Muhammad Rizwan Asghar September 3, 2020 HARDWARE SECURITY & SECURE COPORCESSOR Lecture 17 COMPSCI 316 Cyber Security
Slide title
In CAPITALS
50 pt
Slide subtitle
32 pt
Muhammad Rizwan Asghar
September 3, 2020
HARDWARE SECURITY &
SECURE COPORCESSOR
Lecture 17
COMPSCI 316
Cyber Security
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
2
FOCUS OF THIS LECTURE
Learn hardware security
Know secure coprocessors
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
3
HARDWARE SECURITY
Making an embedded system safe from attacks
The goals are
– Hardware protected
– Secure boot
– Remote attestation
https://thecybersecurityplace.com/hardware-security-why-fixing-meltdown-spectre-is-so-tough/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
4
HARDWARE SECURITY: GOALS
Hardware protected
– The goal is to provide encrypted storage and
processing
– Only authorised software can decrypt
– E.g., protecting key for decrypting file system
Secure boot
– Checking integrity of each piece of boot software
Remote attestation
– Prove to a remote server what software is running
on the machine
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
5
SECURE COPROCESSOR
It refers to a physically secure subsystem
It offers computation and data security
– Even when an adversary gains physical control
The complex crypto operations suggest the use
of a separate crypto coprocessor
– Examples include smartcards and set-top boxes
https://aeon.lab.uic.edu/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
6
SIDE CHANNEL ATTACKS
An attack based on information leaked from
implementation of a system
Weakness in implementation
Examples
– Timing attack
Time taken to perform crypto operations
– Power analysis attack
Observe power consumption
https://www.rambus.com/blogs/an-introduction-to-side-channel-attacks/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
7
HARDWARE SECURITY MODULE
Making an embedded system safe from attacks
Can protect restricted parts
Ignores big part
http://websecuritypatterns.com/blogs/2010/06/15/using-hardware-security-module-hsm-for-oracle-transparent-data-encryption-tde/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
8
TRUST-RELATED TERMS
Trust
Trusted system
Trustworthiness
Trusted computer systems
Trusted Computing Base (TCB)
Trusted computing
Trusted Platform Module (TPM)
https://www.jonesmedical.com/spirometry-terminology/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
9
TRUST & TRUSTED SYSTEM
Trust
– The extent to which one can rely on a system that
meets its specifications
– The system does what it claims to do and does
not perform unwanted functions
Trusted system
– A system believed to enforce a given set of
attributes to a stated degree of assurance
https://www.jonesmedical.com/spirometry-terminology/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
10
TRUSTWORTHINESS & TRUSTED
COMPUTER SYSTEMS
Trustworthiness
– Assurance that a system deserves to be trusted,
such that the trust can be guaranteed in some
convincing way
– Such as through formal analysis or code review
Trusted computer systems
– A system that employs sufficient hardware and
software assurance measures
– To allow its use for simultaneous processing of a
range of sensitive or classified information
https://www.jonesmedical.com/spirometry-terminology/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
11
TCB & TRUSTED COMPUTING
Trusted Computing Base (TCB)
– A portion of a system that enforces a particular
policy
– The TCB must be resistant to tampering and
circumvention
– The TCB should be small enough to be analysed
systematically
Trusted computing
– The computer will consistently behave in
expected ways
https://www.jonesmedical.com/spirometry-terminology/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
12
TPM
TPM stands for Trusted Platform Module
It is at the heart of a hardware/software
approach to trusted computing
TPM applications
– Platform integrity
– Disk encryption
– Password protection
– DRM
https://en.wikipedia.org/wiki/Trusted_Platform_Module#/media/File:TPM.svg
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
13
INSIDE TPM
Endorsement Key (EK)
– 2048-bit RSA
– Created at manufacturing
time
– Cannot be changed
– Used for “attestation”
Storage Root Key (SRK)
– 2048-bit RSA
– Used for implementing
encrypted storage
– Created after running
https://en.wikipedia.org/wiki/Trusted_Platform_Module#/media/File:TPM.svg
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
14
AUTHENTICATED BOOT SERVICE
Booting the entire Operating System (OS) in
stages and assuring each portion of the OS
An OS boot begins with a small piece of code
in the Boot ROM
The process continues unless the entire OS
boot process is completed
TPM is the root of trust in providing integrity
https://www.addictivetips.com/ubuntu-linux-tips/best-way-to-secure-an-ssh-server-on-linux/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
15
AUTHENTICATED BOOT SERVICE:
DETAILS
At each stage, the hardware checks that valid
software has been brought in
This may be done by verifying a digital
signature associated with the software
The TPM keeps a tamper-evident log of the
loading process, using a cryptographic hash
function to detect any tampering with the log
https://www.addictivetips.com/ubuntu-linux-tips/best-way-to-secure-an-ssh-server-on-linux/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
16
TEE
TEE stands for Trusted Execution Environment
A secure area of a main processor
TEE offers confidentiality and integrity
– For code and data
It provides security features, e.g., isolated
execution
https://www.trustonic.com/news/technology/what-is-a-trusted-execution-environment-tee/
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
17
WHAT IS INTEL SGX?
SGX stands for Software Guard Extensions
Intel X86 security-related instructions extension
One part of physical memory (RAM) is
reserved for enclaves
Allow user-level and OS level code to define
private regions of memory called Enclaves
Enclave memory is encrypted
Secure as long as processor is not physically
broken into
https://software.intel.com/en-us/sgx
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
18
INTEL SGX: HOW
Application keeps its data/code inside the “enclave”
Smallest attack surface by reducing TCB
Protect app secret from untrusted privilege software
CPU Package
System Memory
Enclave
Snooping
Access from OS/VMM
Encryptedcode/data
Adapted from: Dongsu Han
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
19
INTEL SGX: DETAILS
SGX allows part of application code to run in isolation
inside an enclave
The enclave region of the main memory is encrypted
The content is only decrypted inside the CPU package
using processor specific keys
Even if a malicious adversary has full control over the
hardware, it cannot access/modify the enclave
The enclave is protected from other software running in
the host, including the OS and hypervisor
The TCB is the CPU package and the application code
running inside and enclave
https://software.intel.com/en-us/sgx
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
20
REMOTE ATTESTATION
A method in which a host authenticates its
hardware and software configuration to a
remote server
The mail goal is to enable a remote system
(challenger) to determine the level of trust in
the integrity of another system (attester)
Intel SGX offers remote attestation
https://cdn2.vectorstock.com/i/1000x1000/44/36/approved-stamp-icon-vector-20994436.jpg
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
21
TRUSTZONE
Devices developed with TrustZone technology can
support a full Trusted Execution Environment (TEE),
which runs in a special CPU mode called Secure Mode
Memory for secure mode and security functions can be
hidden from “normal world”
Using this technology, Android vendors can supply
many secure features
– E.g., fingerprint scanning, DRM, kernel protection and
secure boot
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
22
SAMPLE QUESTION
Why Trusted Computing Base (TCB) should be
small? Choose one from the following.
a) Reduced attack surface
b) It can be rigorously analysed
c) It is cost effective
d) All of the above
https://pxhere.com/en/photo/1586349
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
23
SAMPLE QUESTION: ANSWER
Why Trusted Computing Base (TCB) should be
small? Choose one from the following.
a) Reduced attack surface
b) It can be rigorously analysed
c) It is cost effective
d) All of the above
Answer) d
https://pxhere.com/en/photo/1586349
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
24
SUMMARY
Hardware security modules protect restricted
parts
Commoditisation of TEE brings new
opportunities
Intel SGX offers remote attestation
http://www.freeiconspng.com/img/1417
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
25
RESOURCES
Read Chapter 13 of
Computer Security: Principles and Practice
Fourth Edition
William Stallings and Lawrie Brown
Pearson Higher Ed USA
ISBN 1292220635
Dyer, Joan G., Mark Lindemann, Ronald Perez, Reiner
Sailer, Leendert Van Doorn, and Sean W. Smith,
Building the IBM 4758 Secure Coprocessor,
Computer 34, no. 10 (2001): 57-66 [Download link]
ARM, ARM Security Technology [Download link]
https://pdfs.semanticscholar.org/58cc/45cea54540051a58a76c7d334da54d877f6a.pdfhttp://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf
Top right
corner for
field
customer or
partner logotypes.
See Best practice
for example.
Slide title
40 pt
Slide subtitle
24 pt
Text
24 pt
5
20 pt
26
Questions?
Thanks for your attention!