Secure Software Updates via Integrity Protection Marcellus Buchheit President and CEO [email protected]...

Secure Software Updatesvia Integrity Protection

Marcellus BuchheitPresident and [email protected]

IoT Show North America, Chicago ILApril 16, 2015

/35

Wibu-Systems USA presentation for IoT Show North America - Chicago IL - April 16, 2015 /35

Security Challenge: Internet Connection

Security Challenge: Open System Architecture

Some Cryptographic Basics

Solution: Code Integrity

Technical Implementation Details

Summary

Agenda


Security ChallengeInternet Connection

Wibu-Systems USA presentation for IoT Show North America - Chicago IL - April 16, 2015

┐ Most embedded systems are still “stand alone”┐ Most used interfaces (if any): USB and LAN Ethernet

Comparable with desktop PCs before Netscape Comparable with cell phones before iPhone

┐ Some remote access using land line phone and/or radio wireless

This will all change with Internet Of Things

Embedded Systems: Situation Today

/35


┐ Embedded system can be directly accessed/attacked via internet Principle protection: Firewalls etc.

┐ Execution code updates can be polluted Redirected code source: Hacker’s malicious code looks like new code update Execution code modified during download process Firewalls can protect but are difficult to manage by operation people

┐ Weakness in code can be used to infiltrate malicious code Example: Weak internet access parameter validation Buffer Overruns

Security Challenge “Internet Connection”

/35


Security ChallengeOpen System Architecture


┐ Many systems have simple software logic All the software is in-house developed Closed architecture, information outside of manufacturer difficult to get• Seems as black box for users, administrators and hackers• A successful hack typically needs a physical access to the system• Reverse-engineering of architecture required before hack is possible

Embedded Systems Today: Many are “closed”

/35

┐ But such simple systems will disappear sooner or later IoT requires complex interaction with a complex outside world


┐ Prediction: Embedded systems will go the way of PCs and cell phones┐ Reason: Much more complex software than today:

Graphical user interface Complex memory management Multithreading and multiprocessing Remote access for administration Access to complex control devices and/or sensors Internet access Complex internet protocols: HTTPS, SOAP, JSON etc.

Embedded Systems Tomorrow: Most will be “open”

/35


┐ Result: Not even large companies will develop everything “in-house”┐ More components will be used (similar to PCs and smart phone):

An open operating system for a specific purpose• Linux, Windows Industry, VxWorks, QNX, RIO and many highly-specialized still coming

Open source libraries, static-link libraries, dynamic-link libraries, applets, applications, device drivers

Access to cloud/big-data: Code will be provided from service provider┐ All these components need standardized interfaces

on a standardized platformSummary: Only open/standardized systems can fulfill the future demands

Embedded Systems Tomorrow: Most will be “open” (II)

/35


┐ Hacker has same information available as developer┐ Hacker can use powerful development/analysis tools

Debugger, Disassembler, Source-Reverser etc.┐ Hacker knows execution code binary structure

Direct modification on the executable file: Static attack┐ Hacker knows memory and process architecture

Inserting of malicious code into the process space: Dynamic attack

Security Challenge “Open Systems”

/35


Some “Real Life” Hacks…

/35


┐ ATM with Windows XP┐ Drill hole in case, attach USB stick┐ Reboot ATM (by power off/power on)┐ Boot from USB stick, install malware┐ Remove USB stick, reboot ATM┐ Malware activated by secret keypad input

Two-key authentication via cell phone guaranteed controlled access┐ Special keypad input instantly withdraws bills without trace

Credit Card Hack: Attack an ATM machine

http://www.securityweek.com/skillful-hackers-drained-atms-using-malware-laden-usb-drives




┐ Between Thanksgiving and Christmas 2013 Most busy retail shopping time in the year

┐ Remote access through internet at POS to install malware Used weak access security of Target partner company

┐ Malware at POS tracked all swiped credit card information Uploaded to Target server at hidden location Downloaded by hackers over night with slow speed Target’s problem: FireFly server security software was disabled

┐ Result: 40 million credit cards and 70 million addresses/personal information stolen

Target Credit Card Hack: Attack the POS systems

http://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/




┐ Windows computer worm┐ Attacked Siemens Step 7 software to program PLCs

Modified files created by interactive softwarebefore they are copied to USB drive

Modified PLC control software on USB drivewas uploaded into Siemens PLC

┐ Was only effective in Iran at PLCs to controlcentrifuges to enrich nuclear material

┐ Result: destroyed about 20% of the centrifuges

Stuxnet: Attack Programmable Logic Controllers (PLC)

https://en.wikipedia.org/wiki/Stuxnet and book of Kim Zetter:“Countdown to Zero Day: Stuxnet and the Launch of the Word’s First Digital Weapon

https://en.wikipedia.org/wiki/Stuxnet

https://en.wikipedia.org/wiki/Stuxnet


Symmetric Encryption/Decryption

Asymmetric Encryption/Decryption

Hash Function

Signature and Authentication

Certificate


/35


┐ Shared secret key Same key for encryption and decryption

┐ Faster then asymmetric cryptography┐ Examples: DES, Triple DES, Blowfish, AES

┐ Challenges: Key exchange: needs secret path Key storage: vulnerable for hacks Authentication not possible

Symmetric Encryption / Decryption

/35


┐ Private/public key pair Private Key Public Key

┐ Examples: RSA, elliptic curve┐ Asymmetric encryption

Sender uses receiver’s public key for encryption Receiver uses his private key for decryption

┐ Signatures Sender uses private key to sign plain text data Receiver uses sender’s public key to verify

the plain text data signature

Asymmetric Cryptography

/35


┐ Hash generates fingerprint of data┐ Large amount of data reduced to small

fingerprints Example: SHA-256 with 32 bytes Difference to checksum, CRC-32 etc:

no reverse-calculation possible┐ Often used in combination with signatures

Create hash value Authenticate hash value (sign)

with private key Verify hash value with public key

Hash Functions and Signatures

/35


┐ A certificate is a standardized public key (X.509 format)┐ Challenge:

Public key must be authentic (not forged)┐ Solution:

Trusted party: Certificate Authority (CA) CA signs public key plus credential data• Optional use of certificate chain

Public key of CA (root key) is used to verify certificate After verification: Public key of certificate can be used Credentials can be used after verified by public key of certificate

Certificates

/35


Solution:Code Integrity


Embedded System

/35

Code Integrity: The Principle

Development

Encrypt Code

EXE0000TEXT11DATA022CODE3355RES44ASM0000PICT1111DATA8844CODE77DATA33TEXT9999TEXT88RES66ASM

Application x

EXE3A9C21C8DF31E734933D2818D875CF66045D814A56C29148A3981C369A1793F175E3979235F165B84C841B8

Application x

PrivateKey

PublicKey

Certificate

CodeSignature

Decrypt Code

LicenseKey

LicenseKey

CodeSignature

VerifyCode

Grant Code Execution

yes/no


┐ Execution Code is authenticated: Can only be created by developer, no other source possible Cannot be modified during delivery or on embedded system

┐ Execution Code is encrypted: Cannot be easily reverse engineered by hacker, competitor etc.

Code Integrity: The Results


Code Integrity: New Challenges

┐ Who verifies the Verifier? Hacker could remove the Code Verifier and force Code Execution Grant Hacker can then start his own malicious code

Embedded System

EXE3A9C21C8DF31E734933D2818D875CF66045D814A56C29148A3981C369A1793F175E3979235F165B84C841B8

Application x

Certificate Decrypt Code

LicenseKey

CodeSignature

VerifyCode

Grant Code Execution

yes/no

┐ Solution: Code Verifier in the loader must be verified as well ┐ Finally the whole boot process including OS must be verified


Technical Implementation Details


ExProtector: Automatic Protection Process

Prot

ecte

d Ex

ecut

able

/ Li

brar

y

Orig

inal

Exe

cuta

ble

/ Lib

rary

Header

Original Code

Header

Credentials(Hash, Signature, …)

ExProtector

Keys for EncryptionKeys for Code Signing

Typically no source modification necessary

Encrypted Code


ExProtector: Keys and Credentials

Prot

ecte

d Ex

ecut

able

/ Li

brar

y

Orig

inal

Exe

cuta

ble

/ Lib

rary

Header

Original Code

Header


ExProtector

Keys for EncryptionKeys for Code Signing

Encrypted Code

AES Key (FSB)

ECC Private Key

Certificate(s)

Encrypted Random AES Key

Firm Code and Product Code

Hash

Signature

Certificate(s)


ExProtector: During Runtime - Load of ExecutablePr

otec

ted

Exec

utab

le /

Libr

ary Header


Encrypted Code ExEngine

Public Root Key

License with Firm Code and Product Code

Mem

ory

of E

mbe

dded

Dev

iceHeader

Decrypted Code(“Original Code”)


AdditionalSecurity:

Watchdog against

Memory modification


ExProtector: Integration into Loader

Operating System(for ExProtector)

ExEngine(ExProtector

Runtime)

CodeMeter Embedded Driver

Operating System(without modification)

Engineering

Original Loader

Root Public Key

Modified Loader


Check

/35

Forward and Backward Check

ProtectedApplication

Loader Load



Time

Start

Check

ApplicationCertificate

LoaderCertificate


Secure Boot: Cascaded Security Chain

Application / Driver etc.

Operating System (VxWorks, …)

Boot Loader (UEFI, …)

Hardware / Pre-Boot Loader

Check

Load

Load

Load

Check

Check Start

Start

Start Check

Check

Check


┐ Integrity Protection provided by CodeMeter Embedded┐ Available today for:

WindRiver VxWorks version 7 Some Linux variants• Demonstration for Rasberry Pi available (https://www.raspberrypi.org)

Adoption to other embedded systems platforms in future available• Ask for demand/availability

Security credentials can be stored as files or in external security hardware• CodeMeter CmDongle security storage

Practical Implementation

https://www.raspberrypi.org/

https://www.raspberrypi.org/


Summary


┐ Embedded Systems in the internet (“Internet of Things”) is a serious security threat

┐ Using open platform designs will simplify malicious attacks Hacker has easily detailed information available

┐ Market will force Internet of Things and Open Platform designs┐ Code Integrity guarantees authenticated, encrypted code┐ Code Encryption prevents reverse engineering of code

Summary: Code Integrity

/35


Company┐ Wibu-Systems USA Inc. www.wibuusa.com

┐ US subsidiary ofWibu-Systems AG in Germany www.wibu.com

Speaker┐ Marcellus Buchheit,

President and CEO

┐ [email protected]┐ www.linkedin.com/in/mabuus

More Information

http://www.wibuusa.com/

http://www.wibu.com/

mailto:[email protected]

http://www.linkedin.com/in/mabuus

Secure Software Updates via Integrity Protection Marcellus Buchheit President and CEO [email protected]...

Documents

Transcript of Secure Software Updates via Integrity Protection Marcellus Buchheit President and CEO [email protected]...