Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for.

Published byMarlee Everly Modified over 10 years ago

Similar presentations

Presentation on theme: "Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for."— Presentation transcript:

1 Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for the System Designer - A. Raghunathan, S. Ravi, S. Hattangady, J. Quisquater (DATE’ 03) 2. Masking Energy Behavior of DES Encryption - H. Saputra, N. Vijaykrishnan, N. Kandemir, et al. (DATE’ 03) 3. Wireless Network Security - Tom Karrygiannis and Jes Owens, NIST http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf

2 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards –Power analysis based attack  Masking Energy Behavior for DES Encryption (DATE’ 03)

3 Introduction  Mobile appliances widely used (PDAs, Cell Phones, Smart Cards, etc.)  Involves sensitive information: increased security concerns  Success of emerging technologies to depend on ensuring adequate security –Security cited as single largest concern among prospective m-commerce users

4 Unique Challenges  Knowledge and experience from wired internet gives us a head start (not sufficient)  Unique challenges: –Use of public transmission medium –Potentially unlimited points of access –Vulnerable to theft, loss, and corruptibility –Constraints on power, cost, and weight  Need for techniques at every aspect of design to meet the challenges

5 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards  Masking Energy Behavior for DES Encryption

6 Tamper-resistant Implementation Secure SW Execution Secure Content Secure Network Access User Identification Secure Storage Secure Data Communication Security Issues

7 Secure Data Communication  Employ security protocols to various layers of network protocol stack –Achieve peer authentication, privacy, data integrity etc. –cryptographic algorithms act as building blocks  Examples Network layer protocols: –Cellular technologies: GSM, CDPD –Wireless LAN: IEEE 802.11 –Wireless PAN: Bluetooth  Distinct protocols needed at various layers –Network layer protocol secures link between wireless client, access point, base station or gateway –Need complementary security mechanisms at higher protocol layers (Eg. WTLS in WAP)

8 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards  Masking Energy Behavior for DES Encryption

9 Design Challenges  Various challenges and considerations for mobile appliance security –Flexible security architecture: to support diverse security protocols and crypto algorithms –Computational requirement for security processing –Impact of security processing on battery life –Tamper-resistant implementation

10 Flexibility  Ability to cater wide variety of security protocols –Example: Support for both WEP and 3GPP algorithms to work in LAN and 3G cellular environments  Support for distinct security standards at different layers of network protocol stack –Example: WEP (link layer) and SSL (transport layer) support for wireless LAN enabled PDA with web support  Security protocols continuously evolving continuously evolvingcontinuously evolving –Protocols revised to enable new security services, new crypto algorithms etc.

11 Computational Requirements Processing Requirements for a security protocol using RSA based Connection 3DES based encryption/decryption and SHA based integrity

12 Battery life  Reduced battery life due to increased computational requirements  Case study: Sensor node with Motorola Dragon Ball processor (MC68328)  Energy Consumption: –Transmission: 21.5 mJ/KB –Reception: 14.3 mJ/KB –RSA based encryption: 42mJ/KB 42mJ/KB

13 Tamper-Resistance  Security protocols and mechanisms are independent of implementation specifics –Assumption being malicious entities do not have access to implementation  Observing properties of the implementation can enable breaking of ‘secret key’  Sensitive data is vulnerable –During on-chip communication –When simply stored in mobile appliance (secondary storage like flash, main memory, caches, register files)

14 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards  Masking Energy Behavior for DES Encryption

15 Security Attacks on Smart Cards  Security attacks on smart cards can be classified as: –Microprobing  Invasive technique that manipulates the internal circuits –Software attacks  Focuses on protocol or algorithm weakness –Eavesdropping  Hacks secret keys by monitoring power consumption, EM radiation, and execution time –Fault generation  Based on intentional malfunction of the circuit  Techniques like supply voltage change, exposing circuit to radiation etc.

16 Eavesdropping power profile Eavesdropping power profile  Rationale: Power consumption of an operation depends on its operand values –Operands are plain text and secret key in crypto algorithms –Switching activity varies in memory, buses, datapath units, and pipeline registers based on operand values  Different degrees of sophistication involved in power analysis based attacks –Simple Power Analysis (SPA): uses single power profile –Differential Power Analysis (DPA): uses power profiles from multiple runs

17 Simple Power Analysis  Based on single power trace for operations  Identify operations being performed based on power profile –Whether a branch is taken or not –Whether an exponentiation operation is performed or not  Knowing the algorithm and power profile, secret key can be revealed  Protection from SPA: –Code restructuring –Random noise insertion for power variation –Adding dummy modules

18 Differential Power Analysis  Utilizes power profiles gathered from multiple runs  Basic principle similar to SPA: relies on data dependent power variation to break key  Averaging used to eliminate random noises  P.Kocher, J. Jaffer, and B. Jun “Introduction to Differential Power Analysis and Related Attacks”, http://www.cryptography.com/dpa/technical, 1998 http://www.cryptography.com/dpa/technical

19 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards  Masking Energy Behavior for DES Encryption

20 Energy Masking for DES  Architecture to have secure and non-secure instructions –Power consumption for secure instructions data independent  Critical operations in DES encryption: –Assignment –Bit by bit addition modulo 2 (XOR) –Shift operation –Indexing operation  Instructions involving secret key replaced with secure instructions

21 Secure load instruction

22 Energy consumption profiles

23 Masking energy in DES  Energy consumption more for secure instructions than non-secure instructions –E Diss w/o masking: 46.4 uJ –E Diss w/ naïve masking: 63.6 uJ (all loads and stores masked) –E Diss w/ smart masking: 52.6 uJ (only ‘secret key’ related instructions masked)

24 Back to presentation

Download ppt "Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for."

Similar presentations

Operating System Security

Operating System Security
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.

1-1 CMPE 259 Sensor Networks Katia Obraczka Winter 2005 Security.
9 Lecture The Wireless Revolution. Identify the principal wireless transmission media and devices, cellular network standards and generations, and standards.

9 Lecture The Wireless Revolution. Identify the principal wireless transmission media and devices, cellular network standards and generations, and standards.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 Security Characteristics of Cryptographic.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.

Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.

Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
SECURITY IN MOBILE NETWORKS BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI.

SECURITY IN MOBILE NETWORKS BY BHONGIRI ANAND RAJ VENKAT PAVAN RAVILISETTY NAGA MOHAN MADINENI.
Side-Channel Attacks on Smart Cards. Timing Analysis Cryptosystems take different amount of time to process different inputs. Performance optimisations.

Side-Channel Attacks on Smart Cards. Timing Analysis Cryptosystems take different amount of time to process different inputs. Performance optimisations.
FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.

FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Radu Muresan CODES+ISSS'04, September 8-10, 2004, Stockholm, Sweden1 Current Flattening in Software and Hardware for Security Applications Authors: R.

Radu Muresan CODES+ISSS'04, September 8-10, 2004, Stockholm, Sweden1 Current Flattening in Software and Hardware for Security Applications Authors: R.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) 975-3658 Security Considerations for Wireless Sensor Networks.

Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.
IT in Business Enterprise and Personal Communications Networks Lecture – 07.

IT in Business Enterprise and Personal Communications Networks Lecture – 07.
Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015.

Introduction to the Mobile Security (MD)  Chaitanya Nettem  Rawad Habib  2015.

Similar presentations

Ads by Google