Impressum:

Wake, Mancy A. / Hibernack, Dorothy / Lullaby, Lucas:

Manufacturer / Publisher / Printing:

BoD Books on Demand GmbH, Norderstedt - http://www.bod.de

© 2020 Mancy A. Wake / Dorothy Hibernack / Lucas Lullaby

More bibliographic info under: www.dnb.de

Structure:

1. Historic development of Cryptographic Chips: From Enigma to Ecolex and AroFlex
2. Transformation of Cryptography influences Secure Embedded Systems in a Network
3. The Echo Protocol: Networking Encrypting Devices
4. Hardware Architecture
   • 4.1 Cryptographic Conversions on Secure Embedded Systems
   • 4.2 Example: NitroKey
   • 4.3 Example: Arduino & Raspberry Pi
   • 4.4 Defining the architectural Design of Echo on a Chip (EoC)
5. Hardware Echo-Chip - Part # I - Encryption and Decryption Processes on a Trusted Execution Environment
   • 5.1 Communication Methods Zone: TCP-Disconnected Communication Methods via Protocol-Change, e.g. Bluetooth or UDP
   • 5.2 McEliece Key & Algorithm Zone
   • 5.3 Public Key Infrastructure Zone for Decryption & Encryption
   • 5.4 Cascading / Multi-Encryption
   • 5.5 Local Private Application Interfaces
6. Hardware Echo-Chip - Part # II - Meshing the Flood: Implementing Routing and Graph Theory into Hardware
   • 6.1 Congestion Control Zone
   • 6.2 Local Broadcast Manager & Listener Broadcasting Zone
   • 6.3 Neighbors Zone
7. Hardware Echo-Chip - Part # III - Key Servers & Ozone Postbox Functionalities
   • 7.1 Congestion Control Zone
   • 7.2 Database or Memory Containers Zone
   • 7.3 Neighbors Zone
   • 7.4 Discovery via Cryptography
   • 7.5 Ozone Address / PostBox Zone
   • 7.6 Private Public-Key Server & Private Servers Zone
8. Conclusions for contextual risk cases with research and development requirements
   • 8.1 Risk Case: From ToTok to TikTok
   • 8.2 Risk Case: Android @ Huawei
   • 8.3 Risk Case: Virus-Scanner Kasperspky et al.
   • 8.4 Risk Case: BIOS Firmware
   • 8.5 Risk Case: 5G Telecommunication-Chips
   • 8.6 Risk Case: Closed Source Operating System Windows
   • 8.7 Risk Case: Closed Internet Networks like #RUNET
9. The Secure Architecture Model (SAM) extends and integrates the OSI-Model
10. Literature
11. Didactical Questions

ABSTRACT: Going the Extra Mile - Security through Separation

Based on the historical development of so-called Crypto-Chips, the current transformation of cryptography shows numerous changes, innovations and new process designs in the field of cryptography, which also need to be integrated in a hardware design of microprocessors and microcontrollers for a secure embedded system.

Single-board computers like Raspberry Pi or Arduino and also devices with cryptographic functions such as the NitroKey and others allow developers to create their design architectures accordingly.

Using the example of the encrypting Echo protocol, a design of a hardware architecture based on three chips with cryptographic functions corresponding to the protocol is described.

The central echo chip # 1 represents a "Trusted Execution Environment" (TEE), which is not connected to the Internet for the conversion processes from plaintext to ciphertext and is supposed to remain quasi original, to prevent software injections or possible uploads of copies of the plaintext.

The export and transport of the encrypted Echo capsules can then be regulated using other ways, methods and protocols than TCP. The same applies to deciphering the packets to be delivered.

The two other chips then take over predominantly routing, respective forwarding and further server functions.

The technical specifications of the three microprocessors for the individual functions of Echo and encryption are described in detail.

The established paradigm of separation is recognized as a security feature and discussed as a perception for a next generation of micro-controllers in the field of mobile messaging under the technical term "Going the Extra Mile". Going the Extra Mile means using your own platform or hardware that is separate from the network for the conversion from plaintext to ciphertext and vice versa.

This security architecture is then discussed in the context of seven different current risk cases with the consolidated result that the well-known OSI (Open Systems Interconnection) model can be expanded to a thirteen-stage model: This essay introduces the basis of the Secure Architecture Model, abbreviated SAM, that integrates the previous OSI model and builds on it to examine the further effects and further research needs for a department of cryptography and its related disciplines, in particular the Secure Embedded Systems and as well other areas.

1 Historic development of Cryptographic Chips: From Enigma to Ecolex and AroFlex

In the past, cryptographic micro-controllers had primarily these functions since their first development in the mid-1970s (e.g. by Philips Usfa Crypto) - roughly in line with the spread of asymmetric encryption of a public key infrastructure (PKI):

• to carry out the encryption with the aid of a computer with a dedicated computing machine
• to offer the process to dedicated customers such as military or individual governments
• to convert ciphertext faster or more adapted to possibly more complex algorithms of the respective era
• respective to relate it in particular to the encryption of speech
• or to operate different channels in parallel –
• and above all: to include an uninfluenced, hardware-supported number generator.

Previously, the development of the Crypto-Chips was based on symmetrical encryption, just as Philips started with a one-time tape (OTT) called ECOLEX in 1956 (Philips Usfa 1982).

The Crypto-Chips digitized the previously mechanical encryption processes in an electronic processor, e.g. of the Enigma machines that have been developed by Chiffriermaschinen AG since the mid-1920s.

In the architectures, several chips were often chained one after the other in order to map cryptographic routines, for example to implement a stream cipher: Eight such chips were e.g. connected in the AroFlex machine. They were also called "crypto hearts" (Kraan 1986).

Likewise, a lot has been technically adapted over the years to make the chips more contemporary in their hardware, for example in the case of the transistors, or to adapt them to the general chip development. Today, single-board computers such as Raspberry Pi or Arduino and others are available and programmable for everyone.

The security of the uses of these “embedded systems” remains to be assessed and designed according to modern processes and standards of cryptography.

Other crypto machines that also used microprocessors, such as those from Crypto AG, were manipulated.

The Secret Service Coup of the Century first went public in 2020: The CIA and the German BND had bought the Swiss Crypto AG in 1970 under cover behind trustees. The hardware produced had been manipulated in order to be able to intercept governments from more than 100 countries that were customers of Crypto AG (Miller et al. 2020).

Hence, the development of secure embedded systems remains a hot topic for cryptography in the face of these disclosed historical developments.

2 Transformation of Cryptography influences Secure Embedded Systems in a Network

The more recent developments in cryptography in the 21st century are not only one-sided towards future quantum cryptography (PQCrypto 2019, Zimmermann 2019), but are already showing today fundamental changes in numerous existing processes:

It starts with multi-encryption, goes via Instant Perfect Forward Secrecy (IPFS) with end-to-end encryption with Cryptographic Calling, the adaptation of cryptographic protocols as through Fiasco Forwarding, in which up to a dozen keys out of a pool are used to decode a message.

It continues to solve the key transport problem with Secret Streams and Juggerknaut keys to a volatile and Exponential Encryption.

In their book "Transformation of Cryptography", the authors Linda Bertram and Gunther van Dooble (2019) have, for example, compiled over two dozen of these changes and innovative concepts that are currently influencing cryptography and whose transformation characterizes them: One can currently speak of a “Transformation of Cryptography”.

The transformation is therefore not just about the step into cryptography that is resistant to the fast computing operations of quantum computers, for example by exchanging the RSA algorithm with algorithms such as NTRU or McEliece (ibid 1978), but also about numerous development steps, which are emerging in multiple, also process-oriented ways, such as multi-encryption and new Internet protocols such as the Echo protocol (Gasakis / Schmidt 2018), which combines multi-encryption with aspects of graph theory.

Why shouldn't the newer cryptographic innovations also be included in the design of hardware, micro-controllers and embedded systems with their integrated and increasingly cryptographic processes?

Thanks to fast computing power, the cryptographic “chips” are faster than ever and also more mobile than ever.

With the smartphones, we hold small computers in our hands or in our pockets, which used to encompass several kilos or entire cupboards.

It is no longer just about becoming faster, smaller, more mobile, more trustworthy and more secure, but the software and hardware processes of a modern crypto-chip architecture are also to be adapted to the new requirements in accordance with the current Transformation of Cryptography.

Transferred to the hardware of Crypto-Chips and such secure embedded systems, the following potentials and questions can arise within this background:

• How can "Hearts" – Crypto-Chips – be linked with one another, also mobile and / or remotely, or at least communicate securely?

• Will we soon have Crypto-Chips that can form a mesh or map defined routes in the sense of graph theory?
• How can hardware machines then automatically create and manage new neighbors and their encryption keys?
• Different Crypto-Chips could refer to different algorithms: e.g. if multi-encryption of ciphertext of one algorithm is repeated with another, different algorithm?
• Why shouldn't a Crypto-Chip take on the task of a packet check as we know it from a router or deep packet inspection (König 2013), filtering out duplicates and double packets, checking signatures or cryptographic tokens or the hash values provided?
• Or why shouldn't another chip dedicated as a Trusted Execution Environment take over the encryption and decryption processes (conversion) without the plaintext having to go through further layers at the application, keyboard driver or operating system level?

Driven by increasing digitization and the growing number of devices in the Internet of Things (IoT), we are currently experiencing great demand for such secure hardware-based solutions for machine to machine (M2M) authentication, cryptography and data typing, data protection, data forwarding and data storage.

The change in cryptography as well as the demand of the market, especially for example in the networking of technical household appliances, places the topic of secure embedded systems in the central focus of modern research and teaching.

The German Central Association for the Electrical and Electronics Industries (ZVEI - Zentralverband Elektrotechnik und Elektronikindustrie) even created a "National Roadmap Embedded Systems" (2016), of which the first and priority strategy is "seamless interaction", which would be unthinkable today without cryptography in the area of secure embedded systems.

Thomas Wollinger et. al. already predicted at the “Embedded World - Exhibition and Conference” in 2003: “Thus, it is our view that designing and implementing efficient cryptographic algorithms on embedded systems will continue to be an active research area.”

Around 20 years later, with the Internet of Things, the fact that chips communicate with chips securely - washing machine to tablet like Alexa Echo-Dot to Alexa Echo-Dot - is virtually pandemic.

A publication by the IEEE by Pádraig Flood and Michael Schukat estimated "50 billion Internet-enabled devices" for 2020. A new Business Insider Intelligence study predicts even that the IoT market will grow 2025 to “more than 64 billion IoT devices” (Newman 2019).