Connecting Securely to the Cloud

Similar documents
Securing IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region

Securing IoT devices with Hardware Secure Element. Fabrice Gendreau EMEA Secure MCUs Marketing & Application Manager

Provisioning secure Identity for Microcontroller based IoT Devices

Atmel Trusted Platform Module June, 2014

Platform Level Security For IoT Devices. Bob Waskiewicz Applications Engineer

Digital Certificates Demystified

Securing IoT with the ARM mbed ecosystem

Computer Security: Principles and Practice

Resilient IoT Security: The end of flat security models

Introducing Hardware Security Modules to Embedded Systems

$263 WHITE PAPER. Flexible Key Provisioning with SRAM PUF. Securing Billions of IoT Devices Requires a New Key Provisioning Method that Scales

Delivering High-mix, High-volume Secure Manufacturing in the Distribution Channel

Trusted Platform Modules Automotive applications and differentiation from HSM

Securing IoT applications with Mbed TLS Hannes Tschofenig Arm Limited

Market Trends and Challenges in Vehicle Security

Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017

A Developer's Guide to Security on Cortex-M based MCUs

BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module

Overview. SSL Cryptography Overview CHAPTER 1

Trustzone Security IP for IoT

Designing Network Encryption for the Future Emily McAdams Security Engagement Manager, Security & Trust Organization BRKSEC-2015

Windows 10 IoT Core Azure Connectivity and Security

Security in NFC Readers

ARCHITECTURING AND SECURING IOT PLATFORMS JANKO ISIDOROVIC MAINFLUX

Titan silicon root of trust for Google Cloud

Building secure devices on the intelligent edge with Azure Sphere. Paul Foster, Microsoft Dr Hassan Harb, E.On

Security. Communication security. System Security

Security in NVMe Enterprise SSDs

Designing Security & Trust into Connected Devices

WAP Security. Helsinki University of Technology S Security of Communication Protocols

Designing Security & Trust into Connected Devices

This Security Policy describes how this module complies with the eleven sections of the Standard:

New Approaches to Connected Device Security

AN12120 A71CH for electronic anticounterfeit protection

Designing Security & Trust into Connected Devices

Encryption. INST 346, Section 0201 April 3, 2018

Beyond TrustZone PSA Reed Hinkel Senior Manager Embedded Security Market Development

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

FIPS SECURITY POLICY FOR

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Date: 13 June Location: Sophia Antipolis. Integrating the SIM. Dr. Adrian Escott. Qualcomm Technologies, Inc.

Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague

SECURITY CRYPTOGRAPHY Cryptography Overview Brochure. Cryptography Overview

New STM32WB Series MCU with built-in Bluetooth 5 and IEEE

Most Common Security Threats (cont.)

Cyber security of automated vehicles

WHAT FUTURE FOR CONTACTLESS CARD SECURITY?

Garantía y Seguridad en Sistemas y Redes

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module


Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

New STM32WB Series MCU with Built-in BLE 5 and IEEE

Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability

Trojan-tolerant Hardware & Supply Chain Security in Practice

Cryptography for the Internet of Things. Kenny Paterson Information Security

Keys for Success: Today s Landscape of IoT Technologies and Security Standards

Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018

Payment Card Industry (PCI) PIN Transaction Security (PTS) Hardware Security Module (HSM) Evaluation Vendor Questionnaire Version 2.

Securing Internet Communication: TLS

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

A71CH for secure connection to AWS

Security Requirements for Crypto Devices

BCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0 Cryptographic Module VC0 Non-Proprietary Security Policy Document Version 0.

Trusted Computing Group

CSCE 813 Internet Security Final Exam Preview

Securing IoT applications with Mbed TLS Hannes Tschofenig

Windows IoT Security. Jackie Chang Sr. Program Manager

Automotive Security An Overview of Standardization in AUTOSAR

Easy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications

ARM Security Solutions and Numonyx Authenticated Flash

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Achieving a legacy cellular security level. Sonia CORRARD Avnet Silica Romain Tesnière Avnet Silica

Resilient IoT Security: The end of flat security models. Milosch Meriac IoT Security Engineer

UNIT - IV Cryptographic Hash Function 31.1

Cybersecurity Solution in Hardware

Live Demo: A New Hardware- Based Approach to Secure the Internet of Things

Cryptographic Concepts

SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017

EDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE PUBLIC

CS November 2018

Security+ SY0-501 Study Guide Table of Contents

Verizon Software Defined Perimeter (SDP).

6.857 L17. Secure Processors. Srini Devadas

Overview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.

Lecture Embedded System Security Trusted Platform Module

Oracle Solaris Userland Cryptographic Framework Software Version 1.0 and 1.1

1.264 Lecture 28. Cryptography: Asymmetric keys

DataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.

White Paper for Wacom: Cryptography in the STU-541 Tablet

TRESCCA Trustworthy Embedded Systems for Secure Cloud Computing

BEYOND TRADITIONAL PASSWORD AUTHENTICATION: PKI & BLOCKCHAIN

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Hardware Security Challenges and Solutions. Mike Bartley TVS, Founder and CEO

Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices

ARM TrustZone for ARMv8-M for software engineers

Cryptographic Systems

Scott Johnson Dominic Rizzo Parthasarathy Ranganathan Jon McCune Richard Ho. Titan: enabling a transparent silicon root of trust for Cloud

The Open Application Platform for Secure Elements.

Trojan-tolerant Hardware

Transcription:

Connecting Securely to the Cloud Security Primer Presented by Enrico Gregoratto Andrew Marsh

Agenda 2 Presentation Speaker Trusting The Connection Transport Layer Security Connecting to the Cloud Enrico Gregoratto IoT Integrity Building Trust Raising The Bar Use a SE Conclusion Andrew Marsh Q & A

Communications With A Cloud Service 3 IoT Overview Cloud Service Network Gateway

Identifying Threats 4 Tampering with Data Eavesdropper IoT Cloud Service Network Gateway Compromised Tampering with Data Fake Service Cloned or Counterfeit

Classes of Attacks 5 ATTACKS IoT Internet Cloud Service Software Attack Misuse of network protocols Exploit communication protocol errors Flaws in software design / implementation BOX Board Level Attack With the case opened / removed Test / debug port access Inter device bus and IO probing Reset, clock attacks Power analysis Temperature / electrical attacks (glitch, overvoltage) Silicon Level Attack de-packaged Circuit analysis and probing Fault injection Laser beam

Classes of Attacks 6 IoT BOX Internet Cloud Service Silicon Level Attack ATTACKS Board Level Attack Software Attack SOLUTION Misuse of network protocols Exploit communication protocol errors Flaws in software Confidentiality design / implementation Data / Identity Protection Secure Communications Secure Storage With the case opened Authentication / removed Test / debug port access Inter device bus and IO to probing Server Reset, clock attacks Server to Power analysis Temperature / electrical Integrity attacks and (glitch, Availability overvoltage) Secure Boot Secure Firmware Upgrade Trusted Processing de-packaged Circuit analysis and probing Fault injection Laser beam

Securing the Connection 7

Secure Communications 8 Cloud Services have selected to use a standards based secure communication protocols Cloud Services vendors use "lightweight" messaging protocols like MQTT - Message Queue Telemetry Transport (ISO / IEC PRF 20922) CoAP - Constrained Application Protocol (RFC7252) These messaging protocols were designed for connections with remote devices with limited resources (memory / CPU) or where network bandwidth is limited These messaging protocols use Transport Layer Security (TLS) to secure communications

Crypto Basics 9

Cryptography One Key or Two? 10 Sender Communications Channel Receiver Secret Key Cryptography (Symmetric) Data File Clear Text Encryption Cipher Text Data File Decryption Data File Clear Text Public Key Cryptography (Asymmetric) Data File Clear Text Public Encryption Cipher Text Data File Decryption Private Data File Clear Text

Cryptographic Hash Cryptography HASH Algorithms Easy to compute and quick A one way function, non-reversible (computationally infeasible to obtain the original message from the hash), unique (practically impossible for two different messages to generate same result) Used in many processes like authentication, secure boot, secure downloads 11 NIST (Secure Hashing Algorithm) SHA-2, SHA-3 Code File Clear Text One Way Function Data File Hash Value Hash function has no key, and the clear text can not be recovered from the hash value

Digital Signatures Cryptography Digital Signatures Used to check the authenticity of information - code, files, messages, Public Keys 12 Private Signing Code File Hash Hash Value Using RSA Sign / Encrypt Clear Text Authentication Using RSA Code File Clear Text Hash Public Calculated Hash Value Compare If the Hash values are equal the file is authentic Hash Value Verify / Decrypt

Transport Layer Security - TLS 13

Transport Layer Security 14 Transport Security Layer - TLS (RFC 5446) protocol provides - / Server Authentication (optional) making use of asymmetrical crypto like :- RSA and ECC Information Confidentiality / Data Protection key exchange crypto like:- Diffie-Hellman encryption using symmetric ciphers like :- AES, Triple DES Message Integrity Makes extensive use of X.509 certificates and a Public Key Infrastructure authentication may be carried out at the Application Layer A IoT due to its limited capabilities (memory/processing) does not need to support a full crypto suite

Hello! Server Cloud Service TLS Exchange Overview 15 IP Connection Client Hello Client IoT Digital Signature Authentication Server s Server s CA Mutual Authentication Crypto Crypto RNG Key-Pair Establish a shared key Diffie-Hellman key exchange Session key Crypto Crypto Secured Link Session Data File AES Cipher Text Data File AES Data File Clear Text Clear Text

Connecting to The Cloud 16

Example of Registering to Cloud Service 17 Cloud Service 1) Gather the End-Point Credentials and Server CA 2) Generate a Public/Private key pair Server s CA End-Point Credentials CSR Server s CA 3) Create a Signing Request (CSR) Signing Process 4) Request a 5) Register the into Your IoT Account Key-Pair 6) Program s, End-Point Credentials and keys into the IoT Now the IoT can establish a secure communications channel with the Cloud Service Server s CA End-Point Credentials Key-Pair BOX IoT TLS Your IoT Account

Registering Demo to Cloud Service 1) Gather the End-Point Credentials and Server CA from the Cloud Services Provider 2) Request a and Public/Private key pair 3) Register the into Your IoT Account with the Cloud Services Provider 4) Program s, End-Point Credentials and keys into the IoT Server s CA Server s CA End-Point Credentials Key-Pair Cloud Service Crypto Process TLS Server s CA Your IoT Account 18 Now the IoT can establish a secure communicate channel with the Cloud Service End-Point Credentials Key-Pair BOX IoT

Handling TLS Credentials 19 Protect the keys (especially the Private Key ) Store certificates and other credentials such that they cannot be easily replaced 95% attacks today are software IoT Server s CA End-Point BOX Credentials Key-Pair

IoT Integrity Building Trust 20

Classes of Attacks 21 ATTACKS IoT Internet Cloud Service Software Attack Misuse of network protocols Exploit communication protocol errors Flaws in software design / implementation BOX Board Level Attack With the case opened / removed Test / debug port access Inter device bus and IO probing Reset, clock attacks Power analysis Temperature / electrical attacks (glitch, overvoltage) Silicon Level Attack de-packaged Circuit analysis and probing Fault injection Laser beam

Security Needs for an IoT 22 Cloud Service providers wish to protect their services, their network and their brand Information/data confidentiality and integrity through the use of cryptography Trust-worthiness through cryptographic authentication between communicating devices Trust-worthiness of the platform through device integrity

Example of a Simple IoT 23 Sensor Communications MCU Sensor MCU Communication

Security Layering 24 Silicon Security Features Used to establish a robust platform on which trusted processes and associated cryptography can be performed Secure Boot-Loader (SB) Establishing a Root-of-Trust Verifying firmware image on every boot Secure Firmware Update (SFU) Building a system that can evolve to counter new threats, add new functionality, fix bugs in a controlled and secure way once device is in the field Application Access control and right management Feature and product management Secure Communications Layer TLS / DTLS Physical Layer Network physical layer security e.g. WiFi WPA2, 802.11i, Foundation of Trust Security Services Secure Boot, Secure Firmware Update Silicon Security Features Firewall PCROP RDP WRP MPU

Secure Boot 25 Secure Boot uses cryptographic functions to confirm the authenticity of firmware before allowing it to run A multi-stage boot process consists of each stage authenticating the next Reset Cert. Code First Stage Trusted Authenticates Code Second stage Loader Cert. Authenticates Code Third Stage RTOS Cert. Authenticates Application Chain of Trust

Secure Boot Process 26 Performed after a RESET, using a Public Key stored in the device It is a stateful process for predictable behavior Reset File Trusted Code Image Hash Public Compare OK Run Code State Based Process Calculated Hash Value Hash Value NOK Verify / Decrypt Code Authentication Reload

RESET Configure WRP/RDP/PCROP Disable DMAs Enable MPU Enable Firewall Zero s SRAM Disable MPU Secure Boot State Machine Secure Boot Flow 27 Enter Protected Enclave Enclave Exit Protected Enclave Disable IRQs Enter Firewall Secure Processing Exit Firewall Enable IRQs Firewall Protection Secured by the Memory Protection Unit Jump to User App

FLASH SB: SFU-En Boot SFU: SFU-En App SRAM Secure Processing 28 Secure Processing Environment Secure cryptographic functions Protected access to Shared Info. data-space Single Access Point Shared Info. Secure Processing Secure Region Keys Protected Volatile Data Enclave Firewall Protection Single access point Call Gate Code segment cannot be executed without passing through it Volatile and Non-Volatile Data cannot be accessed from outside User App #1 SRAM Non Secure Region C-STACK Environment Configured to protect - Volatile data (SRAM) User App #2 or Download Area (opt) Non Protected Data Non-volatile data (FLASH) Code - no jump calls

Secure Engine APIs 29 Enter Protected Enclave Disable IRQs Wrapper of internal protected functions secure_engine.o/.h user_file.c Secure Engine APIs Enclave Enter Firewall Secure Processing Exit Firewall Firewall Protection Encryption / Decryption Shared Info. - Read / Write User-level APIs handling Parameter parsing for the single Secure Engine Exit Protected Enclave Enable IRQs Entering and exiting of the secure environment

Handling TLS Assets 30

Handling TLS Assets 31 Communications IoT MCU End-Point Credentials Server s CA Key-Pair Sensor MCU Cloud Service IP Connection Comms Firewall Crypto Sensor Security Services Silicon Security Features Make use of the security mechanisms provided by the MCU to protect code, cryptographic functions and protect the keys (especially the Private Key ) Store certificates and credentials in such that they cannot be easily replaced

32 Enhanced Integrity by adding a Secure Element

Classes of Attacks 33 ATTACKS IoT Internet Cloud Service Remote Software Attack Misuse of network protocols Exploit communication protocol errors Flaws in software design / implementation BOX Board Level Attack With the case opened / removed Test / debug port access Inter device bus and IO probing Reset, clock attacks Power analysis Temperature / electrical attacks (glitch, overvoltage) Silicon Level Attack de-packaged Circuit analysis and probing Fault injection Laser beam

Add a Secure Element 34 To Improve Integrity Sensor Communications MCU Sensor MCU Secure Element Secure Element STM32 STSAFE Communication

Adding a Secure Element 35 Communications A Secure Element is designed to thwart silicon invasive attacks Sensor MCU Secure Element Independently assessed, achieving very high standards like EAL5+ Common Criteria Certified Protects keys and performs cryptographic functions (ECC, AES) For Secure Communications, Boot and Firmware Updates STM32 STSAFE Provides a Secure Data Store Secure keys and certificates are provisioned during the manufacturing process

Cloud Service TLS Exchange using an MCU 36 IoT Hello! Client Hello MCU Mutual Authentication Server s Digital Signature Authentication Crypto Server s CA Key-Pair RNG Establish a shared key Diffie-Hellman key exchange Crypto Session key Secured Link Session Cipher Text Data File AES Data File Clear Text STM32

Hello! TLS Exchange with Secure Element 37 Cloud Service Client Hello IoT MCU Secure Element Mutual Authentication Server s Digital Signature Authentication Crypto Server s CA Key-Pair RNG Establish a shared key Diffie-Hellman key exchange I2C Crypto Session key Secured Link Session Cipher Text Data File AES Data File Clear Text STM32 Session Key Data File Pairing key Crypto STSAFE

Production Flow with Personalization 38 Standard MCU Factory Personalization Hardware Security Module Key-Pair Put Secret Keys Store s MCU Code Diffusion and Test Package CM / OEM CUSTOMER Fabrication Products Trusted?

Production Flow with Personalization 39 Secure Element ST Secure Factory Personalization Approved by Hardware Security Module Put Secret Keys Store s Key-Pair Factory Personalization MCU Code Diffusion and Test Package Personalization CM / OEM + CUSTOMER Fabrication and Personalization Phases Products

Impact on Software Stack 40 The Secure Elements crypto functions replace software implementations in the Crypto Library Application Application MQTT MQTT TLS TLS IP Stack CryptoLib IP Stack CryptoLib Crypto Functions OS HAL OS HAL SE Driver Driver CPU, Crypto H/W, Interfaces CPU, Crypto H/W, Interfaces STSAFE I2C Secure Element

Conclusion

Conclusion 42 Internet of Things presents a wealth of opportunities, a growth for commerce but an increased of risk of theft, mischief and damage or loss of life Secure communications is essential for success Secure and trustworthy IoT devices, well fortified against threats, are essential Design products resistant against threats throughout their life-cycle Most of the software related attacks today can be thwarted by good firmware development practices Consider enhancing your IoT s integrity by using a Secure Element

Demos

ST Solution for Security in IoT 44 Service Provider Secure Boot Solution for IoT Encryption Authentication CLOUD Secure MCU With STM32 Nucleo and sensors Expansion Board

45

46

Helping to Fortify Your IoT Solutions. ST the Strong Element. STMicroelectronics 2017

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback