penetration testing for certification
play

Penetration Testing for Certification: What we care about Marcel - PowerPoint PPT Presentation

Nov 26, 2023 •112 likes •523 views

Penetration Testing for Certification: What we care about Marcel Medwed marcel.medwed@nxp.com Outline Common Criteria Evaluation Assurance Levels JHAS Penetration Testing and Countermeasures 2 Design and security of cryptographic

  1. Penetration Testing for Certification: What we care about Marcel Medwed marcel.medwed@nxp.com

  2. Outline Common Criteria Evaluation Assurance Levels JHAS Penetration Testing and Countermeasures 2 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  3. Common Criteria

  4. Ideas General framework to certify the security of IT products by a third party Involved parties – Manufacturer / Sponsor – Evaluation Facility – Overseer (Certification Facility) Common Criteria Recognition Arrangement Asset-centered approach 4 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  5. Framework Common Criteria – Part 1: Introduction and General Model – Part 2: Security Functional Requirements – Part 3: Security Assurance Requirements – Common Criteria Evaluation Methodology 5 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  6. Security Evaluation Common Criteria – Subjects to be addressed Threats Environment • Development • confidentiality Assets • Production • integrity • End usage Security Functional Requirements (What?) Target of Evaluation Security Assurance Requirements (How?) TOE‘s Security Functions Basis for evaluation • correct operation • memory integrity • SPA/DPA resistance • cryptographic support Protection Profile Security Target • resistance against physical attacks 6 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  7. Evaluation Assurance Levels (1) EAL 7: formally verified designed & tested EAL 6: semi-formally verified designed & tested EAL 5: semi-formally designed & tested EAL 4: methodically designed, tested & reviewed EAL 3: methodically tested & checked EAL 2: structurally tested EAL 1: functionally tested 9 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  8. Evaluation Assurance Levels (2) EALn: Predefined Packages… 5 Difference is in the component 2 level – The higher the number 4 • the more formal the description has to be 5 • the more details are requested 2 EAL5+ 2 – What is the „+‟ ? „+‟ = Augmentation – At least one component from a higher level has been taken 3 (which one is defined in PP) 5 4 10 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  9. PP for Smartcards Requirements are the same for all – Threats – Security Objectives – SFRs Level of assurance is at least EAL4+ – Usually we go for EAL5+ or EAL6+ for whole products. – If you read about EAL7 check the ST for the scope The augmentation for AVA_VAN is always the highest – Special treatment for smartcards – JIL Hardware Attack Subgroup 11 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  10. JHAS

  11. Security Evaluation Common Criteria – JHAS Mission Statement The JHAS group • Meets bi-monthly and consists of a wide variety of members • State-of-the Art: Assess all HW and SW attacks (new and old) that may apply to smart cards and maintain a rating of those that is consistent with the advancements of attacks (published in a confidential document available to all members) • Quality Assurance: Support evaluating labs to perform & assess attacks uniformly across all members, thereby helping to create a level playing field for all • Promote the use of CC methodology for vulnerability analysis 13 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  12. JHAS group in CC Scheme – ~36 Members 14 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  13. Security Evaluation Common Criteria – JHAS Documents Application of Attack Potential to Smartcards • Status: Public • Rating tables and methodology JIL Attack Methods for Smartcards • Status: Confidential • List of all attack classes • Description of many attacks (not exhaustive, though!) • Example ratings • Serves as guideline for CBs, evaluation labs and vendors 15 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  14. Security Evaluation Common Criteria – JHAS Attack Classification Major attack classes are: • Physical Attacks (e.g. Reverse Engineering) • Overcoming Sensors and Filters • Perturbation Attacks • Side-channel Attacks • Exploitation of Test Features • Attacks on RNG • Ill-formed Java Card Applications • Software Attacks • ... 16 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  15. Security Evaluation Common Criteria – JHAS Attack Phases Identification Phase: • Perform the attack once to demonstrate its feasibility and / or achieve a one-time benefit (learning phase) Exploitation Phase: • Perform the attack multiple times for commercial exploitation Information Flow between these Phases: • One of the outcomes of the Identification Phase is a virtual script that tells the attacker of the Exploitation Phase how to perform the attack 17 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  16. Factors Identification Exploitation Common Criteria Elapsed time < one hour 0 0 for Smart Cards – < one day 1 3 < one week 2 4 < one month 3 6 Rating Tables > one month 5 8 Not practical * * Expertise Layman 0 0 Proficient 2 2 Expert 5 4 Range of values TOE resistant to attackers with attack Multiple Expert 7 6 CC 3.x potential of: Knowledge of the TOE 0-15 No rating Public 0 0 16-20 Basic Restricted 2 2 21-24 Enhanced-Basic Sensitive 4 3 25-30 Moderate Critical 6 5 31 and above High Very critical hardware design 9 NA Access to TOE We need to achieve 31 points for VLA.4 < 10 samples 0 0 / VAN.5 (part of EAL 4+, 5+, 6+) for < 30 samples 1 2 < 100 samples 2 4 each and every attack path! > 100 samples 3 6 Not practical * * “Application of Attack Potential to Smartcards” Equipment None 0 0 (developed for JIL by JHAS group) Standard 1 2 Specialized 3 4 Bespoke 5 6 Multiple Bespoke 7 8 Open samples Public 0 NA Restricted 2 NA Sensitive 4 NA Critical 6 NA

  17. Bellcore Attack on RSA w/ Countermeasures Identification Exploitation Factor Comment A glitch perturbation is induced. No sample < 1 day < 1 hour Elapsed Time preparation is needed and a straightforward (1) (0) setup is sufficient to obtain an error. Without any logical countermeasures, considering the chip can be relatively easily Proficient Proficient Expertise disturbed, a proficient could apply the attack (2) (2) in identification, as well in exploitation. According to the protocol, no specific Public Public Knowledge of TOE knowledge of the TOE is required. (0) (0) Access to TOE (number Access to TOE will in practice always be of < 10 < 10 of samples) the order of less than 10 samples. (0) (0) Samples with known key won’t ease this Open Samples/ Known NA NA Key attack. Fault injection equipment based on glitch Specialized Specialized Equipment induction. (3) (4) Sub Total 6 6 VAN.1 – “No Rating” Total 12 19 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  18. Bellcore Attack on RSA: Countermeasures Countermeasures in Hardware – Redundancy, check sums, etc. on the chip level – Example Secure Fetch (NXP) Countermeasures in Software – A guidance on suitable countermeasures in SW may be given in the User Guidance Manual of the HW platform – The implementation in the customer SW will then have to be tested in the Composite Evaluation – Example: SW Verification of RSA (and much more…) Both approaches can lead to an EAL5+ in HW (!) – It is “simply” a question of where to make the cut in the HW -SW co-design of security features. 20 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  19. HW – SW Co-design Reaching EAL5+ is always a HW/SW co- design effort in CC, so… – EAL5+ != EAL5+… The User Guidance Manual (UGM) does count! Input from UGM          U HW platform SW / OS HW w/o Crypto Lib G M    U U HW platform Crypto OS HW with Crypto Lib G G M M { Applet U U HW platform OS HW with OS G M G M Security Level EAL 5+ 21 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

  20. Penetration testing and countermeasures

  21. Protecting user data and code in general (1) Code and data must be protected – Keys are not only used in coprocessors, e.g. storage in NV – Transfer on device, processing in CPU – Multiple applications – Code also needs protection Means of protection – Memory encryption, various key update frequencies for ROM, NV, RAM – Address scrambling – Integrity protection – CPU features for SPA resistance – Firewall management – Resource rights management – Redundant registers/HW – Blinded CRC – Sensors (Voltage, light,…) 23 Design and security of cryptographic algorithms and devices for real-world applications, Croatia, June 2014

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Penetration testing auditability Alexandros Tsiridis &amp; Stamatios Maritsas What is the purpose

Penetration testing auditability Alexandros Tsiridis &amp; Stamatios Maritsas What is the purpose

MSc System and Network Engineering Penetration testing auditability Alexandros Tsiridis &amp; Stamatios Maritsas What is the purpose of penetration testing auditability? Research questions What are the sources of penetration testing

554 views • 13 slides
Web Application Penetration By: Frank Coburn &amp; Haris Mahboob Testing Take Aways Overview

Web Application Penetration By: Frank Coburn &amp; Haris Mahboob Testing Take Aways Overview

Web Application Penetration By: Frank Coburn &amp; Haris Mahboob Testing Take Aways Overview of the web Web proxy tool Reporting Gaps in the process app penetration testing process Penetration testing vs vulnerability assessment What

301 views • 17 slides
Testing Dr. Patrick McDaniel Meghan Riegel Fall 2015 What is Penetration Testing? Attacking

Testing Dr. Patrick McDaniel Meghan Riegel Fall 2015 What is Penetration Testing? Attacking

Introduction to Penetration Testing Dr. Patrick McDaniel Meghan Riegel Fall 2015 What is Penetration Testing? Attacking a system to find security vulnerabilities in order to fix them before a malicious party attacks the system Legal if

455 views • 9 slides
Team Cymru Cymru Team Penetration Testing Ryan Connolly, ryan@cymru.com

Team Cymru Cymru Team Penetration Testing Ryan Connolly, ryan@cymru.com

Team Cymru Cymru Team Penetration Testing Ryan Connolly, ryan@cymru.com &lt;http://www.cymru.com&gt; Penetration Testing Agenda Pentesting Basics Pentesting Defined Vulnerability Scanning vs. Penetration testing Pentesting

879 views • 83 slides
Penetration Testing Engineering Secure Software Last Revised: July 28, 2020 SWEN-331:

Penetration Testing Engineering Secure Software Last Revised: July 28, 2020 SWEN-331:

Penetration Testing Engineering Secure Software Last Revised: July 28, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 Testing That Digs Deeper Penetration testing is about attempting to exploit as much as possible

516 views • 18 slides
Simulated Penetration Testing: From Dijkstra to Turing Test++ J org Hoffmann June

Simulated Penetration Testing: From Dijkstra to Turing Test++ J org Hoffmann June

What? Classical Attack Graphs POMDPs MDPs Taxonomy And Now? Simulated Penetration Testing: From Dijkstra to Turing Test++ J org Hoffmann June 26, 2015 J org Hoffmann Simulated Penetration Testing 1/58 What? Classical

2.44k views • 184 slides
An Introduction to IoT Penetration Testing @libertyunix www.kmco.com The Agenda n IoT Attack

An Introduction to IoT Penetration Testing @libertyunix www.kmco.com The Agenda n IoT Attack

An Introduction to IoT Penetration Testing @libertyunix www.kmco.com The Agenda n IoT Attack Surface l OWASP IoT Top 10 l -1 Ring in IoT n Wireless Topics in IoT n IoT Pen Testing Tools &amp; Examples n Q&amp;A 2 Getting Started in IoT

923 views • 52 slides
World s first Machine- Based Penetration Testing Solution Take Control, Get CyBot CREST

World s first Machine- Based Penetration Testing Solution Take Control, Get CyBot CREST

World s first Machine- Based Penetration Testing Solution Take Control, Get CyBot CREST certified CREST Certified Cronus is the 1 st CREST certified Automatic Penetration Testing vendor One of top 12 tech companies transforming

611 views • 13 slides
Network Penetration Testing Toolkit NMAP, NETCAT, AND METASPLOIT BASICS DAY OF SHECURITY

Network Penetration Testing Toolkit NMAP, NETCAT, AND METASPLOIT BASICS DAY OF SHECURITY

Network Penetration Testing Toolkit NMAP, NETCAT, AND METASPLOIT BASICS DAY OF SHECURITY February 22. 2019 whoami AND HOW DID I GET HERE? Cecillia Tran Kelly Albrink External network pen testing &amp; web Network pen testing,

882 views • 31 slides
CYBERSECURITY RISK ASSESSMENT AND PENETRATION TESTING FOR BOCES PARTICIPATING SCHOOL DISTRICTS

CYBERSECURITY RISK ASSESSMENT AND PENETRATION TESTING FOR BOCES PARTICIPATING SCHOOL DISTRICTS

CYBERSECURITY RISK ASSESSMENT AND PENETRATION TESTING FOR BOCES PARTICIPATING SCHOOL DISTRICTS RFP #2416 OUR DIFFERENTIATORS Global Risk Atlantic has a deep understanding of Risk Assessment and Penetration Testing on a Assessment global

519 views • 7 slides
Practical Penetration Testing 101 Look mom Im a hacker now! Words of warning Anything

Practical Penetration Testing 101 Look mom Im a hacker now! Words of warning Anything

Practical Penetration Testing 101 Look mom Im a hacker now! Words of warning Anything you do to a remote system without authorization is illegal Use common sense Federal prison is bad Overview of Today Brief overview

348 views • 13 slides
Comparing the Effectiveness of Penetration Testing and Static Code Analysis Detection of SQL

Comparing the Effectiveness of Penetration Testing and Static Code Analysis Detection of SQL

Comparing the Effectiveness of Penetration Testing and Static Code Analysis Detection of SQL Injection Vulnerabilities in Web Services Nuno Antunes, Marco Vieira PRDC 2009 nmsa@dei.uc.pt, mvieira@dei.uc.pt University of Coimbra

370 views • 24 slides
Implications of the new MDR from a Product Testing and Certification Perspective Helping You to

Implications of the new MDR from a Product Testing and Certification Perspective Helping You to

Implications of the new MDR from a Product Testing and Certification Perspective Helping You to Access Global Markets FAST and PREDICTABLY www.test-medical-devices.com 1 Hans Gerd Evering MDR - Implications from Certification Perspective

630 views • 27 slides
Mechanical Load Testing of Solar Panels Beyond Certification Testing Andrew M. Gabor 1 , Rob

Mechanical Load Testing of Solar Panels Beyond Certification Testing Andrew M. Gabor 1 , Rob

Mechanical Load Testing of Solar Panels Beyond Certification Testing Andrew M. Gabor 1 , Rob Janoch 1 , Andrew Anselmo 1 , Jason L. Lincoln 2 , Hubert Seigneur 2 , Christian Honeker 3 1 BrightSpot Automation LLC, Westford, MA, USA 2 Florida

402 views • 24 slides
Voluntary EU certification for Voluntary EU certification for non-residential buildings

Voluntary EU certification for Voluntary EU certification for non-residential buildings

Voluntary EU certification for Voluntary EU certification for non-residential buildings Definition of an Energy Performance Scale Jana Bendalov BUILDING TESTING AND RESEARCH INSTITUTE / Slovakia 09 January 2012 1 Context

609 views • 19 slides
Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges DIMACS Workshop on Algorithmic Decision Theory for the Smart Grid Stephen McLaughlin - Penn State University Systems and Internet Infrastructure

590 views • 33 slides
DOCKER AND PYTHON Making them play nicely and securely for Data Science and Machine Learning

DOCKER AND PYTHON Making them play nicely and securely for Data Science and Machine Learning

DOCKER AND PYTHON Making them play nicely and securely for Data Science and Machine Learning TANIA ALLARD, PHD ixek | https:/ /bit.ly/europython-ml-docker Sr. Developer Advocate @Microsoft. @ixek @trallard trallard.dev THESE SLIDES

564 views • 41 slides
OSG User Support Strategies March 24, 2015 OSG All Hands @ Northwestern University Rob Gardner

OSG User Support Strategies March 24, 2015 OSG All Hands @ Northwestern University Rob Gardner

OSG User Support Strategies March 24, 2015 OSG All Hands @ Northwestern University Rob Gardner University of Chicago Mats Rynge ISI, University of Southern California OSG User Support: in transition For the past three years User Support

179 views • 15 slides
Design and Realization of the EXCITEMENT Open Platform for Textual Entailment Gnter Neumann,

Design and Realization of the EXCITEMENT Open Platform for Textual Entailment Gnter Neumann,

Design and Realization of the EXCITEMENT Open Platform for Textual Entailment Gnter Neumann, DFKI Sebastian Pado, Universitt Stuttgart Textual Entailment Textual Entailment (TE) A Text (T) entails a Hypothesis (H), if a typical

320 views • 27 slides
Solving Mathematical Puzzles: a Deep Reasoning Challenge for Intelligent Agents F. Chesani, P.

Solving Mathematical Puzzles: a Deep Reasoning Challenge for Intelligent Agents F. Chesani, P.

Solving Mathematical Puzzles: a Deep Reasoning Challenge for Intelligent Agents F. Chesani, P. Mello, M. Milano First URANIA Workshop, November 28 th , 2016 AIxIA 2016 Conference, Genova, November 28 th December 1 st , 2016 Premises... (1/2)

323 views • 16 slides
Relation Regularized Matrix Factorization Wu-Jun Li, Dit-Yan Yeung Department of Computer Science

Relation Regularized Matrix Factorization Wu-Jun Li, Dit-Yan Yeung Department of Computer Science

Relation Regularized Matrix Factorization Wu-Jun Li, Dit-Yan Yeung Department of Computer Science and Engineering Hong Kong University of Science and Technology Hong Kong, China IJCAI 2009 Li and Yeung (CSE, HKUST) RRMF IJCAI 2009 1 / 23

402 views • 23 slides
Common Lisp - The programmable programing language Ben Dudson Common Lisp - The programmable

Common Lisp - The programmable programing language Ben Dudson Common Lisp - The programmable

Common Lisp - The programmable programing language Ben Dudson Common Lisp - The programmable programing language | 2018 | 1/33 The Lisp family There are many different Lisp languages and varieties of Lisp including: Common Lisp - ANSI standard

525 views • 33 slides
INF4820: Algorithms for Artificial Intelligence and Natural Language Processing Common Lisp

INF4820: Algorithms for Artificial Intelligence and Natural Language Processing Common Lisp

INF4820: Algorithms for Artificial Intelligence and Natural Language Processing Common Lisp Fundamentals Stephan Oepen &amp; Murhaf Fares Language Technology Group (LTG) August 30, 2017 Last Week: What is AI? Since the 1950s: Chatbots,

1.2k views • 104 slides
Delivering Common Lisp Applications with ASDF 3.3 Pushing the Envelope or Therapeutic Fury?

Delivering Common Lisp Applications with ASDF 3.3 Pushing the Envelope or Therapeutic Fury?

Delivering Common Lisp Applications with ASDF 3.3 Pushing the Envelope or Therapeutic Fury? Franois-Ren Rideau, TUNES Project European Lisp Symposium, 2017-04-03 http://github.com/fare/asdf2017/ 1 This Talk This Talk: A progress report on

824 views • 30 slides

More recommend