OPTIGA Trust E evaluation kit

Summary

This summary gives an overview of the cryptographic applications of the microcontroller XMC4500 Relax Kit and the Optiga Trust E with security features.

Infineon development tools - First Steps

Registration at www.infineon.com to find all the important information about the XMC4500 and the Optiga Trist E evaluation kit. We need the following program: DAVE ™ version 4, which is compatible with our kit.

Enclosed the download link

https://www.infineon.com/cms/en/product/microcontroller/32-bit-industrial-microcontroller-based-on-arm-cortex-m/?redirId=53843#!tools

The following data must be filled out in order to load and send the program:

https://infineoncommunity.com/dave-download_ID645

The DAVE ™ package contains the IDE and all required libraries (DAVE ™ APPs, XMC ™ Lib, Device and Board Support Package, and Device Descriptions).

OPTIGA ™ Trust E-Evaluation Kit

The Infineon Technologies OPTIGA ™ Trust E-Evaluation Kit evaluates and demonstrates the OPTIGA ™ Trust B Authentication Device. This kit features a PC plug-in board based on the XMC microcontroller and comes with software that provides the user with an intuitive graphical user interface. The OPTIGA ™ Trust E Evaluation Kit allows the user to try out OPTIGA Trust E applications, including authentication, adding cryptographic certificates, and read / write data. This evaluation kit can either be used to debug the Host Lib code or to demonstrate the key features of the OPTIGA ™ Trust E through the intuitive PC GUI.

The OPTIGA ™ Trust E helps protect services, business models and user experience. This security solution uniquely identifies objects and protects PKI networks based on their one-way authentication mechanism. In addition, the OPTIGA Trust E protects the quality and safety of products.

The OPTIGA Trust E is based on Elliptic Curve Cryptography (ECC) with 256-bit, AES128 and SHA-256. This security technology greatly enhances the security of the entire system. In addition, the OPTIGA Trust E covers a wide range of applications to protect the authentication, security and confidentiality of embedded devices. These include mutual authentication, secure communication, data store protection, lifecycle management, secured updates, and platform integrity protection. The out-of-the-box facility, with full system integration and pre-programmed essentials, reduces design, integration and deployment requirements. As a ready-to-use solution, the OPTIGA Trust E comes with OS, embedded application and full host-side integration support.

Security Features

Cryptographic support: ECC256, AES128, SHA-256, TRNG (TrueRandomNumberGenerator), DRNG (DigitalRandomNumberGenerator)

Characteristics

High-end security controller
Ready to use solution
One-way authentication with ECDSA
Mutual authentication with DTLS client (standard RFC 6347)
Secure communication with DTLS
Compliant with USB Type-C ™ authentication standard
I2C interface
Cryptographic support: ECC256, AES128, SHA-256, TRNG, DRNG
Standard and extended temperature ranges
Complete system integration support
Common Criteria certified EAL6 + (high) hardware
Cryptographic Toolbox based on ECC NIST P256, P384 and SHA256 (register, verify, key generation, ECDH, session key derivation)

Applications

Industrial control and automation
Consumer electronics
Smart Home
Medical equipment

AES - Advanced Encryption Standard

Advanced Encryption Standard, AES for short, is a symmetric encryption method. Since the end of 2001, Rijndeal has been officially standardized as AES in the US by NIST (National Institute of Standards and Technology). It is used for the encryption of documents and communication connections. AES is not patented and therefore freely usable.

Rijndael and AES are block ciphers based on a substitution-permutation network (SPN). The procedure alternates between substitution and permutation at each step. The transformation of the plaintext occurs in several rounds of the same structure. The plaintext is not processed as a whole, but in blocks.

For Rijndael, block length and key length can be independently 128, 160, 192, 224 or 256 bits. For AES, the block length is set to 128 bits and the key size to 128 (10 rounds), 192 (12 rounds), and 256 bits (14 rounds). The AES decryption necessarily requires that the same steps be followed as with encryption. Just in reverse order. It is, in a way, a weakness of AES.

ECC - Elliptic Curve Cryptography

Crypto-systems and methods based on elliptic curves are referred to as ECC methods. ECC procedures have been part of the NIST (National Institute of Standards and Technology) standards since 1999. ECC methods are among the asymmetric encryption methods. The number after the hyphen refers to the key length. Typical applications of ECC are the key exchange and signature procedures. Also, Mozilla Foundation products (including Firefox, Thunderbird) support ECC with min. 256 bit key length.

Roughly speaking, ECC methods are based on operations with pairs of points on certain elliptic curves. Despite the complexity, the mathematics behind the ECC methods has been sufficiently well researched. Most cryptographers recommend ECC methods to be preferred. The use of elliptic curves requires that both communication partners support the same curve. That means you can not just use any curve. It has to be a specific one.

SHA - Secure Hash Algorithm (SHA-1 / SHA-2 / SHA-3)

The Secure Hash Algorithm, SHA for short, and all its versions, are cryptographic hash functions. These are used to calculate a check value for any digital data (messages) and are among other things the basis for creating a digital signature. The check value is used to ensure the integrity of a message. If two messages produce the same check value, the equality of the messages should be guaranteed in their normal discretion, without prejudice to specific attempted manipulation of the messages. That's why we require a cryptographic hash function, the property of collision safety: it should be virtually impossible to create two different messages with the same test value.

SHA was developed by the US secret service NSA on behalf of the US standardization authority NIST. SHA is used in all popular web applications and network protocols. PGP, SSL, IPsec and S / MIME. And of course with different signature methods. For example, for signing certificates. The original SHA is referred to as SHA-1 to distinguish it from its successors SHA-2 and SHA-3. SHA-3 should not replace SHA-2, but is an alternative. Should SHA-2 be broken at some point, you can go to SHA-3.

Objective and results of the project

Our first objective was to test a simple Led blinking program to determine wether our XMC4500 board was working as it is supposed to. To do that we wanted to use the DAVE ™ 4 as it was recommended by Infineon. Therefore, we downloadet the application and installed it according to the Quick installation guide that came with the download. We also updated the Segger JLink. After updating the library and downloading example codes on the Dave application itself, we build the project and tried to connect it to the board. But the microcontroller was not recognized by the program, the JLink couldn't be found. We tried a lot of steps to solve this problem including updating the JLink another time, trying to connect the board directly to the Dave application, trying other example codes etc. Our first move was to try if the application would work on Keil MDK. We were able to let the application run on Keil but we still wanted to find a solution for Dave. We had the idea to try older versions of Dave ™ 4 (Dave ™ 3). So we did the first steps all over again and connected the board with a example application made for Dave ™ 3. This again didn't work. Therefore we also installed an older JLink. And with this the example code could be finally loaded onto the board. At this point we were able to let the Leds toggle. We wanted to see if with these updates Dave ™ 4 would work too. So we tried the Dave ™ 4 example code another time and it worked. At this point we wanted to continue to use Dave ™ 4.

AES: We configured the AES example code that came with the Dave ™ 4 Project Library as it was described on the corresponding Reade-file. Afterwards we activated the debugger to see if the code was working properly. But each time we let the debugger run, the Led would blink only if the initial input & decryption output wouldn't match, and they never did match even if they were supposed to. So we checked our configuration and saw that it wasn't according to the Readme-file. There were a few slip ups. After fixing that, the code worked properly, the initial input was the same as the decryption output, but this time the Led wouldn't toggle. So we had the idea to work with USART & Tera Term to let an output appear that encryption & decryption worked, even though toggling the Led didn't. But this didn't work because Tera Term couldn't find a serial COM-Port. We weren't able to find a solution to this idea of ours, so we dismissed it.

ECC & SHA: There are no example codes distributed from Infineon, but a few C example codes can be found on the internet for the ECDH & SHA algorithms. We tried a few of these codes, but there were a lot of problems that we had to face. Almost all the time the problem was the included library. Either there were some files missing or file coulnd't be found on that path. Another problem was that the code was not compatible with the Dave ™ 4 interface. For each code we tested we tried to solve these problems by trying to modify it so that the code can be run on Dave, or by changing the paths to of the files or adding additional library files to the application. Especially the Optiga Trust X Framework code on Github seemed to be a good choice for cryptographical algorithms for Dave ™ 4. But, again, the problem was to integrate the two branches of the code, develop & master, so that library files were complete. But even though we tried to modify the paths to the files or/and changed the location of these files, the paths couldn't still be found. Our guess is that there are more underlying problems for these errors.

Unpredictable Problems with Dave ™ 4: There is barely any documentation on how to use Dave ™ 4 or solutions to problems on writing code or handling error messages, not even on the Infineon webpage. The example codes just explained how to get the code running but they didn't say what the application is really supposed to do, the user doesn't really know what the input & the output should be or what to do in case of an error.