Author:
Xavier Bignalet, product marketing manager of the Secure Product Group business unit, Microchip Technology
Date
08/29/2022
PDF
Click image to enlarge
Figure 1: Secure provisioning is mandated by the Qi 1.3 standard
Qi inductive charging took a while to catch on because the emergence of the new technologies was hindered by opposing approaches. So, while Qi was first released in 2010 it took another five years before it emerged as preeminent. Since then, the Wireless Power Consortium has made significant enhancements to Qi, but it wasn’t until early 2021 did the consortium add a protocol making it possible for manufacturers of Qi-enabled devices to verify the identity of chargers and their adherence to the Qi specification. This capability is arguably the most important new feature in Qi 3.1 because it can weed out chargers that can damage or even destroy the products their charging.
Specifically, the Qi 1.3 specification requires charger manufacturers to include public key infrastructure (PKI) called “Product Unit Certificates” that must be embedded in wireless chargers to allow them to authenticate with smartphones
The key function is embedded since it refers to the most robust means of providing authentication yet foundational— secure elements that are constituting a vault next to a microcontroller that stores critical information separately from a device’s main processor (Fig. 1). It makes it extremely difficult to bypass security mechanisms and uses its own dedicated and independent processing power and memory rather than any shared resources.
Secure elements are not new and have been used in applications ranging from IoT, credit cards, payment systems and cryptocurrency trading. For example, near-field communications (NFC), now extensively used for smart payments has relied on secure elements since 2009, and nearly every smartphone since 2019 has integrated secure elements, so the addition of this technology to wireless charging hasn’t come a moment too soon.
How It Works
The authentication process is complex, but it takes place behind the scenes without human intervention in less than a second. The phone is the receiver, which sits on the charger referred to as the transmitter in the specification. Qi 1.3 mandates a one-way authentication, meaning the transmitter must cryptographically prove to the cell phone that it is a trusted and recognized as a safe member of the WPC ecosystem (Fig. 2).
Click image to enlarge
Figure 2: One-way authentication via CryptoAuthLib
If not authenticated, the phone either rejects the charge entirely or more typically limits the charging power accepted to 5W instead of 15W, resulting in a slow charge. As most smartphones run several applications at once, the result will be a poor user experience that can negatively impact the charger manufacturer’s reputation.
To be achieved effectively, secure authentication must also involve a secure manufacturing flow and combined with a process that results in a Secure Storage Subsystem (SSS), commonly called a secure key storage device or secure elements. Qi 1.3 uses one-way authentication from the charger to the phone, during which the charger must cryptographically prove to the phone that it can be trusted. If authentication fails, the phone has two options: it can reduce the charge level from the maximum of 15W to 5W or reject the charger.
Digging more deeply into the process, the phone will request a certificate and signature from the charger to verify that it is a WPC-certified product with a private key and sign a challenge issued by the phone proving knowledge of a secret without ever compromising it. The Qi 1.3 standard mandates that the private key is stored and protected by a certified SSS. Both the Elliptic Curve Digital Signature Algorithm and private key must be within the same physical secure boundary to ensure a trusted authentication.
The SSS must prove its robustness to protect cryptographic keys based on the Joint Interpretation Library (JIL) vulnerability scoring system, first introduced in the mid 2000s to improve the efficiency and security of smart cards, which is now a robust benchmark for many other applications requiring security. It focuses on evaluating the storage strength of the secure element to a specific JIL level that is scored by performance in five areas:
• How much time is required to break the algorithm
• What level of skills must an attacker possess
• What knowledge of the target of evaluation (TOE) is required to achieve a successful attack. (The TOE is in this case the charger)
• The difficulty required to obtain samples of the TOE and how many are needed
• What type of equipment is needed for a successful attack.
Before the charger can be offered for sale, other steps are required that protect the level of trust when the charger is manufactured, with the goal of removing exposure to the private keys. To create a chain of trust all private keys must be in a hardware secure module (HSM) at manufacturing sites or SSS in the charger. It is then necessary to determine how they are generated, stored and chained together. This is achieved through what the WPC calls a key ceremony. After completion, a chain of trust is now cryptographically established without exposure to external contract manufacturers or third parties. As a result, trust is created between WPC, the phone and the charger, which means the WPC can trust the phone and vice versa.
The Certification Ecosystem
The certification process can be daunting for everyone involved, from manufacturers of microcontrollers to the chargers themselves, as a chain of trust requires participation from each one. To remedy this, Microchip was the part of the first companies to combine all elements of this process to help designers develop products without the daunting task of having to rely on multiple sources. The company’s approach, called the Trust Platform, offers onboarding of the company’s secure elements to accelerate time to market.
Microchip is a WPC-licensed manufacturing Certificate Authority that offers pre-configured secure storage subsystem solutions that reduce complexity and development time. It also reduces the technical barrier of entry by handling the entire key ceremony with the WPC root certificate authority. It acts as a complete certified reference design including application MCU, Qi 1.3 software stack, secure storage subsystems with supporting crypto library along with provisioning services for both automotive and consumer applications.
The Trust Platform is a family of pre-configured or fully customizable secure elements. Credentials are generated inside each secure element’s boundary by leveraging the company’s Hardware Secure Modules (HSMs) that are installed in Microchip’s factories. The devices also come with hardware and software development tools to make prototyping easy and fast track development.
Summary
All this may seem a bit over the top for a seemingly mundane device such as a charger, but the marketplace is filled with hundreds of different chargers, and until Qi 1.3 there has never been an effective way to validate whether they are quality products or just junk that could not only damage the target device (the smartphone) or initiate even worse outcomes. For example, if the charger is installed in a vehicle, improper operation can affect not just the smartphone but some portion of the vehicle itself. This level of security has been long in coming, but it will benefit everyone involved, and especially the consumer.
