IoT Security: Root of Trust Brings Trust
IoT Security: Root of Trust Brings Trust C. Tremlet, Munich May 19th 2015 Risks in Connected Devices “Though this sounds like a joke, former Vice President Don Cheney and his doctors were legitimately scared about him getting assassinated via terrorists hacking into his defibrillator and causing a heart attack. So they turned off the wireless feature so nobody would kill him via heart hack.” 2 | Maxim Integrated | Company Confidential Assets and Threats Examples Assets Patient Health Threats Eaves Dropping Malware injection Patient Privacy Unauthorized re-use Equipment maker IP 3 | Maxim Integrated | Company Confidential Counterfeiting Importance of Secure Boot and Secure Communication • Any security implementation requires deep assets – threats analysis BUT for connected devices • Protection against malwares is almost always required > Secure boot is the answer • Securing communication is often critical 4 | Maxim Integrated | Company Confidential Secure Boot Principles And Example Secure Boot • Is a process • Checking that the firmware is genuine and has not been modified • The firmware authenticity preferably checked with cryptographic methods, mainly digital signature • Checks Memory Present drivers authenticity BIOS Memory Absent drivers BIOS Memory Present drivers • Checks Operating system • Checks • Updates • Application SW Operating System PC boot example 5 | Maxim Integrated | Company Confidential Is a Software Based Secure Boot Truly Secure? • Checks Memory Present drivers authenticity ✗ BIOS Memory Absent drivers BIOS Memory ✗Present drivers • Checks Operating System • Checks • Updates • Application SW ✗ Operating System • The hacker can easily replace the BIOS by a fake one • The whole chain gets compromised • The security of a string is the one of its weakest link! One needs an hardware root of trust! 6 | Maxim Integrated | Company Confidential Chain of Trust With Hardware Root of Trust • Verifies bootloader Trusted Hardware ✓ 7 | Maxim Integrated | Company Confidential Bootloader • Verifies Operating System ✓ • Verifies Applications Operating System ✓ Applications ✓ MAXQ1061 as a Root of Trust Features Cryptographic Toolbox, Hardware crypto engines: AES-128 (GCM,ECB,CBC), up to 10Mb/s ECC (NIST P-521) Common Criteria EAL4+ compliant ECC Engines NIST P-521 Brainpool P512r1 16KB SRAM 64KB ROM 32KB EEPROM TRNG 1KB OTP TLS and crypto toolbox command set DMA Environmental sensors MAXQ30E 32-bit RISC Core AES command set Benefits Hardware root of trust Cryptographic Keys are safely stored Hardware crypto engine accelerate digital signature verification Protection against side channel attacks 8 | Maxim Integrated | Company Confidential SPI (slave) Watchdog Internal Oscillator and ring Voltage regulator Timer 16-bit (x2) Timer PWM 16-bit (x2) AES-128 GCM, ECB I²C (slave) Securing Communications Is not only about encryption! Authenticity Am I talking to the right entity? 9 | Maxim Integrated | Company Confidential Confidentiality Only authorized parties can read messages Integrity Messages are not altered Securing Communications: TLS Securing Communications • TLS/DTLS is widely adopted > Open, no obscurity > Benefits feed-back • Guarantees > Authenticity > Confidentiality > Integrity • Hardware support enables > Enhanced security as critical steps are handled in a protected environment > Main processor off loading for computing intensive tasks (asymmetric crypto) 10 | Maxim Integrated | Company Confidential MAXQ1061 as a TLS toolbox Sync/Ack Handshake Data transfer MAXQ1061 • Accelerate encryption and digital signature • Protects encryption and digital signature keys Alert (teardown) MAXQ1061 • Enables certificate storage • Securely achieves authentication • Accelerate authentication operation (Public Key based) 11 | Maxim Integrated | Company Confidential DeepCover Hardware Security Features Secure Key Storage Side-Channel attacks protection Quality Random Numbers Tamper detection Flawless implementation Performance 12 | Maxim Integrated | Company Confidential Hardware Security is Not Only For Paranoids A full kit enabling side channel and fault attacks sells today for $1520! 13 | Maxim Integrated | Company Confidential
© Copyright 2024