3. Invasive Product Attacks
With the case opened / removed
• Test / debug port access
• Inter device bus and IO probing
• Reset, clock attacks
• Power analysis
• Temperature / electrical attacks
Non Invasive Attacks
Misuse of network protocols
• Exploit communication protocol errors
• Flaws in software design / implementation
Invasive Silicon Attacks
Device de-packaged
• Circuit analysis and probing
• Fault injection
Solutions 3
Box Internet
The
Cloud
BOX
Add a Secure Element
• Much Better Tamper Resistant
• Trusted Crypto Services
• Secure Storage
• Independently Certified
A Better
Solution
Use an MCU’s security features
• Unique Device IDs
• Memory Protection
• Firewall
• Tamper Detection
• Crypto Hardware
• AES, T-RNG
• Debug Port Protection
Solution
SOLUTIONS
4. It’s All About Risk Management 4
• Understand the value of the Assets you are going
to protect, taking into account all stake holders
• Understand your Threats and Vulnerabilities
• Develop a security strategy to reduce Risk, using
right level of security for the value of the Assets
being protected
• Make use of the integrity and cryptographic tools
available
Fortified Solutions
6. Example Of A Simple IoT Device 6
Sensor MCU
Communications
Device
STM32
Communication
Device
Sensor
MCU Secure
Element
STSAFE
Secure Element
7. An IoT Device’s Security Needs 7
Prevent device misuse
Prevent device or server counterfeiting
Resistance against
hacking, cloning
Authentication
• Device to device
• Device to server
Service and network access corruption
Prevent device
misuse
Integrity and Availability
• Secure Boot
• Secure firmware upgrade
• Trusted processing
Data privacy
Prevent data collection or corruption
Confidentiality
• Data / identity protection
• Secure communications
• Secure storage
Upgradability
Secure Communications
• Secure firmware upgrade
Prevent device misuse
Need Solution
8. Product Integrity and Cryptography
• Cryptographic methods are used to:
• Protect the Confidentially and Integrity of data / information
• Ensure a chain of trust through Authentication
• Product integrity, availability and resistance against attacks
• Uses cryptography and stateful processes to ensure correct operation
• Uses hardware to enforce rules and countermeasures
• Uses tamper proof methods to mitigate attacks
8
10. Cryptography
The art of hiding things
• Cryptographic ciphers have been used for centuries to protect
information between communicating parties
• Cryptographic processes are mathematical algorithms that provide:-
• Encryption to keep information Confidential during communications
• Authentication to validate information, identities and trust individual items
• Underpins a platforms Integrity processes, like Secure Boot
10
11. Secret Key
Cryptography
(Symmetric)
Cryptography
One Key or Two ?
11
Data File Data FileData File
Clear Text Clear Text
Cipher Text
Encryption Decryption
Sender ReceiverCommunications
Channel
Public Key
Cryptography
(Asymmetric)
Data File Data FileData File
Clear Text Clear Text
Cipher Text
Encryption Decryption
Private
Public
12. Cryptography
Characteristics
• Symmetric – or single (or secret) key
• Use fewer compute resources and are faster
• Used to protect data - during communications or while at rest
• Issue with sharing and managing keys
• Algorithms like AES and TDES
• Asymmetric – (a key pair - public key + private key)
• Provides easier key sharing and management using a Public Key Infrastructure (PKI)
• Algorithms are more complex, hence compute intensive, thus lower performance
• Used for authentication, key exchange, digital signatures and certificates
• Algorithms like RSA and ECC (Elliptic Curve Cryptography)
12
13. Cryptography
Size Matters
• NIST recommended key sizes
13
Symmetric RSA ECC
56 512 112
80 1024 160
112 2048 224
128 3072 256
192 7680 384
256 15360 521
• Bigger is better - stronger
• ECC uses a smaller key for the same strength
as RSA
Strength
STRONG
14. Cryptography
Size Matters
• Just a thought …
… that’s one small key in a huge hay-stack !
14
Estimated number of 1050 atoms
166 bit
Symmetric Key
≈
With ~10^50
combinations
15. Cryptography
Hash Algorithms
• Cryptographic Hash
• An easy to compute, one-way cryptographic function that generates a result which for all
intents and purposes is unique for any given message or file :-
• Unalterable (practically impossible to modify the original file or message without causing the result
to be altered)
• The resultant hash value is always the same length irrespective of the size of the message or file
• Used in many processes like authentication, secure boot, secure firmware down-loads
• NIST (Secure Hashing Algorithm) SHA-1, SHA-2, SHA-3
15
Cryptographic Hash Function
Data FileCode File
Clear Text
Hash Value
One Way Function
Hash function has no key, and the
clear text can not be recovered from
the hash value
16. Cryptography
Signatures
• Digital Signatures
• Used to check the authenticity of information, code, files, messages, and Public Keys in the case of
Digital Certificates
16
Sign / Encrypt
Code Signing Code File
Clear Text
Hash Hash Value
Private
Using RSA
Verify / Decrypt
Code Authentication
Public
Hash Value
Code File
Clear Text
Hash Calculated Hash Value
Compare
If the Hash values are
equal the code is authentic
Using RSA
17. Random Number Generator (RNG)
• Random Number Generators are typically used :-
• To generate a challenge during authentication process, a seed for keys, digital signatures
17
http://www.random.org/bitmapsPHP rand() on Windows
http://boallen.com/random-numbers.html
http://en.wikipedia.org/wiki/Random_number_generator_attack
• A source of entropy (randomness)
for the crypto math
• Statistical properties of the RNG’s
output is used to evaluate level of
randomness
• A non random or predictable output
is a source weakness
18. Random Number Generator (RNG)
• A Pseudo Random Generator uses a software algorithm to generate
numbers
• A True Random Generator makes use of the unpredictable physical
properties of silicon to generate its numbers
• Use RNG’s complying with NIST FIPS 140-2 Annex C
18
• Always make use of a True Random Generator
19. Cryptography 19
• Not all crypto libraries are the same …
• Is it from a reputable source ? or is it freeware ? open source ?
• Does it come with any warranties or certifications ?
• Do you know its history, is it maintained?
• Does it have a track record of fixing security issues ?
• Silicon vendor libraries specifically make use of hardware accelerators or
are designed to execute in a secure partition or environment
Libraries
• Take care where you obtain cryptographic libraries from
• Use libraries that come from reputable sources
• Use libraries that make use of hardware accelerators or are partitioned to
execute in a secure manner
20. Cryptographic Accelerators
• Cryptographic accelerators are specific hardware engines that off-load
cryptographic functions from the CPU
• Providing higher data through-put performance, and lower power
• Greater integrity – more resilient against system and board level software attacks
• Often supporting secure key ladders, secure key stores or caches
• The cryptographic functions are intrinsically bound to the device
• Functions typically performed
• AES, TDES, SHA, RSA, ECC, SHA-1, SHA-2, SHA-3
20
• Use hardware Cryptographic Accelerators
when available
22. Root of Trust
• An anchor point for cryptographic services bound with a device
• It may be embedded in the Microcontroller or a Secure Element
• Performs stateful, trusted, cryptographic processes
• Is the first process to start after reset
• Often ROM (locked Flash) based as integrity is important
• May use hardened logic design that is tamper resistant
• Performs code authentication; acts as the First Stage in a Secure Boot
process
22
23. Secure Boot
• To ensure a products integrity code should be authenticated before it is run
• Secure boot uses cryptographic functions to confirm the authenticity of a
code image before allowing it to execute
• A multi-stage secure boot process, is one where each stage authenticates
the next, hence a chain of trust
23
First Stage
Code
Cert.
Reset
Chain of Trust
Second stage
Loader
Code
Cert.
Authenticates
Trusted
Third Stage
RTOS
Code
Cert.
Authenticates
Application
Authenticates
24. Secure Boot
• The Secure Boot process
• Performed after a reset, using a Public key stored in the device
• It is a stateful process for predictable behavior
• Its code should be stored in ROM or locked Flash
• A Root-of-Trust may be used to performed this process
24
State based process
Reset
Trusted
Verify / Decrypt
Code Authentication
Public
Hash Value
File
Code Image
Hash
Calculated Hash Value
Compare
OK
NOK
Reload
Run Code
• Code images may also
be encrypted
• Protect your private
signing key!
25. Protect Assets and Keys 25
• Sensitive data should be encrypted when not being used
• Sensitive applications data, confidentiality, privacy, customer financial and health info.
• Trusted root keys (symmetric keys or asymmetric Private keys)
• Access to this data must be carefully controlled and restricted to authorized
persons and processes
• Lock down Public keys and certificates
• They don’t need to be encrypted only immovable - locked to the platform
• Only allow replacement through a cryptographic process
Secure Storage – Data at Rest
• The key to success is to protect your keys
• Don’t allow unauthorized access to keys
26. Secure Communications 26
• The IoT ecosystem relies on confidential and trusted communications
• Use a cryptographic authentication process to establish trust
All devices should be uniquely identified and able to verify the identity and authenticity of other
communicating devices
• Public Key Infrastructure (PKI) standards
• RSA, ECC
• Use end-to-end encryption
• Ciphers: AES, TDES
Data in Motion
• Make use of established secure communication protocol standards
• Secure Socket Layer/Transport Layer Security (SSL/TLS),
• Datagram TLS (DTLS)
27. Application Data 27
• Handle confidential and sensitive data securely when being used
• Segmented processing
• Uses memory protection or firewall mechanisms to segment memory and code execution into secure
and non secure zones
• Requires a clear understanding of software and hardware to develop a partitioned solution
• Dual mode CPU’s – Trusted processing
• Provide context switching between “trusted” and “untrusted” processing
• Simplifies the partitioning and development of secure processes
• Secure Processing using a Secure Processor, like ST’s STSAFE
• Provides the highest level tamper resistance for protecting cryptographic services and keys
Data In Use
28. Layers of Security Services 28
• Security services should be handled
independently in silo’ed processes
System Layers
Application / Cloud
• Access control and right management
• Feature and product management
Data / Transport Layer
• TLS/DTLS, HTTPS etc
Link Layer / Physical Layer
• Network physical layer security
• e.g. WiFi – WPA2, 802.11i
Device Security Services
• Secure Boot
29. Debug Ports
• Debug ports, like JTAG, represent any easy access route for hackers
• Remove test headers, debug access points from the board
• Remove from code any debug processes as these could be exploited
• This includes potential boot-loader paths (UART, SPI, I2C, USB, etc.)
• Restricted access to production keys
• Only use test or dummy keys while the product is in debug mode
29
• If the device has a lockable debug port – don’t forget to lock it!
31. Product Life Cycle 31
Definition
Design
Development
Prototype / Test
Decommissioning
Product Launch
Maintenance
• Define the product and identify the
Assets you plan to protect
• Design the product based on the
correct level of security
• Develop methods and processes
to protect those Assets over the
entire life-cycle
• Develop secure processes to
handle firmware throughout the
products life-cycle
• Product security should be factored
in from day-one
32. Do Verify Your Implementation
• Today’s largest threats are through software based attacks
• Used defensive coding practices and tools to detect possible vulnerabilities
• Review carefully the trustworthiness of code coming from external sources
• Check that all the latest security patches are being used
• Analyze code to remove debug and native firmware loading interface capabilities
• Use code integrity checking techniques like Secure Boot, Secure Firmware Update
• Rigorously test and support interoperability workshops
• You may also use Security Assessment Services
• Provide independent security assessment of products and ecosystems
• Support standards compliance evaluation and certification
32
33. Security Partnerships
• Use trusted partners throughout your value chain – protect your
products, services and brand
• Use partners equally committed to security and integrity
• Select partner provided schemes, processes and solutions that allow
you to securely provision and update your products firmware in
untrusted environments
33
35. Trusted IoT Platforms Do Matter ! 35
Who’s Watching your loved ones !
Source Engadget
36. Recommendations 36
• Internet of Things presents a wealth of opportunities and growth for business. It also represents
increased opportunity for theft, mischief and damage or even loss of life
• Reduce risk by designing and managing products fortified against attacks
• Hackers will go after the weakest links in a system not necessarily directly to their target
• Understand the value of assets for all the stake holders in your solution
• Perform a Threat analysis to better understand your Risks
• Remember Confidentially, Availability and Integrity are key
• Using these good design practices to develop and maintain secure products
• Design a products resilient against attacks through out its whole life-cycle
• Products robust can achieved through use of security features and tools
• Work with trusted and experienced partners throughput your value chain
Work with ST,
your experienced
partner