Page
Embedded System
• Microprocessor used as a component in a device
and is designed for a specific control function
within a device
‣ Used In:
• Cell Phones
• Household appliances
• Camera
• And more
Page
Requirements
• Low cost
• Fast
• Fit within hardware and software constraints
• Size (must be small)
• Reliable
• Reactive
• Real-time
Page
Attacks on systems
• Many different types of attacks
‣ Embedded Software Attacks
‣ Physical Attacks
‣ Logical Attacks
‣ Timing Analysis
‣ Power Analysis
‣ Fault Induction
‣ Electromagnetic Analysis
Page
Embedded Software Attack
• Three factors that contribute to security risks in
embedded software
‣ Complexity
‣ Extensibility
‣ Connectivity
Page
Complexity
• Software is complicated
• The more complex the code, the more possibly
bugs and vulnerabilities
• Unsafe programming language
‣ C++ is very common
Page
Extensibility
• Modern systems are designed to be extended
‣ Updates
‣ Extensions
• Loadable device driver and modules must be
accounted for
Page
Connectivity
• Some embedded systems are being connected to
the internet
‣ Even more so with IoT
• Possible small failures could lead to security
breaches
• Attacker can use series of automated attacks
Page
Physical Attack
• Eavesdropping
‣ Probes listen in on inter-component communications
• Micro-probing
‣ Use normal communication interface and abuse security
vulnerabilities
‣ De-packaging
Page
De-Packaging
• Use fuming acid to dissolve resin covering silicon
of a chip package
• Recontruct the layout using a systematic
combination of microscopy and invasive removal
of covering layers
‣ Internals of the chip can be inferred
‣ Can obtain ALU, ROM cells, instruction decode, and
more in detailed view with this technique
• Microprobe to observe interfaces between
components
Page
Logical Attack
• Send messages to device, observe response
• Trick device into revealing the key
• Exploits design flaws
Page
Timing Analysis
• Keys can be determined by analyzing small
variations in the time required to perform
cryptographic computations
Page
Power Analysis
• Operating current drawn by hardware is correlated
to computations being performed
• In most IC’s, logic gates and losses due to
parasitic capacitance are major contributors to
power consumption
• Two types
‣ Single power analysis
‣ Differential Power analysis
Page
Fault Induction
• Security isn’t only software dependant
‣ Hardware failing to make proper computations is a
security vulnerability
• RSA implementation can be compromised if any
computation errors
Page
Electromagnetic Analysis
• Documented since the 80’s
• Measures electromagnetic radiation emitted by
device to reveal sensitive information
• Success deployment requires knowledge of chip
layour
• Two types
‣ Simpler EMA (SEMA)
‣ Differential EMA (DEMA)
Page
Design challenged
• Processing Gap
• Battery Gap
• Flexibility
• Tamper Resistance
• Assurance Gap
• Cost
Page
Processing Gap
• Some systems are not capable of keeping up with
computational demands of security processing
‣ Increase data rates and complexity of security protocols
• Processing gap is obvious in systems which need
to process high data rates
‣ Network routers, firewalls, web servers
Page
Battery Gap
• Battery capacity increases at an average of 5-8%
per year
• Security processing energy requirements outpace
the increase in battery capacitance
‣ Leads to battery gap
Page
Flexibility
• Embedded systems often required to execute
multiple and diverse security protocols
• Need to be able to support
‣ Multiple security
‣ Interoperability in different environments
‣ Security processing in different layers of the network
protocol stack
Page
Tamper Resistance
• Attacks due to malicious software
‣ Most common
• Viruses
• Trojan Horses
‣ Can exploit OS vulnerabilites
‣ Disrupt normal functioning
Page
Assurance Gap
• Truly reliable systems are much more difficult to
build
• Reliable systems must be able to handle wide
range of situations
• Secure systems should be able to operate despite
attacks
• Increase in complexity makes it more difficult to
realize if something was overlooked
Page
Cost
• Fundamental factor that influences the security
architecture
• Increase in security leads to increase in cost
• Designer’s responsibility to balance security cost
Page
Security Levels
• Level 1
‣ Requires minimal physical protections
• Level 2
‣ Requires addition of tamper-evident mechanisms
• Seal or enclosure
• Level 3
‣ Stronger detection and response mechanisms
• Level 4
‣ Mandates environmental failure protection and testing
Page
Software Security
• Best approach is to think about security early on
• Software security should be applied at various
levels
‣ Requirements level
‣ Design level
‣ Code level
Page
Physical Attacks
• Hard to use because of chip size, smaller = better
• Expensive compared to other attacks
Page
Logic Attacks
• Logical attack countermeasures
‣ Ensure privacy and integrity sensitive code and data
‣ Determine that it is safe from a security standpoint to
execute a program
‣ Identify and remove software bugs and design flaws
Page
Timing Analysis
• Obvious countermeasures don’t work
‣ Quantizing total time
‣ Adding random delays
• Message blinding can be used with RSA
• Make all computations the exact same time
• Other public=ley cryptosystems
Page
Power Analysis
• Run other circuits simultaneously
‣ Doesn’t prevent attack but attacker needs more samples
• Effective countermeasures are mathematically
rigorous and non-intuitive
• Effective countermeasure remain expensive and
challenging
Page
Fault Induction
• RSA implementations can check their answers by
performing a public-key operation
• Many cryptographic devices include an assortment
of glitch sensors
‣ Detect condition likely to cause computation errors
Top Related