security testing for hardware product the security
play

Security testing for hardware product : the security evaluations - PowerPoint PPT Presentation

May 14, 2023 •566 likes •809 views

Alain MERLE CESTI LETI CEA Grenoble Alain.merle@cea.fr Security testing for hardware product : the security evaluations practice 1 DCIS/SASTI/CESTI Abstract What are you doing in ITSEFs ? Testing, Security testing, Attacks,

  1. Alain MERLE CESTI LETI CEA Grenoble Alain.merle@cea.fr Security testing for hardware product : the security evaluations practice 1 DCIS/SASTI/CESTI

  2. Abstract • « What are you doing in ITSEFs ? » – Testing, Security testing, Attacks, Evaluations, Common Criteria, Certification, … • Security evaluations: – The French Certification Scheme – The Common Criteria – Smartcards evaluations • Smartcard security testing – Strategy – Attacks 2 DCIS/SASTI/CESTI

  3. Common Criteria The basic ideas • Describe what is the security of a product • Verify that the developer has done what it was supposed to do (and only that) • Test (functional and attacks) the product • Verify environmental constraints 3 DCIS/SASTI/CESTI

  4. • A standardized, objective and efficient Security Analysis Method (ISO IS 15408) • An International Recognition through Mutual Recognition Arrangements. • In Europe, mostly used for smartcards – Integrated Circuits – IC with embedded software 4 DCIS/SASTI/CESTI

  5. CESTI LETI Information Technology Security Evaluation Facilities Organisme • ITSEF of the French Certification Organisme de d’accréditation Certification : COFRAC D.C.S.S.I. Scheme Accréditation Agrément Certification • Area : hardware and embedded software Certificat CESTI – Smartcards Centre d’Evaluation de la Sécurité des Technologies de l’Information – Security equipments Le Schéma Français de Certification • Level: Up to EAL7 • Localization: Grenoble • Part of the biggest French Research center in Microelectronics 5 DCIS/SASTI/CESTI

  6. Smartcard evaluation • Common Criteria, EAL4+ level – High Security level (banking applications) – White box evaluation • Design information • Source code • A table defining the « attack potential » – Time, expertise, equipment, knowledge, … – The card must resist to the « maximum » (ie all realistic attacks) 6 DCIS/SASTI/CESTI

  7. What kind of testing ? • Functional testing but security oriented – Are the Security Functions working as specified ? • Attacks – Independent vulnerability analysis – Higher levels (VLA.4): adaptation of the classical “attack methods” to the specificities of the product 7 DCIS/SASTI/CESTI

  8. Test strategy (Attacks) State of the art R&D Attacks Attacks Attacks Tests and and Potential and Potential Potential vulnerabilities Vulnerabilities Vulnerabilities Strategies Add Add Add Remove Remove Remove Customize Customize Customize Evaluation tasks 8 DCIS/SASTI/CESTI

  9. Attacks on smartcards • Physical (Silicon related) – Memories – Access to internal signals (probing) • Observation: Side Channel Analysis – SPA, EMA, DPA, DEMA • Perturbations: inducing errors – Cryptography (DFA) – Generating errors • IO errors (reading, writing) • Program disruption (jump, skip, change instruction) • Specifications/implementation related attacks – Protocol, overflows, errors in programming, … 9 DCIS/SASTI/CESTI

  10. Optical reading of ROM Probing : MEB Reverse Engineering Probing : laser preparation 10 DCIS/SASTI/CESTI

  11. Modification : FIB Modification : Laser cut 11 DCIS/SASTI/CESTI

  12. EM signal analysis 12 DCIS/SASTI/CESTI

  13. SPA/EMA Analysis DES AES 13 DCIS/SASTI/CESTI

  14. SPA/DPA analysis 14 DCIS/SASTI/CESTI

  15. Cartography Electro-magnetic signal during DES execution. •Hardware DES •Differential signal 15 DCIS/SASTI/CESTI

  16. Cartography 16 DCIS/SASTI/CESTI

  17. Perturbations examples Branch on error Non critical processing; Initializations If not authorized then goto xxx; Critical processing; valid = TRUE; Re-reading after integrity checking If got ^= expected then valid = FALSE ; Memory integrity checking ; If valid Then Non critical processing; critical processing; Data 1 reading; Critical processing; Data 2 reading; Critical processing; 17 DCIS/SASTI/CESTI

  18. What is requested from a lab ? • Good knowledge of the state of the art – Not always published • Internal R&D on attacks – Equipment – Competences • Multi-competences – Cryptography, microelectronics, signal processing, lasers, etc • Competence areas defined in the French Scheme – Hardware (IC, IC with embedded software) – Software (Networks, OS, …) 18 DCIS/SASTI/CESTI

  19. Test benches 19 DCIS/SASTI/CESTI

  20. Competences Software Microelectronic Testbenches 20 DCIS/SASTI/CESTI

  21. Some rules • Security is the whole product : IC + software • The IC must hide itself – Critical processing,Sensitive data handling,Consistency checking, Memory access, … • The IC must control itself – Consistency checking,Audits, log, … • But some attacks are now dedicated to these counter-measures 21 DCIS/SASTI/CESTI

  22. CONCLUSION (1) • Evaluation is – Rigorous & normalized process – But attacks require specific « human » skills • Attack is – Gaining access to secret/forbidden operations – Free to « play » with the abnormal conditions – An error is not an attack • But an error can often be used in attacks 22 DCIS/SASTI/CESTI

  23. CONCLUSION (2) • The evaluation guarantees that – The product is working as specified – It has a “good” resistance level • Perfection as absolute security does not exist 23 DCIS/SASTI/CESTI

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY

SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY

SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY TESTING CONCEPTS 3. SECURITY TESTING TYPES 4. TOP 10 SECURITY RISKS Few Security Breaches Date: 2013-14 September 2016, while in negotiations to

404 views • 18 slides
Security Testing - Where Automation Fails Today How does security testing of web

Security Testing - Where Automation Fails Today How does security testing of web

Security Testing - Where Automation Fails Today How does security testing of web applications work What does the tooling landscape look like How does automated security testing fail What can we do Image courtesy of

583 views • 56 slides
Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Why W3C needs to Remain Neutral and Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just: Image source: halfelf.org It is about decentralizing ID validation and key storage (my religion)

522 views • 16 slides
Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

SP SPACE ACE 201 2016 Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security Security: : New Front New Frontiers iers Swarup Bhunia Professor Electrical & Computer Engineering SPACE | Dec 2016 1

607 views • 29 slides
Software Security Process & Testing a primer for quality professionals Fred Pinkett VP,

Software Security Process & Testing a primer for quality professionals Fred Pinkett VP,

Software Security Process & Testing a primer for quality professionals Fred Pinkett VP, Product Management Security Innovation About Security Innovation Application Security Experts 10+ years research on vulnerabilities Security

690 views • 49 slides
HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware pentester Who am I ? Julien Moinard - Electronic engineer @opale-security (French company) - Security consultant, Hardware & SoDware pentester -

803 views • 40 slides
CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security

CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security

CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing. These

977 views • 34 slides
Combinatorial Security Testing: Combinatorial Testing Meets Information Security Dimitris E.

Combinatorial Security Testing: Combinatorial Testing Meets Information Security Dimitris E.

Combinatorial Security Testing: Combinatorial Testing Meets Information Security Dimitris E. Simos SBA Research Applied & Computational Mathematics Division Seminar Series National Institute of Standards and Technology (NIST) Gaithersburg,

675 views • 50 slides
for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1

Attacker Models for hardware or embedded security Erik Poll Digital Security Radboud University Nijmegen 1 Security-sensitive hardware: examples 2 Naive attacker model Attacks on communication channels exploiting lousy crypto or insecure

904 views • 45 slides
Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB

Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB

Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB https://github.com/secworks IT security Embedded systems ASIC, FPGA Biometrics Open Crypto Hardware CPU design Assembly hacking Hardware Security

896 views • 50 slides
Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Advanced Systems Security: Hardware Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Hardware Security Trent Jaeger

703 views • 46 slides
Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER / engineers Hardware security for embedded systems: memory and communication protection Arithmetic Tradeoffs on Performance/Cost/Security secure

310 views • 14 slides
Security Testing Checking for what shouldnt happen Azqa Nadeem PhD Student @ Cyber Security

Security Testing Checking for what shouldnt happen Azqa Nadeem PhD Student @ Cyber Security

Security Testing Checking for what shouldnt happen Azqa Nadeem PhD Student @ Cyber Security Group The Cyber Security lecture series 1 Agenda for today Part I Latest security news Security vulnerabilities in Java

2.02k views • 185 slides
Security Testing TDDC90 Software Security Ulf Kargn Department of Computer and Information

Security Testing TDDC90 Software Security Ulf Kargn Department of Computer and Information

Security Testing TDDC90 Software Security Ulf Kargn Department of Computer and Information Science (IDA) Division for Database and Information Techniques (ADIT) Security testing vs regular testing Regular testing aims to

1.06k views • 54 slides
Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware

Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware

Security & Pie Android 9.0 & APK Security Plan of Attack Start at the hardware Work up to Android OS Climb into the Play Store Discuss Application (APK) Connor Tumbleson Senior Software Engineer @Sourcetoad

672 views • 56 slides
TPM Genie Attacking the Hardware Root of Trust For Less Than $50 Introduction Jeremy Boone

TPM Genie Attacking the Hardware Root of Trust For Less Than $50 Introduction Jeremy Boone

TPM Genie Attacking the Hardware Root of Trust For Less Than $50 Introduction Jeremy Boone @uffeux Principal Consultant @ NCC Group Focus on hardware and embedded systems security Previously: 10 years product security @

1.41k views • 54 slides
Pr tt r r

Pr tt r r

Pr tt r r Ptts t tr rst r t

206 views • 19 slides
www.nt.gov.au www.nt.gov.au www.nt.gov.au Core Clinical Systems Renewal Program (CCSRP) Chris

www.nt.gov.au www.nt.gov.au www.nt.gov.au Core Clinical Systems Renewal Program (CCSRP) Chris

www.nt.gov.au www.nt.gov.au www.nt.gov.au Core Clinical Systems Renewal Program (CCSRP) Chris ris Hos oskin ing Deputy Chief Executive Northern Territory Department of Corporate and Information Services Ass ssociate Professor Na

591 views • 21 slides
between the Wisconsin Standards for Science (WSS) and Next Generation Science Standards (NGSS)?

between the Wisconsin Standards for Science (WSS) and Next Generation Science Standards (NGSS)?

What are the Differences between the Wisconsin Standards for Science (WSS) and Next Generation Science Standards (NGSS)? Kevin Anderson DPI Science Education Consultant Establishing a Vision for Science Education [By] the end of 12th

574 views • 13 slides
U.S. Department of Justice Antitrust Division Procurement Collusion Strike Force Showcase

U.S. Department of Justice Antitrust Division Procurement Collusion Strike Force Showcase

Up Next U.S. Department of Justice Antitrust Division Procurement Collusion Strike Force Showcase PANELISTS MODERATOR Makan Delrahim Eyitayo St. Matthew-Daniel Assistant Attorney General, U.S. Department of Justice, Antitrust Division

301 views • 6 slides
Mathematical Complexity of Computational Modeling Experiences for Elementary Students Kevin W.

Mathematical Complexity of Computational Modeling Experiences for Elementary Students Kevin W.

Mathematical Complexity of Computational Modeling Experiences for Elementary Students Kevin W. McElhaney, Gautam Biswas, Jennifer L. Chiu STEM+C PI Summit Challenges Showcase September 19, 2019 Curricular context: Modeling urban water runoff

319 views • 18 slides
Selecting a Scientific Phenomenon or Engineering Design Challenge to Anchor a Sequence of

Selecting a Scientific Phenomenon or Engineering Design Challenge to Anchor a Sequence of

Selecting a Scientific Phenomenon or Engineering Design Challenge to Anchor a Sequence of Lessons Katie Van Horne & Bill Penuel, University of Colorado Boulder Phenomena Are Everywhere, Which Are Useful for 3D Learning? + What approaches

431 views • 17 slides
Heterogeneous Cloud Storage Platforms Ilja Livenson*, Erwin Laure KTH PDC livenson@kth.se *

Heterogeneous Cloud Storage Platforms Ilja Livenson*, Erwin Laure KTH PDC livenson@kth.se *

Towards Transparent Integration of Heterogeneous Cloud Storage Platforms Ilja Livenson*, Erwin Laure KTH PDC livenson@kth.se * Presenter Outline Motivation and problem Our approach CDMI-Proxy Status and roadmap Background

471 views • 19 slides
The Gain of Resource Delegation in Distributed Computing Environments Alexander Flling,

The Gain of Resource Delegation in Distributed Computing Environments Alexander Flling,

technische universitt Robotics Research Institute dortmund The Gain of Resource Delegation in Distributed Computing Environments Alexander Flling, Christian Grimme, Joachim Lepping, and Alexander Papaspyrou 15th Workshop on Job Scheduling

444 views • 22 slides

More recommend