vulcan efficient component authentication and software
play

VulCAN: Efficient Component Authentication and Software Isolation - PowerPoint PPT Presentation

May 21, 2023 •352 likes •654 views

VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks Jo Van Bulck, Jan Tobias Mhlberg and Frank Piessens jo.vanbulck|jantobias.muehlberg@cs.kuleuven.be imec-DistriNet, KU Leuven, Celestijnenlaan

  1. VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks Jo Van Bulck, Jan Tobias Mühlberg and Frank Piessens jo.vanbulck|jantobias.muehlberg@cs.kuleuven.be imec-DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Belgium ACSAC, December 2017

  2. empty Secure Automotive Computing with VulCAN Modern cars can be hacked! • Network of more than 50 ECUs • Multiple communication networks • Remote entry points • Limited built-in security mechanisms Miller & Valasek, “Remote exploitation of an unaltered passenger vehicle”, 2015 VulCAN brings strong security to automotive computing: • Message authentication • Strong software security • Trusted Computing: software component isolation and cryptography • Applicable in ICS, IoT, . . . 2 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  3. empty Secure Automotive Computing with VulCAN VulCAN: Generic design to exploit light-weight trusted computing in CAN-based embedded control networks. Implementation: based on Sancus [NVBM + 17]; we implement, strengthen and evaluate authentication protocols, vatiCAN [NR16] and LeiA [RG16] 3 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  4. empty Attacking the CAN Complex bus system with many ECUs and gateways to other communication systems; no protection against message injection or replay attacks. → Message Authentication; specified in AUTOSAR, proposals: vatiCAN, LeiA; no efficient and cost-effective implementations yet 4 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  5. empty Attacking CAN Message Authentication What about Software Security? Lack of security mechanisms on light-weight ECUs leverages software vulnerabilities: attackers may be able to bypass encryption and authentication. → Software Component Authentication & Isolation 5 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  6. empty Overview: Vulcanising Distributed Automotive Applications • Critical application components in enclaves: software isolation + attestation 6 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  7. empty Overview: Vulcanising Distributed Automotive Applications • Critical application components in enclaves: software isolation + attestation • Authenticated CAN messages over untrusted system software/network 6 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  8. empty Overview: Vulcanising Distributed Automotive Applications • Critical application components in enclaves: software isolation + attestation • Authenticated CAN messages over untrusted system software/network • Rogue ECUs, software attackers and errors in untrusted code cannot interfere with security, but may harm availability 6 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  9. empty Sancus: Strong and Light-Weight Embedded Security [NVBM + 17] Extends TI’s MSP430 with strong security primitives • Software Component Isolation • Cryptography & Attestation • Secure I/O through isolation of MMIO ranges Efficient • Modular, ≤ 2 kLUTs • Authentication in µ s • + 6% power consumption Cryptographic key hierarchy for software attestation Isolated components are typically very small ( < 1kLOC) Sancus is Open Source: https://distrinet.cs.kuleuven.be/software/sancus/ 7 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  10. empty Sancus: Strong and Light-Weight Embedded Security [NVBM + 17] Extends TI’s MSP430 with N = Node; SP = Software Provider / Deployer strong security primitives SM = protected Software Module • Software Component Isolation SM protected data section • Cryptography & Attestation SM text section • Secure I/O through isolation Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data of MMIO ranges Efficient • Modular, ≤ 2 kLUTs K N , SP , SM SM metadata Protected • Authentication in µ s storage area • + 6% power consumption K N Layout Keys Cryptographic key hierarchy for software attestation Isolated components are typically very small ( < 1kLOC) Sancus is Open Source: https://distrinet.cs.kuleuven.be/software/sancus/ 8 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  11. empty VulCAN Security Objectives Protocol requirements 1 Message authentication ⇒ MAC(id, payload) 2 Lightweight cryptography ⇒ symmetric keys 3 Replay attack resistance ⇒ nonces and session keys 4 Backwards compatibility ⇒ MAC over separate CAN id vatiCAN [NR16] and LeiA [RG16] 9 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  12. empty VulCAN Security Objectives Protocol requirements System requirements (with Sancus PMA) 1 Message authentication 1 Real-time compliance ⇒ MAC(id, payload) ⇒ hardware-level crypto 2 Lightweight cryptography 2 Software isolation ⇒ symmetric keys ⇒ application + driver enclaves 3 Replay attack resistance 3 Software attestation ⇒ nonces and session keys ⇒ trusted in-vehicle attestation server 4 Backwards compatibility 4 Dynamic key/ECU update ⇒ MAC over separate CAN id ⇒ via attestation server 5 Secure legacy ECU integration vatiCAN [NR16] and LeiA [RG16] ⇒ CAN gateway shielding 9 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  13. empty VulCAN Demo Scenario ⇒ distributed authenticated path from keypad to shielded instrument cluster ⇒ automotive CAN is challenging – VulCAN is applicable to other domains → 10 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  14. empty Performance Evaluation: Round-Trip Time Experiment Sender Receiver p i n g Scenario Cycles Time Overhead compute Legacy 20,250 1.01 ms – compute round-trip time MAC pinд p i n g _ a u t h vatiCAN (extrapolated) 121,992 6.10 ms 502% MAC pinд Sancus+vatiCAN unprotected 35,236 1.76 ms 74% n g p o Sancus+vatiCAN protected 36,375 1.82 ms 80% compute compute Sancus+L EI A unprotected 42,929 2.15 ms 112% MAC ponд u t h g _ a Sancus+L EI A protected 43,624 2.18 ms 115% o n MAC ponд p 11 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  15. empty Performance Evaluation: Round-Trip Time Experiment Sender Receiver p i n g Scenario Cycles Time Overhead compute Legacy 20,250 1.01 ms – compute round-trip time MAC pinд p i n g _ a u t h vatiCAN (extrapolated) 121,992 6.10 ms 502% MAC pinд Sancus+vatiCAN unprotected 35,236 1.76 ms 74% n g p o Sancus+vatiCAN protected 36,375 1.82 ms 80% compute compute Sancus+L EI A unprotected 42,929 2.15 ms 112% MAC ponд u t h g _ a Sancus+L EI A protected 43,624 2.18 ms 115% o n MAC ponд p • Hardware-level crypto: +400% performance gain � 11 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  16. empty Performance Evaluation: Round-Trip Time Experiment Sender Receiver p i n g Scenario Cycles Time Overhead compute Legacy 20,250 1.01 ms – compute round-trip time MAC pinд p i n g _ a u t h vatiCAN (extrapolated) 121,992 6.10 ms 502% MAC pinд Sancus+vatiCAN unprotected 35,236 1.76 ms 74% n g p o Sancus+vatiCAN protected 36,375 1.82 ms 80% compute compute Sancus+L EI A unprotected 42,929 2.15 ms 112% MAC ponд u t h g _ a Sancus+L EI A protected 43,624 2.18 ms 115% o n MAC ponд p • Hardware-level crypto: +400% performance gain � • Modest ~5% performance impact for software isolation [VBNMP15, MNP15] 11 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  17. empty Performance Evaluation: Round-Trip Time Experiment Sender Receiver p i n g Scenario Cycles Time Overhead compute Legacy 20,250 1.01 ms – compute round-trip time MAC pinд p i n g _ a u t h vatiCAN (extrapolated) 121,992 6.10 ms 502% MAC pinд Sancus+vatiCAN unprotected 35,236 1.76 ms 74% n g p o Sancus+vatiCAN protected 36,375 1.82 ms 80% compute compute Sancus+L EI A unprotected 42,929 2.15 ms 112% MAC ponд u t h g _ a Sancus+L EI A protected 43,624 2.18 ms 115% o n MAC ponд p • Hardware-level crypto: +400% performance gain � • Modest ~5% performance impact for software isolation [VBNMP15, MNP15] • LeiA’s extended CAN id usage comes at a cost (SPI-based CAN transceiver) 11 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  18. empty VulCAN Attestation Server: Boot + Session Key Provisioning • Challenge-response attestation + encrypted session key distribution • Preserve motorist safety via secure boot + exclusive vehicle ignition 12 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

  19. empty VulCAN Attestation Server: ECU Replacement • Untrusted network connection → public key cryptography • Store software module keys for offline use 13 /19 Van Bulck, Mühlberg, Piessens VulCAN: Vehicular Component Authentication and Software Isolation

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

EAP Efficient Re-authentication Vidya Narayanan , vidyan@qualcomm.com Lakshminath Dondeti ,

EAP Efficient Re-authentication Vidya Narayanan , vidyan@qualcomm.com Lakshminath Dondeti ,

EAP Efficient Re-authentication Vidya Narayanan , vidyan@qualcomm.com Lakshminath Dondeti , ldondeti@qualcomm.com January 2007 Contents EAP Re-authentication and Fast Re-authentication Requirements for low latency re-authentication

1.05k views • 27 slides
EAP Efficient Re-authentication Lakshminath Dondeti , ldondeti@qualcomm.com Vidya Narayanan ,

EAP Efficient Re-authentication Lakshminath Dondeti , ldondeti@qualcomm.com Vidya Narayanan ,

EAP Efficient Re-authentication Lakshminath Dondeti , ldondeti@qualcomm.com Vidya Narayanan , vidyan@qualcomm.com IETF68; March 2007 Re-auth Goals MUST be better than full EAP authentication The protocol MUST be responsive to handover

361 views • 17 slides
Lapin (an efficient authentication protocol based on Ring-LPN) Stefan Heyse, Eike Kiltz, Vadim

Lapin (an efficient authentication protocol based on Ring-LPN) Stefan Heyse, Eike Kiltz, Vadim

Lapin (an efficient authentication protocol based on Ring-LPN) Stefan Heyse, Eike Kiltz, Vadim Lyubashevsky, Christof Paar, Krzysztof Pietrzak Authentication Protocols Prover Verifier HB-style authentication shared AES key K protocols

563 views • 22 slides
Assembling Component Frameworks What is a Component Framework? Set of individual software

Assembling Component Frameworks What is a Component Framework? Set of individual software

Assembling Component Frameworks What is a Component Framework? Set of individual software modules that perform a specific task Can range from a few components to many Must be extensible Used for various purposes i.e. scientific

171 views • 14 slides
VULCAN LAYER 4-7 VALKYRIE LAYER 2-3 ABOUT XENA XENA AND THE MARKET HARDWARE

VULCAN LAYER 4-7 VALKYRIE LAYER 2-3 ABOUT XENA XENA AND THE MARKET HARDWARE

CONTENTS VULCAN LAYER 4-7 VALKYRIE LAYER 2-3 ABOUT XENA XENA AND THE MARKET HARDWARE OVERVIEW OUR TRACK RECORD SOFTWARE HARDWARE APPLICATION OVERVIEW KEY FEATURES SOFTWARE CUSTOMERS APPLICATIONS

351 views • 32 slides
Project Halo: Towards a Knowledgeable Biology Textbook Peter Clark Vulcan Inc. Vulcan Inc .

Project Halo: Towards a Knowledgeable Biology Textbook Peter Clark Vulcan Inc. Vulcan Inc .

Project Halo: Towards a Knowledgeable Biology Textbook Peter Clark Vulcan Inc. Vulcan Inc . Paul Allens company, in Seattle, USA Includes AI research group Vulcans Project Halo AI research towards knowledgeable

981 views • 56 slides
Chapter 8 Understand the role played by each software System Software component in

Chapter 8 Understand the role played by each software System Software component in

Chapter 8 Objectives Become familiar with the functions provided by operating systems, programming tools, and database software. Chapter 8 Understand the role played by each software System Software component in maintaining the integrity

323 views • 15 slides
Component- -based, Context based, Context- -aware aware Component Software Systems Software

Component- -based, Context based, Context- -aware aware Component Software Systems Software

Component- -based, Context based, Context- -aware aware Component Software Systems Software Systems Workshop on Spontaneous Networking Rutgers University Michael Przybilski 1 10.05.2006 michael.przybilski@cs.helsinki.fi Outline

593 views • 19 slides
AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

833 views • 44 slides
HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication

288 views • 10 slides
Energy Efficient Authentication and Authorization for Multi-node Cooperative Connectivity and

Energy Efficient Authentication and Authorization for Multi-node Cooperative Connectivity and

Energy Efficient Authentication and Authorization for Multi-node Cooperative Connectivity and Reliability PhD Candidate Vandana Rohokale (vmr@es.aau.dk) Supervisor Prof. Ramjee Prasad CTIF, Aalborg, Denmark Co-supervisors Assoc. Prof. Horia

372 views • 13 slides
Towards a well-founded software component model for cyber-physical control systems

Towards a well-founded software component model for cyber-physical control systems

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion The Second IEEE International Conference on Robotic Computing IRC 2018 Towards a well-founded software component model for

175 views • 14 slides
Extensions to EAP Keying hierarchy for Efficient Re-authentication and Visited domain Keying

Extensions to EAP Keying hierarchy for Efficient Re-authentication and Visited domain Keying

Extensions to EAP Keying hierarchy for Efficient Re-authentication and Visited domain Keying Vidya Narayanan , vidyan@qualcomm.com Lakshminath Dondeti , ldondeti@qualcomm.com IETF-67 San Diego, CA November 2006 Contents EAP keying

614 views • 15 slides
Real-Time Component Software slide credits: H. Kopetz, P. Puschner Overview OS services

Real-Time Component Software slide credits: H. Kopetz, P. Puschner Overview OS services

Real-Time Component Software slide credits: H. Kopetz, P. Puschner Overview OS services Task Structure Task Interaction Input/Output Error Detection 2 Operating System and Middleware Application Software Component API OS

834 views • 47 slides
Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a precondition How to authenticate: Something you know Password, Secrets Something you have Smart Card, Token Something you are Biometrie

607 views • 4 slides
Proxychain: Developing a Robust and Efficient Authentication Infrastructure for Carrier-Scale

Proxychain: Developing a Robust and Efficient Authentication Infrastructure for Carrier-Scale

Proxychain: Developing a Robust and Efficient Authentication Infrastructure for Carrier-Scale VoIP Networks Italo Dacosta and Patrick Traynor Performance, Scalability and Security Finding the right balance between performance /scalability

517 views • 24 slides
Authenticating Out-of-Band Communication Over Social Links Anirudh Ramachandran and Nick Feamster

Authenticating Out-of-Band Communication Over Social Links Anirudh Ramachandran and Nick Feamster

Authenticating Out-of-Band Communication Over Social Links Anirudh Ramachandran and Nick Feamster School of Computer Science, Georgia Tech {avr,feamster}@cc.gatech.edu Motivating Application: Secured Web Server Bob Alice Alice wishes to

691 views • 17 slides
Designing and Building Secure Software With material from Dave Levin, Mike Hicks, Adam Shostack

Designing and Building Secure Software With material from Dave Levin, Mike Hicks, Adam Shostack

Designing and Building Secure Software With material from Dave Levin, Mike Hicks, Adam Shostack Making secure software Flawed approach : Design and build software, ignore security at first Add security once the functional requirements

858 views • 39 slides
Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional NCEdCloud Privileged Accounts) - Mark Scheible, MCNC MFA for All NCEdCloud Privileged Users - 1 As a part of continuing efforts to enhance the

319 views • 15 slides
Zero-Interaction Authentication Mark Corner, Brian Noble University of Michigan Presented by

Zero-Interaction Authentication Mark Corner, Brian Noble University of Michigan Presented by

Zero-Interaction Authentication Mark Corner, Brian Noble University of Michigan Presented by Martin Meyer Overview Introduction Design of System Encryption Model Authentication Token File Ownership Departure and Return

580 views • 42 slides
Beyond Trust PostgreSQL Client Authentication Christoph Mnch-Tegeder 2ndQuadrant

Beyond Trust PostgreSQL Client Authentication Christoph Mnch-Tegeder 2ndQuadrant

Beyond Trust PostgreSQL Client Authentication Christoph Mnch-Tegeder 2ndQuadrant http://www.2ndquadrant.com/ 2017-02-05 Part I Authentication Why Authentication? Too complicated Nobody knows my database Nobody will attack us

813 views • 39 slides
Security II: Web authentication Markus Kuhn Computer Laboratory, University of Cambridge

Security II: Web authentication Markus Kuhn Computer Laboratory, University of Cambridge

Security II: Web authentication Markus Kuhn Computer Laboratory, University of Cambridge https://www.cl.cam.ac.uk/teaching/1718/SecurityII/ Lent 2018 Part II websecurity-slides.pdf 2018-02-23 11:38 fca1bee 1 Hyper Text Transfer Protocol

500 views • 33 slides
ALIKE: Authenticated Lightweight Key Exchange Sandrine Agagliate, GEMALTO Security Labs Outline:

ALIKE: Authenticated Lightweight Key Exchange Sandrine Agagliate, GEMALTO Security Labs Outline:

ALIKE: Authenticated Lightweight Key Exchange Sandrine Agagliate, GEMALTO Security Labs Outline: Context Description of ALIKE Generic description Full specification Security properties Chip Unforgeability and Channel Secrecy Underlying

400 views • 21 slides
TwistIn: Tangible Authentication of Smart Devices via Motion Co-analysis with a Smartwatch Ho Ho

TwistIn: Tangible Authentication of Smart Devices via Motion Co-analysis with a Smartwatch Ho Ho

TwistIn: Tangible Authentication of Smart Devices via Motion Co-analysis with a Smartwatch Ho Ho Man Col Colman Leu Leung, Chi Wing Fu, Pheng Ann Heng The Chinese University of Hong Kong, Hong Kong Shenzhen Key Laboratory of Virtual Reality

910 views • 15 slides

More recommend