Protect Your Hardware from Hacking and Theft

Slides:



Advertisements
Similar presentations
Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Advertisements

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
Physical Unclonable Functions and Applications
Trusted Design In FPGAs Steve Trimberger Xilinx Research Labs.
White-Box Cryptography
Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.
Oscilloscope Watch Teardown. Agenda History and General overview Hardware design: – Block diagram and general overview – Choice of the microcontroller.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Preventing Piracy and Reverse Engineering of SRAM FPGAs Bitstream Lilian Bossuet 1,
Content Protection for Recordable Media Florian Pestoni IBM Almaden Research Center.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
CMSC 414 Computer (and Network) Security Lecture 24 Jonathan Katz.
Renesas Electronics America Inc. © 2010 Renesas Electronics America Inc. All rights reserved. Secure MCU REA FAE Training – June A Rev
Pinewood Derby Timing System Using a Line-Scan Camera Rob Ostrye Class of 2006 Prof. Rudko.
Securing the core root of trust (research in secure hardware design and test) Ramesh Karri ECE Department.
1 UCR Hardware Security Primitives with focus on PUFs Slide credit: Srini Devedas and others.
Flow of presentation:  Kind of attacks on embedded systems.  Most relevant security threats faced by NOC.  Solutions/ways suggested so far to deal.
LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.
Smart card security Nora Dabbous Security Technologies Department.
J. Christiansen, CERN - EP/MIC
Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 Module 3 City College of San.
A paper by: Paul Kocher, Joshua Jaffe, and Benjamin Jun Presentation by: Michelle Dickson.
© 2008, Renesas Technology America, Inc., All Rights Reserved 1 Course Introduction Purpose  This course provides an introduction to the peripheral functions.
Computer Architecture Chapter (5): Internal Memory
Hands-On Design of BLDC Motor Control with Microchip MCUs
Programmable Logic Devices
Protect Your Hardware from Hacking and Theft
Web Applications Security Cryptography 1
Overview on Hardware Security
Hands On SoC FPGA Design
Protect Your Hardware from Hacking and Theft
Impregnable Brand Protection For Non-Electronic Products
FIPS 140 Validation for a “System-on-a-Chip”
4. NCdisk SP-based SoC Architecture 5. NCdisk Security Protocol
ABYSS : An Architecture for Software Protection
Security and Encryption
Outline What does the OS protect? Authentication for operating systems
Outline What does the OS protect? Authentication for operating systems
Maintaining Data Integrity in Programmable Logic in Atmospheric Environments through Error Detection Joel Seely Technical Marketing Manager Military &
Getting Started with Programmable Logic
Programmable Logic- How do they do that?
Serial Data Hub (Proj Dec13-13).
Survey of Crypto CoProcessor Design
Secure Processing On-Chip
Getting Started with Programmable Logic
Journey: Introduction to Embedded Systems
William Stallings Computer Organization and Architecture 7th Edition
Getting the Most Out of Low Power MCUs
Security through Encryption
Controlling Sensors Efficiently with MCUs
ECE 477 Final Presentation Team 2 Spring 2012
Controlling Sensors Efficiently with MCUs
IoT Security – fel vagyunk rá készülve?
Programmable Logic- How do they do that?
Security.
Outline Using cryptography in networks IPSec SSL and TLS.
Physical Unclonable Functions and Applications
Exercise: Hashing, Password security, And File Integrity
Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow
Operating System Concepts
Exploring Application Specific Programmable Logic Devices
Operating System Concepts
Cryptography and Network Security
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Presentation transcript:

Protect Your Hardware from Hacking and Theft Class 2: How Do You Implement Secure Hardware? How do you implement secure hardware? This class will cover the key techniques used by modern devices to protect design IP from the most common threats. Starting with simple approaches to tamper protection, and then moving on to protection from copying, and cloning this class will begin to introduce key devices and features needed to successfully protect your design. 11/11/2014 Warren Miller

This Week’s Agenda 11/10/14 Stealing and Hacking Your Design- Easy 11/11/14 How Do You Implement Secure Hardware? 11/12/14 Secure Devices- An Overview 11/13/14 Protecting Your System in the Field 11/14/14 An Example Design- in Detail

Course Description Your IP… Easy to steal... Must protect it… This course provides a practical and implementation oriented follow-on to a previous class, given in Dec 2013, that introduced many high level security concepts. You CAN protect your design from reverse engineering or theft.

Today’s Topics and Goals Protection- What is Required? Simple Example The Concept of a Secure Root of Trust Know what this means for your designs Available Devices Overview MCUs, Specialized devices, FPGAs Know about the key advantages and disadvantages of each

Technology to Thwart Threats Typical Hardware (for this course) MCU, FPGA, ASIC, Analog, Standard Devices, etc All interconnected on a circuit board Can be accessed when used in the field Thwarting Threats (Keep design secret) MCU code, FPGA code, Flash memory contents Secret keys, SRAM data, Data going on/off board Devices used, Board layout, Tamper detection More detailed set-up for device specifics

Protect Your Design- An Example Simple Sensor and Display MCU Overall control Serial Flash Display images SPI Interface Sensor (Temp, Magnetic, Gyro, etc) Battery LCD MCU Serial Flash Sensor Battery UART Aggregation Hub

Security Concepts- Review Secret Keys Symmetric Keys Asymmetric Keys Public Key System Protection of Secret Keys Secure Storage Tamper Detection Standard Algorithms “Difficult” Problems Encryption Decryption Authentication Certificates

Attacking Security Keys Side Channel Analysis Attacks Differential Power Analysis (x1 gain) Typical single trace Obvious difference leaks secret First published in 1999 by Paul Kocher and his associates at Cryptography Research, Inc. (now a division of Rambus) Over 7 billion chips per year under license. Observe a series of cryptographic transactions Apply statistical tests to correlations in computational intermediates – Compare results from key hypotheses Results recover the key and other secrets https://www.youtube.com/watch?v=cPDDNVKo43w#t=264 https://www.youtube.com/watch?v=bR0oPRiZMsk http://www.cryptography.com/technology/dpa/fpga-board-video.html http://soc.microsemi.com/videos/SmartFusion_CRI.html Correct key guess (an 8-bit portion of key) Shows correlation peaks (x100 gain) Random low correlation (x100 gain) Incorrect key guess [Paul Kocher et al, Proc. CRYPTO 1999]

Secure Root of Trust You must have a secure starting point to implement a secure system Once you have a secure starting point you can extend trust to the rest of the system What do you need? Hardware that operates as expected every time Secure storage- security keys, IDs, certificates, etc. Security routines- AES, SHA, etc.

Protect MCUs MCU has Code in Flash so… Protect Code Access Via JTAG, Via Debug, Via Reads, etc Can be difficult/inconvenient to protect memory Programming during manufacturing? Protect from Tampering Passwords, Lock Bits, Secure memory blocks Voltage levels, Clock failure, Traces lifted, De-cap Just an overview at this point

MCUs- What’s Available? Regular MCUs Flash on chip Can make OTP, Turn-off JTAG, etc. Secure MCUs Additional security capabilities Crypto, Tamper detection, Zeroization, Key storage Specific applications (often) ST, Renesas, TI, Maxim, etc

Protect FPGAs FPGA has Configuration Bit Stream Protect from Tampering External memory? Internal memory (Flash)? Debug, JTAG, etc Encrypt configuration (Protect your secret keys!) Protect from Tampering Passwords and Lock bits, Secure address space, Battery Back-up, De-cap Detect, Circuit tricks Just an overview at this point

FPGAs- What’s Available? SRAM FPGAs Configure SRAM-based fabric via external NVM Some can use battery back-up to store keys On-chip security hardware Flash FPGAs Configure via fabric-based NVM Keys stored via on-chip NVM

Protect Your Circuit Board Typical HW Hack- Divide and Conquer Separate modules by lifting traces Control clocks, Power Snoop at interfaces Inject fake data Power and timing monitoring Use Tamper Detection Traces and Layers Capacitance change? Signal noise? Traces broken? Just an overview at this point

How Do You Protect The Design? MCU Copy Protect Serial Flash Encrypt Data Board Tamper Detection Data LCD MCU Serial Flash Sensor Battery UART Protect Code Access Via JTAG, Via Debug, Via Reads, etc Can be difficult/inconvenient to protect memory Programming during manufacturing? Protect from Tampering Passwords, Lock Bits, Secure memory blocks Voltage levels, Clock failure, Traces lifted, De-cap Typical HW Hack- Divide and Conquer Separate modules by lifting traces Control clocks, Power Snoop at interfaces Inject fake data Power and timing monitoring Use Tamper Detection Traces and Layers Capacitance change? Signal noise? Traces broken? Aggregation Hub

Additional Resources Previous Course: http://www.designnews.com/lecture.asp?doc_id=269699 “Securing Your Embedded System” Security Blog, Schneier on Security: https://www.schneier.com Department of Homeland Security- Federal Network Resilience SIA Report on Counterfeiting Coursera Cryptography Courses: www.coursera.org (Search for Cryptography) Digi-Key TechZone Article Library: MCUs , Securing MCU Designs, 11/06/2013

This Week’s Agenda 11/10/14 Stealing and Hacking Your Design- Easy 11/11/14 How Do You Implement Secure Hardware? 11/12/14 Secure Devices- An Overview 11/13/14 Protecting Your System in the Field 11/14/14 An Example Design- in Detail