wamos 2018 thorsten knoll
play

WAMOS 2018: Thorsten Knoll thorsten.knoll@hs-rm.de Adapting - PowerPoint PPT Presentation

Jun 04, 2023 •383 likes •712 views

WAMOS 2018: Thorsten Knoll thorsten.knoll@hs-rm.de Adapting Kerckhoffs principle: A path from cryptography to open source hardware Adapting Kerckhoffs principle Content of presentation The path: The idea Kerckhoffs principle (KP)

  1. WAMOS 2018: Thorsten Knoll thorsten.knoll@hs-rm.de Adapting Kerckhoffs principle: A path from cryptography to open source hardware

  2. Adapting Kerckhoffs principle Content of presentation The path: ● The idea ● Kerckhoffs principle (KP) ● Attacks and KP ● Mitigations and KP ● The need for Open Source Hardware (OSH) ● Conclusion: Adapting KP Slide 2 / 31 WAMOS 2018, Thorsten Knoll

  3. Adapting Kerckhoffs principle The idea The idea Slide 3 / 31 WAMOS 2018, Thorsten Knoll

  4. Adapting Kerckhoffs principle The idea New: Sidechannel attacks on mainstream CPUs (~2000) Brandnew: Meltdown, Spectre, BranchScope, TLBleed, Spectre-NG, … (2018) Very old: Kerckhoffs principle (1883) Slide 4 / 31 WAMOS 2018, Thorsten Knoll

  5. Adapting Kerckhoffs principle The idea New: Sidechannel attacks on + mainstream CPUs (~2000) Brandnew: Meltdown, Spectre, BranchScope, + TLBleed, Spectre-NG, … (2018) Very old: Kerckhoffs principle (1883) Paper: Adapting Kerckhoffs principle Slide 5 / 31 WAMOS 2018, Thorsten Knoll

  6. Adapting Kerckhoffs principle Kerckhoffs principle (KP) Kerckhoffs principle (KP) Slide 6 / 31 WAMOS 2018, Thorsten Knoll

  7. Adapting Kerckhoffs principle Kerckhoffs principle (KP) 1883 - Auguste Kerckhoffs in “La cryptographie militaire”: Design principles for (military) cipher systems: 1. The system must be practically, if not mathematically, indecipherable. 2. It should not require secrecy, and it should not be a problem if it falls into enemy hands. 3. It must be possible to communicate and remember the key without using written notes, and correspondents must be able to change or modify it at will. 4. It must be applicable to telegraph communications. 5. It must be portable, and should not require several persons to handle or operate. 6. Lastly, given the circumstances in which it is to be used, the system must be easy to use and should not be stressful to use or require its users to know and comply with a long list of rules. Translation from french to english: https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle Slide 7 / 31 WAMOS 2018, Thorsten Knoll

  8. Adapting Kerckhoffs principle Kerckhoffs principle (KP) 1883 - Auguste Kerckhoffs in “La cryptographie militaire”: Design principles for (military) cipher systems: 1. The system must be practically, if not mathematically, indecipherable. 2. It should not require secrecy, and it should not be a problem if it falls into enemy hands. 3. It must be possible to communicate and remember the key without using written notes, and correspondents must be able to change or modify it at will. 4. It must be applicable to telegraph communications. 5. It must be portable, and should not require several persons to handle or operate. 6. Lastly, given the circumstances in which it is to be used, the system must be easy to use and should not be stressful to use or require its users to know and comply with a long list of rules. Translation from french to english: https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle Slide 8 / 31 WAMOS 2018, Thorsten Knoll

  9. Adapting Kerckhoffs principle Kerckhoffs principle (KP) 1883 - Auguste Kerckhoffs in “La cryptographie militaire”: Design principles for (military) cipher systems: 2. It should not require secrecy, and it should not be a problem if it falls into enemy hands. Broader interpretation: A cryptosystem’s security must solely depend on keeping the keys secret, not the algorithms. Now known as “Kerckhoffs principle” (KP) Slide 9 / 31 WAMOS 2018, Thorsten Knoll

  10. Adapting Kerckhoffs principle Kerckhoffs principle (KP) Plaintext (Data) KEY Cryptosystem Open (Algorithms) Plaintext (Data) Secret Slide 10 / 31 WAMOS 2018, Thorsten Knoll

  11. Adapting Kerckhoffs principle Kerckhoffs principle (KP) 1949 - Claude E. Shannon: Reformulation of KP: The enemy knows the system. Design principle: A cryptosystem should be designed as if the enemy would already know the system. Now known as “Shannon’s maxim” (SM) Slide 11 / 31 WAMOS 2018, Thorsten Knoll

  12. Adapting Kerckhoffs principle Kerckhoffs principle (KP) 2002 - Bruce Schneier: ● Generalization for all secure systems. ● More secrets to be kept → More fragile. ● Less secrets to be kept → More robust. ● If algorithms, protocols, implementations have to be kept secret → They’re part of the (composite) key. ● How easily and costly is the replacing of compromised keyparts? ● Openness enables reviews and evaluation, implied a community. ● Design principle: Minimize the number of secrets in your security system. Slide 12 / 31 WAMOS 2018, Thorsten Knoll

  13. Adapting Kerckhoffs principle Kerckhoffs principle (KP) 2018 – Thorsten Knoll: Secure System Secret Open (Composite key) more fragile more robust KP Point Slide 13 / 31 WAMOS 2018, Thorsten Knoll

  14. Adapting Kerckhoffs principle Attacks and KP Attacks and KP Slide 14 / 31 WAMOS 2018, Thorsten Knoll

  15. Adapting Kerckhoffs principle Attacks and KP Since 2003: - Remote attacks are practical - Prime and Probe - Predicting secret keys via branch prediction - Cache games - Flush and reload - Evict and reload Since 2018: Spectre NG V3 Meldown, Branch- Spectre NG Spectre NG Spectre Scope V3a + V4 V1.1 V1+V2 TLBleed 2018 Jan Feb Mar Apr May Jun Jul Slide 15 / 31 WAMOS 2018, Thorsten Knoll

  16. Adapting Kerckhoffs principle Attacks and KP Actual CPUs Secret Open (Composite key) Before 2018 Slide 16 / 31 WAMOS 2018, Thorsten Knoll

  17. Adapting Kerckhoffs principle Attacks and KP Actual CPUs Secret Open (Composite key) Before 2018 Now Slide 17 / 31 WAMOS 2018, Thorsten Knoll

  18. Adapting Kerckhoffs principle Attacks and KP Actual CPUs Secret Compromised Open (Composite key) keyparts Before 2018 Now Slide 18 / 31 WAMOS 2018, Thorsten Knoll

  19. Adapting Kerckhoffs principle Mitigations and KP Mitigations and KP Slide 19 / 31 WAMOS 2018, Thorsten Knoll

  20. Adapting Kerckhoffs principle Mitigations and KP Mitigation strategies: ● In Software → Mostly open. ● Seems like a hot-fix for a bigger problem (in hardware). ● A lot of work in a small timeframe. ● Billions of affected devices sold. ● Not every attack vector is mitigatable in software. ● Call for openness arises: New ISA’s including timings. Slide 20 / 31 WAMOS 2018, Thorsten Knoll

  21. Adapting Kerckhoffs principle Mitigations and KP Attacks move the KP-Point Actual CPUs Secret Compromised Open (Composite key) keyparts Before 2018 Now Mitigations fill the gap Slide 21 / 31 WAMOS 2018, Thorsten Knoll

  22. Adapting Kerckhoffs principle The need for Open Source Hardware (OSH) The need for Open Source Hardware (OSH) Slide 22 / 31 WAMOS 2018, Thorsten Knoll

  23. Adapting Kerckhoffs principle The need for Open Source Hardware (OSH) 2018 – Sovereignty in IT: ● 60 pages, describing the actual state. ● Tons of examples: Hardware-Trojans, -Backdoors, -Killswitches. ● Defines 13 actionpoints to start with. ● Security can’t be added to hardware by software. ● If software is secure, the attacks target a level deeper (hardware). ● Design and production of silicon is closed by now and should be opened to gain back sovereignty. Slide 23 / 31 WAMOS 2018, Thorsten Knoll

  24. Adapting Kerckhoffs principle The need for Open Source Hardware (OSH) Secret (Composite key) Open Pre- Manu- Open Source EDA Tools production facturing Software (OSS) KP Point Wanted Slide 24 / 31 WAMOS 2018, Thorsten Knoll

  25. Adapting Kerckhoffs principle Conclusion: Adapting Kerckhoffs principle Conclusion: Adapting Kerckhoffs principle Slide 25 / 31 WAMOS 2018, Thorsten Knoll

  26. Adapting Kerckhoffs principle Conclusion: Adapting Kerckhoffs principle Conclusions: ● Attacks move the KP-Point by research, not by design. ● Mitigations fill the gap to secure systems again. ● Mitigations are necessary. Billions of devices sold. ● Kerckhoffs principle is adaptable for measuring the situation. ● More Openness doesn’t solve the actual situation, but in long term it could relax the short timeframe situation. ● A strong community is needed, for review and evaluation. ● Open Source Hardware is on the rise (RISC-V). Slide 26 / 31 WAMOS 2018, Thorsten Knoll

  27. Adapting Kerckhoffs principle Conclusion: Adapting Kerckhoffs principle Think ahead: ● NIST has gone the way of finding new cryptography algorithm standards through open, public competitions. ● Maybe we’ll see such a competition for PBUs, TLBs and PHTs in near future? Slide 27 / 31 WAMOS 2018, Thorsten Knoll

  28. Adapting Kerckhoffs principle Conclusion: Adapting Kerckhoffs principle Think ahead: ● NIST has gone the way of finding new cryptography algorithm standards through open, public competitions. ● Maybe we’ll see such a competition for PBUs, TLBs and PHTs in near future? ● Why would anyone build an i7 in Open Source? It might not even be possible. ● Instead putting the focus on massive parallelisation. Think about some thousand RISC-V on a single die. That would even be possible with FPGA prototyping in academia. Slide 28 / 31 WAMOS 2018, Thorsten Knoll

  29. Adapting Kerckhoffs principle Conclusion: Adapting Kerckhoffs principle The path: ● All of this is a path to more robust, secure and open systems. ● Going the presented path might take decades. Slide 29 / 31 WAMOS 2018, Thorsten Knoll

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

WAMOS 2018 Common Attack Vectors of IoT Devices 09.08.2018 Alexios Karagiozidis Motivation

WAMOS 2018 Common Attack Vectors of IoT Devices 09.08.2018 Alexios Karagiozidis Motivation

WAMOS 2018 Common Attack Vectors of IoT Devices 09.08.2018 Alexios Karagiozidis Motivation Botnetworks and Internet attacks increased rapidly Examples of security issues: Mirai-Bot-Network CVE-2018-10967, bufferoverflow via

848 views • 27 slides
WAMOS professionals experience in turnover 1 keen to assist you Travel and Event billion

WAMOS professionals experience in turnover 1 keen to assist you Travel and Event billion

PREMIUM INCOMING is a European Destination Management Company and inbound tour operator. Established in 1994 and belonging WAMOS Group ( company participated by Royal Caribbean ) in 2018; with head office in Madrid and further offices in Barcelona ,

594 views • 10 slides
Simple Inter-AS CoS draft-knoll-idr-qos-attribute draft-knoll-idr-cos-interconnect Thomas Martin

Simple Inter-AS CoS draft-knoll-idr-qos-attribute draft-knoll-idr-cos-interconnect Thomas Martin

Recap C-D C-L Status/Changes Implementation Next Steps Outlook Simple Inter-AS CoS draft-knoll-idr-qos-attribute draft-knoll-idr-cos-interconnect Thomas Martin Knoll Chemnitz University of Technology Communication Networks

642 views • 23 slides
Train-led traffic control as a chance for regional railways Dipl.-Ing. Otfried Knoll KNOLL

Train-led traffic control as a chance for regional railways Dipl.-Ing. Otfried Knoll KNOLL

Train-led traffic control as a chance for regional railways Dipl.-Ing. Otfried Knoll KNOLL TRAFFIC & TOURISTIC SOLUTIONS St. Plten, Austria 5.11.2012 IRIC 2012 1 Operations led by a traffic controller Introductory remarks Train

406 views • 37 slides
Triton Knoll Offshore Wind Farm Limited Triton Knoll Electrical System

Triton Knoll Offshore Wind Farm Limited Triton Knoll Electrical System

Triton Knoll Offshore Wind Farm Limited Triton Knoll Electrical System Appendix 6: Slides presented at hearings on the 19 th and 21 st January 2016 Date: 01 February 2016 Appendix 6 of

369 views • 8 slides
Summer 2018 Triton Knoll Annual Community Fund Consultation Results Questionnaire developed

Summer 2018 Triton Knoll Annual Community Fund Consultation Results Questionnaire developed

Triton Knoll Offshore wind Farm Annual Community Fund Consultation Findings Summer 2018 Triton Knoll Annual Community Fund Consultation Results Questionnaire developed based on the results of earlier consultation in 2015 Questionnaire

348 views • 13 slides
Established in 1994 and members of WAMOS Group ( company participated by Royal Caribbean ) in

Established in 1994 and members of WAMOS Group ( company participated by Royal Caribbean ) in

PREMIUM INCOMING is a European Destination Management Company and inbound tour operator. Established in 1994 and members of WAMOS Group ( company participated by Royal Caribbean ) in 2019; with head office in Madrid and further offices in Barcelona

448 views • 13 slides
On Using UML Diagrams to Identify and Assess Software Design Smells Thorsten Haendler Vienna

On Using UML Diagrams to Identify and Assess Software Design Smells Thorsten Haendler Vienna

13th International Conference on Software Technologies (ICSOFT 2018) On Using UML Diagrams to Identify and Assess Software Design Smells Thorsten Haendler Vienna University of Economics and Business (WU Vienna) thorsten.haendler@wu.ac.at

403 views • 17 slides
DEUTSCHE TELEKOM CAPITAL MARKETS DAY 2018 Group Development Thorsten Langheim Key Messages 01

DEUTSCHE TELEKOM CAPITAL MARKETS DAY 2018 Group Development Thorsten Langheim Key Messages 01

DEUTSCHE TELEKOM CAPITAL MARKETS DAY 2018 Group Development Thorsten Langheim Key Messages 01 05 OVERVIEW CREATING VALUE FROM TOWERS GD actively manages the DT asset portfolio. This includes Group M&A, Across Europe DT owns > 53

337 views • 18 slides
Whats On! Winter 2019 Edition (V1 20 th November) The Hangleton and Knoll Project is a

Whats On! Winter 2019 Edition (V1 20 th November) The Hangleton and Knoll Project is a

Whats On! Winter 2019 Edition (V1 20 th November) The Hangleton and Knoll Project is a registered charity No 1139971 and a company limited by guarantee No 7260539 The Groups 60+ Gentle Exercises Hove Support Group for Carers Age UK

631 views • 60 slides
Dynamic Modelling of CDOs Thorsten Schmidt Technische Universit at Chemnitz

Dynamic Modelling of CDOs Thorsten Schmidt Technische Universit at Chemnitz

Dynamic Modelling of CDOs Thorsten Schmidt Technische Universit at Chemnitz www.tu-chemnitz.de/mathematik/fima thorsten.schmidt@mathematik.tu-chemnitz.de Vienna, July 2010 joint work with J. Zabczyk Thorsten Schmidt, TU Chemnitz 1 The

758 views • 14 slides
Scalable Visualization and Analysis for Computational Materials Science Aaron Knoll, Joe

Scalable Visualization and Analysis for Computational Materials Science Aaron Knoll, Joe

Scalable Visualization and Analysis for Computational Materials Science Aaron Knoll, Joe Insley, Tom Uram, Venkatram Vishwanath, Mark Hereld, Michael E Papka Visualization Group Argonne National Laboratory Sunday, November 13, 2011

593 views • 23 slides
COQ : a quick introduction Thorsten Altenkirch School of Computer Science University of

COQ : a quick introduction Thorsten Altenkirch School of Computer Science University of

COQ : a quick introduction Thorsten Altenkirch School of Computer Science University of Nottingham April 17, 2008 Thorsten Altenkirch MGS 08 What is COQ? COQ: a Proof Assistant based on the Calculus of Inductive Constructions Developed in

165 views • 16 slides
Filtering with limited information Thorsten Drautzburg, 1 Jes andez-Villaverde, 2 and Pablo

Filtering with limited information Thorsten Drautzburg, 1 Jes andez-Villaverde, 2 and Pablo

Filtering with limited information Thorsten Drautzburg, 1 Jes andez-Villaverde, 2 and Pablo Guerr on 3 us Fern January 25, 2018 2 Federal Reserve Bank of Philadelphia 2 University of Pennsylvania 3 Boston College Lars Peter Hansen (2014)

833 views • 33 slides
Framing the Future First: Using Query Theory to Explore Claiming Preferences Melissa Knoll*

Framing the Future First: Using Query Theory to Explore Claiming Preferences Melissa Knoll*

Framing the Future First: Using Query Theory to Explore Claiming Preferences Melissa Knoll* 10/4/2012 Financial Literacy Seminar Series George Washington University *Joint work with Kirstin Appelt, Eric Johnson, and Jon Westfall Center

549 views • 33 slides
Towards Direct Visualization on CPU and Xeon Phi Aaron Knoll SCI Institute, University of Utah

Towards Direct Visualization on CPU and Xeon Phi Aaron Knoll SCI Institute, University of Utah

Towards Direct Visualization on CPU and Xeon Phi Aaron Knoll SCI Institute, University of Utah Intel HPC DevCon 2016 In collaboration with: Ingo Wald, Jim Jeffers Intel Corporation Joe Insley, Silvio Rizzi, Mike Papka

951 views • 54 slides
Oklahoma Wind Energy Oklahoma Wind Energy Conference Conference Conference Conference

Oklahoma Wind Energy Oklahoma Wind Energy Conference Conference Conference Conference

Oklahoma Wind Energy Oklahoma Wind Energy Conference Conference Conference Conference Oklahoma City Oklahoma City, Oklahoma , Oklahoma December 2, December 2, 2008 2008 First Year Average LIP First Year Average LIP G G Grap raphi h

522 views • 13 slides
Book Club in a Box: Using What Its Worth to Strengthen Partnerships in Your Community

Book Club in a Box: Using What Its Worth to Strengthen Partnerships in Your Community

Book Club in a Box: Using What Its Worth to Strengthen Partnerships in Your Community @StrongFinFuture What Its Worth www.strongfinancialfuture.org Welcome Leigh Tivol Vice President, Strategy & Engagement CFED

724 views • 22 slides
Faster PET Reconstruction with Non-Smooth Anatomical Priors by Randomization and Preconditioning

Faster PET Reconstruction with Non-Smooth Anatomical Priors by Randomization and Preconditioning

Faster PET Reconstruction with Non-Smooth Anatomical Priors by Randomization and Preconditioning Matthias J. Ehrhardt Institute for Mathematical Innovation University of Bath, UK November 4, 2019 Joint work with: Mathematics : Chambolle

390 views • 34 slides
Relationship-Centered interactions in your career? Care leads to > 200,000 in a lifetime

Relationship-Centered interactions in your career? Care leads to > 200,000 in a lifetime

Relationship-Centered Communication 2014 Disclosures Relationship-Centered Communication All proceeds from I M P R O V I N G P A T I E N T A N D C L I N I C I A N sales go directly to E X P E R I E N C E S the Academy of C A L V I N C

174 views • 4 slides
Massive Model Rendering with Super Computers Abe Stephens 1:30 - 1:50pm Speaker affiliations:

Massive Model Rendering with Super Computers Abe Stephens 1:30 - 1:50pm Speaker affiliations:

Massive Model Rendering with Super Computers Abe Stephens 1:30 - 1:50pm Speaker affiliations: SCI Institute, University of Utah and Intel Corporation. Overview Focus on shared-memory/multi-core software design. Massive models? Why use

555 views • 21 slides
Young Leaders Membership Drive-Back to Basics So, you

Young Leaders Membership Drive-Back to Basics So, you

2015 January Chapter Meeting Thursday, January 15, 2015 Young Leaders Membership Drive-Back to Basics So, you need spaceNow! Thursday, January

253 views • 23 slides
Propositional proof systems and bounded arithmetic for logspace and nondeterministic logspace

Propositional proof systems and bounded arithmetic for logspace and nondeterministic logspace

Propositional proof systems and bounded arithmetic for logspace and nondeterministic logspace Sam Buss U.C. San Diego Virtual Seminar Proof Society proofsociety.org October 7, 2020 includes joint work with Anupam Das and Alexander Knop

367 views • 25 slides
Verification of One Integer Parameter Recursive Sequential Procedures Ahmed Bouajjani Liafa -

Verification of One Integer Parameter Recursive Sequential Procedures Ahmed Bouajjani Liafa -

Verification of One Integer Parameter Recursive Sequential Procedures Ahmed Bouajjani Liafa - University of Paris 7 joint work with Peter Habermehl and Richard Mayr 1 Verification of Boolean Recursive Procedures Boolean Recursive Procedures

639 views • 42 slides

More recommend