Augmented reality is poised to become a dominant computing paradigm over the next decade. With promises of three-dimensional graphics and interactive interfaces, augmented reality experiences will rival the very best science fiction novels. This breakthrough also brings in unique challenges on how users can authenticate one another to share rich content between augmented reality headsets. Traditional authentication protocols fall short when there is no common central entity or when access to the central authentication server is not available or desirable. Looks Good To Me (LGTM) is an authentication protocol that leverages the unique hardware and context provided with augmented reality headsets to bring innate human trust mechanisms into the digital world to solve authentication in a usable and secure way. LGTM works over point to point wireless communication so users can authenticate one another in a variety of circumstances and is designed with usability at its core, requiring users to perform only two actions: one to initiate and one to confirm. Users intuitively authenticate one another, using seemingly only each other's faces, but under the hood LGTM uses a combination of facial recognition and wireless localization to bootstrap trust from a wireless signal, to a location, to a face, for secure and usable authentication.
未来十年,增强现实将成为一种占主导地位的计算范式。有了三维图形和交互界面的承诺,增强现实体验将与最好的科幻小说相媲美。这一突破也带来了独特的挑战,即用户如何相互验证以在增强现实耳机之间共享丰富的内容。传统的身份验证协议在没有公共中心实体或无法访问或不需要访问中央身份验证服务器时就无法发挥作用。LGTM (Looks Good To Me)是一种身份验证协议,它利用增强现实耳机提供的独特硬件和环境,将人类固有的信任机制带入数字世界,以可用且安全的方式解决身份验证问题。LGTM通过点对点无线通信工作,因此用户可以在各种情况下对彼此进行身份验证,其设计以可用性为核心,只需要用户执行两个操作:一个启动,一个确认。用户直观地相互认证,似乎只使用对方的脸,但在引子下,LGTM使用面部识别和无线定位的组合来引导信任从无线信号到位置,再到人脸,以实现安全和可用的认证。
{"title":"Looks Good To Me: Authentication for Augmented Reality","authors":"Ethan Gaebel, Ning Zhang, W. Lou, Tom Hou","doi":"10.1145/2995289.2995295","DOIUrl":"https://doi.org/10.1145/2995289.2995295","url":null,"abstract":"Augmented reality is poised to become a dominant computing paradigm over the next decade. With promises of three-dimensional graphics and interactive interfaces, augmented reality experiences will rival the very best science fiction novels. This breakthrough also brings in unique challenges on how users can authenticate one another to share rich content between augmented reality headsets. Traditional authentication protocols fall short when there is no common central entity or when access to the central authentication server is not available or desirable. Looks Good To Me (LGTM) is an authentication protocol that leverages the unique hardware and context provided with augmented reality headsets to bring innate human trust mechanisms into the digital world to solve authentication in a usable and secure way. LGTM works over point to point wireless communication so users can authenticate one another in a variety of circumstances and is designed with usability at its core, requiring users to perform only two actions: one to initiate and one to confirm. Users intuitively authenticate one another, using seemingly only each other's faces, but under the hood LGTM uses a combination of facial recognition and wireless localization to bootstrap trust from a wireless signal, to a location, to a face, for secure and usable authentication.","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129572179","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Biometric authentication schemes are frequently used to establish the identity of a user. Often, a trusted hardware device is used to decide if a provided biometric feature is sufficiently close to the features stored by the legitimate user during enrollment. In this paper, we address the question whether the stored features can be extracted with side-channel attacks. We consider several models for types of leakage that are relevant specifically for fingerprint verification, and show results for attacks against the Bozorth3 and a custom matching algorithm. This work shows an interesting path for future research on the susceptibility of biometric algorithms towards side-channel attacks.
{"title":"Side-Channel Attacks on Fingerprint Matching Algorithms","authors":"Markus Dürmuth, David F. Oswald, Niklas Pastewka","doi":"10.1145/2995289.2995294","DOIUrl":"https://doi.org/10.1145/2995289.2995294","url":null,"abstract":"Biometric authentication schemes are frequently used to establish the identity of a user. Often, a trusted hardware device is used to decide if a provided biometric feature is sufficiently close to the features stored by the legitimate user during enrollment. In this paper, we address the question whether the stored features can be extracted with side-channel attacks. We consider several models for types of leakage that are relevant specifically for fingerprint verification, and show results for attacks against the Bozorth3 and a custom matching algorithm. This work shows an interesting path for future research on the susceptibility of biometric algorithms towards side-channel attacks.","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"9 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114038514","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Christopher Huth, René Guillaume, P. Duplys, K. Velmurugan, T. Güneysu
Besides security, energy consumption is a major concern for devices in the Internet of Things (IoT). We compare the energy consumption of two key agreement schemes -- Channel-Based Key Agreement (CBKA) and Elliptic Curve Diffie-Hellman (ECDH) -- in the IoT setting, using Wi-Fi as wireless communication interface. While ECDH is a well-studied protocol, CBKA has received attention only in recent years. Several publications proposed CBKA as a low-energy alternative to ECDH, but they did not address the energy cost of communication. For a fair comparison, we implemented the schemes on a 32-bit ARM Cortex M3-based IoT platform and measured the respective energy consumption for computation and communication. Our results show that the limiting factor for CBKA over Wi-Fi is the energy cost of communication, in particular the cost of acquiring the Received Signal Strength Indicator (RSSI) values. Even in an optimal scenario, CBKA must not measure more than ca. 300 RSSI values to be more energy efficient than ECDH. This is at most 1/5 of RSSI values required by CBKA implementations reported in the literature. As an optimization, we present a refined CBKA protocol which can save up to 25% of the energy compared to existing protocols by exploiting inherent data exchanges for entropy extraction.
{"title":"On the Energy Cost of Channel Based Key Agreement","authors":"Christopher Huth, René Guillaume, P. Duplys, K. Velmurugan, T. Güneysu","doi":"10.1145/2995289.2995291","DOIUrl":"https://doi.org/10.1145/2995289.2995291","url":null,"abstract":"Besides security, energy consumption is a major concern for devices in the Internet of Things (IoT). We compare the energy consumption of two key agreement schemes -- Channel-Based Key Agreement (CBKA) and Elliptic Curve Diffie-Hellman (ECDH) -- in the IoT setting, using Wi-Fi as wireless communication interface. While ECDH is a well-studied protocol, CBKA has received attention only in recent years. Several publications proposed CBKA as a low-energy alternative to ECDH, but they did not address the energy cost of communication. For a fair comparison, we implemented the schemes on a 32-bit ARM Cortex M3-based IoT platform and measured the respective energy consumption for computation and communication. Our results show that the limiting factor for CBKA over Wi-Fi is the energy cost of communication, in particular the cost of acquiring the Received Signal Strength Indicator (RSSI) values. Even in an optimal scenario, CBKA must not measure more than ca. 300 RSSI values to be more energy efficient than ECDH. This is at most 1/5 of RSSI values required by CBKA implementations reported in the literature. As an optimization, we present a refined CBKA protocol which can save up to 25% of the energy compared to existing protocols by exploiting inherent data exchanges for entropy extraction.","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"297 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134453315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Matthias Hiller, Aysun Gurur Önalan, G. Sigl, M. Bossert
Physical Unclonable Functions (PUFs) measure manufacturing variations inside integrated circuits to derive internal secrets during run-time and avoid to store secrets permanently in non-volatile memory. PUF responses are noisy such that they require error correction to generate reliable cryptographic keys. To date, when needed one single key is reproduced in the field and always used, regardless of its reliability. In this work, we compute online reliability information for a reproduced key and perform multiple PUF readout and error correction steps in case of an unreliable result. This permits to choose the most reliable key among multiple derived key candidates with different corrected error patterns. We achieve the same average key error probability from less PUF response bits with this approach. Our proof of concept design for a popular reference scenario uses Differential Sequence Coding (DSC) and a Viterbi decoder with reliability output information. It requires 39% less PUF response bits and 16% less helper data bits than the regular approach without the option for multiple readouts.
{"title":"Online Reliability Testing for PUF Key Derivation","authors":"Matthias Hiller, Aysun Gurur Önalan, G. Sigl, M. Bossert","doi":"10.1145/2995289.2995293","DOIUrl":"https://doi.org/10.1145/2995289.2995293","url":null,"abstract":"Physical Unclonable Functions (PUFs) measure manufacturing variations inside integrated circuits to derive internal secrets during run-time and avoid to store secrets permanently in non-volatile memory. PUF responses are noisy such that they require error correction to generate reliable cryptographic keys. To date, when needed one single key is reproduced in the field and always used, regardless of its reliability. In this work, we compute online reliability information for a reproduced key and perform multiple PUF readout and error correction steps in case of an unreliable result. This permits to choose the most reliable key among multiple derived key candidates with different corrected error patterns. We achieve the same average key error probability from less PUF response bits with this approach. Our proof of concept design for a popular reference scenario uses Differential Sequence Coding (DSC) and a Viterbi decoder with reliability output information. It requires 39% less PUF response bits and 16% less helper data bits than the regular approach without the option for multiple readouts.","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122398326","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Video surveillance, closed-circuit TV and IP-camera systems became virtually omnipresent and indispensable for many organizations, businesses, and users. Their main purpose is to provide physical security, increase safety, and prevent crime. They also became increasingly complex, comprising many communication means, embedded hardware and non-trivial firmware. However, most research to date focused mainly on the privacy aspects of such systems, and did not fully address their issues related to cyber-security in general, and visual layer (i.e., imagery semantics) attacks in particular. In this paper, we conduct a systematic review of existing and novel threats in video surveillance, closed-circuit TV and IP-camera systems based on publicly available data. The insights can then be used to better understand and identify the security and the privacy risks associated with the development, deployment and use of these systems. We study existing and novel threats, along with their existing or possible countermeasures, and summarize this knowledge into a comprehensive table that can be used in a practical way as a security checklist when assessing cyber-security level of existing or new CCTV designs and deployments. We also provide a set of recommendations and mitigations that can help improve the security and privacy levels provided by the hardware, the firmware, the network communications and the operation of video surveillance systems. We hope the findings in this paper will provide a valuable knowledge of the threat landscape that such systems are exposed to, as well as promote further research and widen the scope of this field beyond its current boundaries.
{"title":"Security of CCTV and Video Surveillance Systems: Threats, Vulnerabilities, Attacks, and Mitigations","authors":"Andrei Costin","doi":"10.1145/2995289.2995290","DOIUrl":"https://doi.org/10.1145/2995289.2995290","url":null,"abstract":"Video surveillance, closed-circuit TV and IP-camera systems became virtually omnipresent and indispensable for many organizations, businesses, and users. Their main purpose is to provide physical security, increase safety, and prevent crime. They also became increasingly complex, comprising many communication means, embedded hardware and non-trivial firmware. However, most research to date focused mainly on the privacy aspects of such systems, and did not fully address their issues related to cyber-security in general, and visual layer (i.e., imagery semantics) attacks in particular. In this paper, we conduct a systematic review of existing and novel threats in video surveillance, closed-circuit TV and IP-camera systems based on publicly available data. The insights can then be used to better understand and identify the security and the privacy risks associated with the development, deployment and use of these systems. We study existing and novel threats, along with their existing or possible countermeasures, and summarize this knowledge into a comprehensive table that can be used in a practical way as a security checklist when assessing cyber-security level of existing or new CCTV designs and deployments. We also provide a set of recommendations and mitigations that can help improve the security and privacy levels provided by the hardware, the firmware, the network communications and the operation of video surveillance systems. We hope the findings in this paper will provide a valuable knowledge of the threat landscape that such systems are exposed to, as well as promote further research and widen the scope of this field beyond its current boundaries.","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"416 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134165521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mathias Payer, S. Mangard, E. Weippl, S. Katzenbeisser, Xinxin Fan, T. Güneysu
The 6th International Workshop on Trustworthy Embedded Devices (TrustED 2016) was held October 28th, 2016 in Hofburg Palace, Vienna, Austria, and has been co-located with the 23rd ACM Conference on Computer and Communications Security (CCS 2016). TrustED 2016 is a continuation of previous workshops in this series, which were held in conjunction with ESORICS 2011, IEEE Security & Privacy 2012, ACM CCS 2013, ACM CCS 2014, and ACM CCS 2015 (see http://www.trusted-workshop.de for details). � �The fast and steady developments in sensor technologies, micro-electromechanical systems (MEMS), Internet infrastructure and communication standards have given rise to a new disruptive technology: the Internet of Things (IoT). As a key enabler for building a connected world, IoT allows people and objects in the physical world to interact with each other and create various smart environments in an autonomous manner. It has been estimated that the IoT ecosystem will bring over 28 billion connected autonomous things by 2020. As IoT continues to gain traction and more connected devices come to market, security and privacy will become major concerns. The resource-constrained smart embedded devices in IoT systems as well as the inherent complexity of IoT system architectures have posed new challenges for designing and implementing security and privacy mechanisms for protecting emerging IoT applications. Given the above, major themes of TrustED 2016 include security and privacy aspects of the Internet of Things and in particular of embedded devices as parts of cyber physical systems and their environments. It aims to bring together experts from academia and research institutes, industry, and government in the field of security and privacy in cyber physical systems to discuss and investigate the problems, challenges, and recent scientific and technological developments in this field. � �This year, twelve papers have been submitted. Each paper received at least three reviews, which were followed by an online discussion to decide on the program. Papers co-authored by one PC chair were exclusively handled by the other. The program committee accepted six papers that cover a variety of topics, including Physical Unclonable Functions, side-channel attacks, physical layer security, hardware security, and system security. In addition to the technical program, the workshop featured three internationally highly renowned speakers: Aurelien Francillon, Marcel Medwed, and David Oswald.
{"title":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","authors":"Mathias Payer, S. Mangard, E. Weippl, S. Katzenbeisser, Xinxin Fan, T. Güneysu","doi":"10.1145/2995289","DOIUrl":"https://doi.org/10.1145/2995289","url":null,"abstract":"The 6th International Workshop on Trustworthy Embedded Devices (TrustED 2016) was held October 28th, 2016 in Hofburg Palace, Vienna, Austria, and has been co-located with the 23rd ACM Conference on Computer and Communications Security (CCS 2016). TrustED 2016 is a continuation of previous workshops in this series, which were held in conjunction with ESORICS 2011, IEEE Security & Privacy 2012, ACM CCS 2013, ACM CCS 2014, and ACM CCS 2015 (see http://www.trusted-workshop.de for details). \u0000 \u0000The fast and steady developments in sensor technologies, micro-electromechanical systems (MEMS), Internet infrastructure and communication standards have given rise to a new disruptive technology: the Internet of Things (IoT). As a key enabler for building a connected world, IoT allows people and objects in the physical world to interact with each other and create various smart environments in an autonomous manner. It has been estimated that the IoT ecosystem will bring over 28 billion connected autonomous things by 2020. As IoT continues to gain traction and more connected devices come to market, security and privacy will become major concerns. The resource-constrained smart embedded devices in IoT systems as well as the inherent complexity of IoT system architectures have posed new challenges for designing and implementing security and privacy mechanisms for protecting emerging IoT applications. Given the above, major themes of TrustED 2016 include security and privacy aspects of the Internet of Things and in particular of embedded devices as parts of cyber physical systems and their environments. It aims to bring together experts from academia and research institutes, industry, and government in the field of security and privacy in cyber physical systems to discuss and investigate the problems, challenges, and recent scientific and technological developments in this field. \u0000 \u0000This year, twelve papers have been submitted. Each paper received at least three reviews, which were followed by an online discussion to decide on the program. Papers co-authored by one PC chair were exclusively handled by the other. The program committee accepted six papers that cover a variety of topics, including Physical Unclonable Functions, side-channel attacks, physical layer security, hardware security, and system security. In addition to the technical program, the workshop featured three internationally highly renowned speakers: Aurelien Francillon, Marcel Medwed, and David Oswald.","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124951884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the age of the IoT (Internet of Things), a random number generator plays an important role of generating encryption keys and authenticating a piece of an embedded equipment. The random numbers are required to be uniformly distributed statistically and unpredictable. To satisfy the requirements, a physical true random number generator (TR-NG) is used. In this paper, we implement a TRNG using an SR latch on 40 nm CMOS ASIC. This TRNG generates the random number by exclusive ORing (XORing) the outputs of 256 SR latches. We evaluate the random number generated using statistical tests in accordance with BSI AIS 20/31 and using an IID (Independent and Identically Distributed) test, and the entropy estimation in accordance with NIST SP800-90B changing the supply voltage and environmental temperature within its rated values. As a result, the TRNG passed all the tests except in a few cases. From this experiment, we found that the TRNG has a robustness against environmental change. The power consumption is 18.8 micro Watt at 2.5 MHz. This TRNG is suitable for embedded systems to improve security in IoT systems.
{"title":"Evaluation of Latch-based Physical Random Number Generator Implementation on 40 nm ASICs","authors":"N. Torii, Dai Yamamoto, Tsutomu Matsumoto","doi":"10.1145/2995289.2995292","DOIUrl":"https://doi.org/10.1145/2995289.2995292","url":null,"abstract":"In the age of the IoT (Internet of Things), a random number generator plays an important role of generating encryption keys and authenticating a piece of an embedded equipment. The random numbers are required to be uniformly distributed statistically and unpredictable. To satisfy the requirements, a physical true random number generator (TR-NG) is used. In this paper, we implement a TRNG using an SR latch on 40 nm CMOS ASIC. This TRNG generates the random number by exclusive ORing (XORing) the outputs of 256 SR latches. We evaluate the random number generated using statistical tests in accordance with BSI AIS 20/31 and using an IID (Independent and Identically Distributed) test, and the entropy estimation in accordance with NIST SP800-90B changing the supply voltage and environmental temperature within its rated values. As a result, the TRNG passed all the tests except in a few cases. From this experiment, we found that the TRNG has a robustness against environmental change. The power consumption is 18.8 micro Watt at 2.5 MHz. This TRNG is suitable for embedded systems to improve security in IoT systems.","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124425886","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Modern vehicles rely on a variety of electronic systems and components. One of those components is the vehicle key. Today, a key typically implements at least three functions: mechanical locking with a key blade, the electronic immobilizer to autorise the start of the engine, and the remote keyless entry (RKE) system that allows to wirelessly (un)lock the doors and disable the alarm system. These main components of a vehicle key are shown in Figure 1. For the mechanical part of the vehicle key, it is well known that the key blade can be easily copied and that the locking cylinder can be bypassed with other means (using so-called "decoders" or simply a screwdriver). In contrast, immobilizer and RKE rely on wireless protocols to cryptographically authenticate the vehicle key to the car. Immobilizers employ radio frequency identification (RFID) transponders to carry out a challenge-response protocol over a low-range bidirectional link at a frequency of 125 kHz. In the past, researchers have revealed severe aws in the cryptography and protocols used by immobilizers, leading to the break of the major systems Megamos, Hitag2, and DST40 [7, 6, 1]. In contrast to the immobilizer, the RKE part uses unidirectional communication (the vehicle only receives, the key fob only transmits) over a high-range wireless link with operating distances of tens to one hundred meters. These systems are based on rolling codes, which essentially transmit a counter (that is incremented on each button press) in a cryptographically authenticated manner. Until recently, the security of automotive RKE had been scrutinized to a lesser degree than that of immobilizers, even though vulnerabilities in similar systems have been known since 2008 with the attacks on KeeLoq [3]. Other results reported in the literature include an analytical attack on a single, outdated vehicle [2] and the so-called "RollJam" technique [5], which is based on a combination of replay and selective jamming. In 2016, it was shown that severe aws exist in the RKE systems of major automotive manufacturers [4]. On the one hand, the VWgroup (Volkswagen, Seat, Skoda, Audi) based the security of their RKE system on a few global cryptographic keys, potentially affecting hundreds of million vehicles world-wide. By extracting these global keys from the firmware of electronic controls units (ECUs) once, an adversary is able to create a duplicate of the owner's RKE fob by eavesdropping a single rolling code. The second case study in [4] exposes new cryptographic weaknesses in the Hitag2 cipher when used for RKE. Applying a correlation-based attack, an adversary can recover the 48-bit cryptographic key by eavesdropping four to eight rolling codes and performing a one-minute computation on a standard laptop. Again, this attack affects millions of vehicle world-wide. Manufacturers that used Hitag2 in their RKE system include Alfa Romeo, Peugeot, Lancia, Opel, Renault, and Ford among others. In this keynote talk, we will p
{"title":"Wireless Attacks on Automotive Remote Keyless Entry Systems","authors":"David F. Oswald","doi":"10.1145/2995289.2995297","DOIUrl":"https://doi.org/10.1145/2995289.2995297","url":null,"abstract":"Modern vehicles rely on a variety of electronic systems and components. One of those components is the vehicle key. Today, a key typically implements at least three functions: mechanical locking with a key blade, the electronic immobilizer to autorise the start of the engine, and the remote keyless entry (RKE) system that allows to wirelessly (un)lock the doors and disable the alarm system. These main components of a vehicle key are shown in Figure 1. For the mechanical part of the vehicle key, it is well known that the key blade can be easily copied and that the locking cylinder can be bypassed with other means (using so-called \"decoders\" or simply a screwdriver). In contrast, immobilizer and RKE rely on wireless protocols to cryptographically authenticate the vehicle key to the car. Immobilizers employ radio frequency identification (RFID) transponders to carry out a challenge-response protocol over a low-range bidirectional link at a frequency of 125 kHz. In the past, researchers have revealed severe aws in the cryptography and protocols used by immobilizers, leading to the break of the major systems Megamos, Hitag2, and DST40 [7, 6, 1]. In contrast to the immobilizer, the RKE part uses unidirectional communication (the vehicle only receives, the key fob only transmits) over a high-range wireless link with operating distances of tens to one hundred meters. These systems are based on rolling codes, which essentially transmit a counter (that is incremented on each button press) in a cryptographically authenticated manner. Until recently, the security of automotive RKE had been scrutinized to a lesser degree than that of immobilizers, even though vulnerabilities in similar systems have been known since 2008 with the attacks on KeeLoq [3]. Other results reported in the literature include an analytical attack on a single, outdated vehicle [2] and the so-called \"RollJam\" technique [5], which is based on a combination of replay and selective jamming. In 2016, it was shown that severe aws exist in the RKE systems of major automotive manufacturers [4]. On the one hand, the VWgroup (Volkswagen, Seat, Skoda, Audi) based the security of their RKE system on a few global cryptographic keys, potentially affecting hundreds of million vehicles world-wide. By extracting these global keys from the firmware of electronic controls units (ECUs) once, an adversary is able to create a duplicate of the owner's RKE fob by eavesdropping a single rolling code. The second case study in [4] exposes new cryptographic weaknesses in the Hitag2 cipher when used for RKE. Applying a correlation-based attack, an adversary can recover the 48-bit cryptographic key by eavesdropping four to eight rolling codes and performing a one-minute computation on a standard laptop. Again, this attack affects millions of vehicle world-wide. Manufacturers that used Hitag2 in their RKE system include Alfa Romeo, Peugeot, Lancia, Opel, Renault, and Ford among others. In this keynote talk, we will p","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121880472","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Today 2.9 billion people, or 40% of the world's population are online. By 2020, at least 40 billion more devices will become smart via embedded processors. The impact of such Internet of Things (IoT) on our society will be extraordinary. It will influence most consumer and business sectors, impact education, healthcare and safety. However, it certainly will also pose a challenge from a security point of view. Not only will the devices themselves become more complex, also the interaction between devices, the networks and the variance in topology will grow. Finally, with increasing amounts of data and assets at stake the incentive for attackers will increase. The costs of cyber attacks in such setting are estimated to reach about 2 trillion USD by 2020. Today, the IoT is just beginning to emerge. Unfortunately, when looking at its security, there is lots of room for improvement. Exploits reported at a steady pace clearly suggest that security is a major challenge when the world wants to successfully switch from an IoT hype to a real IoT deployment. Security, and security risk awareness, insufficiently present in today's consumer and developer mindset, are only a starting point. Once the requirement for strong security is widely accepted, there will be still the economical question of who is going to pay for security and its maintenance. Without enforcing certain standards by means of third party evaluation this problem is expected to be hard to get under control.
{"title":"IoT Security Challenges and Ways Forward","authors":"M. Medwed","doi":"10.1145/2995289.2995298","DOIUrl":"https://doi.org/10.1145/2995289.2995298","url":null,"abstract":"Today 2.9 billion people, or 40% of the world's population are online. By 2020, at least 40 billion more devices will become smart via embedded processors. The impact of such Internet of Things (IoT) on our society will be extraordinary. It will influence most consumer and business sectors, impact education, healthcare and safety. However, it certainly will also pose a challenge from a security point of view. Not only will the devices themselves become more complex, also the interaction between devices, the networks and the variance in topology will grow. Finally, with increasing amounts of data and assets at stake the incentive for attackers will increase. The costs of cyber attacks in such setting are estimated to reach about 2 trillion USD by 2020. Today, the IoT is just beginning to emerge. Unfortunately, when looking at its security, there is lots of room for improvement. Exploits reported at a steady pace clearly suggest that security is a major challenge when the world wants to successfully switch from an IoT hype to a real IoT deployment. Security, and security risk awareness, insufficiently present in today's consumer and developer mindset, are only a starting point. Once the requirement for strong security is widely accepted, there will be still the economical question of who is going to pay for security and its maintenance. Without enforcing certain standards by means of third party evaluation this problem is expected to be hard to get under control.","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132902299","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This talk will make an overview of security problems that have been found with both large scale automated static analysis (within the firmware.re project) and with more focused and more manual dynamic analysis (using the Avatar project). I will then discuss what I think we can do about it and how.
{"title":"Analyzing Thousands of Firmware Images and a Few Physical Devices: What's Next?","authors":"Aurélien Francillon","doi":"10.1145/2995289.2995296","DOIUrl":"https://doi.org/10.1145/2995289.2995296","url":null,"abstract":"This talk will make an overview of security problems that have been found with both large scale automated static analysis (within the firmware.re project) and with more focused and more manual dynamic analysis (using the Avatar project). I will then discuss what I think we can do about it and how.","PeriodicalId":130056,"journal":{"name":"Proceedings of the 6th International Workshop on Trustworthy Embedded Devices","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127824719","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: