Design A Microcontroller With Security In Mind

There are many parts to building a secure networked device, and the entire industry is still learning how to do it right. Resources are especially constrained for low-cost microcontroller devices. Would it be easier to build more secure devices if microcontrollers had security hardware built-in? That is the investigation of Project Sopris by Microsoft Research.

The researchers customized theĀ MediaTek MT7687, a chip roughly comparable to the hacker darling ESP32. The most significant addition was a security subsystem. It performs tasks notoriously difficult to do correctly in software, such as random number generation and security key storage. It forms the core of what they called the “hardware-based secure root of trust.”

Doing these tasks in a security-specific module solves many problems. If a key is not stored in memory, a memory dump can’t compromise what isn’t there. Performing encryption/decryption in task-specific hardware makes it more difficult to execute successful side-channel attacks against them. Keeping things small keeps the cost down and also eases verifying correctness of the code.

But the security module can also be viewed from a less-favorable perspective. Its description resembles a scaled-down version of the Trusted Platform Module. As a self-contained module running its own code, it resembles the Intel Management Engine, which is currently under close scrutiny.

Will we welcome Project Sopris as a time-saving toolkit for building secure networked devices? Or will we become suspicious of hidden vulnerabilities? The researchers could open-source their work to ease these concerns, but value of their work will ultimately depend on the fast-moving field of networked device security.

Do you know of other efforts to add hardware-assisted security to microcontrollers? Comment below or let us know via the tip line!

[via Wired]

Image of Mount Sopris, namesake of the project, by [Hogs555] (CC-BY 4.0)

 

Instant Inkjet Circuits With Silver Nanoparticle Ink

Researchers at the University of Tokyo, Georgia Tech and a team from Microsoft Research have developed a low-cost method of printing circuits using an ordinary inkjet printer using a technique called Instant Inkjet Circuits.

The hack is quite literally as simple as injecting a refillable printer cartridge with a commercially available Silver Nano-particle Ink. This allows the printing of circuits onto many different flexible substrates including paper, transparent film, or basically anything you can fit in the printer. Typically if the medium is designed for printing it will work. Some exceptions to this include canvas cloth, magnetic sheets, and transfer sheets.

The researchers chose a Brother inkjet printer because they typically have nozzles that eject higher volumes of ink than other printers. The exact model they used was the Brother DCP-J140w. To maximize ink deposition, all cartridges are filled with the ink, and printed using photo mode where the C M and Y cartridges are simultaneously used to create black. No special software is required to print.

The full article is well worth the read and shows many examples of the different applications this could be used for — including instant prototyping using nothing but scotch tape.

If anyone can source some of this ink and try it out we would love to hear from you! Those that can’t may want to give the old inkjet/laser toner etch resist trick a try.

[via Power Electronics]