Systems Security: Hardware, embedded system and IoT security - - PowerPoint PPT Presentation

Systems Security: Hardware, embedded system and IoT security

Stjepan Picek s.picek@tudelft.nl

Delft University of Technology, The Netherlands April 23, 2018

Outline

1 General Information 2 Lightweight Cryptography 3 Random Number Generators 4 Physically Unclonable Functions 5 Tamper Resistant Hardware

2 / 62

Prerequisites

❼ Language based Security (CS4105) or Software Security

(UT201600051).

❼ Security and Cryptography (IN4191). ❼ Network Security (ET4397IN) or Internet Security

(192654000).

❼ A bachelor level Operating Systems course.

3 / 62

Topics Covered in Lectures

8 weeks = 5EC = 140 hours of work for a nominal student

1 Hardware, embedded system, and IoT security. 2 Covert channels. 3 Secure systems engineering. 4 Countermeasures.

4 / 62

Learning Outcomes

1 An appreciation of the security architecture of computer

systems.

2 Detailed knowledge of the security of a specific operating

system.

3 Skills in exploiting vulnerabilities of computer systems. 4 Skills in developing counter measures against exploits.

5 / 62

Learning Outcomes

There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy.

• Hamlet (1.5.167-8), Hamlet to Horatio

6 / 62

Learning Outcomes

There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy.

• Hamlet (1.5.167-8), Hamlet to Horatio

The same is true for security!

6 / 62

General Info

1 7 lectures – 2 hours per week. 2 4 lab exercises – 4 hours per exercise. 3 Weekly assignments. 4 Bonus assignments. 5 Exam.

7 / 62

Timetable

Table: Timetable (not definitive).

Date Lecture Lab 23.04.-27.04. Stjepan IoT – 30.04.-04.05. Erik IoT IoT Labs 07.05.-11.05. Stjepan Covert Channels – 14.05.-18.05. Erik Covert Channels Covert Channels Lab 21.05.-25.05. – – 28.05.-01.06. Stjepan Countermeasures – 04.06.-08.06. Stjepan Countermeasures Countermeasures Lab 11.06.-15.06. Erik Secure Systems Engi- neering Secure Systems Engineer- ing Lab 18.06.-22.06. Repetitions/Exam 25.06.-29.06. Exam

8 / 62

Exam, Grading, Correspondence, etc.

❼ 50% lab work and 50% written open book examination. ❼ After lab exercise → short examination and written report due

until next lab.

❼ Extra points for additional assignments. ❼ 100 points for exam, 100 points for assignments (nt heory

possible more than 100, but cap on 100s), final grade is average.

❼ Minimum 50 points in both category to pass the course.

9 / 62

Canvas System

❼ Canvas system from Twente. ❼

https://canvas.utwente.nl/courses/1430/discussion topics/1538

❼ https://canvas.utwente.nl/courses/1430/pages/prerequisites

10 / 62

Consultations

❼ Stjepan, building 28, E6.100, consultations Tuesday

14:00–16:00.

11 / 62

Assignment 1

❼ Ensure that by the end of week you have access to Canvas

and Systems Security course.

12 / 62

Outline

1 General Information 2 Lightweight Cryptography 3 Random Number Generators 4 Physically Unclonable Functions 5 Tamper Resistant Hardware

13 / 62

Constrained Devices

❼ Internet of Things – broad term describing how Internet will

be used to connect devices rather than people.

❼ Some of these devices use powerful processors and can use the

same cryptographic algorithms as standard PCs.

❼ Many of them use extremely low power microcontrollers which

can only afford to devote a small fraction of their computing power to security.

❼ Sensors, RFID chips, smart grids, etc. ❼ If current algorithms can be made to fit into the limited

resources of constrained environments, their performance may not be acceptable.

❼ Internet of Everything – the networked connection of people,

process, data, and things (Cisco).

14 / 62

IoT

Figure: Source: https://www.forbes.com/sites/louiscolumbus/2017/12/10/2017- roundup-of-internet-of-things-forecasts/#c386d8e1480e.

15 / 62

IoT

Figure: Source: https://www.forbes.com/sites/louiscolumbus/2017/12/10/2017- roundup-of-internet-of-things-forecasts/#c386d8e1480e.

16 / 62

Why We Need Security

Figure: IMEC: NERF brain stimulant.

17 / 62

Why We Need Security

❼ Disabling wireless in pacemaker. ❼ https://nakedsecurity.sophos.com/2013/10/22/doctors-

disabled-wireless-in-dick-cheneys-pacemaker-to-thwart- hacking/

❼ Hacking cars. ❼ https://www.wired.com/story/car-hack-shut-down-safety-

features/

18 / 62

Lightweight Cryptography

❼ Cryptographic algorithms proposed for constrained

devices/environments.

❼ We call lightweight algorithms a wide range of ciphers with

different properties and designed for various scenarios.

❼ Sometimes lightweight cryptography is divided into

ultra-lightweight cryptography and ubiquitous cryptography.

❼ The key concept is a trade-off between various aspects.

19 / 62

Lightweight Cryptography

Figure: Trade-offs in lightweight cryptography.

20 / 62

Area

❼ ASIC – Application Specific Integrated Circuit, unit is NAND

gate.

❼ GE (gate equivalence) – physical area of a single NAND

(smallest logic gate with 2 inputs) gate.

❼ FPGA – Field Programmable Gate Area, unit is LUT,

flip-flops.

❼ Embedded microcontrollers, unit is memory size (program size

+ data size).

21 / 62

NAND Gate

Figure: CMOS NAND gate.

22 / 62

Time

❼ Throughput – amount of data processed per time unit (the

higher the better).

❼ Latency – delay from input to output (the lower the better). ❼ High throughput and low latency do not go together.

23 / 62

Power and Energy

Power ≠ Energy

❼ The total power consumption of a CMOS (Complementary

Metal Oxide Semiconductor) device: Ptotal = Pstatic + Pdynamic, Pstatic = V ⋅ I, Pdynamic = α ⋅ C ⋅ V 2 ⋅ f , where α is the switching factor (the probability of a bit switching from 0 to 1), C is the switched capacitance, V is the voltage, f is the clock frequency, and I is the current.

24 / 62

Power and Energy

❼ Power (= Watt). ❼ Energy E (= Joule).

E = P ⋅ t.

❼ For power consideration, cooling is important (implanted

device only ∆1deg C temperature).

❼ Anything that is battery powered has low energy requirements.

25 / 62

Examples of Lightweight Ciphers

❼ PRESENT ❼ Prince ❼ Klein ❼ Rectangle ❼ MIDORI ❼ Gift ❼ Piccolo ❼ KATAN ❼ Simon ❼ Speck ❼ LED ❼ ...

26 / 62

Assignment 2

❼ Browse through one paper describing any lightweight cipher. ❼ Which lightweight ciphers are optimized for area and which

for energy?

❼ How to design a lightweight cipher?

27 / 62

Outline

1 General Information 2 Lightweight Cryptography 3 Random Number Generators 4 Physically Unclonable Functions 5 Tamper Resistant Hardware

28 / 62

Two-way communication

Figure: Two-way communication.

29 / 62

Random Number Generators – RNGs

❼ Kerckhoff principle: A cryptosystem should be secure even if

everything about the system, except the key, is public knowledge.

❼ ❼

30 / 62

Random Number Generators – RNGs

❼ Kerckhoff principle: A cryptosystem should be secure even if

everything about the system, except the key, is public knowledge.

❼ Extremely important in cryptography. ❼ Used for cryptographic keys, initialization vectors, nonces,

padding, masks in side-channel attacks countermeasures, etc.

30 / 62

Security Requirements for RNGs

❼ Good statistical properties of output values. ❼ Output unpredictability.

31 / 62

Assessing Security

❼ Evaluate statistical parameters using statistical tests

(FIPS140-2, NIST 800-22, DIEHARD, etc.).

❼ Evaluate entropy using entropy estimator (entropy cannot be

measured, only estimated from a model).

❼ Test online the source of entropy using dedicated statistical

tests.

32 / 62

Basic RNG Classes

❼ Deterministic (Pseudo) random number generators (PRNG). ❼ Physical (True) random number generators (TRNG). ❼ Hybrid random number generators (HRNG).

33 / 62

PRNG

❼ Algorithmic generators. ❼ Usually fast and with good statistical characteristics. ❼ Must have long period. ❼ Must be computationally secure (difficult to guess previous or

next value).

34 / 62

TRNG

❼ Using physical source of randomness. ❼ Unpredictable and often with suboptimal statistical

characteristics.

❼ Usually slower than PRNG.

35 / 62

Intels Hardware RNG

Figure: When transistor 1 and transistor 2 are switched on, a coupled pair of inverters force Node A and Node B into the same state [left]. When the clock pulse rises [yellow, right], these transistors are turned off. Initially the output of both inverters falls into an indeterminate state, but random thermal noise within the inverters soon jostles one node into the logical 1 state and the other goes to logical 0. Source: https://spectrum.ieee.org/computing/hardware/behind-intels- new-randomnumber-generator

36 / 62

Transition Effect Ring Oscillator TERO

Figure: TERO.

37 / 62

HRNG

❼ Combining PRNG and TRNG. ❼ PRNG seeded by a TRNG. ❼ TRNG with post-processing.

38 / 62

HRNG as per AIS31 Recommendations

Figure: AIS setting for HRNG.

39 / 62

Post-processing for RNGs

❼ Cryptographic (e.g., cryptographic hash function). ❼ Arithmetic (linear, van Neumann). ❼ van Neumann processing: a simple method that produces

perfectly unbiased outputs.

❼ Suppose an input stream has independent but biased bits. ❼ Process the stream of bits as a stream of non-overlapping

pairs of successive bits and generates outputs as follows:

1 If the input is “00” or “11”, the input is discarded (no output). 2 If the input is “01” or “10”, output the first bit only.

40 / 62

Assignment 3

❼ Implement a PRNG. ❼ Assess its quality by using NIST 800-22 tests.

41 / 62

Outline

1 General Information 2 Lightweight Cryptography 3 Random Number Generators 4 Physically Unclonable Functions 5 Tamper Resistant Hardware

42 / 62

Physically Unclonable Functions

❼ A cost-efficient replacement technology for secure non-volatile

memory(NVM).

❼ A PUF is a (partly) disordered physical system that can be

challenged with the external stimuli, upon which it reacts with corresponding responses.

❼ A PUFs responses shall depend on the nanoscale structural

disorder present in the PUF.

❼ The device-unique but noisy and non-uniformly distributed

responses of a PUF are post-processed into a stable, uniformly distributed secret key.

❼ No two PUFs will give the same response when supplied with

the same challenge.

43 / 62

Ideal vs Non-ideal PUFs

❼ There exists no ideal PUF. ❼ Ideal PUF is unpredictable and without noise. ❼ Practical realizations depend on noise, aging, environmental

variables, and process variations.

44 / 62

Weak vs Strong PUFs

❼ Difference with respect to the number of challenge–response

pairs (CRPs) attacker is allowed to obtain.

❼ The number of unique challenges c scales polynomially with

the circuit area of a weak PUF.

❼ The number of unique challenges c scales exponentially with

the circuit area of a strong PUF.

45 / 62

Weak PUFs

❼ The most straightforward design is an array of autonomous,

identically laid-out cells.

❼ Each cell produces 1 (or a few) bits. ❼ Limited number of bits but high entropy. ❼ The responses are not meant to be given to the outside world. ❼ Typical application is key generation. ❼ Example: SRAM PUF.

46 / 62

SRAM PUF

❼ Initial state after power-up provide a device–unique fingerprint. ❼ SRAM is just a pair of cross–coupled inverters. ❼ Process variation causes one inverter to operate faster than

the other, so each cell exhibits a preference to initialize as either 0 or 1 (due to the random differences in the threshold voltages).

47 / 62

Strong PUFs

❼ Finite number of physical building blocks combined with

mathematical operations.

❼ They have virtually unlimited number of challenges c, but

their CRPs are highly correlated.

❼ Given enough (often small amount) of CRPs, it is possible to

build a predictive model of a strong PUF (in a way, we build a mathematical clone since it is not feasible to make analog physical clone).

❼ There exist no validated design of a strong PUF that is fully

resilient against modeling attacks.

❼ Typical application is IC authentication. ❼ Example: Arbiter PUF.

48 / 62

❼ Arbiter PUF consists of one or more chains of two 2-bit

multiplexers that have identical layouts.

❼ Each multiplexer pair is denoted a stage, with n stages in a

single chain.

❼ There is a single input signal that is introduced to the first

stage to both bottom and top multiplexer in the pair.

❼ The chain is fed a control signal of n bits called a challenge,

where each bit determines whether the two input signals in that stage would be switched (crossed over) or not.

❼ In ideal conditions, the input signal would propagate at the

same speed through each stage and both the lower and upper signal would arrive at the arbiter at the same time.

49 / 62

❼ Due to the manufacturing inconsistencies, the delay of each

multiplexer is slightly different, and the top and bottom input signals are not synchronized.

❼ The arbiter at the end of the chain determines which signal

arrived earlier and thus forms the response (0 or 1).

❼ The response of a PUF is determined by the delay difference

between the top and bottom input signal, which is in turn the sum of delay differences of the individual stages.

❼ To efficiently model a PUF, one usually tries to determine the

delay vector w = (w1,...,wn+1) which models the delay differences in each stage.

50 / 62

Arbiter PUF

Figure: n-bit Arbiter PUF.

51 / 62

Modeling Arbiter PUF

❼ The idea behind the attack is to model the delay vector ⃗

w. φi =

k

∏

l=1

(−1)cl,for 1 ≤ i ≤ k. (1) ∆D = ⃗ wT ⃗ φT. r = ⎧ ⎪ ⎪ ⎨ ⎪ ⎪ ⎩ 1 if ∆D < 0 if ∆D > 0

52 / 62

Assignment 4

❼ Implement a simulator of an n-arbiter PUF in a language and

environment of choice.

❼ Ensure that you have some framework/tool for machine

learning installed on your PCs.

53 / 62

Outline

1 General Information 2 Lightweight Cryptography 3 Random Number Generators 4 Physically Unclonable Functions 5 Tamper Resistant Hardware

54 / 62

Tamper Resistance

❼ Usually, secure cryptographic algorithms provide security

against an adversary who has only black-box access to the secret information of honest parties.

❼ Often, such model is not adequate. ❼ Tamper resistant hardware helps keep the cryptographic key

safe.

❼ Tamper Resistant Security Module (TRSM) – a set of

hardware, software, firmware (and combination of those) that implements cryptographic logic or processes and is contained within the cryptographic boundary.

55 / 62

Tamper Resistance

❼ https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf ❼ 5 security levels

(https://csrc.nist.gov/CSRC/media/Publications/fips/140/3(2007)/draft/do 3-final-draft-2007.pdf)

56 / 62

Basic Notions

❼ Tamper detection – the ability of a device to sense it is under

physical attack and initiate defensive actions through tamper response.

❼ Tamper response – the action a device performs in order to

prevent misuse of the cryptographic module.

❼ Tamper evidence – the action of a device that makes the

unauthorized access to the device easily detected.

❼ Tamper resistance – the ability of a device to defend against a

threat.

57 / 62

Types of Secure Hardware

❼ Tamper Resistant Security Module. ❼ Secure microcontroller. ❼ Smartcard. ❼ Other.

58 / 62

Hardware Security Module

❼ An HSM is a dedicated cryptographic processor specifically

designed for the protection of the cryptographic key lifecycle.

❼ Secure managing, processing, and storing of cryptographic

keys inside a hardened, tamper-resistant device.

❼ In order for a device to be HSM, it needs to be TRSM.

59 / 62

Defense Mechanisms

❼ Hardened casings, locks, encapsulation, security screws. ❼ Seals. ❼ Sensors, switches, special circuitry.

60 / 62

Attack Types

❼ Non-invasive. ❼ Semi-invasive. ❼ Invasive. ❼ Reverse engineering. ❼ Remote attacks.

61 / 62

References

❼ Becker, G.T.: The gap between promise and reality: On the insecurity of

XOR arbiter PUFs. In Guneysu, T., Handschuh, H., eds.: Cryptographic Hardware and Embedded Systems – CHES 2015, Berlin, Heidelberg, Springer Berlin Heidelberg (2015) 535–555

❼ Delvaux, J.: Security Analysis of PUF-Based Key Generation and Entity

• Authentication. PhD thesis (2017)

❼ Roi, V., Yang, B., Mentens, N., Verbauwhede, I.: Canary numbers:

Design for light-weight online testability of true random number

• generators. Cryptology ePrint Archive, Report 2016/386 (2016)

https://eprint.iacr.org/2016/386.

❼ Biryukov, A., Perrin, L.: State of the art in lightweight symmetric

• cryptography. Cryptology ePrint Archive, Report 2017/511 (2017)

https://eprint.iacr.org/2017/511.

❼ Rozic, V.: Circuit-Level Optimizations for Cryptography. PhD thesis

(2016)

62 / 62