Security in Apple HomeKit. 4. Meeting IG sha 9. März 2017 in Horw Dr. Cuno Pfister

Similar documents
Developing Accessories for the Apple HomeKit Ecosystem. November 2016

Frequently Asked Questions

Frequently Asked Questions

BLE MODULE SPECIFICATIONS

Deep Learning on Arm Cortex-M Microcontrollers. Rod Crawford Director Software Technologies, Arm

An Incubator Project in the Apache Software Foundation. 13 July 2016

Bluetooth Low Energy Portfolio

Schlage Sense App Instructions

So you think developing an SoC needs to be complex or expensive? Think again

mbed OS Update Sam Grove Technical Lead, mbed OS June 2017 ARM 2017

Use of ISP1807-LR Evaluation Boards

A Developer's Guide to Security on Cortex-M based MCUs

Securing IoT with the ARM mbed ecosystem

Use of ISP1880 Accelero-Magnetometer, Temperature and Barometer Sensor

HEALTHCARE SOLUTIONS WITH RENESAS SYNERGY PLATFORM

NRF51822 Eval Kit User Manual

ARM mbed mbed OS mbed Cloud

Cypress PSoC 6 Microcontrollers

Use of ISP1507-AL Evaluation Boards

ARM mbed Technical Overview

ARM mbed Towards Secure, Scalable, Efficient IoT of Scale

SiFive Freedom SoCs: Industry s First Open-Source RISC-V Chips

Using SoC Vendor HALs in the Zephyr Project. Maureen Helm, NXP

IoT Infrastructure. idevicesinc.com

ARM Processor Architecture

Cortex-M Processors and the Internet of Things (IoT)

Products and solutions for Secure Wearables

The Opportunities and Challenges of IOT Market. YuChuan Yang MediaTek Inc.

Wireless-Tag WT51822-S1

STSW-BLUENRG1-DK. BlueNRG-1, BlueNRG-2 DK SW package

BT121 Bluetooth Smart Ready Module. May 2015

Using SoC Vendor HALs in the Zephyr Project. Maureen Helm, NXP

Provisioning secure Identity for Microcontroller based IoT Devices

The Next Steps in the Evolution of Embedded Processors

New Approaches to Connected Device Security

ENABLING EMBEDDED UA SECURITY AND DISCOVERY

Building mbed Together: An Overview of mbed OS and How To Get Involved

Accelerating IoT with ARM mbed

ARM TrustZone for ARMv8-M for software engineers

ARM mbed Technical Overview

Bidirectional wireless communication between IBM Cloud and Bluetooth Low Energy peripherals through SimpleLink Wi-Fi

Wireless Module Bluetooth R Smart Module EYSGCN Series EYSGJN Series EYAGJN Series Overview. Sep. 14, 2015 Version 1.0

Advanced Computer Systems 2018 Final project

Beyond TrustZone PSA Reed Hinkel Senior Manager Embedded Security Market Development

This document gives details on hardware and software for using and testing Insight SiP Bluetooth Low Energy module ISP1302-BS.

New STM32 F7 Series. World s 1 st to market, ARM Cortex -M7 based 32-bit MCU

Kinetis KE1xF512 MCUs

Automotive Security An Overview of Standardization in AUTOSAR

Internet of Everything for Industry SFO15-209

Building secure devices on the intelligent edge with Azure Sphere. Paul Foster, Microsoft Dr Hassan Harb, E.On

Software Design Challenges for heterogenic SOC's

Spartan-6 and Virtex-6 FPGA Embedded Kit FAQ

Wireless Module Bluetooth R low energy Module Overview. Dec. 9, 2016 Version 1.4

Kinetis + mbed = the secure connection in IOT

Resilient IoT Security: The end of flat security models

ARDUINO PRIMO. Code: A000135

Device to Cloud. Software Hardware Know How

micro:bit runtime ARM mbed Nordic nrf51-sdk

HARDWARE REFERENCE IMM-NRF51822

Launch Smart Products With End-to-End Solutions You & Your Customers Can Trust

Wireless Module Bluetooth R low energy Module Overview. May 30, 2018 Version 1.8

Kinetis SDK v Release Notes for KV5x Derivatives

Hardware Software Bring-Up Solutions for ARM v7/v8-based Designs. August 2015

Alternative Designs and Decision Making for Top Design Selection

BLE121LR Bluetooth Smart Long Range Module 5/12/2014 1

PBLN52832 DataSheet V Copyright c 2017 Prochild.

GWBMD0x Bluetooth Low Energy module

STM32F3. Cuauhtémoc Carbajal ITESM CEM 12/08/2013

Designing Security & Trust into Connected Devices

3 Software Stacks for IoT Solutions. Ian Skerrett Eclipse

Adafruit Feather nrf52840 Express

Introduction to the Itron Riva Dev Kits

EVALUATION BOARD MANUAL EBSHSN Series. EVALUATION KIT MANUAL EKSHSN Series

RTOS, Linux & Virtualization Wind River Systems, Inc.

S32K Microcontroller Press Pack

ARM instruction sets and CPUs for wide-ranging applications

Roadmap Directions for the RISC-V Architecture

Heading. idevices Connected. App Manual. HomeKit Products

Accelerating IoT with ARM mbed

Kinetis SDK Release Notes for the TWR-K24F120M Tower System Module

ARM processors driving automotive innovation

BASICS OF THE RENESAS SYNERGY PLATFORM

Bringing the benefits of Cortex-M processors to FPGA

BT121 Bluetooth Smart Ready Module. July 2016

Accelerating IoT with ARM mbed

WAVE ONE MAINFRAME WAVE THREE INTERNET WAVE FOUR MOBILE & CLOUD WAVE TWO PERSONAL COMPUTING & SOFTWARE Arm Limited

Compute solutions for mass deployment of autonomy

Security and the Internet of Things

nrf51 Development Kit

Build the unified end to end IoT solution on ARM LEADING COLLABORATION IN THE ARM ECOSYSTEM

Typical Applications: GHz Bluetooth low energy systems - Proprietary 2.4 GHz systems - Sports and leisure equipment - Mobile phone accessories,

Enabling IoT OSs for Intel Quark MCU Platforms: the fast way. OpenIoT Summit Europe Andre Guedes

mbed Hello World! Introduction to mbed

New STM32WB Series MCU with Built-in BLE 5 and IEEE

Cypress PSoC 4 Microcontrollers

Cypress PSoC 4 Microcontrollers

EVALUATION BOARD MANUAL EBSLSN Series. EVALUATION KIT MANUAL EKSLSN Series

Ultigesture UG Wristband User Manual

Connectivity. Ethernet

Beyond TrustZone PSA. Rob Coombs Security Director. Part1 - PSA Tech Seminars Arm Limited

Transcription:

Security in Apple HomeKit 4. Meeting IG sha 9. März 2017 in Horw Dr. Cuno Pfister pfister@oberon.ch http://oberonhap.com

The Problem? 2

Also a Problem X? 3

Apple WWDC 2014 With HomeKit we want to bring some sanity to home automation 4

HomeKit 5

Voice Control 6

Setup of an Accessory... 7

Setup of an Accessory... 8

HomeKit Accessory Protocol End-to-end security protocol IP and BLE as transports Simple setup process Interoperability (API in ios) Scenes allow control of multiple devices Siri voice control State-of-the-art security algorithms Remote access via icloud is optional 9

What are HomeKit Products? HomeKit Accessories With standard profiles With custom profiles Bridges HomeKit SDKs Standard SDKs for some reference hardware Custom SDKs for custom hardware 13.03.17 10

The Challenge 11

HomeKit Security 13.03.17 12

OberonHAP Architektur (WiFi, Ethernet) accessory logic (e.g. door lock code) IP stack OberonHAP server OberonHAP protocol OberonHAP crypto platform (hardware, with RTOS or «bare metal») 13

Algorithmic Innovations Novel combinations of key algorithms «Multiplication in a prime field including modular reduction» Reducing the number of expensive instructions For example, bringing down the number of multiplications for SRP from 64 to 8 millions 13.03.17 14

nrf52 Reference Platform nrf52 microcontroller Cortex-M4F at 64 MHz 64 KB RAM and 512 KB Flash nrf52 DK development kit link BLE stack S132 v2.0 (SoftDevice) SDK developed by Nordic using OberonHAP link 13.03.17 15

Speed: Pair Setup & Verify Core Cortex-M0 Cortex-M3 Cortus APS3RP Instruction set architecture Cortex-M4F ARMv6-M ARMv7-M Cortus V2 ARMv7E-M with FPv4-SP extension microaptiv UP MIPS32 with DSP enhancements Clock frequency 16 MHz 48 MHz 50 MHz 64 MHz 200 MHz Setup phase 1 (static setup code) 3,881 ms 1,109 ms 578 ms 361 ms 97 ms Setup phase 2 14,965 ms 4,256 ms 2,191 ms 1,338 ms 357 ms Opening a session (authentication) 935 ms 255 ms 125 ms 52 ms 18 ms These numbers only include the cryptographic processing. The Bluetooth Low Energy stack (or the IP stack for WiFi or Ethernet), the application logic, and ios at the other end will add to the round-trip times as experienced by a user. Zero wait states assumed. 13.03.17 16

nrf52 RAM Footprint free for application 34.5 KB free for application 39.5 KB free for application 40.4 KB OberonHAP plus accessory logic (static data) OberonHAP plus accessory logic (stack) BLE Stack (static data & stack) 7.7 KB 11.8 KB 10.0 KB OberonHAP plus accessory logic (static data) OberonHAP plus accessory logic (stack) BLE Stack (static data & stack) 7.7 KB 6.8 KB 10.0 KB OberonHAP plus accessory logic (static data) OberonHAP plus accessory logic (stack) BLE Stack (static data & stack) 7.7 KB 5.9 KB 10.0 KB FAST option MEDIUM option SMALL option 17

Side-Channel Attacks 13.03.17 18

How to Trust such Code? Test suite Edge cases, negative tests, random tests Formal correct proofs The proofs have been reviewed by external security experts (Prof. Willi Meier and Prof. C. Nicola) Found to be «in all parts mathematically and formally correct» 13.03.17 19

Tim Cook, Apple CEO Oberon is key partner of Apple in HomeKit ecosystem, along with accessory & silicon vendors (some are customers of 20 us).

Questions? 13.03.17 21

Oberon microsystems OberonHAP Instruction Set (e.g. ARMv7) data sheets & dev kits Semiconductor Vendor (e.g. Nordic Semiconductor) HomeKit SDK dev kits HomeKit Accessory Developer marketing collateral Retailers packaged accessories Consumers Hardware IP Vendors (e.g. ARM) Hardware IP (e.g. Cortex-M4) chip design accessory hardware design and firmware packaged accessories Foundries Contract Manufacturers HomeKit Accessory Protocol specification production chips Distributors Apple

Oberon microsystems HomeKit SDK Instruction Set (e.g. ARMv7) data sheets & dev kits Semiconductor Vendor (e.g. Nordic Semiconductor) dev kits HomeKit Accessory Developer marketing collateral Retailers packaged accessories Consumers Hardware IP Vendors (e.g. ARM) Hardware IP (e.g. Cortex-M4) chip design accessory hardware design and firmware packaged accessories Foundries Contract Manufacturers HomeKit Accessory Protocol specification production chips Distributors Apple

Serendipity! 13.03.17 24

First Licensee 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback