Battery authentication for portable power-supply systems

Battery authentication for portable power-supply systems is a growing trend, in part due to the recent increase in personal injuries related to the improper charge profile of counterfeit rechargeable batteries. The topic of battery authentication deals with digital security and encryption, which is a very specialized field with several pitfalls. While most people want a system that is 100% foolproof, the reality is that security is a tradeoff between cost, complexity, and the value of what is protected. In this case, what is protected is the possibility of the user placing the wrong battery in a portable device, as well as protecting the manufacturer’s brand from being associated with unsafe devices.

CHALLENGE/RESPONSE SYSTEMS
One of the most common ways to authenticate a battery and ensure that it is from a valid source is with a challenge/response system. Challenge/response authentication circuits, also known as Identify Friend or Foe (IFF) circuits, take a variety of forms.

The basic system is implemented in such a way that the host system, such as a phone, Personal Digital Assistant (PDA) or MP3 player, issues a challenge to the battery. After the challenge is received, the token computes a response and transmits the results back to the host system. The direction of the challenge and response can be reversed or even transmitted in both directions. Additionally, either side of the system can randomly transmit the challenge and response at varying times in order to increase the security of the authentication process.

A typical timeline for a basic challenge/response system is shown in Figure 1. Depending upon the implementation, timelines may include additional or different features not shown here, and some of these features may drop out, altogether. After the host processor issues a random challenge, it should wait for a short, fixed period of time for the response. If the valid response is not received within this fixed window of time, then the host must block the token to prevent charging an incompatible battery.

A cryptographic algorithm is used to calculate the response using a unique cryptographic key. There are several algorithms available, and algorithm selection relates back to the point that security is a tradeoff between cost, complexity and the value of what is being protected. It is important to note that even the strongest algorithms are worthless unless the remainder of the system is managed in a secure way. When choosing an algorithm, it is usually best to stay with something that has withstood the test of time, since most people do not have the expertise to develop their own algorithm.

Two small block-cipher algorithms that are available for battery-authentication circuits are the eXtended Tiny Encryption Algorithm (XTEA) and the KEELOQ® algorithm by Microchip Technology Inc. XTEA is a publicly available block cipher that was developed by Roger Needham and David Wheeler in 1997. It uses a 128-bit key and has a 64-bit cipher, and is known for its compact size and simplicity.

The KEELOQ technology is a proprietary algorithm that has been widely used for more than a decade in applications ranging from garage-door openers to Remote Keyless Entry (RKE) systems. The KEELOQ algorithm uses a 64-bit key and has a 32-bit cipher. The KEELOQ technology is even more compact than XTEA, in terms of program memory and RAM requirements, but it does take longer to calculate a response.

In terms of applying these algorithms to battery authentication, the host processor is trained to know which batteries are intended for use by the charging system. The training can occur at the consumer level, where customers are required to take their portable device into authorized dealers so that the end system “learns” its batteries. Additionally, some manufacturers implement solutions into their handsets to validate batteries. This validation procedure is implemented each time the handset loses power. During this timeframe, the phone’s battery may also be “trained” to the handset and charging system. The details of the “learning” scheme will depend on the individual system and how transparent the manufacturer wants to make it to the user. Preferably, every battery should be unique, so that if one battery is compromised or cloned, the whole system is not compromised. This may include “blacklisting” certain numbers to prevent batteries with a specific serial number and cryptographic key from being charged.

AUTHENTICATION EXAMPLE USING A PIC10F MICROCONTROLLER
A good balance of cost-effectiveness, time-to-market and flexibility exists in the form of microcontrollers. By implementing battery-authentication solutions in Flash-based microcontrollers, changes to keys, algorithms and functionality can be made without a hardware redesign. Microcontrollers also allow designers to introduce custom safety-related features into their systems, such as temperature and current monitoring.

Simple circuits, such as that shown in Figure 2, are good starting points for authentication system security. This type of system can use a Pulse-Width Modulation (PWM) or Manchester encoded communication scheme to communicate between the host and the token.

The system in Figure 2 is based upon the 8-bit PIC10F200 microcontroller, on the token side of the circuit. A larger microcontroller, such as a 16-bit PIC24F, can be used on the host side of the system. The token software is written in assembly language, in order to make it fit within the 6-pin PIC10F200 devices. The host system code is written in C to make it portable, since the host controller will vary depending upon the final system. This system is designed using Microchip’s KEELOQ authentication algorithm.

ATTACKING INTEGRATED CIRCUITS
Generally, there are two types of attacks on security chips—non-invasive attacks and invasive attacks. Non-invasive attacks include analyzing and characterizing an integrated circuit, so that the component packaging is kept intact and the semiconductor is exercised through a number of methods. The brute-force technique stimulates the component by providing all known challenges to obtain all known responses for a given component. Other non-invasive attacks include approaches that involve powering the device under test into strange modes that will cause the chip to begin functioning in unusual states, or by attempting to find test modes to gain access to the program memory.

On the other hand, invasive attacks are implemented by removing the packaging of a semiconductor with some chemical or mechanical methodology. The chip is then probed or modified at the silicon level in order to gain access to stored information. Additionally, invasive attacks are implemented by inducing some physical phenomenon onto the device in order to reveal the code within the device, such as changing the configuration fuses, modifying transistor properties, or even reverse engineering the integrated circuit.

KEY MANAGEMENT
The process of creating, storing and using keys for secure systems is at the heart of all secure systems. If attackers gain access to a manufacturer’s key or to the databases containing the encryption keys, then all of the systems for a given product line will be compromised. During the key-generation process, many manufacturers task at least two individuals to generate encryption and decryption keys. The data is entered by each person separately, with no knowledge of the information that is entered by the other people involved, so that no single individual gains access to the entire key combination for the company’s products.

In the system described here, the cryptographic keys are developed so that they are unique to each token’s serial number. In order to do this, the serial number or a random seed value is combined with the manufacturer’s key to generate a cryptographic key. This key is then programmed into the token during production. The host system can generate the key with the same manufacturer key and seed value before performing the authentication.

Systems can utilize multiple manufacturer codes to generate multiple cryptographic keys for any one serial number. With this security measure, the key accessed for the challenge/response process is randomly chosen at the time that the challenge is issued. This increases the complexity of system software, but it also increases the system’s security with minimal non-recurring costs.

CONCLUSION
Battery authentication for portable power-supply systems can be effectively implemented using small microcontrollers in battery packs that communicate with host processors. These types of microcontrollers combine the benefits of a small footprint and flexible upgradeability at low costs. Effective key management and the use of a cryptographic algorithm, such as XTEA or KEELOQ technology, add additional layers of security to authentication circuits and, when combined with the tools previously discussed, enable designers to develop low-cost, highly secure battery- authentication systems.

Click here for Illustrations:

Figure 1

Figure 2