CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue
Transcript of CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue
![Page 1: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/1.jpg)
CrypTechBuilding a More Assured
HSM with a More Assured Tool-Chain
![Page 2: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/2.jpg)
140828 CrypTech 2Creative Commons: Attribution & Share Alike
![Page 3: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/3.jpg)
The Need• Every week a new horror about Crypto/Privacy• der Spiegel’s revelation of the “SpyMall
Catalogue”• Compromises of and trojans in most network
devices, servers, firewalls, ...• We are relying on cryptographic hardware which are designed and made by government contractors
• Many people are not comfortable with this
140828 CrypTech 3Creative Commons: Attribution & Share Alike
![Page 4: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/4.jpg)
Hardware Security Module
A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.
Wikipedia
140828 CrypTech 4Creative Commons: Attribution & Share Alike
![Page 5: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/5.jpg)
HSMs Are Used For• Principally, Lock-box for Private Keys for
• DNSsec• RPKI• PGP• Corporate Authentication• Your use goes here
• Also,• Encryption / Decryption• VPNs• Source of Randomness
140828 CrypTech 5Creative Commons: Attribution & Share Alike
![Page 6: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/6.jpg)
OriginsThis effort was started at the suggestion of Russ Housley, Jari Arkko, and Stephen Farrell of the IETF, to meet the assurance needs of supporting IETF protocols in an open and transparent manner.
But this is NOT an IETF, ISOC, ... project, though both contribute. As the saying goes, “We work for the Internet.”
140828 CrypTech 6Creative Commons: Attribution & Share Alike
![Page 7: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/7.jpg)
Goals• An open-source reference design for HSMs
• Scalable, first cut in an FPGA and CPU, later allow higher speed options
• Composable, e.g. “Give me a key store and signer suitable for DNSsec”
• Reasonable assurance by being open, diverse design team, and an increasingly assured tool-chain
140828 CrypTech 7Creative Commons: Attribution & Share Alike
![Page 8: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/8.jpg)
Open and Transparent• The project is being run in a maximally open, transparent manner with traceability for all decisions etc.
• We do this in order to build trust in the project itself
• And diverse, engineering and funding
140828 CrypTech 8Creative Commons: Attribution & Share Alike
![Page 9: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/9.jpg)
Funding (so far) From
140828 CrypTech 9Creative Commons: Attribution & Share Alike
![Page 10: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/10.jpg)
FPGAHashes: SHA*/MD5/GOST Encrypt: AES/Camellia PublicKey RSA/ECC/DSA, Block Crypto Modes
TRNG, BigNum, Modular, Exponentiation
On-Chip Core(s)KeyGen/Store, Hash, Sign, Verify, Encrypt, Decrypt, DH, ECDH,
PKCS#1/5/8, [Un]Load, Stretching, Device Activation/Wipe
Off-ChipSupport CodeX.509/PGP/… Packaging, PKCS#7/10/11/15, Backup
ApplicationsDNSSEC, RPKI, PGP, VPN, OTR, random, TCP/AO, …
SecurityBoundary
&TamperPowerTiming
Layer Cake Model
140828 CrypTech Creative Commons: Attribution & Share Alike 10
![Page 11: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/11.jpg)
The Tool Chain
• We have NO ASSURANCE of our tool set, from CPU to Kernel to Compiler to …
• When constructing assurance-critical tools, we need to maximize assurance in the tools used to build them
140828 CrypTech 11Creative Commons: Attribution & Share Alike
When my laptop’s fan goes on, I think it is the NSA, GCHQ, Israelis, Chinese, … fighting to see who will own me
Randy Bush
![Page 12: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/12.jpg)
cc is not your friendKen Thompson’s 1984 Turing Award paper Reflections on Trusting Trust described a self-reproducing trap in the C compiler which “would match code in the UNIX "login" command.
The replacement code would miscompile the login command so that it would accept either the intended encrypted password or a particular known password.” You have been owned!
140828 CrypTech 12Creative Commons: Attribution & Share Alike
![Page 13: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/13.jpg)
Double-Diverse Compilation• In his 2009 PhD dissertation, David Wheeler explained how to counter the “trusting trust” attack by using the “Diverse Double-Compiling” (DDC) technique
• We can use this on GCC and clang to get somewhat assured compilers
• But you still have to inspect the source!
140828 CrypTech 13Creative Commons: Attribution & Share Alike
![Page 14: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/14.jpg)
Critical Tool-Chain• C compilers audited and built using DCC• Audited kernel, libc, …• Audited whole darn UNIX or Linux• Audited Verilog compiler• Audited FPGA download tools• Audited test tools• Trojan prevention & detection
140828 CrypTech 14Creative Commons: Attribution & Share Alike
![Page 15: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/15.jpg)
HDL / Verilog• But FPGAs/ASICs are programmed in a Hardware Definition Language, Verilog
• It is very hard to get an open Verilog compiler
• Verilog can not compile itself, so DDC is not applicable here, just a DCC C compiler
• We are working on methods of gaining trust in the FPGA tool chain
140828 CrypTech 15Creative Commons: Attribution & Share Alike
![Page 16: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/16.jpg)
FPGA Cat Video
140828 CrypTech16
Creative Commons: Attribution & Share Alike
![Page 17: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/17.jpg)
First hash
140828 CrypTech 17Creative Commons: Attribution & Share Alike
nice clean crypto goes here
![Page 18: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/18.jpg)
Novena Spartan ‘Laptop’
140828 CrypTech 18Creative Commons: Attribution & Share Alike
nice clean crypto goes here
![Page 19: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/19.jpg)
/dev/random
140828 CrypTech 19Creative Commons: Attribution & Share Alike
http://xkcd.com/221/
![Page 20: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/20.jpg)
Entropy with Pi Pin-Out
140828 CrypTech 20Creative Commons: Attribution & Share Alike
4 4 4 4 4 4 4 4 ....
![Page 21: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/21.jpg)
Entropy on Novena
140828 CrypTech 21Creative Commons: Attribution & Share Alike
4 4 4 4 4 4 4 4 ....
![Page 22: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/22.jpg)
Entropy Cat Video
140828 CrypTech 22Creative Commons: Attribution & Share Alike
4 4 4 4 4 4 4 4 ....
![Page 23: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/23.jpg)
If that wasn't enough• Exponentiation circuit timing leaks are exploitable remotely
• Power leakage is exploitable locally• Physical attack detection critical• Wipe key store if tampering detected• On-board battery/capacitor to buy the time to wipe if unplugged from power
• Side-Channel attacks are the subject of entire conferences
140828 CrypTech 23Creative Commons: Attribution & Share Alike
![Page 24: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/24.jpg)
Potting Boundary
140828 CrypTech 24Creative Commons: Attribution & Share Alike
FPGAHashes: SHA*/MD5/GOST Encrypt: AES/Camellia PublicKey RSA/ECC/DSA, Block Crypto Modes
TRNG, BigNum, Modular, Exponentiation
On-Chip Core(s)KeyGen/Store, Hash, Sign, Verify, Encrypt, Decrypt, DH, ECDH,
PKCS#1/5/8, [Un]Load, Stretching, Device Activation/Wipe
SecurityBoundary
&TamperPowerTiming
• The FPGA/ASIC and accompanying Core(s) (ARM, whatever) are within the physically protected boundary of the chip carrier potting.
• We worry about side channel attacks, i.e. information leakage from how power is used, RF, data-dependent time to do an operation, etc.
• We worry about tampering, what if the chip is opened and attacked? So the potting includes tampering sensors and code to wipe all keys if tampering is detected.
![Page 25: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/25.jpg)
Some Phases• First Year: Tool-chain, Basic Design, not all cyphers, not all protocols, prototype implementations on FPGAs and boards
• Second Year: Better Tool-chain, all needed cyphers, hashes, crypting, … and integration with some apps, DNSsec, RPKI, TLS, PGP, Tor
• Third Year: Solid packaging, ability to compose designs for use cases, etc.
140828 CrypTech 25Creative Commons: Attribution & Share Alike
![Page 26: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/26.jpg)
A Few Related Projects• Truecrypt audit: http://istruecryptauditedyet.com
• OpenCores: http://opencores.org• Icarus Verilog: http://iverilog.icarus.com
• Valgrind: http://valgrind.org• clang+llvm: http://clang.llvm.org
140828 CrypTech 26Creative Commons: Attribution & Share Alike
![Page 27: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/27.jpg)
140828 CrypTech 27Creative Commons: Attribution & Share Alike
![Page 28: CrypTech - der Spiegel’s revelation of the “SpyMall Catalogue](https://reader031.fdocuments.in/reader031/viewer/2022022504/5ab7e5927f8b9ab62f8bf144/html5/thumbnails/28.jpg)
https://cryptech.is/
140828 CrypTech 28Creative Commons: Attribution & Share Alike