in the industry
play

in the Industry Benoit Feix 3 rd June 2011 Albena, Bulgaria, 29 May - PowerPoint PPT Presentation

Mar 03, 2023 •339 likes •957 views

Daily Life for a Secure Product in the Industry Benoit Feix 3 rd June 2011 Albena, Bulgaria, 29 May 3 June 2011 1 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). Outline Product Overview Product Design Cycle

  1. Daily Life for a Secure Product in the Industry Benoit Feix 3 rd June 2011 Albena, Bulgaria, 29 May – 3 June 2011 1 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II).

  2. Outline • Product Overview • Product Design Cycle • Evaluations and Certifications of Products (Functional, Security) • Intellectual Property • Some Classical Countermeasures • Some attacks and future … Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 2/xxpages

  3. Who are we? • French company with offices all over the world ─ Former name: Inside Contactless ─ Recently acquired Atmel Secure Microcontroller Solutions activity ─ ~340 employees in the world ─ Fabless company • Secure microcontrollers for cards, tokens, readers, etc. • NFC chip maker and solution provider Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 3/XX pages

  4. Basics Product Contain Appli Appli 1 2 Cryptographic Operating System Libraries Hardware Abstract Layer Integrated Circuit Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 4/XX pages

  5. Security Flow Security Process to have a full secure product: Identify assets to protect in integrity and confidentiality 1) Identify threats (possible attacks) and vulnerabilities 2) Define appropriate countermeasure software and/or 3) hardware Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 5/XX pages

  6. Secure Platform S Appli Appli • Many protections to implement E C 1 2 U  Circuit size (cost) is increased Operating Cryptographic R System Libraries I  Efficiency/performances decreases Hardware Abstract Layer T Integrated Circuit Y • Platform Assets to protect: • Secret keys: for encryption, authentication, signature • Private data • Issuer data • IPs: algorithms, code • Life cycle Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 6/XX pages

  7. Life Cycle – Steps of Design and SPECIFICAT CIFICATIO IONS NS Manufacture OS CRYPTO Tests Integrated Circuit Development Development Production Development Preparation Applications Securisation Development Product Photomask Manufacture Foundry Personnalisation Pre personnalisation Initialisation Tests Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 7/XX pages

  8. Life Cycle Market Life – End of Life - Transactions Management Product on - Updates the Field Field management - Replacement - Deactivation, End of Life - Loss, cancellation, robbery - Product broken Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 8/XX pages

  9. Integrated Circuit Architecture Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 9/XX pages

  10. Integrated Circuit Architecture • Processors: ─ CISC or RISC ─ Harvard or Von Neumann ─ 8 bit (CISC): 8051, AVR ─ 16 bits (RISC): proprietary cores ─ 32 bits (RISC): MIPS, ARM7, ARM9, SC100 … new ARM families • ROM: Read Only Memory • RAM: Random Access Memory • EEPROM: Electrically Erasable Programmable Read Only Memory • FLASH • RNG: Random Number Generator • Coprocessors for: ─ DES ─ AES ─ CRC ─ Long Integer Arithmetic • MMU: Memory Management Unit • Security Logic: sensors, noise generators … Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 10/XX pages

  11. Cryptographic Algorithm most used in embedded … • Symmetric ─ DES/TDES: NIST only recommends TDES ─ AES • Hash functions ─ SHA-1, SHA-2 ─ RIPEMD 160 ─ Later .. (2012) SHA-3: competition ongoing • Asymmetric ─ RSA CRT – RSA SFM ─ DSA / ECDSA ─ DH / ECDH ─ OBKG • Stream Ciphers: not so used … • Examples: cf. Oberthur presentation on Thursday morning. Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 11/XX pages

  12. Operating Systems • Two kinds of operating system in smart cards : ─ ‘’Closed’’ or dedicated systems • Generally mono applicative; dedicated to a unique usage; for instance banking cards, health cards, SIM cards for mobile ─ Open systems • Not dedicated to a specific application, it is possible to download some software (applets) after the ROM mask step and the personalization; for instance the Java Cards, or the MultOS operating system… Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 12/XX pages

  13. Operating System • Different functionalities ─ Input / Output data and associated protocol management ─ Memory Management in work areas ─ Basic and principle services for applicative codes • Secure Management of memory copies and transfers • Cryptogram calculation, random number generation, CRC … • Integrity of elements • Authentication • Session key management • Protocol, command management … ─ Multi applicative mode management ─ Access control management for reading and writing at each memory area ─ Life Cycle Management with security • Initialization • Pre-personalization • Personalization • Applicative mode Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 13/XX pages

  14. Operating System • Different languages ─ C ─ Assembly: native and dedicated to each microprocessor ─ C++ ─ Java Card • Examples of code sizes ─ Banking Card (native): • RAM ~ 2 to 4 Kbytes • ROM ~ 32 to 96 Kbytes • NVM ~ 8 to 32 Kbytes ─ SIM Card • RAM ~ 2 to 8 Kbytes • ROM ~ 128 to 256 Kbytes • NVM ~ 128 to 256 or more Kbytes ─ Multi applicative or open product • Can be more … big NVM allow to download a lot of applets. Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 14/XX pages

  15. Applications / Applets • Applications ─ Can be burned in ROM and then only instanced • On a closed system • In native language (assembly and C) ─ Can be downloaded during personalization or later in the life cycle in an open system: MultOS • Java Applets ─ Can be loaded on any product having a Java Card OS • Developed in Java Card ─ Open platform which manages the loading in a secure manner Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 15/XX pages

  16. … So many different possible attacks • Invasive Attacks Reverse Engineering Probing FIB (Focused Ion beam) • Passive Attacks Timing Attacks Side-Channel Analysis (Power, ElectroMagnetic, RF) • Active Attacks Fault Attacks … then so many competencies required ! Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 16/XX pages

  17. Invasive Attacks Techniques originate from the failure analysis domain • Gaining access to the chip • Reverse engineering • Reconstitution of the layers – Reading the memories – Read internal state • Probing the device – Circuit modifications (FIB) – Cost = Very expensive… Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 17/XX pages

  18. Reverse Engineering Gaining access to the chip (example) – Remove/cut plastic with a knife – Use chemical to remove resin (nitric acid, acetone…) – Reconnect the chip in another package if needed. – Layers reconstitution: using plasma machine or chemical – Each layer image is obtained through an electronic microscope – Each metal level can then be observed – Whole IC reverse engineering is very complex but part of it can be done – Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 18/XX pages

  19. Reading / Modifying Reading the memories – Depend on the kind of memory: a basic ROM can be directly read on – the top metal layer For diffused memory it is necessary to reach the bulk level and use – etching techniques Much more difficult in practice on other memories: Flash, EEPROM, – RAM Probing – Direct access to internal signals enables observation or modification of – internal data (bits): data flow in buses … Focused Ion Beam (FIB) – Can be used to add test pads (probing) on sensitive signals – To modify the internal behavior of a device –  Bypass security features, modify functionalities Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 19/XX pages

  20. Reading Modifying by Probing • Need a micro probing station • Put one or many probes on a circuit area to read or modify bits: ─ Values in a bus for instance … • Key bits in a bus ─ other sensitive values … Albena, Bulgaria, 29 May – 3 June 2011 Design and Security of Cryptographic Algorithms and Devices (ECRYPT II). 20/XX pages

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Industrial Revolution INDUSTRY 1.0 INDUSTRY 2.0 INDUSTRY 3.0 INDUSTRY 4.0 Mechanisation, Mass

Industrial Revolution INDUSTRY 1.0 INDUSTRY 2.0 INDUSTRY 3.0 INDUSTRY 4.0 Mechanisation, Mass

Industrial Revolution INDUSTRY 1.0 INDUSTRY 2.0 INDUSTRY 3.0 INDUSTRY 4.0 Mechanisation, Mass production, Automation, Internet of things, steam power, assembly line, computers, networks. weaver loom. electrical energy. electronics.

296 views • 3 slides
Industry 4.0 - Agenda What is Industry 4.0? Innovation drivers Industry 4.0

Industry 4.0 - Agenda What is Industry 4.0? Innovation drivers Industry 4.0

Industry 4.0 - Agenda What is Industry 4.0? Innovation drivers Industry 4.0 overview and design US response to I4.0 Technology progression Automation Levels How does this apply to me? A practical layout

826 views • 20 slides
Tom Keeley WORKING WITH INDUSTRY Industry structure Industry and academia WORKING IN

Tom Keeley WORKING WITH INDUSTRY Industry structure Industry and academia WORKING IN

Tom Keeley WORKING WITH INDUSTRY Industry structure Industry and academia WORKING IN INDUSTRY Should you make the move Making the move Questions. Undergraduate, post-graduate, PhD student and Research Fellow at UoB.

316 views • 19 slides
TAS ASC C - TG TGIC Rever erse I e Industry D Day 30 January y 2019 What Is Industry

TAS ASC C - TG TGIC Rever erse I e Industry D Day 30 January y 2019 What Is Industry

TAS ASC C - TG TGIC Rever erse I e Industry D Day 30 January y 2019 What Is Industry Doing and What Can Industry Learn and Contribute During Government Market Research and Acquisition Planning Activities Reverse Industry Day Purpose

398 views • 16 slides
OPERATOR OF NEW INDUSTRY CITIES A LEADING NEW INDUSTRY CITY OPERATOR CFLD ONE New Industry City

OPERATOR OF NEW INDUSTRY CITIES A LEADING NEW INDUSTRY CITY OPERATOR CFLD ONE New Industry City

OPERATOR OF NEW INDUSTRY CITIES A LEADING NEW INDUSTRY CITY OPERATOR CFLD ONE New Industry City An INFINITE Future CFLD (Stock Code 600340.SH), founded in 1998, focuses on industry upgrading and the development of New Industry Cities

209 views • 16 slides
Industry Day WELCOME Graham Porteous Project Owner Transport Scotland Industry Day

Industry Day WELCOME Graham Porteous Project Owner Transport Scotland Industry Day

Industry Day WELCOME Graham Porteous Project Owner Transport Scotland Industry Day Welcome Introductions Session Industry Day Keith Brown Cabinet Secretary for Economy, Jobs & Fair Work Industry Day Scheme Overview

988 views • 53 slides
Manufactured Housing: Manufactured Housing: An Industry Overview An Industry Overview An Industry

Manufactured Housing: Manufactured Housing: An Industry Overview An Industry Overview An Industry

Manufactured Housing: Manufactured Housing: An Industry Overview An Industry Overview An Industry Overview An Industry Overview National Association of Counties Rural Housing Forum Western Interstate Region Conference Santa Fe, NM Presenter:

602 views • 31 slides
INDUSTRY ROADMAP PRESENTATION OUTLINE Where the industry Where it is now Where it is going

INDUSTRY ROADMAP PRESENTATION OUTLINE Where the industry Where it is now Where it is going

THE PHILIPPINE SEMICONDUCTOR and ELECTRONICS INDUSTRY ROADMAP PRESENTATION OUTLINE Where the industry Where it is now Where it is going has been Industry Challenges How to get there WHERE THE INDUSTRY HAS BEEN The electronics industry

586 views • 29 slides
COLLARTS SOURCING YOUR INDUSTRY PLACEMENT COLLARTS PREPARING TO SOURCE YOUR INDUSTRY

COLLARTS SOURCING YOUR INDUSTRY PLACEMENT COLLARTS PREPARING TO SOURCE YOUR INDUSTRY

COLLARTS SOURCING YOUR INDUSTRY PLACEMENT COLLARTS PREPARING TO SOURCE YOUR INDUSTRY PLACEMENT CHECKLIST STAGE 1: Research your industry and make sure youre up to date with what is happening in your chosen industry e.g. subscribe

95 views • 8 slides
ECOSYSTEM Change, Disruption & Innovation in the Industry Amy Zirkle VP Industry Affairs,

ECOSYSTEM Change, Disruption & Innovation in the Industry Amy Zirkle VP Industry Affairs,

NEW PLAYERS IN THE PAYMENTS ECOSYSTEM Change, Disruption & Innovation in the Industry Amy Zirkle VP Industry Affairs, ETA electran.org DEFINING NEW ROLES IN AN EVOLVING INDUSTRY Industry Evolution Transformation of the Payments

550 views • 26 slides
BVCRT Research Workshop Industry Update Dennis Laycraft Industry Priorities 1. Industry

BVCRT Research Workshop Industry Update Dennis Laycraft Industry Priorities 1. Industry

BVCRT Research Workshop Industry Update Dennis Laycraft Industry Priorities 1. Industry Profitability Competitiveness Production competitiveness Regulatory competiveness Market access Value creation

823 views • 35 slides
Food Industry Ruth M Bell FIFST August 2015 The Food Industry The Food Industry Current

Food Industry Ruth M Bell FIFST August 2015 The Food Industry The Food Industry Current

25 Years in the Food Industry Ruth M Bell FIFST August 2015 The Food Industry The Food Industry Current Industry Facts Food Incidents Systems Management The Future 2 17 August 2015 Source: IGD, Food and Drink Federation,

326 views • 20 slides
smart industry DUTCH INDUSTRY FIT FOR THE FUTURE Date Wednesday 9 April, 09.00 - 11.00 a.m.

smart industry DUTCH INDUSTRY FIT FOR THE FUTURE Date Wednesday 9 April, 09.00 - 11.00 a.m.

I N V I TAT I O N smart industry DUTCH INDUSTRY FIT FOR THE FUTURE Date Wednesday 9 April, 09.00 - 11.00 a.m. Location Hall 3, Stand F20 Holland Pavilion, Theatre Presentation Smart Industry and refmection on the report by Henk Kamp,

387 views • 4 slides
WELCOME TO THE MGY INDUSTRY INDEX Introduction of MGY Industry Machine/Steel Construction

WELCOME TO THE MGY INDUSTRY INDEX Introduction of MGY Industry Machine/Steel Construction

WELCOME TO THE MGY INDUSTRY INDEX Introduction of MGY Industry Machine/Steel Construction What do we do in Mgy Industry ? Vision & Values Health, Safety and Environment Policy (HSE) Quality Management System & Quality

538 views • 43 slides
RESILIENT INDUSTRY STUDY 2 RESILIENT INDUSTRY: WHAT IS IT? PRESIDENTIAL DISASTER HAZARD

RESILIENT INDUSTRY STUDY 2 RESILIENT INDUSTRY: WHAT IS IT? PRESIDENTIAL DISASTER HAZARD

Coffey Street, Red Hook, Brooklyn RESILIENT INDUSTRY STUDY 2 RESILIENT INDUSTRY: WHAT IS IT? PRESIDENTIAL DISASTER HAZARD MITIGATION HURRICANE SANDY NYC DECLARATION DR-4085 4085 GRANT PROGRAM Project Team: Jen Gravel, Director of Industry

851 views • 48 slides
State of the Industry A view from the West David Thomas Director, Industry Research &

State of the Industry A view from the West David Thomas Director, Industry Research &

State of the Industry A view from the West David Thomas Director, Industry Research & Analysis BIO BIO Europe Spring March 11, 2013 1 BIOTECHNOLOGY INDUSTRY ORGANIZATION PRESENTATION TITLE IN FOOTER MONTH XX, 2012 U.S. IPOs:

375 views • 13 slides
A modeling approach for locating logistics platforms for fast parcel delivery in urban areas

A modeling approach for locating logistics platforms for fast parcel delivery in urban areas

Project PLUME Marseilles field survey Modeling approach Screenshots of the decision-making tool A modeling approach for locating logistics platforms for fast parcel delivery in urban areas Olivier Guyon , Nabil Absi, Dominique Feillet and

619 views • 24 slides
KVM on PowerPC This time its the server, baby Donnerstag, 23. September 2010 About Me

KVM on PowerPC This time its the server, baby Donnerstag, 23. September 2010 About Me

KVM on PowerPC This time its the server, baby Donnerstag, 23. September 2010 About Me Alexander Graf SUSE Studio team KVM and Qemu developer Server class PowerPC KVM port S390x Qemu guest support x86 Mac OS X in KVM

1.09k views • 67 slides
Lecture 6: Introduction to Detection Jonathan Krause Fei-Fei Li, Jonathan Krause Lecture 6 - 1

Lecture 6: Introduction to Detection Jonathan Krause Fei-Fei Li, Jonathan Krause Lecture 6 - 1

Lecture 6: Introduction to Detection Jonathan Krause Fei-Fei Li, Jonathan Krause Lecture 6 - 1 Goal Locate objects in images Fei-Fei Li, Jonathan Krause Lecture 6 - 2 Variants: Pedestrian Detection Leibe et al., 2005 Fei-Fei Li,

1.04k views • 71 slides
PHYSICAL FUNCTIONS : THE COMMON FACTOR OF SIDE-CHANNEL AND FAULT ATTACKS ? Proofs 2014, Busan,

PHYSICAL FUNCTIONS : THE COMMON FACTOR OF SIDE-CHANNEL AND FAULT ATTACKS ? Proofs 2014, Busan,

PHYSICAL FUNCTIONS : THE COMMON FACTOR OF SIDE-CHANNEL AND FAULT ATTACKS ? Proofs 2014, Busan, Korea Bruno Robisson, Hlne Le Bouder Secure Architecture and Systems Laboratory Joint team between CEA and Ecole des Mines de Saint-Etienne

883 views • 28 slides
Lecture 3: New Trade Theory Isabelle M ejean isabelle.mejean@polytechnique.edu

Lecture 3: New Trade Theory Isabelle M ejean isabelle.mejean@polytechnique.edu

Introduction Krugman, 1980 The Gravity Equation Lecture 3: New Trade Theory Isabelle M ejean isabelle.mejean@polytechnique.edu http://mejean.isabelle.googlepages.com/ Master Economics and Public Policy, International Macroeconomics October

763 views • 32 slides
CB-DBSCAN: A Novel Clustering Algorithm for Adjacent Clusters with Different Densities Gashin

CB-DBSCAN: A Novel Clustering Algorithm for Adjacent Clusters with Different Densities Gashin

CB-DBSCAN: A Novel Clustering Algorithm for Adjacent Clusters with Different Densities Gashin Ghazizadeh Outline Introduction Multi-density Clustering CB-DBSCAN Results CB-DBSCAN: A Novel Clustering Algorithm for Adjacent

454 views • 33 slides
Healthcare Data & Digital Innovation Thursday 20 th April 2017 0900 - 1300 MSP Citylabs,

Healthcare Data & Digital Innovation Thursday 20 th April 2017 0900 - 1300 MSP Citylabs,

Manchester Connected Health Ecosystem Healthcare Data & Digital Innovation Thursday 20 th April 2017 0900 - 1300 MSP Citylabs, Oxford Road, Manchester Wifi Username: FREE_MSP_WIFI @Man_Inf @GM_AHSN @ECHAlliance #McrEcosystem European

1.24k views • 95 slides
Specification and Verification for distributed applications running on heterogeneous

Specification and Verification for distributed applications running on heterogeneous

Specification and Verification for distributed applications running on heterogeneous infrastructures E. Madelaine Oasis team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis ECNU Dept of Software Engineering October 2010 Eric

683 views • 49 slides

More recommend