True Random Secure Authentication for Debug Port
Publication Date: 2019-Jan-29
The IP.com Prior Art Database
Debug port in a system-on-chip(SoC) is usually kept in conditional open mode where access for debugging is granted based on challenge-response pair (CRP) authentication. Adversaries use various kinds of attacks such as machine learning based modelling-attack, side channel attack, dictionary attack, replay attack on the device, to steal the CRPs. If the CRPs are compromised to hackers, the device secrets will be at risk. The paper proposes a true random number-based challenge-response authentication protocol, where a true random challenge value encrypted with asymmetric and symmetric keys (e.g RSA/AES) are being exchange among secure server and board (SoC) and remote debugger. Asymmetric keys are generated dynamically in each debug session by the secure server. This proposed hardware-software-based methodology is a robust CR mechanism and this CRP will not be breakable using any kind of attacks.