OP-TEE Using TrustZone to Protect Our Own Secrets

Similar documents
OP-TEE Using TrustZone to Protect Our Own Secrets

Protecting your system from the scum of the universe

Protecting your system from the scum of the universe

Surviving in the wilderness integrity protection and system update. Patrick Ohly, Intel Open Source Technology Center Preliminary version

D1Y - Embedded Linux with Yocto

Secure Boot from A to Z

D1S - Embedded Linux with Ac6 System Workbench

Booting Linux Fast & Fancy. Embedded Linux Conference Europe Cambridge, Robert Schwebel

D1 - Embedded Linux. Building and installing an embedded and real-time Linux platform. Objectives. Course environment.

Security features for UBIFS. Richard Weinberger sigma star gmbh

Lecture 3 MOBILE PLATFORM SECURITY

The Future of Security is in Open Silicon Linux Security Summit 2018

Trusted Computing and O/S Security

Old, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures

UEFI Secure Boot and DRI. Kalyan Kumar N

Big and Bright - Security

Market Trends and Challenges in Vehicle Security

Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD

Trusted Computing and O/S Security. Aggelos Kiayias Justin Neumann

Security in NVMe Enterprise SSDs

How I survived to a SoC with a terrible Linux BSP

Android Bootloader and Verified Boot

Windows IoT Security. Jackie Chang Sr. Program Manager

Provisioning secure Identity for Microcontroller based IoT Devices

ARM Security Solutions and Numonyx Authenticated Flash

Embedded Linux system development training 5-day session

High-Performance, Highly Secure Networking for Industrial and IoT Applications

Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD

How I survived to a SoC with a terrible Linux BSP


Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability

OVAL + The Trusted Platform Module

Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD

Android System Development Training 4-day session

Clover Flex Security Policy

Verified Boot: Surviving in the Internet of Insecure Things. Randall Spangler Chrome OS Firmware Lead

Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague

MYD-IMX28X Development Board

Secure Boot in the Zynq-7000 All Programmable SoC

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)

CIS 4360 Secure Computer Systems Secured System Boot

The Yocto Project. Chris Young S/W Specialist SILICA Europe. Harmonising Software Development across multiple Embedded ARM SOC targets

IPL+UBI: Flexible and Reliable with Linux as the Bootloader

Atmel Trusted Platform Module June, 2014

Securing Software Updates for IoT Devices with TUF and Uptane. Ricardo Salveti Principal Engineer

EDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE PUBLIC

SSG Platform Security Division & IOTG Jan Krueger Product Manager IoT Security Solutions

Secure storage in OP-TEE. Jens Wiklander

A Developer's Guide to Security on Cortex-M based MCUs

Bringing Android to Secure SDRs

Proving who you are. Passwords and TLS

Titan silicon root of trust for Google Cloud

TCG TPM2 Software Stack & Embedded Linux. Philip Tricca

Distributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing

MYD-IMX28X Development Board

TERRA. Boneh. A virtual machine-based platform for trusted computing. Presented by: David Rager November 10, 2004

Developing i.mx Multimedia Applications Processors with Windows Embedded CE 6.0 WinCE 6.0 on the i.mx25 and i.mx35 PDK s

CSPN Security Target. HP Sure Start HW Root of Trust NPCE586HA0. December 2016 Reference: HPSSHW v1.3 Version : 1.3

Trustzone Security IP for IoT

Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices

TPM v.s. Embedded Board. James Y

1. OVERVIEW RELEASE ITEMS HOW TO APPLY ADDITIONAL FUNCTIONS AND CHANGE FUNCTIONS FROM PREVIOUS EDITION...

TRUSTSHADOW: SECURE EXECUTION OF UNMODIFIED APPLICATIONS WITH ARM TRUSTZONE Florian Olschewski

Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin

Software Vulnerability Assessment & Secure Storage

DS2 Products Auto-Update Tool BSP

Integrity-checked block devices with device mapper. Mandeep Baines Will Drewry

Embedded System Security Mobile Hardware Platform Security

Embedded System Security Mobile Hardware Platform Security

Intel Quark SoC X1000 Secure Boot

Embedded Linux Conference Europe Sascha Hauer

Yocto Project and OpenEmbedded training 3-day session

Scott Johnson Dominic Rizzo Parthasarathy Ranganathan Jon McCune Richard Ho. Titan: enabling a transparent silicon root of trust for Cloud

Delivering High-mix, High-volume Secure Manufacturing in the Distribution Channel

Jim Gallagher Senior Technical Marketing Lead, MontaVista Software

EMBEDDED LINUX ON ARM9 Weekend Workshop

Secret-in.me. A pentester design of password secret manager

CIS 4360 Secure Computer Systems. Trusted Platform Module

U-Boot Falcon Mode. Minimizing boot times using U-Boot "Falcon" mode. Stefano Babic / Wolfgang Denk. July 2012

Hands-on with the Sitara Linux SDK

Unicorn: Two- Factor Attestation for Data Security

Mobile Platform Security Architectures A perspective on their evolution

SECURITY CRYPTOGRAPHY Cryptography Overview Brochure. Cryptography Overview

Encrypting stored data

How to protect Automotive systems with ARM Security Architecture

Lecture Embedded System Security Trusted Platform Module

AMD Security and Server innovation

SIERRAWARE SIERRATEE FOR MIPS OMNISHIELD

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

Overview. Wait, which firmware? Threats Update methods request_firmware() hooking Regression testing Future work

ViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project

RAUC Documentation. Release v0.4. Jan Luebbe, Enrico Joerns, Juergen Borleis

LSS-EU 2018: Overview and Recent Developments Linux Integrity Subsystem

Using Linux as a Secure Boot Loader for OpenPOWER Servers

RAUC Documentation. Release v0.4. Jan Luebbe, Enrico Joerns, Juergen Borleis

INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD

BCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0 Cryptographic Module VC0 Non-Proprietary Security Policy Document Version 0.

i.mx 6UltraLite Evaluation Kit Quick Start Guide s datasheet has been downloaded from at this pag

OS Security IV: Virtualization and Trusted Computing

Linux Kernel Security Overview

Transcription:

OP-TEE Using TrustZone to Protect Our Own Secrets ROM-Code Bootloader Kernel Root File System ELC Europe 2017, 23.10.2016 Marc Kleine-Budde <mkl@pengutronix.de> Slide 1 - http://www.pengutronix.de - 2017-10-23

Why Verified Boot? Attractive hacking target: Linux systems control critical industrial processes Compared to servers, embedded systems receive poor maintenance Complex Software: Every Linux system has undiscovered vulnerabilities Commercial control software (closed source) Defense in Depth is important! We can do it ourselves: SoC with hardware support are available everywhere Software components are available as FOSS Slide 3 - http://www.pengutronix.de - 2017-10-23

What do we want to protect? Bootloader Kernel File system Programs Configuration files Application data The attacker can manipulate all stored data we want to detect any tampering Slide 4 - http://www.pengutronix.de - 2017-10-23

Boot Stages ROM-Code vendor dependent (here: Freescale/NXP i.mx6 HABv4, SHA and RSA) Bootloader FIT-Image (SHA and RSA) Kernel/Device-Tree/InitRAMFS IMA & EVM (HMAC and RSA) Root File System Slide 5 - http://www.pengutronix.de - 2017-10-23

ARM architecture overview Non-Secure usr App App App svc OS ARM SoC Slide 6 - http://www.pengutronix.de - 2017-10-23

ARM architecture overview Non-Secure Secure usr usr App App App App App Trusted App svc svc OS Trusted OS mon Secure Monitor ARM SoC Slide 7 - http://www.pengutronix.de - 2017-10-23

Boot Loader SoC ROMCode Fuses Pubkey Signature Boot Loader Pubkey Slide 8 - http://www.pengutronix.de - 2017-10-23

FIT-Image In separate partition or on root file system Consists of Kernel, Device-Tree and InitRAMFS May contain several variants Always signs a complete configuration of kernel, DT and InitRAMFS to prevent mix-and-match attacks Must be verified by the boot loader Signature matches the public key in the boot loader Contains the public key to check the root file system Slide 9 - http://www.pengutronix.de - 2017-10-23

FIT-Image Boot Loader Pubkey FIT-Image Signature Configuration hashes Slide 10 - http://www.pengutronix.de - 2017-10-23 Kernel Pubkey Device-Tree InitRAMFS

Root File System (initial) ext4 oder UBIFS File System needs Extended Attributes Every file has an IMA hash SHA1 or SHA256 of the file content Extended Attribute: security.ima Every file has an EVM signature Secures Security Extended Attribues Is signed on the development computer with a private key RSA signature matches the public key in the kernel Extended Attribute: security.evm Slide 11 - http://www.pengutronix.de - 2017-10-23

Root File System (initial) Kernel Pubkey Root File System /sbin/init IMA hash EVM Signature /bin/sh IMA hash EVM Signature /etc/shadow IMA hash EVM Signature Slide 12 - http://www.pengutronix.de - 2017-10-23

Root File System (writable) No RSA-Signatures There is no private key on the system RSA is quite slow Instead SHA-HMAC Requires a different shared Secret for each system On first file access the signature is replaced by the HMAC Every file has an IMA hash and a EVM HMAC Only a correctly booted system has access to the EVM Secret Attackers cannot manipulate files and calculate a matching HMAC Slide 13 - http://www.pengutronix.de - 2017-10-23

Root File System (writable) SoC Fuses InitRAMFS Blob Unique Key EVM-Secret Root File System /sbin/init IMA-Hash EVM-HMAC /bin/sh IMA-Hash EVM-HMAC /etc/shadow IMA-Hash EVM-HMAC Slide 14 - http://www.pengutronix.de - 2017-10-23

Encrypted File System - ecryptfs File system level encyption Works both on NAND and block devices Every file corresponds to an unencrypted file File names and content encrypted Directory layout and permissions are clear text Requires a different shared Secret for each system IMA/EVM not needed Integrity is provided by AES in GCM mode Slide 15 - http://www.pengutronix.de - 2017-10-23

Encrypted File System - ecryptfs SoC Fuses Blob Unique Key Userspace ecryptfs-secret Unencrypted File System /opt/vendor/bin/app ecryptfs/aes /opt/vendor/etc/app.cfg ecryptfs/aes /opt/vendor/lib/data.sql ecryptfs/aes Slide 16 - http://www.pengutronix.de - 2017-10-23

Demo Time! Slide 17 - http://www.pengutronix.de - 2017-10-23

Do It Yourself! Freescale MX28 I2SE Duckbill (~100 ) MYIR Tech MYD-IMX28X (~100+40 ) Freescale MX53 USB Armory (~130$) Freescale MX6 Cubox-i (~110 ) RioT-Board (~85 ) Without Hardware-Support: Read-Only SPI-NOR or emmc + TPM Slide 18 - http://www.pengutronix.de - 2017-10-23

Used Components Supported SoCs: MX25 MX6 Bootloader: barebox-2016.09 Kernel: linux-4.0.9 + patches offline image signing: e2fsprogs (+patches) ima-evm-utils (+patches) integrated everything with ptxdist Slide 19 - http://www.pengutronix.de - 2017-10-23

What's Missing? Protection of Directories Prevents to move, delete and create files There are already patches "directory integrity protection" Mainlining Offline image creation via mkfs.ext4 and ima-evm-utils blob drivers for imx6 crypto engine (CAAM) blob drivers for mx25 crypto engine Support for other SoCs: MX53 Other Vendors (Dokumentation?) Slide 20 - http://www.pengutronix.de - 2017-10-23

Best Practices / Lessons Learned Development Keys in BSP Access t0 Production Keys via pkcs#11 Some packages in two configuration variants (Development/Production): bootloader Kernel/InitRAMFS Regularly turn on more security features during integration Once activated, debugging (field returns) becomes a pain UBIFS with IMA/EVM doesn't like sudden power cuts Slide 21 - http://www.pengutronix.de - 2017-10-23

Q&A @marckleinebudde Slide 22 - http://www.pengutronix.de - 2017-10-23

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback