security in modern cpu
play

Security in modern CPU Guillaume Bouffard ( - PowerPoint PPT Presentation

Sep 23, 2022 •377 likes •1.18k views

Security in modern CPU Guillaume Bouffard ( guillaume.bouffard@ssi.gouv.fr ) Hardware Security Labs National Cybersecurity Agency of France (ANSSI) DIENS, ENS, CNRS, PSL University Workshop SILM 21 November 2019 Who am I? Me Expert in

  1. Security in modern CPU Guillaume Bouffard ( guillaume.bouffard@ssi.gouv.fr ) Hardware Security Labs – National Cybersecurity Agency of France (ANSSI) DIENS, ENS, CNRS, PSL University Workshop SILM — 21 November 2019

  2. Who am I? Me Expert in Embedded System Security (Hardware Security Labs — ANSSI) Associate Researcher in the Information Security Group at ENS Research subjects Embedded sofware security against hardware and sofware attacks Java Card, IC (secure component, micro-controller and SoC). Security in modern CPU Guillaume Bouffard 21 November 2019 1 / 43

  3. Aim of this Tutorial This tutorial aims at introducing an overview of root of trust hardware and sofware security. During this tutorial: I will focus on security from secure element to system-on-chip No cryptographic implementations will be mistreated during this presentation Security in modern CPU Guillaume Bouffard 21 November 2019 2 / 43

  4. 1. Introduction

  5. The Root of Trust Several features must be executed in a trust environment where is able to: host sensitive applications: ◮ where sensitive and cryptographic data protection are ensured; compute sensitive (as cryptographic) operations: ◮ without any leak. Security in modern CPU Guillaume Bouffard 21 November 2019 3 / 43

  6. The Root of Trust (cont.) The root of trust is a secure environment. Security in modern CPU Guillaume Bouffard 21 November 2019 4 / 43

  7. The Root of Trust (cont.) The root of trust is a secure environment. Mainly , it’s a secure component. Security in modern CPU Guillaume Bouffard 21 November 2019 4 / 43

  8. The Root of Trust (cont.) The root of trust is a secure environment. Mainly , it’s a secure component. The most populate secure component is the smart card. Security in modern CPU Guillaume Bouffard 21 November 2019 4 / 43

  9. The Root of Trust (cont.) Several sofware implementations of a secure component exist: Hardware secure component emulation: ◮ Changing TPMs by secure enclaves, (as ARM TrustZone) ◮ this is not a secure component . Whitebox cryptographic: ◮ It’s basically less secure. ◮ How to ensure the security level of those implementations? ◮ How and under which condition make those evaluations? Security in modern CPU Guillaume Bouffard 21 November 2019 5 / 43

  10. Attacks against Root of Trust Physical attacks ◮ Side Channel attacks (timing attacks, power analysis attack, etc.); ◮ Fault attacks (electromagnetic injection, laser beam injection, etc.). Sofware attacks Combined attacks ◮ Execution of malicious ◮ Mix of physical and sofware instructions. attacks. Security in modern CPU Guillaume Bouffard 21 November 2019 6 / 43

  11. The Secure Component? A secure component is a component with securities features: A micro-controller with 1-core CPU and limited-resources; Confidentiality and integrity of the flash memory data; Random number generator; Cryptographic accelerators; Detect probing attacks or signal corruption; Side channel attacks protection; Hardened sofware. Security in modern CPU Guillaume Bouffard 21 November 2019 7 / 43

  12. The Secure Component? (cont.) Secure component Applications JCVM OS (~10-30kB) CPU Crypto-processor Power management Bus Interconnection Memories (with MPU) ISO 7816/SPI Security in modern CPU Guillaume Bouffard 21 November 2019 8 / 43

  13. How to ensure security level of Secure Component? Customers specify the security requirements. Developers implement security requirements in the product. ITSEFs evaluate the product security level. Certification Body certify products and checks each step of the evaluation process. Security in modern CPU Guillaume Bouffard 21 November 2019 9 / 43

  14. How to ensure security level of Secure Component? Customers specify the security requirements. Developers implement security requirements in the product. ITSEFs evaluate the product security level. Certification Body certify products and checks each step of the evaluation process. A scheme: the Common Criteria Common Criteria is an international standard (ISO/IEC 15408) for certification of secure products. International recognition Security in modern CPU Guillaume Bouffard 21 November 2019 9 / 43

  15. How to ensure security level of Secure Component? Customers specify the security requirements. Developers implement security requirements in the product. ITSEFs evaluate the product security level. Certification Body certify products and checks each step of the evaluation process. A scheme: the Common Criteria Common Criteria is an international standard (ISO/IEC 15408) for certification of secure products. International recognition Evaluation area: ◮ Smartcards & similar devices ◮ Hardware Devices with Security Boxes ◮ Sofware Security in modern CPU Guillaume Bouffard 21 November 2019 9 / 43

  16. Common Criteria Evaluation Level Several certification classes exist: Level Description EAL1 Functionally Tested EAL2 Structurally Tested EAL3 Methodically Tested and Checked EAL4 Methodically Designed, Tested and Reviewed EAL5 Semiformally Designed and Tested EAL6 Semiformally Verified Design and Tested EAL7 Formally Verified Design and Tested For each class may be augmented : ◮ For instance: a smartcard can be evaluated as: EAL4 + ALC_DVS.2 + AVA_VAN.5 Each evaluation is not time constraint. Security in modern CPU Guillaume Bouffard 21 November 2019 10 / 43

  17. CC CSPN EAL 1 to 7 Only one level Grey/white box Black box International certification recognition No recognition No time constraint 25md (+10 for crypto) Product update during the evaluation Fixed product version Developer must provide compliant docs No specific knowledge Very expensive (60 to 200k€) Relatively low cost (25 to 35k€) Security in modern CPU Guillaume Bouffard 21 November 2019 11 / 43

  18. CC CSPN EAL 1 to 7 Only one level Grey/white box Black box International certification recognition No recognition No time constraint 25md (+10 for crypto) Product update during the evaluation Fixed product version Developer must provide compliant docs No specific knowledge Very expensive (60 to 200k€) Relatively low cost (25 to 35k€) CPSN-like scheme available in Germany (BSZ — Accelerated Security Certification) and Spain (LINCE). Security in modern CPU Guillaume Bouffard 21 November 2019 11 / 43

  19. From the Secure Component to the System of Chip Sensitive assets are in and computed on the secure component. Secure component are designed (and evaluated) to be tamper-resistant against physical and sofware attacks. System on Chips (SoC) are everywhere: ◮ Automotive ◮ Smartphone ◮ IoT Secure component are limited resources devices. For sensitive operations where more resources are required, SoCs are used. Security in modern CPU Guillaume Bouffard 21 November 2019 12 / 43

  20. Secure Component vs SoC Smartcard Mobile device Same services, different securities Security in modern CPU Guillaume Bouffard 21 November 2019 13 / 43

  21. Secure Component vs SoC Based on a secure component Based on a full System on Chip Simple CPU Complex CPU Designed for security Designed for performance Adding TEE 1 for sofware security Certified 1 Trusted Environment Execution Security in modern CPU Guillaume Bouffard 21 November 2019 14 / 43

  22. What is a System on Chip? System on Chip (Exynos like) Standard Apps Trusted Apps Rich OS Trusted OS Trusted Kernel CPUs (4x Big & 4x Little Cores) GPU (8 cores) & VPU 2 PMIC 3 Multi-layer AXI/AHB Bus & Cache Coherent Interconnection Internal ROM & RAM (with MMU) Modem Interfaces 2 Video Processing Unit 3 Power Management Integrated Circuit Security in modern CPU Guillaume Bouffard 21 November 2019 15 / 43

  23. Secure Component vs System on Chip System on Chip (Exynos like) Secure component Standard Apps Trusted Apps Applications Rich OS Trusted OS JCVM Trusted Kernel Kernel & OS (~kB) CPUs (4x Big & 4x Little Cores) GPU (8 cores) & VPU PMIC CPU (1 ARMv7-M core) Crypto-processor Power management Multi-layer AXI/AHB Bus & Cache Coherent Interconnection Bus Interconnection Internal ROM & RAM (with MMU) Modem Interfaces Memories (with MPU) Interfaces Run at 4 to 60 MHz Run at 300 MHz to 3 GHz Not multi-threaded Multi-threaded Fine engraving > 40 nm Fine engraving < 20 nm Constant Voltage & Frequency Dynamic Voltage & Frequency management Trusted hardware & apps only Trusted Environment Execution Hardware mitigation No hardware mitigation Security in modern CPU Guillaume Bouffard 21 November 2019 16 / 43

  24. The Packaging Smart card package with secure SoC with package on package component Secure component Package Package Contact Stacked RAM Wirebounds Card body Wirebounds BGA 4 SoC mini PCB 4 Ball Grid Array Security in modern CPU Guillaume Bouffard 21 November 2019 17 / 43

  25. 2. Security of SoC

  26. An overview of state-of-the-art SoC attacks Injection medium Physical target Sofware target Sofware security Virtual to physical Sofware RAM Memory partitioning translation table Glitch voltage Clock Key Cryptography Laser Register Instruction Secure boot EM Bus Execution flow integrity Return value Program counter Confidentiality Cache User rights MMU Pipeline Data Security in modern CPU Guillaume Bouffard 21 November 2019 18 / 43

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber Security A Modern Tale of a Dissonant Relationship BTB Security and me BTB Security

Cyber Security A Modern Tale of a Dissonant Relationship BTB Security and me BTB Security

Cyber Security A Modern Tale of a Dissonant Relationship BTB Security and me BTB Security Founded in 2006 Technical security services, MDR Me Ron Schlecht German word for BAD Ron.Schlecht@btbsecurity.com

432 views • 8 slides
MODERN 1 MODERN 2 MODERN 3 MODERN 4 MODERN A peep at some distant orb has power to raise

MODERN 1 MODERN 2 MODERN 3 MODERN 4 MODERN A peep at some distant orb has power to raise

MODERN 1 MODERN 2 MODERN 3 MODERN 4 MODERN A peep at some distant orb has power to raise and purify our thoughts like a strain picture, or a passage from the grander poets. It always does one good. 5 MODERN 6 MODERN 7 MODERN 8

524 views • 24 slides
Modern Web Security Patterns Chad Hollman Analyst, County of Sacramento Department of Technology

Modern Web Security Patterns Chad Hollman Analyst, County of Sacramento Department of Technology

Modern Web Security Patterns Chad Hollman Analyst, County of Sacramento Department of Technology Current Issues of Web Development Security Subresource Integrity Checking Content Security Policies HTTP Public Key Pinning Certificate

1.05k views • 61 slides
Building a Modern Security Engineering Team zane@signalsciences.com @zanelackey Who is this guy

Building a Modern Security Engineering Team zane@signalsciences.com @zanelackey Who is this guy

Building a Modern Security Engineering Team zane@signalsciences.com @zanelackey Who is this guy anyway? Built and led the Etsy Security Team Spoiler alert: what this presentation is about Co-founded Signal Sciences This talk is

814 views • 70 slides
Modern Game Console Exploitation Eric DeBusschere, Mike McCambridge March 26, 2012 Console

Modern Game Console Exploitation Eric DeBusschere, Mike McCambridge March 26, 2012 Console

Modern Game Console Exploitation Eric DeBusschere, Mike McCambridge March 26, 2012 Console Security Overview Most modern consoles acheive complete software security by only running signed code, encrypting memory, and utilizing firmware updates

588 views • 37 slides
An Introduction to Modern Security Market Pricing of Interest Rate Derivatives Models Term-

An Introduction to Modern Security Market Pricing of Interest Rate Derivatives Models Term-

An Introduction to Modern Pricing of Interest Rate Derivatives School of Education, Culture and Communication Division of Applied Mathematics Introduction Interest Rates An Introduction to Modern Security Market Pricing of Interest Rate

1.11k views • 88 slides
Security on the Line: Modern Curve-based Cryptography Joost Renes SCA Workshop 18 June 2019

Security on the Line: Modern Curve-based Cryptography Joost Renes SCA Workshop 18 June 2019

Security on the Line: Modern Curve-based Cryptography Joost Renes SCA Workshop 18 June 2019 Modern curve-based cryptography Modern curve-based cryptography 1 / 11 Modern curve-based cryptography Internet of Things Size &amp; speed

1.39k views • 97 slides
Demystifying Modern Windows Rootkits Bill Demirkapi Independent Security Researcher

Demystifying Modern Windows Rootkits Bill Demirkapi Independent Security Researcher

Demystifying Modern Windows Rootkits Bill Demirkapi Independent Security Researcher Demystifying Modern Windows Rootkits Black Hat USA 2020 1 Who Am I? 18 years old Sophomore at the Rochester Institute of Technology Windows

847 views • 73 slides
Modern PHP security sec4dev 2020, Vienna 27th February 2020 Synacktiv Thomas Chauchefoin &amp;

Modern PHP security sec4dev 2020, Vienna 27th February 2020 Synacktiv Thomas Chauchefoin &amp;

Modern PHP security sec4dev 2020, Vienna 27th February 2020 Synacktiv Thomas Chauchefoin &amp; Lena David Summary 1 Introduction 2 Modern vulnerabilities Engine bugs 3 Hardening 4 Conclusion 5 Who are we? Lena (@_lemeda) and Thomas

1.55k views • 120 slides
iLab Modern cryptography for communications security Benjamin Hof hof@in.tum.de Lehrstuhl fr

iLab Modern cryptography for communications security Benjamin Hof hof@in.tum.de Lehrstuhl fr

iLab Modern cryptography for communications security Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Cryptography 14ss 1 Outline Cryptography

780 views • 54 slides
iLab Modern cryptography for communications security Benjamin Hof hof@in.tum.de Lehrstuhl fr

iLab Modern cryptography for communications security Benjamin Hof hof@in.tum.de Lehrstuhl fr

iLab Modern cryptography for communications security Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Cryptography 15ws 1 / 72 Outline Cryptography

903 views • 88 slides
Of Mice and Keyboards: On the Security of Modern Wireless Desktop Sets October 22, 2016 October

Of Mice and Keyboards: On the Security of Modern Wireless Desktop Sets October 22, 2016 October

Of Mice and Keyboards: On the Security of Modern Wireless Desktop Sets October 22, 2016 October 22, 2016 Deeg &amp; Klostermeier | Hacktivity 2016 1 Who am I? Dipl.-Inf. Matthias Deeg Expert IT Security Consultant CISSP, CISA, OSCP, OSCE

1.09k views • 81 slides
Modern Digital Security John Dmytrasz - Senior Network Administrator Mike Ali - Network

Modern Digital Security John Dmytrasz - Senior Network Administrator Mike Ali - Network

Modern Digital Security John Dmytrasz - Senior Network Administrator Mike Ali - Network Administrator What are the threats facing you in your digital life? The biggest threat to computer security is you and your employees Social

571 views • 23 slides
iLab Modern cryptography for communications security a fast rush Benjamin Hof hof@in.tum.de

iLab Modern cryptography for communications security a fast rush Benjamin Hof hof@in.tum.de

iLab Modern cryptography for communications security a fast rush Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Cryptography 16ss 1 / 38 Outline

504 views • 46 slides
Security II: Cryptography Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography

Security II: Cryptography Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography

Related textbooks Main reference: Security II: Cryptography Jonathan Katz, Yehuda Lindell: Introduction to Modern Cryptography Chapman &amp; Hall/CRC, 2nd ed., 2014 Further reading: Markus Kuhn Christof Paar, Jan Pelzl: Understanding

794 views • 27 slides
VisITMeta Visualizing the security of modern IT environments by using metadata Project

VisITMeta Visualizing the security of modern IT environments by using metadata Project

VisITMeta Visualizing the security of modern IT environments by using metadata Project presentation Bastian Hellmann Trust@FHH Research group Hochschule Hannover May 30th, 2012 6th ESUKOM Workshop, Nuremberg Trust@FHH B. Hellmann

378 views • 20 slides
IT Transformation &amp; Applications Montgomery IT Summit 23 - 25 May 11 1 I n t e g r i t y -

IT Transformation &amp; Applications Montgomery IT Summit 23 - 25 May 11 1 I n t e g r i t y -

Headquarters U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e IT Transformation &amp; Applications Montgomery IT Summit 23 - 25 May 11 1 I n t e g r i t y - S e r v i c e - E x c e l l e n c e 2 AFPEO EIS

643 views • 19 slides
Xenon: High-Assurance Xen John McDermott John.McDermott@NRL.Navy.Mil Naval Research Laboratory

Xenon: High-Assurance Xen John McDermott John.McDermott@NRL.Navy.Mil Naval Research Laboratory

Xenon: High-Assurance Xen John McDermott John.McDermott@NRL.Navy.Mil Naval Research Laboratory Center for High-Assurance Computer Systems http:/ / chacs.nrl.navy.mil Xenon Xen Beyond Buffer Overflows high-assurance Policy flaws Use the

565 views • 24 slides
Introduction to Security Comm. Security Strategy Summary ITS335: IT Security Sirindhorn

Introduction to Security Comm. Security Strategy Summary ITS335: IT Security Sirindhorn

ITS335 Intro. to Security Concepts Threats, Attacks, Assets Introduction to Security Comm. Security Strategy Summary ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 2

965 views • 34 slides
The lattice model (continued) This satisfies the definition of lattice. There is a single

The lattice model (continued) This satisfies the definition of lattice. There is a single

The lattice model (continued) This satisfies the definition of lattice. There is a single source and sink. The least upper bound of the security classes {x} and {z} is {x,z} and the greatest lower bound of the security classes {x,y} and

698 views • 31 slides
Bayesian Trust Models and Information Security Mozhgan Tavakolifard Trial Lecture 30 August 2012

Bayesian Trust Models and Information Security Mozhgan Tavakolifard Trial Lecture 30 August 2012

Bayesian Trust Models and Information Security Mozhgan Tavakolifard Trial Lecture 30 August 2012 Centre for Quantifiable Quality of Service in Communication Systems Centre of Excellence NTNU, Norway www.q2s.ntnu.no Bayesian Trust Models and

1.05k views • 58 slides
Li Xiong

Li Xiong

Li Xiong CS573 Data Privacy and Security Secure multiparty computation Problem and security definitions Basic cryptographic

573 views • 41 slides
bitmarkets anonymous decentralized markets with no trusted third parties problem centralized

bitmarkets anonymous decentralized markets with no trusted third parties problem centralized

bitmarkets anonymous decentralized markets with no trusted third parties problem centralized markets censorship no privacy high fees winner takes all solution decentralized markets no censorship more privacy no fees market diversity

250 views • 21 slides
Blockchain overview Why? To avoid this Portland State University CS 410/510 Blockchain

Blockchain overview Why? To avoid this Portland State University CS 410/510 Blockchain

Blockchain overview Why? To avoid this Portland State University CS 410/510 Blockchain Development &amp; Security and maybe take advantage of this? (circa 2017 -2018) Portland State University CS 410/510 Blockchain Development

474 views • 35 slides

More recommend