Code reuse attacks such as return-oriented programming (ROP) are predominant attack techniques that are extensively used to exploit vulnerabilities in modern software programs. ROP maliciously combines short instruction sequences (gadgets) residing in shared libraries and the application's executable to bypass data execution prevention (DEP) and launch targeted exploits. ROP attacks apply to many processor architectures from Intel x86 [1] to tiny embedded systems [2]. As a consequence, a variety of defenses have been proposed over the last few years - most prominently code randomization (ASLR) and control-flow integrity (CFI). Particularly, constructing practical CFI schemes has become a hot topic of research recently. In this talk, we present the evolution of return-oriented programming (ROP) attacks and defenses. We first give an overview of ROP attacks and techniques. Second, we investigate the security of software diversity based approaches such as finegrained code randomization [3]. Third, we dive deeper and focus on control-flow integrity (CFI) and show how to bypass all recent (coarse-grained) CFI solutions, including Microsoft's defense tool EMET [4]. Finally, we discuss new research directions to mitigate code reuse attacks, including our current work on hardware-assisted fine-grained control-flow integrity [5]. Part of this research [3-5] was conducted in collaboration with A. Dmitrienko, D. Lehmann, C. Liebchen, P. Koeberl, F. Monrose, and K. Z. Snow
代码重用攻击,如面向返回的编程(ROP)是主要的攻击技术,广泛用于利用现代软件程序中的漏洞。ROP恶意地将驻留在共享库中的短指令序列(小工具)与应用程序的可执行文件结合起来,以绕过数据执行预防(DEP)并启动目标漏洞利用。从Intel x86[1]到微型嵌入式系统[2],ROP攻击适用于许多处理器架构。因此,在过去几年中提出了各种防御措施-最突出的是代码随机化(ASLR)和控制流完整性(CFI)。特别是,构建实用的CFI方案已成为近年来的研究热点。在这次演讲中,我们介绍了面向返回的编程(ROP)攻击和防御的演变。我们首先概述了ROP攻击和技术。其次,我们研究了基于软件多样性的方法的安全性,如细粒度代码随机化[3]。第三,我们深入研究并专注于控制流完整性(CFI),并展示如何绕过所有最近的(粗粒度)CFI解决方案,包括微软的防御工具EMET[4]。最后,我们讨论了减轻代码重用攻击的新研究方向,包括我们目前在硬件辅助的细粒度控制流完整性方面的工作[5]。部分研究[3-5]是与A. Dmitrienko、D. Lehmann、C. Liebchen、P. Koeberl、F. Monrose和K. Z. Snow合作进行的
{"title":"Beasty Memories: The Quest for Practical Defense against Code Reuse Attacks","authors":"A. Sadeghi, Lucas Davi","doi":"10.1145/2666141.2668386","DOIUrl":"https://doi.org/10.1145/2666141.2668386","url":null,"abstract":"Code reuse attacks such as return-oriented programming (ROP) are predominant attack techniques that are extensively used to exploit vulnerabilities in modern software programs. ROP maliciously combines short instruction sequences (gadgets) residing in shared libraries and the application's executable to bypass data execution prevention (DEP) and launch targeted exploits. ROP attacks apply to many processor architectures from Intel x86 [1] to tiny embedded systems [2]. As a consequence, a variety of defenses have been proposed over the last few years - most prominently code randomization (ASLR) and control-flow integrity (CFI). Particularly, constructing practical CFI schemes has become a hot topic of research recently. In this talk, we present the evolution of return-oriented programming (ROP) attacks and defenses. We first give an overview of ROP attacks and techniques. Second, we investigate the security of software diversity based approaches such as finegrained code randomization [3]. Third, we dive deeper and focus on control-flow integrity (CFI) and show how to bypass all recent (coarse-grained) CFI solutions, including Microsoft's defense tool EMET [4]. Finally, we discuss new research directions to mitigate code reuse attacks, including our current work on hardware-assisted fine-grained control-flow integrity [5]. Part of this research [3-5] was conducted in collaboration with A. Dmitrienko, D. Lehmann, C. Liebchen, P. Koeberl, F. Monrose, and K. Z. Snow","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115142192","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Shijun Zhao, Qianying Zhang, Guangyao Hu, Yu Qin, D. Feng
We present the design, implementation and evaluation of the root of trust for the Trusted Execution Environment (TEE) provided by ARM TrustZone based on the on-chip SRAM Physical Unclonable Functions (PUFs). We first implement a building block which provides the foundations for the root of trust: secure key storage and truly random source. The building block doesn't require on or off-chip secure non-volatile memory to store secrets, but provides a high-level security: resistance to physical attackers capable of controlling all external interfaces of the system on chip (SoC). Based on the building block, we build the root of trust consisting of seal/unseal primitives for secure services running in the TEE, and a software-only TPM service running in the TEE which provides rich TPM functionalities for the rich OS running in the normal world of TrustZone. The root of trust resists software attackers capable of compromising the entire rich OS. Besides, both the building block and the root of trust run on the powerful ARM processor. In one word, we leverage the on-chip SRAM, commonly available on mobile devices, to achieve a low-cost, secure, and efficient design of the root of trust.
{"title":"Providing Root of Trust for ARM TrustZone using On-Chip SRAM","authors":"Shijun Zhao, Qianying Zhang, Guangyao Hu, Yu Qin, D. Feng","doi":"10.1145/2666141.2666145","DOIUrl":"https://doi.org/10.1145/2666141.2666145","url":null,"abstract":"We present the design, implementation and evaluation of the root of trust for the Trusted Execution Environment (TEE) provided by ARM TrustZone based on the on-chip SRAM Physical Unclonable Functions (PUFs). We first implement a building block which provides the foundations for the root of trust: secure key storage and truly random source. The building block doesn't require on or off-chip secure non-volatile memory to store secrets, but provides a high-level security: resistance to physical attackers capable of controlling all external interfaces of the system on chip (SoC). Based on the building block, we build the root of trust consisting of seal/unseal primitives for secure services running in the TEE, and a software-only TPM service running in the TEE which provides rich TPM functionalities for the rich OS running in the normal world of TrustZone. The root of trust resists software attackers capable of compromising the entire rich OS. Besides, both the building block and the root of trust run on the powerful ARM processor. In one word, we leverage the on-chip SRAM, commonly available on mobile devices, to achieve a low-cost, secure, and efficient design of the root of trust.","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130543841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In today's Internet, authenticating online entities is challenging since people lack the real-world cues upon which to base their context-dependent trust decisions. For example, how can a user confirm that a Facebook invitation truly originates from the claimed sender, as anyone can trivially set up a bogus online identity with someone else's photo? Given an SSL certificate warning, how can a user validate it be- fore proceeding, as the certificate could be legitimate (e.g., the certificate is signed by a legitimate authority that the browser does not recognize) or malicious (e.g., it is signed by a compromised CA)? This talk demonstrates that providing useful evidence can empower users to make informed context-dependent trust decisions regarding previously unknown entities in the context of identity and public-key authentication. We first introduce an identity authentication logic called RelationGram that visualizes interpersonal tie strength of virtual entities using both physical and social proximities [2,4]. RelationGram enables casual users to authenticate online identities in a safe and easy manner, and build trust in previously unknown online entities. We then introduce new public-key validation proposals called Accountable Key Infrastructure (AKI) [3] and Attack Resilient Public-Key Infrastructure (ARPKI) [1] that reduce the amount of trust in any single entity to improve the resilience of the current PKI systems. AKI and ARPKI support trust agility such that entities select a security policy for their public-key certificates, and checks and balances such that entities monitor each other for misbehavior and prevent a single point of failure. When users are given pieces of evidence to which they can easily relate, they can make context-dependent authentication decisions online and build trust in online entities. As concluding remarks, we highlight some of the remaining challenges and future research directions to truly empower users to make informed trust decisions.
{"title":"Challenges of Establishing Trust in Online Entities and Beyond","authors":"T. Kim","doi":"10.1145/2666141.2668385","DOIUrl":"https://doi.org/10.1145/2666141.2668385","url":null,"abstract":"In today's Internet, authenticating online entities is challenging since people lack the real-world cues upon which to base their context-dependent trust decisions. For example, how can a user confirm that a Facebook invitation truly originates from the claimed sender, as anyone can trivially set up a bogus online identity with someone else's photo? Given an SSL certificate warning, how can a user validate it be- fore proceeding, as the certificate could be legitimate (e.g., the certificate is signed by a legitimate authority that the browser does not recognize) or malicious (e.g., it is signed by a compromised CA)? This talk demonstrates that providing useful evidence can empower users to make informed context-dependent trust decisions regarding previously unknown entities in the context of identity and public-key authentication. We first introduce an identity authentication logic called RelationGram that visualizes interpersonal tie strength of virtual entities using both physical and social proximities [2,4]. RelationGram enables casual users to authenticate online identities in a safe and easy manner, and build trust in previously unknown online entities. We then introduce new public-key validation proposals called Accountable Key Infrastructure (AKI) [3] and Attack Resilient Public-Key Infrastructure (ARPKI) [1] that reduce the amount of trust in any single entity to improve the resilience of the current PKI systems. AKI and ARPKI support trust agility such that entities select a security policy for their public-key certificates, and checks and balances such that entities monitor each other for misbehavior and prevent a single point of failure. When users are given pieces of evidence to which they can easily relate, they can make context-dependent authentication decisions online and build trust in online entities. As concluding remarks, we highlight some of the remaining challenges and future research directions to truly empower users to make informed trust decisions.","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128084763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
6LoWPAN networks are 802.15.4-based wireless sensor Networks that seamlessly integrate with IPv6 networks using specially designed protocols. Unfortunately, 6LoWPAN networks are vulnerable to hidden wormholes. To detect and subsequently avoid hidden wormholes, Jain et al. recently proposed two schemes, which exploit the reciprocity of received signal strength indicators (RSSIs). However, threats and attacks can mislead Jain et al.'s schemes into reaching false positives or false negatives. Moreover, their schemes take calibrated RSSIs for granted, which is impractical. In this paper, we propose "Secure Channel REciprocity-based WormholE Detection (SCREWED)", which avoids both false positives and false negatives to a great extend. For this, SCREWED uses channel hopping, randomized transmission powers, message integrity codes, as well as a special replay protection mechanism. Furthermore, SCREWED obviates the need for calibrating RSSIs by using a different channel reciprocity metric. We integrated SCREWED into the link layer of Contiki's 6LoWPAN stack and demonstrate SCREWED's efficacy using TelosB motes.
{"title":"6LoWPAN Security: Avoiding Hidden Wormholes using Channel Reciprocity","authors":"Konrad-Felix Krentz, G. Wunder","doi":"10.1145/2666141.2666143","DOIUrl":"https://doi.org/10.1145/2666141.2666143","url":null,"abstract":"6LoWPAN networks are 802.15.4-based wireless sensor Networks that seamlessly integrate with IPv6 networks using specially designed protocols. Unfortunately, 6LoWPAN networks are vulnerable to hidden wormholes. To detect and subsequently avoid hidden wormholes, Jain et al. recently proposed two schemes, which exploit the reciprocity of received signal strength indicators (RSSIs). However, threats and attacks can mislead Jain et al.'s schemes into reaching false positives or false negatives. Moreover, their schemes take calibrated RSSIs for granted, which is impractical. In this paper, we propose \"Secure Channel REciprocity-based WormholE Detection (SCREWED)\", which avoids both false positives and false negatives to a great extend. For this, SCREWED uses channel hopping, randomized transmission powers, message integrity codes, as well as a special replay protection mechanism. Furthermore, SCREWED obviates the need for calibrating RSSIs by using a different channel reciprocity metric. We integrated SCREWED into the link layer of Contiki's 6LoWPAN stack and demonstrate SCREWED's efficacy using TelosB motes.","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127865486","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Countless systems ranging from consumer electronics to military equipment are dependent on integrated circuits (ICs). A surprisingly large number of such systems are already security critical, e.g., medical devices, automotive electronics, or SCADA systems. If the underlying ICs in such applications are maliciously manipulated through hardware Trojans, the security of the entire system can be compromised. In recent years, hardware Trojans have drawn the attention of governments and the scientific community. Initially, the primary attacker model was a malicious foundry that could alter the design, i.e., introduce hardware Trojans which could interfere with the (securitysensitive) functionality of a chip. Many other attacker models exist too. For instance, a legitimate IC manufacturer, e.g., a consumer electronics company abroad, might be in cohort with a foreign intelligence agency to alter its products in a way that compromises their security. Even though hardware Trojans have been considerably studied, little is known about how they might look, especially those that are particularly designed to avoid detection. In this talk we introduce two recent research projects which deal with the Trojan insertion in two different types of hardware platforms, ASICs and FPGAs. This is joint work with Georg Becker, Wayne Burleson, Marc Fyrbiak, Philipp Koppe, Franceso Regazzoni and Pawel Swierczynski.
{"title":"How to Build Hardware Trojans","authors":"C. Paar","doi":"10.1145/2666141.2668384","DOIUrl":"https://doi.org/10.1145/2666141.2668384","url":null,"abstract":"Countless systems ranging from consumer electronics to military equipment are dependent on integrated circuits (ICs). A surprisingly large number of such systems are already security critical, e.g., medical devices, automotive electronics, or SCADA systems. If the underlying ICs in such applications are maliciously manipulated through hardware Trojans, the security of the entire system can be compromised. In recent years, hardware Trojans have drawn the attention of governments and the scientific community. Initially, the primary attacker model was a malicious foundry that could alter the design, i.e., introduce hardware Trojans which could interfere with the (securitysensitive) functionality of a chip. Many other attacker models exist too. For instance, a legitimate IC manufacturer, e.g., a consumer electronics company abroad, might be in cohort with a foreign intelligence agency to alter its products in a way that compromises their security. Even though hardware Trojans have been considerably studied, little is known about how they might look, especially those that are particularly designed to avoid detection. In this talk we introduce two recent research projects which deal with the Trojan insertion in two different types of hardware platforms, ASICs and FPGAs. This is joint work with Georg Becker, Wayne Burleson, Marc Fyrbiak, Philipp Koppe, Franceso Regazzoni and Pawel Swierczynski.","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"59 16","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113933483","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The problem of ordering task executions has been well studied under power, performance, and thermal constraints. However, it has been pursued less under security concerns. We have observed that different orders of task executions have different side-channel information leakage, thus having different security levels. In this paper, we first model the behavior of the attacker and then propose a secure algorithm for ordering aperiodic tasks that have soft deadlines. Our algorithm can keep a good balance between side-channel information leakage and total lateness. Experimental results show that the attacker could make 38.65% more error inferring the state of chip through side-channel analysis if tasks are scheduled using our algorithm as compared to using algorithms without security consideration (like EDF algorithm).
{"title":"A Secure Algorithm for Task Scheduling against Side-channel Attacks","authors":"Chongxi Bao, Ankur Srivastava","doi":"10.1145/2666141.2666142","DOIUrl":"https://doi.org/10.1145/2666141.2666142","url":null,"abstract":"The problem of ordering task executions has been well studied under power, performance, and thermal constraints. However, it has been pursued less under security concerns. We have observed that different orders of task executions have different side-channel information leakage, thus having different security levels. In this paper, we first model the behavior of the attacker and then propose a secure algorithm for ordering aperiodic tasks that have soft deadlines. Our algorithm can keep a good balance between side-channel information leakage and total lateness. Experimental results show that the attacker could make 38.65% more error inferring the state of chip through side-channel analysis if tasks are scheduled using our algorithm as compared to using algorithms without security consideration (like EDF algorithm).","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"7 11","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113962045","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Embedded computing devices increasingly permeate many aspects of modern life: from medical to automotive, from building and factory automation to weapons, from avionics to home entertainment. Despite their specialized nature as well as limited resources and connectivity, these devices are becoming an increasingly popular and attractive target for remote malware infestation attacks, exemplified by Stuxnet [1]. Many mitigation techniques have been proposed, varying in terms of generality and underlying assumptions. One common theme is the need for Remote Attestation, a distinct security service that allows a trusted party (verifier) to check the internal state of a remote untrusted embedded device (prover). Purely software-based techniques, while efficient, offer dubious security guarantees. Most hardware-based techniques are too costly for low-end embedded devices.This talk focuses on three important challenges in designing Remote Attestation techniques for low-end embedded devices. First, what is the minimal set of hardware and software features for a low-end embedded device to attain provably secure remote attestation, under the strongest possible and realistic adversary model? Second, what mechanisms and features are needed to protect the remote attestation process from unauthorized invocation, i.e., how to assure that an embedded device is not being misused? Third, how to design efficient remote attestation for a multitude of potentially heterogeneous embedded devices, e.g., within a vehicle, a household, or an aircraft? Some of this research [2-4] was conducted in collaboration with K. Eldefrawy, A. Francillon, D. Perito and K. Rasmussen.
{"title":"Challenges in Remote Attestation of Low-End Embedded Devices","authors":"G. Tsudik","doi":"10.1145/2666141.2668383","DOIUrl":"https://doi.org/10.1145/2666141.2668383","url":null,"abstract":"Embedded computing devices increasingly permeate many aspects of modern life: from medical to automotive, from building and factory automation to weapons, from avionics to home entertainment. Despite their specialized nature as well as limited resources and connectivity, these devices are becoming an increasingly popular and attractive target for remote malware infestation attacks, exemplified by Stuxnet [1]. Many mitigation techniques have been proposed, varying in terms of generality and underlying assumptions. One common theme is the need for Remote Attestation, a distinct security service that allows a trusted party (verifier) to check the internal state of a remote untrusted embedded device (prover). Purely software-based techniques, while efficient, offer dubious security guarantees. Most hardware-based techniques are too costly for low-end embedded devices.This talk focuses on three important challenges in designing Remote Attestation techniques for low-end embedded devices. First, what is the minimal set of hardware and software features for a low-end embedded device to attain provably secure remote attestation, under the strongest possible and realistic adversary model? Second, what mechanisms and features are needed to protect the remote attestation process from unauthorized invocation, i.e., how to assure that an embedded device is not being misused? Third, how to design efficient remote attestation for a multitude of potentially heterogeneous embedded devices, e.g., within a vehicle, a household, or an aircraft? Some of this research [2-4] was conducted in collaboration with K. Eldefrawy, A. Francillon, D. Perito and K. Rasmussen.","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128075184","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Advances in manufacturing and emerging technologies in miniaturization and reduction of power consumption have proven to be a pivotal point in mankind's progress. The once advanced machines that occupied entire buildings and needed hundreds of engineers to be operated are now shadowed by the smart cellular phones we carry in our pockets. With the advent of the Internet and proliferation of wireless technologies, these devices are now extremely interconnected. Enter the nascent era of Internet of Things (IoT) and wearable devices, where small embedded devices loaded with sensors collect information from its surroundings, process it and relay it to remote locations for further analysis. Albeit looking harmless, this nascent technologies raise security and privacy concerns. In this talk, we pose the question of the possibility and effects of compromising one of such devices. Concentrating on the design flow of IoT devices, we discuss some common design practices and their implications on security and privacy. We present the Google Nest Learning Thermostat as an example on how these practices affect the resulting device and the potential consequences to user security and privacy. We will then introduce design flow security enhancement methods through which security will be built into the device, a major difference from traditional practices which treat security as an add-on property implemented at post-fabrication stage.
{"title":"Embedded System Security in Smart Consumer Electronics","authors":"Yier Jin","doi":"10.1145/2666141.2673888","DOIUrl":"https://doi.org/10.1145/2666141.2673888","url":null,"abstract":"Advances in manufacturing and emerging technologies in miniaturization and reduction of power consumption have proven to be a pivotal point in mankind's progress. The once advanced machines that occupied entire buildings and needed hundreds of engineers to be operated are now shadowed by the smart cellular phones we carry in our pockets. With the advent of the Internet and proliferation of wireless technologies, these devices are now extremely interconnected. Enter the nascent era of Internet of Things (IoT) and wearable devices, where small embedded devices loaded with sensors collect information from its surroundings, process it and relay it to remote locations for further analysis. Albeit looking harmless, this nascent technologies raise security and privacy concerns. In this talk, we pose the question of the possibility and effects of compromising one of such devices. Concentrating on the design flow of IoT devices, we discuss some common design practices and their implications on security and privacy. We present the Google Nest Learning Thermostat as an example on how these practices affect the resulting device and the potential consequences to user security and privacy. We will then introduce design flow security enhancement methods through which security will be built into the device, a major difference from traditional practices which treat security as an add-on property implemented at post-fabrication stage.","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114812912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Simple AEAD Hardware Interface (SÆHI) is a hardware cryptographic interface aimed at CAESAR Authenticated Encryption with Associated Data (AEAD) algorithms. Cryptographic acceleration is typically achieved either with a coprocessor or via instruction set extensions. ISA modifications require re-engineering the CPU core, making the approach inapplicable outside the realm of open source processor cores. At minimum, we suggest implementing CAESAR AEADs as universal memory-mapped cryptographic coprocessors, synthesizable even on low end FPGA platforms. AEADs complying to SÆHI must also include C language API drivers targeting low-end MCUs that directly utilize the memory mapping in a ``bare metal'' fashion. This can also be accommodated on MMU-equipped mid-range CPUs.� Extended battery life and bandwidth resulting from dedicated cryptographic hardware is vital for currently dominant computing and communication devices: mobile phones, tablets, and Internet-of-Things (IoT) applications. We argue that these should be priority hardware optimization targets for AEAD algorithms with realistic payload profiles.� We demonstrate a fully integrated implementation of WhirlBob and Keyak AEADs on the FPGA fabric of Xilinx Zynq 7010. This low-cost System-on-Chip (SoC) also houses a dual-core Cortex-A9 CPU, closely matching the architecture of many embedded devices. The on-chip coprocessor is accessible from user space with a Linux kernel driver. An integration path exists all the way to end-user applications.
{"title":"Simple AEAD Hardware Interface (SÆHI) in a SoC: Implementing an On-Chip Keyak/WhirlBob Coprocessor","authors":"Markku-Juhani O. Saarinen","doi":"10.1145/2666141.2666144","DOIUrl":"https://doi.org/10.1145/2666141.2666144","url":null,"abstract":"Simple AEAD Hardware Interface (SÆHI) is a hardware cryptographic interface aimed at CAESAR Authenticated Encryption with Associated Data (AEAD) algorithms. Cryptographic acceleration is typically achieved either with a coprocessor or via instruction set extensions. ISA modifications require re-engineering the CPU core, making the approach inapplicable outside the realm of open source processor cores. At minimum, we suggest implementing CAESAR AEADs as universal memory-mapped cryptographic coprocessors, synthesizable even on low end FPGA platforms. AEADs complying to SÆHI must also include C language API drivers targeting low-end MCUs that directly utilize the memory mapping in a ``bare metal'' fashion. This can also be accommodated on MMU-equipped mid-range CPUs.\u0000 Extended battery life and bandwidth resulting from dedicated cryptographic hardware is vital for currently dominant computing and communication devices: mobile phones, tablets, and Internet-of-Things (IoT) applications. We argue that these should be priority hardware optimization targets for AEAD algorithms with realistic payload profiles.\u0000 We demonstrate a fully integrated implementation of WhirlBob and Keyak AEADs on the FPGA fabric of Xilinx Zynq 7010. This low-cost System-on-Chip (SoC) also houses a dual-core Cortex-A9 CPU, closely matching the architecture of many embedded devices. The on-chip coprocessor is accessible from user space with a Linux kernel driver. An integration path exists all the way to end-user applications.","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131716445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Electronic Identification (eID) is becoming commonplace in several European countries. eID is typically used to authenticate to government e-services, but is also used for other services, such as public transit, e-banking, and physical security access control. Typical eID tokens take the form of physical smart cards, but successes in merging eID into phone operator SIM cards show that eID tokens integrated into a personal device can offer better usability compared to standalone tokens. At the same time, trusted hardware that enables secure storage and isolated processing of sensitive data have become commonplace both on PC platforms as well as mobile devices. Some time ago, the Trusted Computing Group (TCG) released the version 2.0 of the Trusted Platform Module (TPM) specification. We propose an eID architecture based on the new, rich authorization model introduced in the TCGs TPM 2.0. The goal of the design is to improve the overall security and usability compared to traditional smart card-based solutions. We also provide, to the best our knowledge, the first accessible description of the TPM 2.0 authorization model.
{"title":"Citizen Electronic Identities using TPM 2.0","authors":"Thomas Nyman, Jan-Erik Ekberg, N. Asokan","doi":"10.1145/2666141.2666146","DOIUrl":"https://doi.org/10.1145/2666141.2666146","url":null,"abstract":"Electronic Identification (eID) is becoming commonplace in several European countries. eID is typically used to authenticate to government e-services, but is also used for other services, such as public transit, e-banking, and physical security access control. Typical eID tokens take the form of physical smart cards, but successes in merging eID into phone operator SIM cards show that eID tokens integrated into a personal device can offer better usability compared to standalone tokens. At the same time, trusted hardware that enables secure storage and isolated processing of sensitive data have become commonplace both on PC platforms as well as mobile devices. Some time ago, the Trusted Computing Group (TCG) released the version 2.0 of the Trusted Platform Module (TPM) specification. We propose an eID architecture based on the new, rich authorization model introduced in the TCGs TPM 2.0. The goal of the design is to improve the overall security and usability compared to traditional smart card-based solutions. We also provide, to the best our knowledge, the first accessible description of the TPM 2.0 authorization model.","PeriodicalId":350304,"journal":{"name":"Workshop on Trustworthy Embedded Devices","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115937895","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: