hydra hybrid design for remote attestation
play

HYDRA: HYbrid Design for Remote Attestation (Using a Formally - PowerPoint PPT Presentation

May 01, 2023 •645 likes •1.07k views

HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) Karim Eldefrawy , Norrathep Rattanavipanon, Gene Tsudik HRL Labs UC Irvine UC Irvine (Currently at SRI) July 18, 2017 karim.eldefrawy@sri.com IoT/CPS/ES 2

  1. HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) Karim Eldefrawy , Norrathep Rattanavipanon, Gene Tsudik HRL Labs UC Irvine UC Irvine (Currently at SRI) July 18, 2017 karim.eldefrawy@sri.com

  2. IoT/CPS/ES 2

  3. Low/Medium-end Embedded Systems ★ CPU ★ Clock ★ Program and data memory ★ In addition to: Comm interfaces (USB, ○ CAN, Serial, WiFi, Ethernet …) Analog to digital converters ○ 3

  4. Remote Attestation (RA) ★ Remote verification of internal state of a prover by a verifier Secure updates, deletion/erasure and resetting ○ ★ Challenge-response protocol between ○ Trusted Verifier : powerful entity ○ Untrusted Prover : embedded device 1) challenge 2) checksum Verifier Prover (e.g. MAC or Signature) 3) 4) verify response 4

  5. Design of RA ★ Hardware-only Attestation Secure hardware (e.g., TPM) ○ ○ Overkill for medium/low-end IoT/embedded devices ★ Software-only Attestation ○ A.k.a. timing-based attestation ○ Does not support multi-hop communication ○ Underlying assumptions (seriously) challenged [1] ★ Hybrid Attestation Minimal hardware support for secure RA ○ [1] C. Castellucia, et al. On the difficulty of Software-Based Attestation of Embedded Devices, CCS 2009. 5

  6. Design of RA ★ Hardware-only Attestation Secure hardware (e.g., TPM) ○ ○ Overkill for medium/low-end IoT/embedded devices ★ Software-only Attestation ○ A.k.a. timing-based attestation ○ Does not support multi-hop communication ○ Underlying assumptions (seriously) challenged [1] ★ Hybrid Attestation Minimal hardware support for secure RA ○ [1] C. Castellucia, et al. On the difficulty of Software-Based Attestation of Embedded Devices, CCS 2009. 6

  7. Adversary Model ○ Remote: exploits vulnerabilities and injects malware over the network. Local: located sufficiently close to prover and can ○ eavesdrop on, and manipulate the communication channel. ○ Physical: has full (local) physical access to prover and its hardware and can perform physical attacks, e.g., use side channel to extract and/or modify keys and values in memory. 7

  8. SMART ** First hybrid design of remote attestation for low-end microcontrollers (MCUs) ** K. Eldefrawy, et al. SMART: Secure & Minimal Architecture for (Establishing a Dynamic) Root ofTrust, NDSS’12. 8

  9. Low/Medium-end Embedded Systems ★ CPU ★ Clock ★ Program and data memory ★ In addition to: Comm interfaces (USB, ○ CAN, Serial, WiFi, Ethernet …) Analog to digital converters ○ 9

  10. SMART Properties 1) Exclusive Access to Key 2) No Leaks 3) Immutability 4) Uninterruptability 5) Controlled Invocation K. Eldefrawy, et al. Secure & Minimal Architecture for (Establishing a Dynamic) Root of Trust, NDSS 2012. A. Francillon, et al. A Minimalist Approach to Remote Attestation, DATE 2014. 10

  11. SMART Properties 1) Exclusive Access to Key 2) No Leaks 3) Immutability 4) Uninterruptability 5) Controlled Invocation Hardware Requirement ★ ROM ★ MCU (bus) access controls 11

  12. SMART Properties 1) Exclusive Access to Key 2) No Leaks 3) Immutability 4) Uninterruptability 5) Controlled Invocation Hardware Requirement ★ ROM ★ MCU (bus) access controls Can be emulated using a formally verified software component 12

  13. Hybrid RA Design using seL4 13

  14. seL4 What is it? ● Formal verification of the OS kernel Spec Impl Binary ○ ● Capability-based access control ● Formally proven access control enforcement 14

  15. seL4 What is it? Why? ● Formal verification of the OS ● Emulate hardware-enforced kernel access controls in SMART Spec Impl Binary ○ ● Provide isolation of Attestation ● Capability-based access control Process ● Formally proven access control enforcement 15

  16. seL4 What is it? Why? ● Formal verification of the OS ● Emulate hardware-enforced kernel access controls in SMART Spec Impl Binary ○ ● Provide isolation of Attestation ● Capability-based access control Process ● Formally proven access control enforcement How? Map SMART properties into seL4 configuration 16

  17. Deriving Configuration SMART Properties Att Process Config. ★ E/A to key ★ Exclusive Access (E/A) to key ★ E/A to virtual address ★ No leaks space ★ Immutability ★ E/A to executable ★ Uninterruptability ★ Secure boot of seL4 and ★ Controlled invocation attestation process ★ Highest priority ★ E/A to Thread Control 17 Block (TCB)

  18. Our Approach - HYDRA ★ Run Attestation Process ( PR Att ) as initial user-space process ○ Contains capabilities to all objects, e.g. IPC, memory pages, and threads ○ Runs with highest scheduling priority ○ Manages the rest of user-space 18

  19. Our Approach - HYDRA ★ Run Attestation Process ( PR Att ) as initial user-space process ○ Contains capabilities to all objects, e.g. IPC, memory pages and threads ○ Runs with highest scheduling priority ○ Manages the rest of user-space ★ Only spawn new process that does not contain capabilities to PR Att ’s: ○ Executable/Key ○ Working virtual memory ○ TCB 19

  20. seL4 Kernel 2 4 PR Att Verifier 3 RAM/Flash 5 PR 1 Bootloader verifies and starts seL4 microkernel 1 1 PR 2 Kernel verifies and passes control to PR Att 2 PR Att spawns PR 1 and PR 2 3 Verifier sends an attestation request to PR Att 4 PR Att performs att. and reports back to verifier 5 MM I/O Clock ROM Secure Boot 20

  21. Implementation ➢ Prototype on I.MX6-SabreLite and Odroid-XU4 https://boundarydevices.com/product/sabre-lite-imx6-sbc/ http://www.hardkernel.com/main/products/prdt_info.php ➢ Existing secure boot (High Assurance Boot - HAB) mechanism in Sabre Lite 21

  22. Performance 1/3 HYDRA with HYDRA w/o HYDRA w/o seL4 Kernel net and libs net stack net and libs Only Lines of Code 105,360 68,490 11,938 9,142 Exec Size 574KB 476KB N/A 215KB Operations 1MB of Memory 20KB of Memory (I.MX5-SabreLite Number of Cycles Percentage Number of Cycles Percentage at 1GHz) VerifyRequest 1,604 0.01% 1,604 0.29% Retrieve Memory 3,221,307 10.7% 45,624 8.21% MacMemory 26,880,057 89.29% 508,334 91.5% Total 30,102,968 100% 555,562 100% 22

  23. Performance 2/3 23

  24. Performance 3/3 24

  25. Lessons Learned 25

  26. Challenges when using seL4 Formal verification of seL4 assumes: ★ Proper initialization of the kernel ○ Motivate using hardware-enforced secure boot 26

  27. Challenges when using seL4 Formal verification of seL4 assumes: ★ Proper initialization of the kernel ○ Motivate using hardware-enforced secure boot ★ Correct behavior of the underlying hardware Sol: Run seL4 on top of a formally verified processor ○ ○ But does such hardware exist? Not yet … but possible in the future, e.g. CHERI ISA [1] based on ○ Bluespec SystemVerilog [2] [1] R. N. Watson, et al. Capability hardware enhanced risc instructions: Cheri instruction-set architecture, 2016. [2] R. Nikhil and K. Czeck, BSV by Example. CreateSpace Independent Publishing Platform, 2010 27

  28. Platform Specific Secure Boot ★ Requires configurable/programmable secure boot ○ Not easy to find in commercial development boards ★ SabreLite’s High Assurance Boot (HAB) ○ Based on a digital signature scheme ○ Configurable through ROM APIs 28

  29. seL4 seL4 + seL4 + Signature Signature 29 Rod Ziolkowski, i.MX Applications Processor Trust Architecture, 2013

  30. Ensuring Freshness of Attestation Requests ★ Computational Denial-of-Service from: ○ Bogus requests ○ Delay, replay or reordering attacks ★ Solution: Verify requests! Requires timestamp generated by a reliable read-only clock. ○ ○ Read-only property can be enforced using seL4’s capability. ○ Reliable property requires a (semi-synchronous) real-time clock. F. Brasser, et al. Remote Attestation for Low-End Embedded Devices: the Prover’s Perspective, DAC 2016. 30

  31. Ensuring Freshness of Attestation Requests ★ No real-time clock driver implementation in Sabre Lite. ★ Workaround by generating pseudo-timestamp using a counter + a secondary storage When PR Att starts, it loads T 0 that was saved before the last reboot. ○ ○ When the first request arrives, compare its timestamp ( T 1 ) with T 0 Verify request. If success, keep track of T 1 and start counter. ○ ○ TS = T 1 + counter value Periodically store TS ○ 31

  32. In Summary ❖ First hybrid design for Remote Attestation using a formally verified microkernel (seL4) Emulate certain properties that were previously only realizable using ➢ hardware features ❖ Prototype on two commercially available platforms ❖ Challenges seL4 assumptions ➢ Secure boot ➢ Timestamp generation ➢ 32

  33. Questions?

  34. References 34

  35. seL4 Kernel PR Att RAM/Flash K Attes t MM I/O Timer ROM Secure Boot 35

  36. seL4 Kernel PR Att RAM/Flash K Attes t T 0 MM I/O Timer ROM Secure Boot 36

  37. seL4 Kernel @ T 1 Verifie PR Att r RAM/Flash K Attes t T 0 MM I/O Timer ROM Secure Boot 37

  38. seL4 Kernel Verifie PR Att r RAM/Flash K Attes t T 1 T 0 MM I/O Timer ROM Secure Boot 38

  39. seL4 Kernel Verifie PR Att r RAM/Flash K Attes t T 1 T 0 TS = T 1 + Timer MM I/O Timer ROM Secure Boot 39

Recommend

Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned Karim

Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned Karim

Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned Karim Eldefrawy, Norrathep Rattanavipanon , Gene Tsudik June 28, 2017 nrattana@uci.edu http://sprout.ics.uci.edu IoT/CPS/ES IoT/CPS/ES IoT/CPS/ES Remote

451 views • 33 slides
A Minimalist Approach to Remote Attestation Aurlien Francillon Eurecom Quan Nguyen, Kasper B.

A Minimalist Approach to Remote Attestation Aurlien Francillon Eurecom Quan Nguyen, Kasper B.

A Minimalist Approach to Remote Attestation Aurlien Francillon Eurecom Quan Nguyen, Kasper B. Rasmussen, Gene Tsudik UC Irvine Overview Motivation Definition of Remote Attestation From Definition to Properties From Properties

452 views • 17 slides
Measuring Semantic Integrity for Remote Attestation Fabrizio Baiardi 1 Diego Cilea 2 Daniele

Measuring Semantic Integrity for Remote Attestation Fabrizio Baiardi 1 Diego Cilea 2 Daniele

Introduction Proposed Solution: VIMS Conclusion Measuring Semantic Integrity for Remote Attestation Fabrizio Baiardi 1 Diego Cilea 2 Daniele Sgandurra 2 Francesco Ceccarelli 3 1 Polo G. Marconi - La Spezia, Universit di Pisa, Italy 2

378 views • 33 slides
Remote Attestation of IoT Devices via SMARM: Shuffled Measurements Against Roving Malware Xavier

Remote Attestation of IoT Devices via SMARM: Shuffled Measurements Against Roving Malware Xavier

Remote Attestation of IoT Devices via SMARM: Shuffled Measurements Against Roving Malware Xavier Carpent, Norrathep (Oak) Rattanavipanon , Gene Tsudik nrattana@uci.edu SPROUT Lab: sprout.ics.uci.edu University of California, Irvine 1

644 views • 42 slides
Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint work with: Ivan De Oliveira Nunes 1 , Karim Eldefrawy 2 , Norrathep Rattanavipanon 1 University of California Irvine 1 , SRI International 2 1 In

847 views • 48 slides
BARRETT: BlockchAin Regulated REmote aTTestation Michail Bampatsikos, Christoforos Ntantogian,

BARRETT: BlockchAin Regulated REmote aTTestation Michail Bampatsikos, Christoforos Ntantogian,

BARRETT: BlockchAin Regulated REmote aTTestation Michail Bampatsikos, Christoforos Ntantogian, Christos Xenakis, Stelios C. A. Thomopoulos ACKNOWLEDGEMENT: The research of the authors M. Bampatsikos and S. C. A. Thomopoulos is supported by Stavros

187 views • 15 slides
Introducing the Hydra Software Hydra is professional Internet management software that manages

Introducing the Hydra Software Hydra is professional Internet management software that manages

Introducing the Hydra Software Hydra is professional Internet management software that manages users based on the radius protocol as well as provides a variety of reports for connecting users to the network . In a general definition, Hydra can

234 views • 11 slides
Hydra: : a Python Framework a Python Framework Hydra for Parallel Computing for Parallel

Hydra: : a Python Framework a Python Framework Hydra for Parallel Computing for Parallel

Hydra: : a Python Framework a Python Framework Hydra for Parallel Computing for Parallel Computing Waide Tristram Karen Bradshaw 3 rd November 2009 Hydra in hour hour Hydra in An Opportunity Why Python and CSP? Aim

491 views • 22 slides
Hybrid Polynomial Prediction Hybrid Polynomial Prediction The remote host can dynamically

Hybrid Polynomial Prediction Hybrid Polynomial Prediction The remote host can dynamically

Special Course on Networked Virtual February 12, 2004 Environments Hybrid Polynomial Prediction Hybrid Polynomial Prediction The remote host can dynamically choose the order of The remote host can dynamically choose the order of

111 views • 9 slides
BEHAVIORAL HEALTH AGENCY (BHA)- LICENSING, ATTESTATION, AND DEEMING Attestation for Substance

BEHAVIORAL HEALTH AGENCY (BHA)- LICENSING, ATTESTATION, AND DEEMING Attestation for Substance

BEHAVIORAL HEALTH AGENCY (BHA)- LICENSING, ATTESTATION, AND DEEMING Attestation for Substance Use Disorder (SUD) Services DOH agrees that an attestation process for SUD services should be an option The attestation process for SUD

474 views • 8 slides
Distributed Attestation for Device Swarms in IoTs Under the Guidance of Prof. Vinay Ribeiro and

Distributed Attestation for Device Swarms in IoTs Under the Guidance of Prof. Vinay Ribeiro and

Distributed Attestation for Device Swarms in IoTs Under the Guidance of Prof. Vinay Ribeiro and Prof. Kolin Paul Samuel Wedaj(2014CSZ8390) Background: 2 The term Internet of things was first coined in 1999 A hybrid network of

601 views • 25 slides
PSA APIs An overview Attestation API 1.0.1 we are in the process of dropping a new

PSA APIs An overview Attestation API 1.0.1 we are in the process of dropping a new

PSA APIs An overview Attestation API 1.0.1 we are in the process of dropping a new release which allows signing using symmetric attestation keys (using COSE Mac0) Fully documented in ARM IHI 0085 TF-M master is slightly behind the

542 views • 17 slides
Secure Swarm Attestation for IoT Networks Ada Diop (Orange Labs - Tlcom SudParis)

Secure Swarm Attestation for IoT Networks Ada Diop (Orange Labs - Tlcom SudParis)

Secure Swarm Attestation for IoT Networks Ada Diop (Orange Labs - Tlcom SudParis) 12/02/2019 interne France Tlcom - Orange Trust in Remote Devices: example A sensor sends the following message over a Bluetooth, BLE or Thread

528 views • 19 slides
Building Secure Decentralized Applications the DECENT Way Haofan Zheng Xiaowei Chu University

Building Secure Decentralized Applications the DECENT Way Haofan Zheng Xiaowei Chu University

Building Secure Decentralized Applications the DECENT Way Haofan Zheng Xiaowei Chu University of California, Santa Cruz Owen Arden Remote Attestation A process for the enclave to gain the trust of a remote service, so that the remote

212 views • 18 slides
Attestation (RATS/EAT) Overview Laurence Lundblade February 2020 Entity Attestation Good

Attestation (RATS/EAT) Overview Laurence Lundblade February 2020 Entity Attestation Good

Attestation (RATS/EAT) Overview Laurence Lundblade February 2020 Entity Attestation Good Devices Token Chip & device manufacturer Banking risk engine IoT backend Device ID (e.g. serial number) Boot state, debug state

956 views • 34 slides
Migrating from Fedora 3 to 4 Now With More Hydra Goals for the Session Understand the basic

Migrating from Fedora 3 to 4 Now With More Hydra Goals for the Session Understand the basic

Migrating from Fedora 3 to 4 Now With More Hydra Goals for the Session Understand the basic conceptual models underlying Fedora 3/CMA, Fedora 4, and PCDM Work through a rudimentary migration exercise with Hydra/Fedora-Migrate Explore

906 views • 63 slides
Members: Jason Johnson Ryan Johnson John Locklear Specialized

Members: Jason Johnson Ryan Johnson John Locklear Specialized

Members: Jason Johnson Ryan Johnson John Locklear Specialized in hydraulic equipment for Skid Steers and Tractors. Product Line: Hydra- Clip (16 Treeshear) Hydra- Snip (12 Treeshear) Hydra- Rake

423 views • 39 slides
ZISC Information Security Colloquium June 15, 2004 Direct Anonymous Attestation: Achieving

ZISC Information Security Colloquium June 15, 2004 Direct Anonymous Attestation: Achieving

Zurich Research Laboratory ZISC Information Security Colloquium June 15, 2004 Direct Anonymous Attestation: Achieving Privacy in Remote Authentication Jan Camenisch IBM Zurich Research Laboratory jca@zurich.ibm.com Joint work with Ernie

353 views • 24 slides
AC Bus Hybrid System Workshop PV array is connected via a PV inverter Generator design and

AC Bus Hybrid System Workshop PV array is connected via a PV inverter Generator design and

23/08/2019 Introduction Walkthrough of design of AC bus Hybrid system with the following design decisions: Generator used daily to meet demand AC Bus Hybrid System Workshop PV array is connected via a PV inverter Generator design

432 views • 9 slides
Privacy and Equity in the New School Year Steps for In-Person, Remote, or Hybrid Learning

Privacy and Equity in the New School Year Steps for In-Person, Remote, or Hybrid Learning

Privacy and Equity in the New School Year Steps for In-Person, Remote, or Hybrid Learning November 2020 1 Privacy and Equity in the New School Year Introduction to the Training Module Welcome to the Center for Democracy & Technologys

604 views • 31 slides
DC Bus Hybrid System Workshop Generator design and installation guidance can be found within

DC Bus Hybrid System Workshop Generator design and installation guidance can be found within

14/10/2019 Introduction Walkthrough of design of dc bus Hybrid system with the following design decisions: Generator used as backup only DC Bus Hybrid System Workshop Generator design and installation guidance can be found within

680 views • 10 slides
Background Potential market for mini-grids: 1.4bn people in rural areas, most with no access

Background Potential market for mini-grids: 1.4bn people in rural areas, most with no access

Clean Energy Hybrid Mini- -Grids in Remote Areas Grids in Remote Areas Clean Energy Hybrid Mini an Investment Opportunity? an Investment Opportunity?

443 views • 8 slides
Hydra An Open Source Wireless Testbed Hyrum K. Wright, Robert D. Grant Wireless Communication

Hydra An Open Source Wireless Testbed Hyrum K. Wright, Robert D. Grant Wireless Communication

Wireless Networking Research Hydra Demonstration Hydra An Open Source Wireless Testbed Hyrum K. Wright, Robert D. Grant Wireless Communication and Networking Group Department of Electrical and Computer Engineering The University of Texas at

551 views • 27 slides
Mode 2: Hybrid Presentation on Podium PC Instructor uses the Podium PC for both the Presentation

Mode 2: Hybrid Presentation on Podium PC Instructor uses the Podium PC for both the Presentation

For Assistance Call 734-615-0100 [Prompt 1] Mode 2: Hybrid Presentation on Podium PC Instructor uses the Podium PC for both the Presentation and to connect with remote students. Only the instructor will see the remote students on the

522 views • 7 slides

More recommend