain for Secure Products
A complete one-stop-shop solution from Avnet
1- Devices are manufactured in secure Renesas facility and locked.
2- User data provided to Avnet, user keys and X509 certificates are generated by Avnet’s secure servers,
3- Devices are programmed and locked in Avnet’s secure programming center, every chip unique.
4- After programming devices are shipped only to customer or customer approved CM.
5- Entire process is auditable, customer required records produced as needed.
24
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
New Board ID demo kit
YBIDKITSV2
Authenticator (SH7285)
Board ID Device
(R5H30211)
1. Capable to show authentication demo for each use cases (Anti-Cloning,
Usage Control, Secure Tracking and IP Protection )
2. Authentication is done between authenticator (SH7285 MCU) and
Board ID device (R5H30211 with firmware version 1.0)
3. Authenticator software is provided as Board ID Security Stack (BSS)
for easier porting by customers into their target MCU/MPU.
4. Low cost, MSRP: $149, MP available, in stock
25
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Board ID Strengths
1- Unmatched web user like authentication
2- Built with proven PKI technology and standards
3- Strong authentication solution ideal for a high growth market: devices
connected to the internet
4- COMPLETE, UNIQUE SOLUTION DEPLOYABLE NOW. Avnet will:
- Provide full quotation including VAS
- Handle NDA, Educate, and Support customer
- Provide a unique product and logistics service (One stop shop)
5- Top companies have selected Renesas Secure MCU product to build the
authentication solution in their system.
Current shipment: several M units / month (same product family as Board ID)
26
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Customer / prospect list / promotion with Avnet
27
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Board ID Status - Promotion activities -
Feb
User’s
Manual
update
Document
Tools
Proto ready
REA
Sales/FAE
training
Sales training
REA
Promotion
Avnet
Promotion
Joint
Promotion
Road Map
28
Mar
Apr
Datasheet
update
-Sales
training
-Press
release
Jun
Jul
S/W update for
BID 2.0
FAE training
Sales Training
ESC Chicago
Alliance
Partners
Recruitme
nt
-Tech
Review
Article
-Flyers
Aug
Sep
Oct.
UM Update for
BID 2.0
100 units
in stock
• at Chandler, AZ
• Avnet can support
key and certificates
pair generation
Programming
/ Key
generation
ready
May
Article on
Embedded
Computing
Design
Programming
update to BID
2.0
- White
paper
MDM event in NY
Avnet webinar on
Security
BID 2.0
Evaluation
BID 2.0
Sampling
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
• Use case presentation
• Development tools lab
• Partner presentation
• Demo
Integration of Board ID 2.0
samples in Rx promotion
board to leverage Rx
campaign.
DevCon
2010
(10/12)
Avnet
course and
Board ID 2.0 Update at Avnet Prog. center booth at
DevCon
Avnet
Branch
visits
Medical
device
Caravan
BID 2.0
MP ship
Board ID Target customers
Segment
Use Cases Example
Target Customers
Networking /
Server
Anti-Cloning, Secure Tracking,
Key storage
Ex.) Need to ensure only approved
components are accepted
Brocade, Nortel, Ericsson, IBM,
HP, Intel
Bigfoot Net.: Production started
5~10K units/Mo
Metering /
Smart Grid
Network access (Identification +
Authentication)
Ex.) Microsoft .net Micro solution
approach for Smart Grid
Elster, Landis &Gyr, Echelon,
Austin International, Sensus, GE
IUSA: proposal sent, TAM
300Kunits/y Microsoft, Google
Consumer
Electronics
Anti-Cloning, Access Control
Ex.) Need to ensure that only
approved (licensed) companies’
products can work on system
Motorola (via Telicos): cancelled
Whirlpool, GE
Direct TV, Kingston
Enterprise –
Financial
services Industrial
Network access (Identification +
Authentication)
Need to perform a very secure
authentication
Pitney Bowes, Otis, HID,
Medical
devices
Anti-Cloning + Usage Control
Need to protect business model and
enforce medical safety policy (repeat
sale of peripheral units).
Zeltiq: Production starts from
2010
GE Medical, Welch Allyn, Philips,
Boston Scientific
29
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
OEM customer / prospect status for Security IC
Accounts
Regions
Level of interest
comments
Cisco
West
MP
M2M authentication
Apple
West
MP
M2M authentication
Juniper
West
MP
M2M authentication
Arista Networks
West
MP (low volume)
M2M authentication
RSA
North East
MP
Secure token for Enterprise
IBM
IBM
US
US /Europe
MP
Recent RFP – ‘token’ oppty unclear
Secure MCU (sec. module)
To follow up
RIM
Canada
High
Battery auth. Very low price
Kingston
West
High
Feasibility / Devt phase
Microsoft (Smart Energy)
North West
Medium / High
Ref design under discussion
EMC
North East
Inquiry only
More visits needed
Motorola
Chicago
Inquiry (at ESC)
To follow up
Whirlpool
Michigan
Inquiry only – Contact-less
To follow up
HP, Dell, Lenovo
US
Very low (for Secure IC)
To follow up
Palo Alto Networks
West
Inquiry only
LOST (Weak auth. sol.)
ActivIdentity
West / Europe
Inquiry for opportunity with US govt
In discussion
Force 10, Brocade
West
No activity
To follow up
Intel
West
No activity
To follow up
Scientific Atlanta, Web TV
US
No activity
To follow up
Meter comp. / Smart Grid:
GE, IUSA
US / Mexico
Inquiry only
To follow up
30
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Promotion campaigns with Avnet (summer 2010)
1- Campaign targeting medical device manufacturers, customers of Avnet.
- Led by Nick Lukianov (Avnet manager in charge of the medical segment) and his
team of account managers
- Promotion material (flyer, ppt) produced by REA and Avnetized by Nick
- Campaign to start in July/August 2010 (details to be defined by Avnet)
- MDM event in NY (June 8-10)
2- Regional caravan with 6-8 Avnet regions targeting top customers (not
limited to the medical segments).
- New webinar and training to be done by Avnet to Avnet FAEs (end June 2010)
- Campaign to be rolled out in August/September (coordination by Steve Ryan)
 REA Mktg to update Sales / FAEs as soon as Avnet plans are finalized
31
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
What is available now
 Board ID kit with complete software (stock in Avnet)
 Board ID 1.0 product (under MP)
 Full documentation (from REA and from Avnet):
 Without NDA: flyers, data sheet, brochures, info online (REA
site – section Board ID)
 Sales documentation (new Board ID page on sales Reps site)
 With NDA: User manuals (Board ID chip, Board ID Kit), demo
kit and related documentation and software
 Avnet programming services
 Key/cert generation
 Production of samples (first articles)
 Support services on kit, Board ID chip and MP ramp up
 Training material (ppt):
 Sales, FAE (on P drive)
 New training course ‘Board ID overview’ on Renesas Interactive
 Support from REA mktg and Avnet technical team
32
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Board ID product, tools and programming services
are now ready for deployment.
We look forward to supporting an aggressive promotion effort by
REA Sales and FAEs and Avnet teams!
33
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Q and A
34
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Response
What are the services provided by Avnet to
Board ID customers?
1- Logistics support as a Franchised distributor of the
product and the Board ID demo kit
2- PKI programming services including key/cert generation
3- Technical assistance to:
a- define the programming scheme,
b- help authentication code porting (MCU code)
35
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Response
How to obtain more information,
Board ID samples and demo kit?
Please contact:
1- Avnet as a Franchised distributor of the product and the
Board ID demo kit will provide support on the Board ID
solution.
2- REA website: america.renesas.com/boardid and
Avnet site: logistics.avnet.com
3- REA and Avnet Sales and FAE teams
36
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Response
What are the benefits of Board ID solution
compared with Software security?
Software: CPU intensive, key NOT protected, (can be OK
to compute PKI on the host side)
Board ID:
Complete authentication,
External to MCU with key totally protected,
Strong PKI crypto
37
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Response
What are the differences of a Crypto
memory Solution compared with a
Board ID solution for a customer?
Crypto memory: inexpensive, NOT protected, weak (out dated)
key length
Board ID:
Complete authentication with standard based strong PKI crypto
Physical protection
Smart card / Secure IC technology
38
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Question
Are there issues with Export Control?
The Board ID product is designed to meet applicable EC rules
and regulations.
The product can be exported to foreign countries in accordance
with applicable US laws.
The customer must ensure compliance to these laws.
39
© 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY
Renesas Electronics America Inc.
© 2010 Renesas Electronics America Inc. All rights reserved.