Security features in i.MX6UL3 SODIMM SOM

BANGALORE, India - Dec. 12, 2016 - PRLog -- iWave Systems being one of the early adaptors of i.MX6UL, supports compact, cost effective i.MX6UL3 applications processor based SOM with Linux board support package. The BSP is added with various security features such as Tamper detection, High assurance boot (HAB) and Crypto engine (Differential Power Analysis- DPA with DES algorithm.

Secure Non Volatile Storage(SNVS) logic block in the iMX 6UL3 incorporates tamper detection logic. There are two types of tamper detection's supported called as external and internal.

External Tamper Detection is a special mechanism provided through a chip pin to signal when the device encounters unauthorized opening or tampering. Inside the chip, the received signal is compared with the desired signal level, once unequal, tamper event is found. When the desired signal is fixed, it is called passive tamper; when the desired signal level is also toggling with time, it is called active tamper. The chip supports at most 10 passive tamper detection pins, or 5 active tamper pairs alternatively.

Active tamper is used to detect tampering of an on chip wire mesh. There are 5 active tamper output ports and 10 external tamper inputs. Any combination of active tamper output can be configured to any one of the 10 external tamper inputs in iMX6UL3 CPU.

The internal tamper detection supports voltage, temperature and clock monitors as well.

The voltage Monitor, monitors the Out of Range Battery Voltage. The allowed battery voltage is from 2.5V (low-trip point) to 3.5V (high-trip point). Hysteresis is 100mV for each trip-point. Tamper will be detected when Voltage Monitor generates "Out of Range Voltage" violation.

Temperature Monitor has the temperature low trip-point spec at -30°C and high trip-point spec at 115°C. Hysteresis is 5°C for each trip-point. Tamper will be detected when Temperature Monitor generates "Out of Range Temperature" violation.

Differential Power Analysis (DPA) with DES algorithm:

DPA is securing a cryptographic algorithm that makes use of a secret key. It encrypts and decrypts the text using DES algorithm. If there is any mismatch between encrypted and decrypted text, it will display the error message.

The basic differential power analysis attack described here relies on two properties of the DES encryption. The first is the fact that the individual DES S-box outputs produce sensitive data that can be correlated to the power information recorded from the target device. The second fact is that each DES S-box input uses only 6 bits of the 48-bit sub key used for that round, which is low enough that they may be exhaustively searched to the highest correlation.

The purpose (http://www.iwavesystems.com/) of the attack implemented is to retrieve the first round subkey used. Once enough of this subkey is determined, the full key used in the DES encryption can be found by exhaustive search method.