secure physical enclosures from covers with tamper
play

Secure Physical Enclosures from Covers with Tamper-Resistance - PowerPoint PPT Presentation

Jun 18, 2023 •106 likes •410 views

Secure Physical Enclosures from Covers with Tamper-Resistance Vincent Immler, Johannes Obermaier, Kuan Kuan Ng, Fei Xiang Ke, JinYu Lee, Yak Peng Lim, Wei Koon Oh, Keng Hoong Wee, Georg Sigl Conference on Cryptographic Hardware and Embedded

  1. Secure Physical Enclosures from Covers with Tamper-Resistance Vincent Immler, Johannes Obermaier, Kuan Kuan Ng, Fei Xiang Ke, JinYu Lee, Yak Peng Lim, Wei Koon Oh, Keng Hoong Wee, Georg Sigl Conference on Cryptographic Hardware and Embedded Systems, Atlanta, Aug 26, 2019

  2. The Physical Security Challenge Tamper Attempts any tool any time any technique | 1

  3. Where We Stand in Physical Security “Security outside the black-box model” by Ventzi Nikov at CARDIS 2016 (Invited Talk) | 2

  4. Where We Stand in Physical Security “Security outside the black-box model” by Ventzi Nikov at CARDIS 2016 (Invited Talk) skip the rest, let’s make this green (at least try) | 2

  5. Security Enclosures = Access Denial Systems goal: detect and counteract physical atacks tamper-detection tamper-response zeroization batery-backed mechanism for continuous protection zeroization wipes volatile memory containing critical security parameters | 3

  6. Access Denial Systems: Commercial Examples IBM Cryptographic Coprocessor ADP Gauselmann HP Atalla countermeasures: active meshes, obfuscation, light sensors, switches, poting, ... | 4

  7. High-Level Goals of Access Denial Systems Usability Access Denial System Producibility Security desired level of security: no demonstrable way to circumvent → secure in the field; prevent HW trojans in distribution chain | 5

  8. Selected Properties of Shown Examples � Producibility: � Envelopes: complex manufacturing but highest geometrical security � Covers/shells/housings: less complex but also less secure � Usability: � Batery typically limits operating range w.r.t. temperature � Shelf life is limited or necessitates additional service � Security: � Energy-preserving approach leads to crude measurement resolution � Prone to single point of failure at PCB-level (e.g., cut-off alarm, fake check signal) � Security mostly based on black-box model | 6

  9. | 7

  10. Tamper-Evident PUFs as Designated Alternative � “True” purpose of PUFs: tamper-detection w/o batery-backed sensors � Upon power-on: key derivation from tamper-evident PUF enclosure � If it fails: goal achieved, still initiate further countermeasures � If it succeeds: decrypt system or unlock critical security parameters � Unfortunately, very litle (public) work in this area! � Move towards white-box PUF design w/o diminishing security � Additional obfuscation then makes it even more difficult to atack | 8

  11. Proof of Concept: Design Overview Cover Physical Domain Evaluation Unit Key Capacitance Generation Measurement Signal Alarm and Processing Zeroization Integrity Tamper Detection Detection Analog Domain Digital Domain Host System HSM CSPs Alarm and Application (encrypted) Zeroization Application Domain sensoric region with fine mesh | 9

  12. Design Goals and Security Objectives � Design Goals: � Investigate how far we can get with COTS components � Check validity of concept and if it is worth developing further � Make physical integrity check complex and bury deep inside IC � Concept must scale with advancements in manufacturing � Security Objectives: � “Deny physical access” = disassembly is destructive; force multiple holes � Maximize distance from enclosure surface to insides of targeted chip � Entropy loss upon atack substantial, not possible to reconstruct � Increase need for customized tooling � Considered diameter = 300 µ m | 10

  13. Physical Domain: Layer Stack-Up of Cover PCB manufacturing process causes intrinsic variation in mutual capacitance C M Layer Description Comment 1 Shield Facing to outside Bonding 2 Tx electrodes Driven electrodes � Mutual capacitance C M Polyimide 3 Rx electrodes Receiving electrodes Bonding 4 Shield � Polyimide Facing inside (to PCB) 5 Connectors and routing | 11

  14. Physical Domain: Mesh with 16 RX × 16 TX Electrodes Sensor Mesh Concept TX 0 1 2 3 4 5 6 1 2 3 4 5 6 7 8 9 1 1 1 1 1 1 1 To 1 To 2 Ti Ti Ti Ti Ti Ti Ti Ti Ti Ti Ti Ti Ti Ti Ti Ti RX RX Ri 1 Ro 1 Ri 1 Ro 2 Ri 2 Ri 2 Ro 3 Ri 3 Ro 4 Ri 4 Ro 5 Ri 5 Ro 6 Ri 6 Ti 13 Ti 14 Ro 7 Ri 7 Ri 3 Ro 8 Ri 8 Ro 9 Ri 9 Ri 4 Ro 10 Ri 10 Ro 1 Ro 11 Ri 11 Ro 12 Ri 12 Ro 2 sensor C s = sensor node Ro 13 Ri 13 Ro 14 Ri 14 16 × 16 = 256 sensor nodes cell Ti 1 Ti 2 Ro 15 Ri 15 1 mm Ro 16 Ri 16 layer 2 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 layer 3 To To To To To To To To To 1 1 1 1 1 1 1 To To To To To To To 300 µ m sensoric region TX | 12

  15. Stochastic Model of Sensor Nodes � All tiny track overlaps behave like capacitors in parallel � C M comprised of nominal capacitance C N and variation C V � Differential measurement needed to remove common offset C N � C V <<< C N requiring high-resolution circuit | 13

  16. Analog/Digital Domain: Abs+Diff+Integrity Measurement Digital Domain Analog Domain Digital Domain TX 1 I RX Amplitude Fully Dual DAC LP HP LP C M Rescaling JFET RX 1 Sine Differential Amplifier ADC DFT Phase ∆C + Adjust TIA C M Amplifier Generator TX 2 � Measurements of different nature, one cannot exist w/o the other: � Absolute capacitance measurement � Differential capacitance measurement � Integrity measurement (open/short circuit) � Applications: � Integrity for rapid measurements and factory-initialization � Differential measurement for key generation and on-the-fly rate and range limits � Absolute measurement for additional tamper detection and temperature sensor | 14

  17. Application Domain / Boot Process preverified fully verified unverified example time attack System PUF Key Operational Decrypt Generation Mode device running Power-On Integrity Cap Integrity Cap Integrity Cap Event Detection Meas Detection Meas Detection Meas Tamper Tamper Tamper Detection A Detection A Detection A Tamper Tamper Tamper Detection B1 Detection B1 Detection B1 Tamper Tamper Detection B2 Detection B2 Tamper Tamper Tamper Detection C Detection C Detection C heartbeat zeroization | 15

  18. Basic Statistics Data acquired from 115 flexPCB covers at constant environmental conditions. 5500 350 300 Occurence 5000 250 Mean 200 4500 150 100 4000 50 0 3500 − 10000 − 5000 0 5000 10000 0 50 100 150 200 250 Difgerential Capacitance Absolute Sensor Node No. Figure: PDF of differential capacitance. Figure: Absolute capacitance per node position. Data in line with expectations. Low noise essential for tamper-evident application. | 16

  19. Entropy and PUF Assessment (Global) Shannon entropy over PUF population: 5.2 bit per node / 4.17 bit (with temperature) 100 100 Occurence Occurence 50 0 0 0 20 40 60 80 100 0 20 40 60 80 100 Percent of Changed Symbols Change in Combined Symbols and Magnitude Figure: Uniqueness computed via Hamming Figure: Uniqueness computed via Manhatan distance over symbols (higher-order alphabet). distance over symbols (higher-oder alphabet). Uniquess for tamper-evident PUFs: think beyond Hamming over binary responses! | 17

  20. Entropy Assessment (Localized) – Spatial Context-Tree-Weighting Investigate Tamper-Evident PUF Results radius 2 radius 1 • Spatial entropy dependencies • Entropy = 3.7 bit (radius 1) • Context around drill hole • Entropy = 3.1 bit (radius 2,3) X • Worst-case (on average) • Degradation exists due to crude layout and PCB process strong atack: given information around drill hole, complexity to reconstruct X prevent atacker from obtaining PUF output; consider helper data leakage (joint work with Michael Pehl of TU Munich; to be published) | 18

  21. More Data/Atacks/Inspection/Environmental Tests – See Paper | 19

  22. Conclusions � Still, only a tiny step towards access denial systems without batery � Full stack approach needed for tamper-evidence/resistance � COTS-based approach has its limits, especially regarding repairs � Development of access denial systems in white-box model challenging � Always use a layered approach to security! | 20

  23. Selected Future Work � Layout Randomization: � Increase # of electrode pairs, recombination based on challenge � Naturally translates to layout randomization; breaks up local dependencies � Customize PDF: � Impregnation of paired nominal C N values without altering variation C V � Bimodal or arbitrary PDF for improved circuit and tamper behavior � Tailored Materials: � Increase C V and reduce C N to improve local entropy loss � Make repairs more difficult ...and so much more! | 21

  24. Contact Information Vincent Immler Central Office for Information Technology in the Security Sector (ZITiS) For government inquiries only: v i n c e n t .i m m l e r @ z i s t i b nd . u . d e All other inquiries: s c n i e c e + c h s e 2 0 1 9 @ m m . s t This work was performed while with Fraunhofer Institute AISEC. | 22

  25. Thank You! Qestions? | 23

  26. Backup | 24

  27. Packaging Concept potting resin heatsink connectors screw stiffener frame top cover vertical protection PCB structure metal core bottom cover | 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas Massachusetts Institute of Technology L C S Cases for Physical Security Applications

519 views • 23 slides
2/13/2014 What is Tamper Resistance? Resistance to tampering the device by either normal

2/13/2014 What is Tamper Resistance? Resistance to tampering the device by either normal

2/13/2014 What is Tamper Resistance? Resistance to tampering the device by either normal users or systems or others with physical Physical Attacks and Tamper Resistance access to it

449 views • 11 slides
Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical

Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical systems Intermediate talk for the Masters

740 views • 25 slides
New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent

New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent

New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent Immler, Karthik Uppund Conference on Cryptographic Hardware and Embedded Systems, Atlanta, Aug 26, 2019 PUF in a Nutshell: Biometrics of Objects PUF

403 views • 21 slides
IMS Single Door Enclosures IMS Two Door Enclosures IMS Single Door with Slave Door

IMS Single Door Enclosures IMS Two Door Enclosures IMS Single Door with Slave Door

IMS Single Door Enclosures IMS Two Door Enclosures IMS Single Door with Slave Door Disconnect IMS Two Door with Slave Door Disconnect Plinth Bases with Black Textured Finish Galvanized Sub-Panels Galvanized Filler Plates

302 views • 29 slides
Secure Coprocessor What is Secure coprocessor: Robust. (A system that is not easily or is

Secure Coprocessor What is Secure coprocessor: Robust. (A system that is not easily or is

Secure Coprocessor What is Secure coprocessor: Robust. (A system that is not easily or is not wholly affected by a bug in one aspect of it. ) General-purpose computational environments. Secure temper responsive physical package.

366 views • 14 slides
http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules

http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules

Design Principles for Tamper-Resistant Smartcard Processors Oliver Kmmerling Markus G. Kuhn ADSR Computer Laboratory http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules Microprobing Open the

465 views • 22 slides
Installing slides into electronic enclosures Installing slides into electronic enclosures 2012

Installing slides into electronic enclosures Installing slides into electronic enclosures 2012

Installing slides into electronic enclosures Installing slides into electronic enclosures 2012 DISTRIBUTION Standard width dimensions 5/8 15.87mm 5/8 15.87mm EIA cabinets have to 1/2 12.70mm have the standard 1U 1U=44.45mm

335 views • 16 slides
The IBM 4758 Secure Cryptographic Coprocessor Hardware Architecture and Physical Security Steve

The IBM 4758 Secure Cryptographic Coprocessor Hardware Architecture and Physical Security Steve

The IBM 4758 Secure Cryptographic Coprocessor Hardware Architecture and Physical Security Steve Weingart Senior Engineer (561) 392 6100 c1shw@us.ibm.com Secure Systems and Smart Cards IBM T.J. Watson Research Center Hawthorne, NY 4758 PCI

386 views • 11 slides
Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice

Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice

Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice University Everyone has logs Tamper evident solutions Current commercial solutions Write only hardware appliances Security depends on

1.32k views • 82 slides
Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge

Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge

Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge University of Erlangen/ Computer Laboratory Purdue University Applications of Tamper Resistant Modules Security of cryptographic applications is based

149 views • 12 slides
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random

Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random

Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions G. Edward Suh, Charles W. ODonnell, Ishan Sachdev, and Srinivas Devadas Massachusetts Institute of Technology 1 New Security Challenges

356 views • 31 slides
Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to

Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to

Servers can't be trusted, and thanks to tamper-proof Servers can't be trusted, and thanks to tamper-proof journals EteSync doesn't need to! journals EteSync doesn't need to! stosb.com/talks Tom Hacohen tom@stosb.com FOSDEM 2018 @TomHacohen

498 views • 30 slides
How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research &amp; Boston University y Michael Schapira

701 views • 54 slides
.. ? t/7 ;;z; 4-;M // Respectfully yours, Enclosures I look forward to arranging an

.. ? t/7 ;;z; 4-;M // Respectfully yours, Enclosures I look forward to arranging an

Alternative Fee Structures and Legal Services Management providing an agreed upon estimate for legal services AnU(g,oy L. Lamm, Esquire .. ? t/7 ;;z; 4-;M // Respectfully yours, Enclosures I look forward to arranging an

291 views • 4 slides
TAMPER EVIDENT BYPASSES BY MOS AND BOO THE PACKAGING COUNCIL OF AUSTRALIA Packaging which

TAMPER EVIDENT BYPASSES BY MOS AND BOO THE PACKAGING COUNCIL OF AUSTRALIA Packaging which

TAMPER EVIDENT BYPASSES BY MOS AND BOO THE PACKAGING COUNCIL OF AUSTRALIA Packaging which possesses a barrier to entry which, if breached or missing, will provide visible evidence to consumers that tampering had occurred MESOPOTAMIAN

516 views • 30 slides
TERMINOLOGY SYSTEMATIZATION FOR CYBERSECURITY DOMAIN IN ITALIAN LANGUAGE CLAUDIA LANZA - PHD

TERMINOLOGY SYSTEMATIZATION FOR CYBERSECURITY DOMAIN IN ITALIAN LANGUAGE CLAUDIA LANZA - PHD

TERMINOLOGY SYSTEMATIZATION FOR CYBERSECURITY DOMAIN IN ITALIAN LANGUAGE CLAUDIA LANZA - PHD STUDENT, UNIVERSITY OF CALABRIA AND VISITING AT UNIVERSIT DE NANTES C.LANZA@DIMES.UNICAL.IT BATRICE DAILLE FULL PROFESSOR UNIVERSIT DE

427 views • 17 slides
Enterprise Connectivity using MIPv4 and MOBIKE Vijay Devarapalli and Pasi Eronen MIP4 WG, IETF 63

Enterprise Connectivity using MIPv4 and MOBIKE Vijay Devarapalli and Pasi Eronen MIP4 WG, IETF 63

Enterprise Connectivity using MIPv4 and MOBIKE Vijay Devarapalli and Pasi Eronen MIP4 WG, IETF 63 Enterprise connectivity Enterprise networks A typical enterprise networks has users connecting from trusted and untrusted networks

403 views • 8 slides
1 2 This training is designed to transition you to the new Virginia Excise Tax System. VAETS is

1 2 This training is designed to transition you to the new Virginia Excise Tax System. VAETS is

1 2 This training is designed to transition you to the new Virginia Excise Tax System. VAETS is a Web based system that allows you to submit your returns, view your returns, make payments in real time and all in one system. 3 Before we get

925 views • 89 slides
802.1 Plenary July 2018 San Diego, CA, USA Closing Agenda John Messenger IEEE 802.1

802.1 Plenary July 2018 San Diego, CA, USA Closing Agenda John Messenger IEEE 802.1

802.1 Plenary July 2018 San Diego, CA, USA Closing Agenda John Messenger IEEE 802.1 acting WG Chair JMessenger@advaoptical.com 802.1 plenary agenda Monday opening Thursday closing Call for Patents Call for Patents

1.2k views • 102 slides
The combinatorics of CAT(0) cube complexes Federico Ardila M. San Francisco State University,

The combinatorics of CAT(0) cube complexes Federico Ardila M. San Francisco State University,

examples definitions characterizations questions The combinatorics of CAT(0) cube complexes Federico Ardila M. San Francisco State University, San Francisco, California. Universidad de Los Andes, Bogot, Colombia. Richard Stanleys

241 views • 12 slides
Developing a Carbon Capture and Storage (CCS) Blueprint for Alberta Fall 2008 Update Jim Carter,

Developing a Carbon Capture and Storage (CCS) Blueprint for Alberta Fall 2008 Update Jim Carter,

Developing a Carbon Capture and Storage (CCS) Blueprint for Alberta Fall 2008 Update Jim Carter, Chair Alberta Carbon Capture &amp; Storage Development Council Alberta CCS 1 Development Council Alberta Government direction Government

212 views • 17 slides
MicroBooNEs Beam Timing Improvements 2015-2016: MicroBooNE ( B) took its first year of

MicroBooNEs Beam Timing Improvements 2015-2016: MicroBooNE ( B) took its first year of

Shutdown 2016: MicroBooNEs Beam Timing Improvements 2015-2016: MicroBooNE ( B) took its first year of data using the same triggering signals as MiniBooNE NuMI BNB - TCLK $1D + $1F coincidence for BNB double check with BNB

372 views • 3 slides
Finding Similar Exercises in Online Education Systems Reporter: Zai Huang Date: 2018.07.22

Finding Similar Exercises in Online Education Systems Reporter: Zai Huang Date: 2018.07.22

The 24nd ACM SIGKDD Conference on Knowledge Discovery and Data Mining 2018/08/19-08/23 , London Finding Similar Exercises in Online Education Systems Reporter: Zai Huang Date: 2018.07.22 Anhui Province Key Laboratory Of Big Data Analysis and

391 views • 38 slides

More recommend