Will this number-generation innovation hack off the hackers?

Year 2016 was billed by many industry observers as the year of the hacker and its certainly true that cyber criminals enjoyed bumper profits.

The list of hacking examples is long. Here’s a couple. In the United Kingdom, Tesco’s bank was infiltrated and nearly 9000 customer accounts were relieved of almost £2.5million. In another case international hackers were able to use a very lucrative software program that emptied ATMs across 14 European countries.

So what will 2017 bring in the way of technology that will truly hinder the hackers? Obviously it is something that thousands of electronics companies are working on and a key area of security development will be at the semiconductor level.

This is important because it’s all too easy for consumers to feel that the chips in their electronic products are secure. But the harsh fact is many can easily shed data and cyber thieves are particularly adept at discovering default passwords.

IoT proliferation

In addition to that area of security threat, 2017 will see the irrepressible proliferation of the Internet of Things (IoT) where web-enabled sensors will be widely employed in consumer and industrial products. And the question here is just how secure will they be? The answer in some cases is not very. One of the problems here is that integrating new and increasingly sophisticated hack-proof security into chip-level components costs money and consumers are notoriously cost conscious, as are retailers who have to be very price competitive.

38 Billion Devices

However, the insecurity implications of the IoT cannot be exaggerated because the number of connected devices, sensors and actuators is expected to be approximately 38 billion by 2020. A situation that must have hackers rubbing their hands in glee.

Add to those concerns the electronics industry typical reaction to hacking related security issues is to generate and implement product fixes after the crime has been committed and you have a situation where it’s the hackers “tails” that are wagging the industry “dog.”

However, one item of news that will possibly help change some of that comes from the Universidad Industrial de Santander in Columbia. The team there has developed a security building block for the Open-V microprocessor with a fully open True Random Number Generator (TRNG) peripheral.

Vulnerable algorithms

This is important because if a crypto algorithm’s random number generator (RNG) is biased or predictable the algorithm is vulnerable to attack. A TRNG is a RNG that produces bits based on a random physical process.

This is in contrast to a pseudo-random number generator that generates bits based on a secret key which if hacked would allow prediction of all the bits generated.

There is no doubt this Open-V development can help strengthen hardware security. Its security building block can generate up to 400,000 random bits/sec and needs a mere 0.01mm2 of die space. The team behind this development believes by open-sourcing the Open-V specs, schematics and RTL it will safeguard systems from future attacks.

Hopefully this optimism is well founded because as we know cyber criminals take a pernicious delight in breaking down new and challenging security barriers.