1 / 24

G53SEC

G53SEC. Hardware Security The (slightly) more tactile side of security. 1. G53SEC. Overview of Today’s Lecture: Hardware vs. Software Security Attacks, Threats and Attackers Security Categories Examples. 2. G53SEC. Hardware Security vs. Security So Far : Different Landscape

cstuart
Download Presentation

G53SEC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. G53SEC Hardware Security The (slightly) more tactile side of security 1

  2. G53SEC • Overview of Today’s Lecture: • Hardware vs. Software Security • Attacks, Threats and Attackers • Security Categories • Examples 2

  3. G53SEC • Hardware Security vs. Security So Far: • Different Landscape • Threats • Attackers • Attacks • As important as software/network security 3

  4. G53SEC • Threat Vectors: • Interception • - Gain access to information without interfering with system • Interruption • - Prevention of system functionality • Modification • - Invasive tampering • Fabrication • - Counterfeiting 4

  5. G53SEC • Attackers: • Class 0 – Script Kiddies • Class I – Clever Outsider • - Intelligent, limited knowledge of target • - Usually through a known weakness • Class II – Knowledgeable Insider • - High-tech expertise • - Advanced tools and instruments • Class III – Funded Organisation • - Specialists with lots of funding • - Most advanced tools and analysis 5

  6. G53SEC • Attacks: • Insider Attack • - e.g. Laid-off employee • Lunchtime Attack • - Performed during a small window of opportunity • - e.g. during coffee break • Focused Attack • - Plenty of time, money and resources 6

  7. G53SEC • Attacks: • Invasive Attacks • - e.g. Hardware reverse engineering • Semi-invasive Attacks • - e.g. Heating • Non-Invasive Attacks • - e.g. EM radiation observation 7

  8. G53SEC • Security Categories: • Physical • Logical • Environmental • Operational 8

  9. G53SEC • Physical Security: • Tampering • “An (physical) interference of a harmful nature” • Tamper Mechanisms: • Strive to prevent an attempt by an attacker to perform unauthorised physical or electronic action 9

  10. G53SEC • Tamper Mechanisms: • Tamper Resistance • - Special materials • Tamper Evidence • - Visible evidence left behind after tampering • Tamper Detection • - Hardware is aware of tampering • Tamper Response • - Countermeasures upon detection 10

  11. G53SEC • Physical Attacks: • Invasive • - Direct access to embedded components (e.g. cpu) • Micro probing, reverse engineering, memory readout techniques (e.g. freezing) • Require lot of time, knowledge and resources • Semi-invasive (integrated chip cards) • - UV lights, x-rays, laser, EM field, heating • - Optical fault induction (SRAM illumination) • - Low cost, easy reproduction on same target 11

  12. G53SEC Physical Attacks: Micro-probing station: Modified Circuit: Source: Cambridge Security Lab 12

  13. G53SEC • Logical Security: • Access Control • Cryptographic Algorithms • Cryptographic Protocols 13

  14. G53SEC • Logical Attacks: • Non-Invasive • No Physical Damage • Monitoring/Eavesdropping • TEMPEST attacks • Side Channel Attacks • Timing Analysis • Power Analysis • Fault Analysis 14

  15. G53SEC • Logical Attacks: • Software Attacks – API • No specialised equipment needed • Very fast • Issues: • - Integrity of keys • - Function parameter checking • - Security policy enforcement 15

  16. G53SEC • Environmental Security: • Device itself is the asset • Goal – limit attacker’s possibilities by creating layers of hindrance (e.g. access) • Administrative controls should be part of security policy 16

  17. G53SEC • Operational Security: • Security risks related to operation of hardware • Closely related to last week’s lecture • Example: ATMs • User’s knowledge of: • - Real vs. Fake card reader • - Keypad operation • - PIN Safeguarding • - Latest attacks 17

  18. G53SEC • Hardware Security Modules: • For secure generation and storage of crypto information • Often physically tamper resistant • Sometimes have H/W cryptographic acceleration • Sometimes have special “trusted” peripherals • (e.g. card readers, key pads, etc..) • Example: Banks • ATMs • Pre-payment electricity meters 18

  19. G53SEC • Examples: • Credit Cards • - Magnetic Stripes • - Chip & PIN • - RFID (Radio Frequency Identification) 19

  20. G53SEC Examples: Chip & PIN relay attack: Source: Cambridge Security Lab 20

  21. G53SEC • Examples: • RFID – Radio Frequency Identification • Originally developed as the “Barcode of the future” • Now used as • - Inventory control • - Logistics and supply chain management • Physical access cards • Payment - Motorway charges • - Gas stations • - Small items in shop 21

  22. G53SEC • Examples: • Future: • - Embedded in all kinds of devices • - From clothing, to all products we buy • e.g. Milk that will tell fridge when it is expired • Issues: • - Privacy • - Security – RFID was not designed with security in mind!! 22

  23. G53SEC • Examples: • Susceptible to Power Analysis attacks • Can be susceptible to Cloning attacks • Susceptible to Relay attacks • “Is your cat infected with a computer virus?” 23

  24. G53SEC • Remember: • H/W security as important as other security aspects • H/W security devices do not solve security • Many attacks exist • Many more problems are on the way • Because – Security added as an afterthought 24

More Related