ABHED1 is a Hardware based Encryption Device. You would ask what is unique in this? The keyword here is “Hardware”. It is one of the world’s first fully-Hardware based Encryption-Decryption device, no microprocessor core is present in this device, no software which implies no virus, so there is no chance of hacking using the instruction sets etc. Quiet a unique device, right?
Let’s see why there is a need for fully Hardware based security devices:
As per Rob Stubbs “Software is simply not up to the job of protecting highly sensitive or valuable data. Cryptography helps, but it needs high-quality keys that are well protected. Thus, hardware-based security is commonly employed in banking and in particularly vulnerable applications such as credit cards and mobile devices.” - via Fortanix
Especially for Nation’s Defense related activities which carries a highly classified data, Hardware-based security becomes more important. ABHED-1 is being developed by CHIPSPIRIT for this very case under the umbrella of the iDEX scheme by Ministry of Defense for defense related communication.
Have you ever thought of how you might be at a risk of getting hacked? If not, you might be getting hacked already! Beware! As the world encountered the pandemic, the whole geography changed with lockdowns and work from home. With this increasing use of digital devices, hackers have been having a field day. Cyber-attacks-as-a-service has started to gain pace, where hackers can rent the skills, they don’t have. Phishing, eavesdropping and backdoor exploits have been one the most common ways for the hackers to gain access to the sensitive system.
It was reported that China used to deliberately modify motherboards used in most of the servers, to let the hackers eavesdrop on the data. Recently a security flaw was identified in MediaTek chips, which let hackers to eavesdrop on Android users. This could have affected 37% of the world’s smartphones if not detected. There is also the Pegasus spyware havoc in the Indian political space. This spyware could literally obtain any data from the device, be it call logs, messages, WhatsApp chats, photos, browsing history. This could be installed by clicking links or opening apps or even by not doing anything. Even the method of exploiting has evolved, which started with worms and trojans, it has come to advanced viruses, ransomwares which keeps your data as hostage. Using ABHED1, most of these ways of hacking will not even be possible, even if it is possible, it will be a very difficult to get full access of system.
Now one way to deal with this is to use anti-virus or protection software which will not let the hackers exploit your systems. But the problem is that with rapidly evolving viruses, one cannot be sure if the anti-virus can handle the newly evolved virus till the update is done. So, you have another solution in the form of encryption. By using this technique, you can be sure that even if the data gets into the hands of the hackers, they won’t be able to decipher.
Okay, so we can encrypt our data to avoid information leak. Now the question arises, whether it should be implemented in software or hardware. We can build robust and efficient algorithms to encrypt our data using software. But there are vulnerabilities that can capture the encryption keys and can compromise the whole system. An example would be Spectre and Meltdown. For software to run, a microprocessor is required, which executes the instructions/ code. These instructions are queued in front of the CPU. Sometimes this queue is cleared owing to different conditions. When the queue is cleared, the vulnerabilities can insert malicious code into it to access vital data stored in the memories. Spectre and Meltdown affected most of the Intel, AMD and ARM processor, hence majority of the world’s devices were at risk. Here comes ABHED1 to the rescue, as ABHED1 does not have any Core or Microprocessor, attack using instruction set is not even a possibility.
Another example would be the Log4j vulnerability. This is an open-source library widely used by businesses and web portals. There were vulnerabilities found which could let the hackers insert malicious code or run a DoS attack. In the hardware approach, circuits are designed to run the encryption without the need of microprocessors/instructions. Hence most of the vulnerabilities will not affect the system. Abhed1 being a hardware-based encryption device, resolves most of these issues. Hardware security has great applications in the Defense and Finance industry.
A Plain text USB data can be converted into cipher text USB using ABHED1 at a very high bandwidth in a highly secure manner with multiple levels of authentication (With devices that contain PUF). Similarly, we can convert Cipher text USB data into plain text USB data. ABHED1 also supports “Bump-in-the-wire” based Ethernet-1G transfers, so you can send and receive encrypted data through the internet with hardware encryption. It may happen that the hackers may try to forcibly acquire data by prying into the device. No worries! Our device is tamper-proof, meaning the device contextual data will not easily get into the wrong hands. It also has Multi-Factor Authentication which prevents unauthorized access in highly secure manner with challenge-response mechanisms.
Aptly said, Necessity is the mother of invention. The internet that exists today, came into being because the US needed to effectively communicate between the West and the East coast during the war. And the first modern form of encryption was used by the Germans in WW2. They encrypted their radio transmissions so that the enemy couldn’t get information and the British were losing the war when they enlisted Alan Turing to develop a device to break the encryption. This device formed the basis for modern computing devices. Due to the rapidly evolving technologies, it has become imperative to upgrade our defenses and in our era hardware security is the need of the hour.
- https://fortanix.com/blog/2019/09/why-the-world-is-moving-to-hardware-based-security/
- https://www.thehindubusinessline.com/info-tech/beware-2022-may-see-cyber-attacks-evolve-to-new-levels/article38094515.ece
- https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies#skip-to-main-content
- https://tech.hindustantimes.com/tech/news/bug-in-mediatek-chips-could-lead-to-hackers-eavesdropping-on-android-users-71637822411231.html
- https://www.freepressjournal.in/india/pegasus-spyware-controversy-the-story-so-far
- https://www.techrepublic.com/article/spectre-and-meltdown-explained-a-comprehensive-guide-for-professionals/
- https://www.thehindubusinessline.com/info-tech/cyber-security-log4j-vulnerability-issue-explained/article38061525.ece