The Future of Security is in Open Silicon Linux Security Summit 2018

Similar documents
SECURITY CRYPTOGRAPHY Cryptography Overview Brochure. Cryptography Overview

The CryptoManager Root of Trust

AMD Security and Server innovation

CSPN Security Target. HP Sure Start HW Root of Trust NPCE586HA0. December 2016 Reference: HPSSHW v1.3 Version : 1.3

Connecting Securely to the Cloud

Provisioning secure Identity for Microcontroller based IoT Devices

CIS 4360 Secure Computer Systems Secured System Boot

New Approaches to Connected Device Security

Trustzone Security IP for IoT

Security in NVMe Enterprise SSDs

Introducing Hardware Security Modules to Embedded Systems

ARM Security Solutions and Numonyx Authenticated Flash

M2351 Security Architecture. TrustZone Technology for Armv8-M Architecture

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

Designing Security & Trust into Connected Devices

A Proposed Standard for Entity Attestation draft-mandyam-eat-00. Laurence Lundblade. November 2018

TITLE. Image. Topic: Topic: Dinesh Kumar Malviya, Rambus Chip Technologies India Pvt. Ltd.

Use of Mojo PowerPoint Template. Your name, Title

BCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0 Cryptographic Module VC0 Non-Proprietary Security Policy Document Version 0.

Satisfying CC Cryptography Requirements through CAVP/CMVP Certifications. International Crypto Module Conference May 19, 2017

Windows IoT Security. Jackie Chang Sr. Program Manager

Scott Johnson Dominic Rizzo Parthasarathy Ranganathan Jon McCune Richard Ho. Titan: enabling a transparent silicon root of trust for Cloud

RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas

Building mbed Together: An Overview of mbed OS and How To Get Involved

Security: The Key to Affordable Unmanned Aircraft Systems

Leveraging Intel SGX to Create a Nondisclosure Cryptographic library

Designing Security & Trust into Connected Devices

Market Trends and Challenges in Vehicle Security

Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability

Trusted Platform Module explained

IOS Common Cryptographic Module (IC2M)

Securing IoT with the ARM mbed ecosystem

ProtectV StartGuard. FIPS Level 1 Non-Proprietary Security Policy

Lecture Embedded System Security Trusted Platform Module

Resilient IoT Security: The end of flat security models

Hardened Security in the Cloud Bob Doud, Sr. Director Marketing March, 2018

Securing the System with TrustZone Ready Program Securing your Digital World. Secure Services Division

Date: 13 June Location: Sophia Antipolis. Integrating the SIM. Dr. Adrian Escott. Qualcomm Technologies, Inc.

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

Secure boot under attack: Simulation to enhance fault injection & defenses

A Developer's Guide to Security on Cortex-M based MCUs

Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin

SecureDoc Disk Encryption Cryptographic Engine

IDCore. Flexible, Trusted Open Platform. financial services & retail. Government. telecommunications. transport. Alexandra Miller

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

About FIPS, NGE, and AnyConnect

Dyadic Security Enterprise Key Management

Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices

OP-TEE Using TrustZone to Protect Our Own Secrets

Zatara Series ARM ASSP High-Performance 32-bit Solution for Secure Transactions

Titan silicon root of trust for Google Cloud

Lecture 3 MOBILE PLATFORM SECURITY

EDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE PUBLIC

SiFive Freedom SoCs: Industry s First Open-Source RISC-V Chips

Oracle Solaris Userland Cryptographic Framework Software Version 1.0 and 1.1

Trusted Computing and O/S Security

Beyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop

Past, Present, and Future Justin Johnson Senior Principal Firmware Engineer

TCG TPM2 Software Stack & Embedded Linux. Philip Tricca

Trusted Platform for Mobile Devices: Challenges and Solutions

Build the unified end to end IoT solution on ARM LEADING COLLABORATION IN THE ARM ECOSYSTEM

Protecting your system from the scum of the universe

Embedded System Security Mobile Hardware Platform Security

6.857 L17. Secure Processors. Srini Devadas

FIPS Security Policy

Embedded System Security Mobile Hardware Platform Security


Google on BeyondCorp: Empowering employees with security for the cloud era

Dawn Song

TERRA. Boneh. A virtual machine-based platform for trusted computing. Presented by: David Rager November 10, 2004

Designing Security & Trust into Connected Devices

Technical Committee Update

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)

Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing. Hermann Härtig Technische Universität Dresden Summer Semester 2007

The Next Steps in the Evolution of Embedded Processors

Beyond TrustZone PSA Reed Hinkel Senior Manager Embedded Security Market Development

Cryptography and the Common Criteria (ISO/IEC 15408) by Kirill Sinitski

Implementing debug. and trace access. through functional I/O. Alvin Yang Staff FAE. Arm Tech Symposia Arm Limited

mbed OS Update Sam Grove Technical Lead, mbed OS June 2017 ARM 2017

SGX Security Background. Masab Ahmad Department of Electrical and Computer Engineering University of Connecticut

CSE484 Final Study Guide

Who s Protecting Your Keys? August 2018

Creating the Complete Trusted Computing Ecosystem:

Project Cerberus Hardware Security

Applications using ECC. Matthew Campagna Director Certicom Research

Putting It (almost) all Together: ios Security. Konstantin Beznosov

Live Demo: A New Hardware- Based Approach to Secure the Internet of Things

Cisco Desktop Collaboration Experience DX650 Security Overview

DataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.

ARM Server s Firmware Security

Implementing a Secure Boot with Microsemi IGLOO2 FPGA

Hitachi Virtual Storage Platform (VSP) Encryption Board. FIPS Non-Proprietary Cryptographic Module Security Policy

SSG Platform Security Division & IOTG Jan Krueger Product Manager IoT Security Solutions

Fundamentals of HW-based Security

The Road to a Secure, Compliant Cloud

Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague

UNCLASSIFIED INFORMATION TECHNOLOGY SECURITY GUIDANCE

A Virtual Development Environment for Smart Card Applications

FIPS Level 1 Validation March 31, 2011 Version 1.12

The Open Application Platform for Secure Elements.

Transcription:

The Future of Security is in Open Silicon Linux Security Summit 2018 Joel Wittenauer - Embedded Software Architect Rambus Cryptography Research August 28, 2018

Agenda About Rambus Cryptography Research Spectre/Meltdown/Foreshadow Introduction to the CryptoManager Root-of-Trust (CMRT) CMRT Hardware CMRT Software Linux Applications 2

Rambus At-a-Glance Architecture License+ Architecture License+ Data Center Cores Memory DDRx PHYs SerDes SerDxesPHYs Mobile Edge Secure Smart Cores Chips Buffers and Networking Provisioning Cores DDRx PHYs Mobile SerDes Payments PHYs Smart Transport Security Service Innovations & Architectures Advanced Memory Research Storage Class Memory DDR5 Cryogenic Computing Next-Generation Secure Payment Next-Generation Smart Ticketing Corporate Facts NASDAQ: RMBS, Inc. in 1990; IPO 1997 Headquartered in Sunnyvale, CA Operations throughout North America, Europe & Asia ~800 employees ~2,500 patents & applications Markets Served Data Center Acceleration + lower power System-level architectures Innovative products to support needs Mobile Edge Secure endpoints = secure data Hardware root-of-trust Value and monetization for end-user services 3

Agenda About Rambus Cryptography Research Spectre/Meltdown/Foreshadow Introduction to the CryptoManager Root of Trust (CMRT) CMRT Hardware CMRT Software Linux Applications 4

Spectre/Meltdown/Foreshadow Spectre/Meltdown are vulnerabilities found in Intel, AMD and some ARM CPUs reported in January 2018 Foreshadow is a related vulnerability for Intel CPUs reported August 2018 Spectre research team included CRI founder Paul Kocher and Rambus security researcher Mike Hamburg All three vulnerabilities take advantage of CPU performance enhancements E.g. speculative or out-of-order execution Documented in CVE-2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646 5

Spectre/Meltdown/Foreshadow beyond short-term solutions such as patching, the semiconductor industry should seriously consider designing chips that run sensitive cryptographic functions in a physically separate secure core, silo-ed away from the CPU. This design approach will go a long way in helping to prevent vulnerabilities that can be exploited by Meltdown and Spectre*. Mike Hamburg, Rambus security researcher *Also Foreshadow 6

Agenda About Rambus Cryptography Research Spectre/Meltdown/Foreshadow Introduction to the CryptoManager Root of Trust (CMRT) CMRT Hardware CMRT Software Linux Applications 7

CryptoManager Root of Trust (CMRT) CryptoManager Root of Trust General Processing Secure Processing Custom RISC-V CPU Secure Memory Flexibility to run custom secure applications inside the CMRT boundary Crypto Accelerators (AES, SHA, others ) 8

Use Cases CMRT can support a wide range of use cases, including: Secure data storage Secure key storage Device personalization Key and data provisioning Authentication Attestation User data privacy Secure boot Secure firmware update Secure communication Runtime integrity checking Cryptographic acceleration Secure protocol implementation Secure debug Feature/configuration/SKU management 9

Some brief CMRT terminology 10

Some brief CMRT terminology Root Not a root user or certificate authority For the CMRT, a root is an entity that is composed of an ID and permissions set for access to CMRT assets The root defines the security context in which user applications execute 11

Some brief CMRT terminology Root Not a root user or certificate authority For the CMRT, a root is an entity that is composed of an ID and permissions set for access to CMRT assets The root defines the security context in which user applications execute Container Not related to Docker or other OS-level virtualization systems For the CMRT, a container is a secure, user-privilege application that runs under the context of a root (defined above) 12

Some brief CMRT terminology Root Not a root user or certificate authority For the CMRT, a root is an entity that is composed of an ID and permissions set for access to CMRT assets The root defines the security context in which user applications execute Container Not related to Docker or other OS-level virtualization systems For the CMRT, a container is a secure, user-privilege application that runs under the context of a root (defined above) Lesson: Don t let hardware engineers name things 13

Agenda About Rambus Cryptography Research Spectre/Meltdown/Foreshadow Introduction to the CryptoManager Root of Trust (CMRT) CMRT Hardware CMRT Software Linux Applications 14

CPU/MPU CPU A custom CPU designed by Rambus specifically for the CMRT Based on the open-source RISC-V ISA and selected standard extensions Supports three privilege levels machine, supervisor, user Memory Protection Unit (MPU) Sets regions of memory for access for one or more privilege levels (machine, supervisor or user) and access type (R,W,X) MPU registers can be locked until the next CMRT reset 15

OTP CMRT uses One-Time Programmable (OTP) memory for non-volatile memory (NVM) storage Writes of 0->1 are permanent OTP stores CMRT configuration: Device ID Lifecycle state Device unique key A table of root IDs and permissions are stored in OTP General purpose NVM Access to ranges of OTP addresses can be restricted by permissions 16

Crypto Engines Hardware AES core for data encryption/decryption Multiple versions available, all with support for 128- and 256-bit keys: Hardware support for different modes available, including ECB, CBC, CFB, CTR, GCM Hardware SHA-2 core Supports both hashing and HMAC SHA224/256/384/512 Public key engine (PKE) RSA/RSA-CRT 1, 2, 3 and 4K ECDH and ECDSA with many curves: NIST curves Ed25519 Other curves available 17

Key Derivation Core Responsible for deriving and managing keys Uses NIST-compliant key derivation algorithm to derive volatile keys from base keys Operates independent of CPU and can deliver keys to hardware cores without exposing them to CPU 18

Other important cores Key Transport Core (KTC) manages key interfaces outside the CMRT boundary NIST-compliant True Random Number Generator (TRNG)/Deterministic Random Bit Generator (DBRG) DMA Controller for fast movement of bulk data to/from SRAM, crypto cores, external memory, etc. 19

Agenda About Rambus Cryptography Research Spectre/Meltdown/Foreshadow Introduction to the CryptoManager Root-of-Trust (CMRT) CMRT Hardware CMRT Software Linux Applications 20

CMRT SW Architecture SW stack running on the CMRT CPU is divided into three privilege levels: User: Containers Supervisor: OS (Zephyr), HW drivers Machine: Security-sensitive code/internal secure boot 21

First-stage Bootloader Located in ROM Begins the secure boot of the CMRT A chain of trust is built from ROM, through images in OTP and flash Subset of device drivers included with bootloader 22

Security Monitor The most security-sensitive code is stored in trusted flash image Securely loaded during CMRT boot process When a user container is loaded by the CMRT, the security monitor: Verifies root ownership of the container via root table in OTP Verifies the digital signature of the container code Verifies the permissions requested by container are less than or equal to root Applies hardware permissions to respective cores Handles root management 23

Supervisor OS/Kernel Modified version of the Zephyr OS Supports application loading Kernel/user memory separation *nix-like device driver interface open/close/ioctl All Rambus modifications are controlled by Kconfig Provides container s access to HW cores First line of permissions enforcement Including some software-only permissions 24

Containers Containers are customerdeveloped applications Each container is signed with a private key associated with a specific root Containers have associated permissions that control access to keys and hardware resources Permissions are also limited in HW to those available to the root associated with container Container libraries include C- runtime and a Global Platform TEEcompliant crypto library 25

Building and executing containers 26

Building and executing containers Roots are provisioned during device manufacturing Can also be done later by containers with sufficient permissions Permissions Root ID SHA256() 27

Building and executing containers Set Container Permissions Container permissions must be a subset (less than or equal) of the root s permissions After building the container attach footer with Container ID Requested permissions Sign the binary + Footer Attach the signature and public key to the footer SHA256() Sign() 28

Building and executing containers Copy the container binary+footer to the CMRT s SRAM The CMRT: Determines if container s public key matches existing root Verifies container signature Evaluates requested permissions Applies permissions to hardware Allows the container to execute 29

Why Zephyr? Existing RISC-V port Zephyr is a Linux Foundation project Includes a Formal Governing Board, Technical Steering Committee and Security Committee Great ecosystem Large, active number of contributors Proper QA and CI in place Community guidelines Contribution reviews All CMRT software is built using the flexible Zephyr build system Bootloaders, security monitor, OS/kernel and containers 30

Agenda About Rambus Cryptography Research Spectre/Meltdown/Foreshadow Introduction to the CryptoManager Root-of-Trust (CMRT) CMRT Hardware CMRT Software Linux Applications 31

CMRT Linux SDK Rambus offers a CMRT Linux Software Development Kit (SDK) The SDK provides: Full container development environment Out-of-tree reference kernel module implementations RISC-V GCC 7 suite CMRT QEMU emulator for fast container development Enables development prior to the hardware availability Easier to use/debug than FPGAs Easier to scale CI Reference implementation available on the Xilinx Zynq-7000 evaluation board 32

CMRT Device Driver The SDK s reference Linux device driver: Loads/unloads trusted containers Provides an interface for userspace applications to reach the CMRT Applications are limited only by one s imagination 33

CMRT Device Driver The SDK s reference Linux device driver: Loads/unloads trusted containers Provides an interface for userspace applications to reach the CMRT Applications are limited only by one s imagination and available CMRT SRAM Note that there are mechanisms available to chain CMRT containers together to get around SRAM limitations 34

Other possible applications Linux crypto engine module Similar to examples in drivers/crypto/*/ Requires a general purpose crypto container with a compliant interface Trusted Platform Module Emulation Similar to examples in drivers/char/tpm/ Reduces need for extra part on PCB Requires a container that exposes the TPM interface 35

Questions? 36

Thank you! Joel Wittenauer joel.wittenauer@cryptography.com Rambus Cryptography Research 37

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback