Shashidhar Peruru

1
SHASHIDHAR PERURU
Tamper Resistant Security Mechanisms for Secure
Embedded Systems
1
2
OUTLINE

• Introduction
• Classification of attacks
• Countering attacks
• Case Study

http//www.hq.nasa.gov/office/ospp/securityguide/i
mages/Cartoons/Computer.jpg
2
3
INTRODUCTION
3
4
FUNCTIONAL SECURITY MECHANISMS
Cryptographic algorithms, including symmetric
ciphers, Public-key ciphers. Hash functions.
Network security protocols ( IPSec and SSL
)? BUT, they are not tamper proof and do
not provide complete security solutions.
http//www.flickr.com/photos/aperture_lag/23282404
02/
4
5
CAUSES OF SECURITY LAPSES

• Operations in untrusted environment
• Network induced vulnerability
• Downloaded software execution
• Complex design process

5
http//media.maxim-ic.com/images/appnotes/2033/203
3Fig04a.gif
6
CLASSIFICATION OF ATTACKS

• Based on functional objectives
• Privacy attacks
• Integrity attacks
• Availability attacks
• Based on agents or means used to launch attack
• Software attacks
• Physical or Invasive attacks
• Side Channel Attacks

6
7
SOFTWARE ATTACKS

• Buffer overflow problem
• effects can include
• overwriting stack memory,
• heaps, and function
• pointers

PHYSICAL AND SIDE CHANNEL ATTACKS
http//img133.imageshack.us/img133/6973/intrusiont
n3.jpg

• Physical Attacks
• Power Analysis attacks
• Timing attacks
• Fault Injection attacks
• Electromagnetic Analysis attacks

7
8
COUNTERING SECURITY ATTACKS

• Specific objectives of the mechanisms
• Attack Prevention
• Attack Detection
• Attack Recovery
• Tamper evident design technique

8
9
COUNTERMEASURES FOR SOFTWARE ATTACKS

• The major considerations are -
• Ensure privacy and integrity of sensitive code
  and data during every stage of software execution
  in an embedded system.
• Determine with certainty that is a safe from a
  security stand point to execute a given program
• Remove security loopholes in software that make
  the system vulnerable to such attacks

9
10

• Hardware Support
• Idea is to isolate or restrict secure memory
  areas
• Cryptocell
• Secure Bootstrapping
• Operating System Enhancements
• Software authentication and validation

http//www.discretix.com/images/CryptoCellComple.g
if
http//www.discretix.com/images/HWcontext.gif
10
11
COUNTERMEASURES FOR PHYSICAL AND SIDE CHANNEL
ATTACKS

• Physical attack protection
• IBM 4758 PCI cryptographic adapter

11
12

• Bus encryption
• Use of crytoprocessors
• Side channel attack protection
• Randomization
• Data Masking

12
13
CASE STUDY ARM TRUSTZONE
http//www.design-reuse.com/news_img2/ news16975/a
rm_trustzone.gif

• It is a comprehensive security solution for SOCs
• Foremost and primary objective is to segregate
  access to sensitive information of a ARM based
  SOC architecture

http//www.arm.com/rximages/21885.gif
13
http//www.windowsfordevices.com/files/misc/arm_tr
ustzone_arch_concept_diag.gif
14

• Trusted Code base
• Regulates the entire security of entire system
• Regulates all security tasks that involves
  manipulation of keys
• Uses demarcation to separate domains using
  S-bit

14
15
REFERENCES

• Cryptocell, Directrix http//www.discretix.com/Cr
  yptoCell/
• ARM TrustZone http//www.arm.com/products/securit
  y/trustzone/
• IBM 4758 PCI cryptographic adapter
  http//www-03.ibm.com/security/cryptocards/
• ARM DONS ARMOR,TrustZone Security Extensions
  Strengthen ARMv6 Architecture By Tom R. Halfhill
  8/25/03-01
• Security in Embedded Systems Design
  Challenges,Srivaths Ravi and Anand
  Raghunathan,NEC Laboratories America,Paul Kocher
  Cryptography Research,and Sunil Hattangady,Texas
  Instruments Inc.

15