for
play

for hardware or embedded security Erik Poll Digital Security - PowerPoint PPT Presentation

Mar 02, 2024 •434 likes •904 views

Attacker Models for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1 Security-sensitive hardware: examples 2 Naive attacker model Attacks on communication channels exploiting lousy crypto or insecure

  1. Attacker Models for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

  2. Security-sensitive hardware: examples 2

  3. Naive attacker model Attacks on communication channels exploiting lousy crypto or insecure protocols Protection by • 1) mathematically strong algorithms and protocols End-points regarded as black boxes • Attacker models: network, Man-in-the-Middle, or Dolev-Yao attacker • The mathematician’s view 3

  4. Improved attacker model Attacks on communication channels or the end-points eg. exploiting software bugs in end-points Protection by • 1) mathematically strong algorithms and protocols, 2) secure software implementations Software engineer’s view 4

  5. Embedded security attacker model Attacks on communication channel or end-points, also exploiting hardware weaknesses of end-points Protection by • 1) mathematically strong algorithms and protocols 2) secure software implementations 3) secure hardware Cryptographic operations are gray boxes that leak some info • Hardware engineer’s view 5 I. Verbauwhede, P. Schaumont

  6. Specific threat for embedded systems Attacker can get physical access 6

  7. Secure algorithms vs secure implementations of algorithms As we’ll see later in this course, an implementation of a ‘secure’ cryptographic primitive ( eg AES, RSA, etc) can be completely insecure on given hardware Therefore 1. Never design your own cryptographic primitives 2. Never make your own implementations of these crypto primitives Maybe the same goes for security protocols using these primitives as well... 7 I. Verbauwhede, P. Schaumont

  8. Brainstorm 8

  9. Brainstorm • Why do we carry so many smartcards around? • What at are the security requirements they ensure? • How w do they ensure these requirements? • Why are they ‘better’ than the alternatives?

  10. Differences? Commonalities? 10

  11. Differences & Commonalities • wrt functionality: – data storage: read and/or write? – processing for and maybe also • wrt security: – confidentiality – integrity/authenticity – access control • by software for and maybe also • or is that functionality? :-) 11

  12. NB problems introduced by cryptography 1. key generation & distribution • how do we generate & distribute keys? 2. key storage • where can we safely store keys? – This is an access control problem 3. en/decryption • who do we trust to perform en/decryption? Smartcards provide a possible solution... 12

  13. Access control vs cryptography • Access control involves • Crypto involves data functionality • Crypto can ensure integrity & • Access control can ensure non-repudiation with MACs integrity, non-repudiation & or digital signatures and confidentiality by preventing confidentiality with read and/or write access encryption • Crypto can secure data that • Access control can only are not under our control , regulate for access to • eg data on network or stored resources under our control on USB stick • Crypto still relies on access control, namely for the keys • so crypto only moves the security problem elsewhere 13

  14. Differences? Commonalities? Both computers, but with different resources (memory, • computing power,...) + Pro smartcard: the hardware is more secure; on PC we can remove hard disk, access memory chips,... - Con smartcard: does not allow I/O to the user 14

  15. Smartcards 15

  16. Overview • what is a smartcard? • hardware, protocols, operating systems • attacks and countermeasures 16

  17. What is a smartcard? 17

  18. What is a smartcard? • Tamper-resistant computer, embedded in piece of plastic, with limited resources • aka chip card or integrated circuit card (ICC) • capable of securely – storing data – processing data • This is what makes a smartcard smart; stupid cards can store but not process • Processing capabilities vary greatly 18

  19. Smartcard form factors • traditional credit-card sized plastic card – ISO 7816 • mobile phone SIM – cut-down in size • contactless cards – aka proximity card or RFID transponder/tag – also possible: dual interface • iButton 19

  20. Smartcard example uses • bank cards: chipknip, new EMV creditcards • GSM SIM in mobile phone • pay TV • public transport – eg OV chipkaart in NL • health cards – eg UZI pas in NL • passports – new generation passports with biometric information stored on chip • access cards – to control access to buildings, computer networks, laptops,... 20

  21. Smartcard example uses • RFID tags – animal or human identification – product identification (like bar codes) • road pricing • electronic number plates • TPM (Trusted Platform Modules) in PC • digital signatures – eg eNIK (elektronische Nederlandse Identiteits Kaart) 21

  22. Classification: functionality Functional capabilities of smartcards & RFID tags can vary a lot: 1. device just reports data – read-only file-system 2. device reports data after some access control – protected (eg password-protected) file-system • read-only or read/write 3. device can take part in crypto protocol – eg for authentication Some of these cards are programmable, some have built- in functionality which you can configure but not change Which attacks can 3 withstand, that 1 & 2 can't? Replay attacks! 26

  23. Classic use of smartcard for authentication challenge c private CPU key K response enc K (c) • If card can perform encryption, then the private key K never has to leave the card • The card issuer does not have to trust the network, the terminal, or the card holder 27

  24. Stupid smartcards vs smart smartcards Capabilities of smartcards & RFID tags vary a lot: • Memory cards (“stupid” smartcards) – essentially just provide a file system – possibly with some access control or, simpler still, destructive (irreversible) writes as in old payphone-cards – configurable functionality hardwired in ROM • Microprocessor cards (“smart” smartcard) – contain CPU • possibly also crypto co-processor – programmable • program burnt into ROM, or stored in EEPROM • RFID tags are often like old memory cards • Focus in this course will be on microprocessor cards 28

  25. Security requirements • integrity – of data or functionality (incl. all software) • authenticity – resistance to copying/cloning – non-repudiation – being able to prove (not being able to deny) that an action has been carried out by some party • confidentiality – of data, or of card/card holder, ie. anonymity • availability aka resistance to denial-of-service • tamper-proof • tamper- resistance • tamper-evidence NB hardly anything is tamper- proof 29

  26. Smartcard hardware 30

  27. Smartcard hardware • CPU • memory – volatile (RAM) and non-volatile (ROM+EEPROM) • limited I/O: just a serial port possibly: • crypto co-processor • random number generator (RNG) No clock, no power! 31

  28. Smart card chip ROM RAM EEPROM CPU memory management unit (MMU) Clock/ Crypto Test & RNG I/O Charge coproc. Security Pump 32

  29. CPU • 8, 16 and now also 32 bit • Steady need for more processing powers – for virtual machines & cryptography 33

  30. Crypographic co-processor • DES, AES – DES in hardware takes same size as DES program code in ROM • for public-key crypto, ALU providing exponentation and modulo arithmetic with large numbers 34

  31. Smartcard memory ROM • BIOS + operating system EEPROM • the smartcard's hard disk RAM • workspace Typical modern card may have 512 bytes RAM, 16K ROM, 64K EEPROM, 13.5 MHz 35

  32. RAM • volatile aka transient memory • SRAM (static RAM) used rather than DRAM (Dynamic RAM) for lower power consumption • used for temporary data – stack – I/O buffer • typically 128 bytes to 16 Kbyte • volatile, but small permanent storage characteristics 36

  33. ROM • permanent storage • filled during production, using ROM mask • contains OS + possibly application code • typically 8 to 512 Kbyte • Flash is coming up as replacement of ROM • optically readable after removing top layers 37

  34. EEPROM • non-volatile aka persistent, rewritable memory • used for applications and data: – "the smartcard's hard disk“ • typically 1 to 512 Kbyte characteristics : • – slow: 1000x slower than RAM – has limited lifetime in # writes (> 10 6 ) – writing is two stage operation: erase & write – data retention 10-100 years – writing takes high power consumption • 17V, realised using charge pump 38

  35. ROM vs EEPROM for program code Choice between program code in ROM or EEPROM has big impact on development – Program code in ROM must be suitable for mass-use – It cannot be patched or updated There has been a clear trend away from having a lot of code in • ROM towards having smaller amount of code in ROM (eg just some standard • functionality provided by libraries or OS), and all custom functionality (the “application”) in EEPROM 39

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Gaming for the Greater Good Horia Dragomir goto;amsterdam @hdragomir "Games lubricate the

Gaming for the Greater Good Horia Dragomir goto;amsterdam @hdragomir "Games lubricate the

Gaming for the Greater Good Horia Dragomir goto;amsterdam @hdragomir "Games lubricate the body and the mind." Benjamin Franklin http://en.wikipedia.org/wiki/Bjarne_Stroustrup C makes it easy to shoot yourself in the foot; C++

1.18k views • 95 slides
CSE 143 Whats wrong with the way things are? One problem: All of our data structures so

CSE 143 Whats wrong with the way things are? One problem: All of our data structures so

CSE 143 Whats wrong with the way things are? One problem: All of our data structures so far have a maximum size. Dynamic Memory E.g. arrays declared with fixed size This size is fixed at compile time . Sometimes this is

603 views • 7 slides
A Performance Evaluation of Open Source Erasure Codes for Storage Applications James S. Plank

A Performance Evaluation of Open Source Erasure Codes for Storage Applications James S. Plank

A Performance Evaluation of Open Source Erasure Codes for Storage Applications James S. Plank Jianqiang Luo Catherine D. Schuman Lihao Xu (Tennessee) (Wayne State) Zooko Wilcox-O'Hearn Usenix FAST February 27, 2009 My Perspective on

838 views • 50 slides
SAYES : Digital Marketing Business SA <Insert presentation title here using slide master>

SAYES : Digital Marketing Business SA <Insert presentation title here using slide master>

SAYES : Digital Marketing Business SA <Insert presentation title here using slide master> 1 Welcome to todays workshop Course aims 1. What does Digital Marketing really mean? 2. The Customer Decision Journey 3. Focus and be

580 views • 33 slides
Blue Badge Digital Service Daniel Fyfield | Service Owner Thank you The new criteria (England

Blue Badge Digital Service Daniel Fyfield | Service Owner Thank you The new criteria (England

Blue Badge Digital Service Daniel Fyfield | Service Owner Thank you The new criteria (England only) Extends eligibility explicitly to include people with an enduring (ongoing) and substantial disability which causes them, during the course of

350 views • 18 slides
Blue Badge Processing and Assessments Hannah Buckley Operations Supervisor Kent County Council

Blue Badge Processing and Assessments Hannah Buckley Operations Supervisor Kent County Council

Digitally Transforming Blue Badge Processing and Assessments Hannah Buckley Operations Supervisor Kent County Council Where did Kent Start? In January 2018: Just hitting 50% digital take-up 4 stage assessment process, all paper

567 views • 17 slides
2019 NYCC Product Owner Vanessa Stokes Head of Customer Services Sarah Foley Blue Badge

2019 NYCC Product Owner Vanessa Stokes Head of Customer Services Sarah Foley Blue Badge

Blue Badge - Hidden Disabilities - August 2019 NYCC Product Owner Vanessa Stokes Head of Customer Services Sarah Foley Blue Badge Whats changing? From 30 August, people with hidden disabilities will be granted access to the Blue

429 views • 6 slides
Contact Me Blog: http://c1.ms/richd @rj_dudley richd@componentone.com Microsoft

Contact Me Blog: http://c1.ms/richd @rj_dudley richd@componentone.com Microsoft

11/5/2011 LightSwitch Onramp Rich Dudley Technical Evangelist Contact Me Blog: http://c1.ms/richd @rj_dudley richd@componentone.com Microsoft Azure: Enterprise Application Development http://bit.ly/msazurebook 1 11/5/2011

518 views • 7 slides
Core Infrastructure Initiative (CII) Best Practices Badge: 1.5 Years Later Dr. David A. Wheeler

Core Infrastructure Initiative (CII) Best Practices Badge: 1.5 Years Later Dr. David A. Wheeler

Institute for Defense Analyses 4850 Mark Center Drive Alexandria, Virginia 22311-1882 Core Infrastructure Initiative (CII) Best Practices Badge: 1.5 Years Later Dr. David A. Wheeler 2017-09-12 dwheeler @ ida.org Personal: dwheeler @

819 views • 50 slides
WSP PHASE 1 RE-CAP Town Centre Study Outputs o Improving Connectivity and Gateway o Bus Stops

WSP PHASE 1 RE-CAP Town Centre Study Outputs o Improving Connectivity and Gateway o Bus Stops

WSP PHASE 1 RE-CAP Town Centre Study Outputs o Improving Connectivity and Gateway o Bus Stops On-Street and Congestion Relief o Green Walk and Cultural and Active Route o Pedestrian Priority Routes & Cycleway o Safer and Pedestrian-Friendly

311 views • 7 slides
SWERC2017 Opening Ceremony November 25-26 th 2017, Paris 1 Welcome Word Antoine Amarilli

SWERC2017 Opening Ceremony November 25-26 th 2017, Paris 1 Welcome Word Antoine Amarilli

SWERC2017 Opening Ceremony November 25-26 th 2017, Paris 1 Welcome Word Antoine Amarilli Contest Director 2 Guest Speeches Welcome Address from the Organizing Institution Head Guest Speaker, Yves Poilane , Director of T el ecom

580 views • 33 slides
SC Beta Ring Ching Pi Beta Phi was founded as I.C. Sorosis in 1867 at Monmouth College as

SC Beta Ring Ching Pi Beta Phi was founded as I.C. Sorosis in 1867 at Monmouth College as

SC Beta Ring Ching Pi Beta Phi was founded as I.C. Sorosis in 1867 at Monmouth College as the First Fraternity for Women. Official Symbol: Arrow Pi Beta Phi has 131 Collegiate Chapters Unofficial Symbol: Angel

688 views • 6 slides
BalCCon 2K16 Badge Instructions for use and schematic diagram 1. Badge SWITCH ON: Press and

BalCCon 2K16 Badge Instructions for use and schematic diagram 1. Badge SWITCH ON: Press and

BalCCon 2K16 Badge Instructions for use and schematic diagram 1. Badge SWITCH ON: Press and release the lower button. Rotating LED pattern in CW direction signifies that the unit is ON. SWITCH OFF: Press and release the lower button again.

558 views • 10 slides
Southwold Enterprise Hub DEVELOPMENT PLANS 11 NOVEMBER 2019 Southwold Background Station

Southwold Enterprise Hub DEVELOPMENT PLANS 11 NOVEMBER 2019 Southwold Background Station

Southwold Enterprise Hub DEVELOPMENT PLANS 11 NOVEMBER 2019 Southwold Background Station Yard development over 20 Enterprise Hub years Existing services what happens to the existing services needed by the community? Slides from

967 views • 45 slides
Bluetooth Hacking The State of the Art 22C3 December 30st 2005, Berlin, Germany by Adam Laurie,

Bluetooth Hacking The State of the Art 22C3 December 30st 2005, Berlin, Germany by Adam Laurie,

Bluetooth Hacking The State of the Art 22C3 December 30st 2005, Berlin, Germany by Adam Laurie, Marcel Holtmann and Martin Herfurt ... because infinite is sometimes not enough! Agenda Quick technology overview Security mechanisms

776 views • 49 slides
CSE 543 - Computer Security Lecture 26 - Mobile phone security December 11, 2007 URL:

CSE 543 - Computer Security Lecture 26 - Mobile phone security December 11, 2007 URL:

CSE 543 - Computer Security Lecture 26 - Mobile phone security December 11, 2007 URL: http://www.cse.psu.edu/~tjaeger/cse543-f07/ CSE543 Computer (and Network) Security - Fall 2007 - Professor Jaeger 1 Mobile Phones Networked device

302 views • 11 slides
Android Security Security Philosophy Humans have difficulty understanding risk Safer to

Android Security Security Philosophy Humans have difficulty understanding risk Safer to

Android Security Security Philosophy Humans have difficulty understanding risk Safer to assume that Most developers do not understand security Most users do not understand security Security philosophy cornerstones Need to

582 views • 37 slides
A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Daniele

A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Daniele

WAC workshop 2020 A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Daniele Antonioli Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy 1

949 views • 69 slides
CS5530 Mobile/Wireless Systems Android Bluetooth Interface Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems Android Bluetooth Interface Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems Android Bluetooth Interface Yanyan Zhuang Department of Computer Science http://www.cs.uccs.edu/~yzhuang UC. Colorado Springs CS5530 Ref. CN5E, NT@UW, WUSTL Bluetooth Communication Bluetooth-enabled

343 views • 18 slides
+ eDiscovery: Energy Ef fi cient Device Discovery for Mobile Opportunistic Communications Bo Han

+ eDiscovery: Energy Ef fi cient Device Discovery for Mobile Opportunistic Communications Bo Han

+ eDiscovery: Energy Ef fi cient Device Discovery for Mobile Opportunistic Communications Bo Han AT&T Labs Research Aravind Srinivasan University of Maryland Presented by Xin Gao NJIT + Summary 2 Background Introduction

256 views • 12 slides
Comprehensive,Experimental, Analysis,of,Automotive, Attack,Surfaces, Checkoway,et,al ,

Comprehensive,Experimental, Analysis,of,Automotive, Attack,Surfaces, Checkoway,et,al ,

Comprehensive,Experimental, Analysis,of,Automotive, Attack,Surfaces, Checkoway,et,al , Presented(By(Lucas(Copi( Overview, Introduction, Automotive,Threat,Models, Vulnerability,analysis, Conclusion, Introduction,

464 views • 18 slides
Capstone 2020 Presentation BlueDentist Project Summary Develop a portable, wideband SDR module

Capstone 2020 Presentation BlueDentist Project Summary Develop a portable, wideband SDR module

Capstone 2020 Presentation BlueDentist Project Summary Develop a portable, wideband SDR module that utilizes a GPU for digital signal processing Develop firmware and software to monitor and analyze Bluetooth signals Team Jeff Longo Chris

748 views • 23 slides
Bluetooth Mesh under the Microscope: How much ICN is Inside? Hauke Petersen, Peter Kietzmann,

Bluetooth Mesh under the Microscope: How much ICN is Inside? Hauke Petersen, Peter Kietzmann,

Bluetooth Mesh under the Microscope: How much ICN is Inside? Hauke Petersen, Peter Kietzmann, Cenk G undo gan, Thomas C. Schmidt and Matthias W ahlisch peter.kietzmann@haw-hamburg.de 6th ACM Conference on Information-Centric Networking

639 views • 44 slides
Breaking the Bluetooth Pairing Fixed Coordinate Invalid Curve Attack Eli Biham Lior Neumann

Breaking the Bluetooth Pairing Fixed Coordinate Invalid Curve Attack Eli Biham Lior Neumann

Breaking the Bluetooth Pairing Fixed Coordinate Invalid Curve Attack Eli Biham Lior Neumann Department of Computer Science Technion Israel Institute of Technology Cryptoday 2018 Eli Biham, Lior Neumann (Technion) Breaking the

784 views • 75 slides

More recommend