SHASHIDHAR PERURU

Tamper Resistant Security Mechanisms for Secure Embedded Systems

1

OUTLINE

Introduction

Classification of attacks

Countering attacks

Case Study

2

http://www.hq.nasa.gov/office/ospp/securityguide/images/Cartoons/Computer.jpg

INTRODUCTION

3

FUNCTIONAL SECURITY MECHANISMS

Cryptographic algorithms, including symmetric ciphers,Public-key ciphers.Hash functions. Network security protocols ( IPSec and SSL )

BUT, they are not tamper proof and do not provide complete security solutions.

4

http://www.flickr.com/photos/aperture_lag/2328240402/

CAUSES OF SECURITY LAPSES

Operations in untrusted environment

Network induced vulnerability

Downloaded software execution

Complex design process

5

http://media.maxim-ic.com/images/appnotes/2033/2033Fig04a.gif

CLASSIFICATION OF ATTACKS Based on functional objectives

Privacy attacks Integrity attacks Availability attacks

Based on agents or means used to launch attack Software attacks Physical or Invasive attacks Side Channel Attacks

6

PHYSICAL AND SIDE CHANNEL ATTACKS

Buffer overflow problem effects can include overwriting stack memory, heaps, and functionpointers

7

SOFTWARE ATTACKS

Physical Attacks Power Analysis attacks Timing attacks Fault Injection attacks Electromagnetic Analysis attacks

http://img133.imageshack.us/img133/6973/intrusiontn3.jpg

COUNTERING SECURITY ATTACKS Specific objectives of the mechanisms

Attack Prevention Attack Detection Attack Recovery Tamper evident design technique

8

COUNTERMEASURES FOR SOFTWARE ATTACKS

The major considerations are :-1. Ensure privacy and integrity of sensitive

code and data during every stage of software execution in an embedded system.

2. Determine with certainty that is a safe from a security stand point to execute a given program

3. Remove security loopholes in software that make the system vulnerable to such attacks

9

Hardware Support Idea is to isolate or restrict secure

memory areas Cryptocell ™

Secure Bootstrapping Operating System Enhancements Software authentication and validation

10

http://www.discretix.com/images/CryptoCellComple.gifhttp://www.discretix.com/images/HWcontext.gif

COUNTERMEASURES FOR PHYSICAL AND SIDE CHANNEL ATTACKS

Physical attack protection IBM 4758 PCI cryptographic adapter

11

Bus encryption Use of crytoprocessors

Side channel attack protection Randomization Data Masking

12

It is a comprehensive security solution for SOCs

Foremost and primary objective is to segregate access to sensitive information of a ARM based SOC architecture

CASE STUDY : ARM TRUSTZONE™

13

http://www.windowsfordevices.com/files/misc/arm_trustzone_arch_concept_diag.gif

http://www.arm.com/rximages/21885.gif

http://www.design-reuse.com/news_img2/news16975/arm_trustzone.gif

Trusted Code base Regulates the entire security of entire

system Regulates all security tasks that involves

manipulation of keys Uses demarcation to separate domains

using ‘S-bit’

14

REFERENCES1. Cryptocell™, Directrix

http://www.discretix.com/CryptoCell/

2. ARM TrustZone™ http://www.arm.com/products/security/trustzone/

3. IBM 4758 PCI cryptographic adapter http://www-03.ibm.com/security/cryptocards/

4. ARM DONS ARMOR,TrustZone Security Extensions Strengthen ARMv6 Architecture By Tom R. Halfhill {8/25/03-01}

5. Security in Embedded Systems : Design Challenges,Srivaths Ravi and Anand Raghunathan,NEC Laboratories America,Paul Kocher Cryptography Research,and Sunil Hattangady,Texas Instruments Inc.

15