STSAFE-A1SX : the SIGFOX Secure Element Protecting Devices Inside and Out

Internet of Things, Our products, Security, Smart Things Leave a Comment

The STSAFE-A1SX is the first secure element from ST for IoT devices relying on the Sigfox™ protocol. As the Internet of Things is increasingly nicknamed the “Internet of Threats”, any network vying for market domination must provide robust, and modern, security measures to protect its data from hackers and failures. Sigfox is a Low Power Wide Area Network (LPWAN) that is gaining a lot of traction in cities all over the world. Its narrowband communication greatly reduces noise, which means simpler base stations, and cheaper infrastructure. As a result, a transceiver like ST’s S2-LP can last 10 years on a single battery, and companies can more easily create and deploy solutions that take advantage of the network, like the products we have seen from Wi6Labs.

End-to-End Encryption

The Sigfox standard has many built-in and flexible protection features to ensure that device makers and application developers can find the right balance between usability, performance, and security. In this blog post, we purposely omit the security measures used to protect the Sigfox cloud and applications, to focus on those used by the devices themselves, which would be the ones to benefit from the STSAFE-A1SX. To know more about all the other security measures, please watch the video below.

In a Sigfox network, each IoT device stores a unique ID, a Network Authentication Key (NAK), and an Encryption Key (Ke), the last two being secret, and 128 bits in length. Each message sent by a device or the cloud contains a unique signature generated using the Encryption Key. This signature authenticates the sender, and to make sure there are no copies or duplications possible, the system inserts it in a sequence of numbers. Furthermore, the protocol sends each message at three random times and on three different frequencies. As a result, a hacker won’t know when and where to sniff to intercept a message. Furthermore, as there are no exchanges of keys, no handshake, and no standard payloads, since the application designer formats them, capturing a message would most likely result in an unreadable and useless content.

STSAFE-A1SX : Hardware and Software Protection

The only theoretical weakness in this system comes from the fact that a hacker gaining a physical access to a device could steal the keys. This is where a secure element comes into play, because this dedicated component stores them to ensure that they remain out of reach, even if a device falls in the wrong hands. For instance, the STSAFE-A1SX has been designed to prevent side-channel attacks, a method that relies on the analysis of the components’ behavior to access or replicate some of its features. For instance, someone could do a power analysis on an unprotected component to determine the binary composition of an RSA Key. However, ST’s years of experience in manufacturing secure elements like the ST33TPHF means that the STSAFE-A1SX is so well protected against these attacks, it is certified EAL5+ Common Criteria.

ST’s secure element also includes its own operating system used for authentication and data management. Not only does it prevent an intrusion in the event of a breach in the main operating system, it also guards against logical and physical attacks. A dedicated operating system means the keys never have to leave the secure element, and all applications executed on the STSAFE-A1SX comply with the strictest security requirements. Finally, ST has added the ability to setup an encrypted channel of communication between the secure element and the host MCU using an I2C line, and AES–128 encryption. This ensures that even someone with a physical access to the device can’t launch a man-in-the-middle attack by trying to intercept communication to and from the STSAFE chip.

Encrypting Messages

The STSAFE-A1SX in a SO8N package (Click to enlarge)

Sigfox leaves companies the choice to encrypt the content of their messages, offering unmatched flexibility. In cases where content is trivial, like the measurements of an outdoor thermometer, encrypting the information brings very little value to the manufacturer and the user. However, for devices dealing with sensitive information, the STSAFE-A1SX offers the ability to encrypt payloads before they are sent, or decrypt those from the cloud, using a crypto-core optimized for AES–128.

Engineers can more quickly take advantage of all these features thanks to a series of tools and software designed to facilitate the integration of the secure element in the final design. Furthermore, its ability to work in extreme operating temperatures (–40ºC to 105ºC), and keep data in memory for 30 years at 25ºC, means it will be able to integrate the vast majority of applications, no matter how harsh the environment. The STSAFE-A1SX will enter production in May 2017 and be available in 4 mm x 5 mm SO8N packaging, or in 2 mm x 3 mm UFDFPN8.

To know more about the STSAFE-A1SX, please visit ST’s website.