remote attestation of iot devices via smarm shuffled
play

Remote Attestation of IoT Devices via SMARM: Shuffled Measurements - PowerPoint PPT Presentation

Dec 28, 2022 •222 likes •644 views

Remote Attestation of IoT Devices via SMARM: Shuffled Measurements Against Roving Malware Xavier Carpent, Norrathep (Oak) Rattanavipanon , Gene Tsudik nrattana@uci.edu SPROUT Lab: sprout.ics.uci.edu University of California, Irvine 1

  1. Remote Attestation of IoT Devices via SMARM: Shuffled Measurements Against Roving Malware Xavier Carpent, Norrathep (Oak) Rattanavipanon , Gene Tsudik nrattana@uci.edu SPROUT Lab: sprout.ics.uci.edu University of California, Irvine 1

  2. Internet-of-things (IoT) 2

  3. 3

  4. Remote Attestation (RA) • An approach for detecting malware on devices • Two-party interaction between: • Verifier: trusted entity • Prover: potentially infected and remote IoT device • Goal: to verify internal state of prover 4

  5. Verifier Prover (1) Challenge (2) Authenticate challenge and measure memory (3) Response (4) Verify response 5

  6. Adversarial Model [DAC’15] • Remote adversary • Exploits vulnerabilities to inject malware • Local adversary • Manipulates communication channel • Physical adversary • Non-Invasive: mounts hardware side-channel attacks • Invasive: physically changes hardware 6

  7. Adversarial Model [DAC’15] • Remote adversary • Exploits vulnerabilities to inject malware • Local adversary • Manipulates communication channel • Physical adversary • Non-Invasive: mounts hardware side-channel attacks • Invasive: physically changes hardware 7

  8. RA Techniques • Hardware-based RA • Dedicated hardware support (e.g. TPM or Intel-SGX) • Overkill for lower-end IoT devices • Software-based RA • Relies on precise timing measurement • Unrealistic assumptions for IoT except peripheral/legacy devices • Hybrid RA • SW/HW co-design • Minimal hardware impact • Good fit for IoT devices 8

  9. Examples of hybrid RA • SMART [NDSS’08]: RA for low-end micro-controllers • Some of key properties: • Secure storage (for key, code and monotonic counter) • Atomic execution: measurement process runs without interruption • HYDRA [WiSec’17] • Emulation of SMART on devices capable of running micro-kernels • Based on formally verified seL4 micro-kernel • Hardware-assisted secure boot (only hardware feature) 9

  10. RA vs Safety-Critical Operations SMART-BASED MSP430 @ 8MHZ HYDRA-BASED ODROID @ 2GHZ 4.5 seconds to measure 48KB of flash 7 seconds to measure 1GB of RAM Atomicity negatively impacts device’s availability to critical app. 10

  11. Why Atomicity is Needed? • Remove atomicity -> vulnerable to the following attack: Memory Blocks 1 2 3 4 5 6 11

  12. Why Atomicity is Needed? • Remove atomicity -> vulnerable to the following attack: Memory Blocks 1 1 2 2 3 3 4 4 5 5 6 6 11

  13. Why Atomicity is Needed? • Remove atomicity -> vulnerable to the following attack: Memory Blocks 1 2 3 4 5 6 11

  14. Why Atomicity is Needed? • Remove atomicity -> vulnerable to the following attack: Measurement result Memory Blocks 1 2 3 4 5 6 reflects malware-free state! Roving Malware Conflict • Atomicity and real-time/safety-critical needs. • Also, minimize hardware cost 11

  15. Target Devices for Our Solution • Simple IoT devices • Single-core processor • No memory protection mechanism • Run two tasks • Measurement task • Safety-critical/real-time task • Hybrid RA architecture 12

  16. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 13

  17. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = {3, 2, 5, 6, 1, 4} 13

  18. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = { 3 , 2, 5, 6, 1, 4} 13

  19. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = {3, 2 , 5, 6, 1, 4} 13

  20. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = {3, 2, 5 , 6, 1, 4} 13

  21. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = {3, 2, 5, 6 , 1, 4} 13

  22. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = {3, 2, 5, 6, 1 , 4} 13

  23. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = {3, 2, 5, 6, 1, 4 } 13

  24. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts • Similar to some of SW-based RA approaches • Memory is measured in random but not secret! • Security = precise timing of measurement • Security of our solution = that of hybrid RA: attestation key + random/secret permutation 14

  25. Roving malware’s knowledge? Knowledge of Type How to obtain 1 2 3 4 5 6 Permutation = {3, 2, 5, 6, 1, 4} 15

  26. Roving malware’s knowledge? Knowledge of Type How to obtain Future volume Time when measurement KFV 1 2 3 4 5 6 starts Permutation = {3, 2, 5, 6, 1, 4} 15

  27. Roving malware’s knowledge? Knowledge of Type How to obtain Future volume Time when measurement KFV 1 2 3 4 5 6 starts Permutation = {3, 2, 5, 6, 1, 4} 15

  28. Roving malware’s knowledge? Knowledge of Type How to obtain Future volume Time when measurement KFV 1 2 3 4 5 6 starts Future HW/SW side-channel Permutation = {3, 2, 5, 6, 1, 4} KFC coverage 15

  29. Roving malware’s knowledge? Knowledge of Type How to obtain Future volume Time when measurement KFV 1 2 3 4 5 6 starts Future HW/SW side-channel Permutation = {3, 2, 5, 6, 1, 4} KFC coverage 15

  30. Roving malware’s knowledge? Knowledge of Type How to obtain Future volume Time when measurement KFV 1 2 3 4 5 6 starts Future HW/SW side-channel Permutation = {3, 2, 5, 6, 1, 4} KFC coverage Future order Leakage of permutation KFO 15

  31. Roving malware’s knowledge? Knowledge of Type How to obtain Future volume Time when measurement KFV 1 2 3 4 5 6 starts Future HW/SW side-channel Permutation = {3, 2, 5, 6, 1, 4} KFC coverage Future order Leakage of permutation KFO 15

  32. Best Strategy of KFV Roving malware ❖ Assume malware is contained in one memory block ❖ Knows how many blocks have/have not been measured ❖ Can interrupt right after measurement of each block Best strategy: interrupt and relocate 16

  33. Probability of Malware Evasion 16

  34. SMARM Implementation 17

  35. SMARM Implementation (without secure storage) 18

  36. Related Work ❖ ERASMUS [DATE’17], SeED [WiSec’17] ❖ Self-measurements ❖ Schedule measurement to whenever Prover is available ❖ Require secure clock ❖ Temporal Consistency [AsiaCCS’18] ❖ Allow interrupts by locking memory ❖ Require hardware support for locking memory ❖ Reconciling RA and Safety-Critical Operation on IoT Devices [DAC’18] ❖ Survey techniques that aim to resolve this conflict 19

  37. Conclusion • Investigate conflict arisen from reconciling real-time needs and security properties in RA • Enforcing atomicity → harmful to safety-critical applications • Simply removing atomicity → vulnerable to attacks from roving malware • Our solution: SMARM • Goal: relax atomicity + (probabilistically) detect roving malware • Measure memory in random and secret order • Require multiple measurements to ensure high detection rate • + Allow interrupts in measurement process • + No hardware change/optionally secure storage 20

  38. Q/A 21

  39. 40% 10,636% 0.8% 41% n = 32 n = 2048 t = 0.4s t = 0.006s 39

  40. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = {3, 2, 5 , 6, 1, 4} 40

  41. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = {3, 2, 5 , 6, 1, 4} Get Caught! 41

  42. Our Solution • SMARM : S huffled M easurement A gainst R oving M alware • Idea: measure memory in random and secret order • Allow block-level interrupts 1 2 3 4 5 6 Permutation = {3, 2, 5 , 6, 1, 4} Successfully Escape 42

Recommend

A Minimalist Approach to Remote Attestation Aurlien Francillon Eurecom Quan Nguyen, Kasper B.

A Minimalist Approach to Remote Attestation Aurlien Francillon Eurecom Quan Nguyen, Kasper B.

A Minimalist Approach to Remote Attestation Aurlien Francillon Eurecom Quan Nguyen, Kasper B. Rasmussen, Gene Tsudik UC Irvine Overview Motivation Definition of Remote Attestation From Definition to Properties From Properties

452 views • 17 slides
for Constrained IoT Devices Y. Jia, B. Liu, W. Jiang, B. Wu, C. Wang IEEE ICNP 2020 Madrid,

for Constrained IoT Devices Y. Jia, B. Liu, W. Jiang, B. Wu, C. Wang IEEE ICNP 2020 Madrid,

Enhancing Remote Healthiness Attestation for Constrained IoT Devices Y. Jia, B. Liu, W. Jiang, B. Wu, C. Wang IEEE ICNP 2020 Madrid, Spain, October 13-16, 2020 HUAWEI TECHNOLOGIES CO., LTD. IoT Devices are keeping losing control IoT devices

352 views • 16 slides
Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned Karim

Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned Karim

Fusing Hybrid Remote Attestation with a Formally Verified Microkernel: Lessons Learned Karim Eldefrawy, Norrathep Rattanavipanon , Gene Tsudik June 28, 2017 nrattana@uci.edu http://sprout.ics.uci.edu IoT/CPS/ES IoT/CPS/ES IoT/CPS/ES Remote

451 views • 33 slides
Secure Swarm Attestation for IoT Networks Ada Diop (Orange Labs - Tlcom SudParis)

Secure Swarm Attestation for IoT Networks Ada Diop (Orange Labs - Tlcom SudParis)

Secure Swarm Attestation for IoT Networks Ada Diop (Orange Labs - Tlcom SudParis) 12/02/2019 interne France Tlcom - Orange Trust in Remote Devices: example A sensor sends the following message over a Bluetooth, BLE or Thread

528 views • 19 slides
Attestation (RATS/EAT) Overview Laurence Lundblade February 2020 Entity Attestation Good

Attestation (RATS/EAT) Overview Laurence Lundblade February 2020 Entity Attestation Good

Attestation (RATS/EAT) Overview Laurence Lundblade February 2020 Entity Attestation Good Devices Token Chip & device manufacturer Banking risk engine IoT backend Device ID (e.g. serial number) Boot state, debug state

956 views • 34 slides
Measuring Semantic Integrity for Remote Attestation Fabrizio Baiardi 1 Diego Cilea 2 Daniele

Measuring Semantic Integrity for Remote Attestation Fabrizio Baiardi 1 Diego Cilea 2 Daniele

Introduction Proposed Solution: VIMS Conclusion Measuring Semantic Integrity for Remote Attestation Fabrizio Baiardi 1 Diego Cilea 2 Daniele Sgandurra 2 Francesco Ceccarelli 3 1 Polo G. Marconi - La Spezia, Universit di Pisa, Italy 2

378 views • 33 slides
Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint work with: Ivan De Oliveira Nunes 1 , Karim Eldefrawy 2 , Norrathep Rattanavipanon 1 University of California Irvine 1 , SRI International 2 1 In

847 views • 48 slides
BARRETT: BlockchAin Regulated REmote aTTestation Michail Bampatsikos, Christoforos Ntantogian,

BARRETT: BlockchAin Regulated REmote aTTestation Michail Bampatsikos, Christoforos Ntantogian,

BARRETT: BlockchAin Regulated REmote aTTestation Michail Bampatsikos, Christoforos Ntantogian, Christos Xenakis, Stelios C. A. Thomopoulos ACKNOWLEDGEMENT: The research of the authors M. Bampatsikos and S. C. A. Thomopoulos is supported by Stavros

187 views • 15 slides
HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) Karim

HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) Karim

HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) Karim Eldefrawy , Norrathep Rattanavipanon, Gene Tsudik HRL Labs UC Irvine UC Irvine (Currently at SRI) July 18, 2017 karim.eldefrawy@sri.com IoT/CPS/ES 2

1.07k views • 41 slides
BEHAVIORAL HEALTH AGENCY (BHA)- LICENSING, ATTESTATION, AND DEEMING Attestation for Substance

BEHAVIORAL HEALTH AGENCY (BHA)- LICENSING, ATTESTATION, AND DEEMING Attestation for Substance

BEHAVIORAL HEALTH AGENCY (BHA)- LICENSING, ATTESTATION, AND DEEMING Attestation for Substance Use Disorder (SUD) Services DOH agrees that an attestation process for SUD services should be an option The attestation process for SUD

474 views • 8 slides
Shuffled Belief Propagation Decoding Juntan Zhang and Marc Fossorier Department of Electrical

Shuffled Belief Propagation Decoding Juntan Zhang and Marc Fossorier Department of Electrical

Shuffled Belief Propagation Decoding Juntan Zhang and Marc Fossorier Department of Electrical Engineering University of Hawaii at Manoa Honolulu, HI 96816 Outline Review of LDPC Codes Standard Belief Propagation Algorithm Shuffled

467 views • 31 slides
PSA APIs An overview Attestation API 1.0.1 we are in the process of dropping a new

PSA APIs An overview Attestation API 1.0.1 we are in the process of dropping a new

PSA APIs An overview Attestation API 1.0.1 we are in the process of dropping a new release which allows signing using symmetric attestation keys (using COSE Mac0) Fully documented in ARM IHI 0085 TF-M master is slightly behind the

542 views • 17 slides
Building Secure Decentralized Applications the DECENT Way Haofan Zheng Xiaowei Chu University

Building Secure Decentralized Applications the DECENT Way Haofan Zheng Xiaowei Chu University

Building Secure Decentralized Applications the DECENT Way Haofan Zheng Xiaowei Chu University of California, Santa Cruz Owen Arden Remote Attestation A process for the enclave to gain the trust of a remote service, so that the remote

212 views • 18 slides
Traffic lights for remote devices monitoring Viola Patrol Application for remote monitoring What

Traffic lights for remote devices monitoring Viola Patrol Application for remote monitoring What

Viola Patrol Traffic lights for remote devices monitoring Viola Patrol Application for remote monitoring What Viola Patrol is a graphical user interface (traffic lights) for monitoring remote device connections status. Where The Patrol

453 views • 13 slides
DTCP + Remote Access Proposal for Discussion with 3S October 28, 2009 1 Remote Access (RA)

DTCP + Remote Access Proposal for Discussion with 3S October 28, 2009 1 Remote Access (RA)

DTCP + Remote Access Proposal for Discussion with 3S October 28, 2009 1 Remote Access (RA) Basic Rules Remote Connection AKE RA Encoding Rules 2 Remote Access Basic Rules Source devices may permit remote access to content

326 views • 15 slides
Comparison of Proximal Remote Sensing Devices for Estimating Physiological Responses of Eggplants

Comparison of Proximal Remote Sensing Devices for Estimating Physiological Responses of Eggplants

Comparison of Proximal Remote Sensing Devices for Estimating Physiological Responses of Eggplants to Root-Knot Nematodes Alex Silva-Snchez 1 , Julia Buil-Salafranca 1 , Andrea Casadess Cabral 1 , Naroa Uriz-Ezcaray 1 , Helio Adan

149 views • 11 slides
ZISC Information Security Colloquium June 15, 2004 Direct Anonymous Attestation: Achieving

ZISC Information Security Colloquium June 15, 2004 Direct Anonymous Attestation: Achieving

Zurich Research Laboratory ZISC Information Security Colloquium June 15, 2004 Direct Anonymous Attestation: Achieving Privacy in Remote Authentication Jan Camenisch IBM Zurich Research Laboratory jca@zurich.ibm.com Joint work with Ernie

353 views • 24 slides
Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process Service Untrusted (IAS) Enclave Enclave Code Trusted Process Process Enclave Other Data Enclave OS and/or Hypervisor Off-chip devices 2

531 views • 24 slides
Digital Witness Remote Method for Volunteering Digital Evidence on Mobile Devices Nigel Campbell

Digital Witness Remote Method for Volunteering Digital Evidence on Mobile Devices Nigel Campbell

Digital Witness Remote Method for Volunteering Digital Evidence on Mobile Devices Nigel Campbell , Evan Stuart, Trevor Goodyear, Winston Messer, and James Fairbanks $ whoami Research Scientist @ GTRI Software Developer MSCS Student

435 views • 30 slides
Piece of cake testing remote embedded devices made easy with MuxPi . Pawe Wieczorek February

Piece of cake testing remote embedded devices made easy with MuxPi . Pawe Wieczorek February

Piece of cake testing remote embedded devices made easy with MuxPi . Pawe Wieczorek February 3, 2018 Samsung R&D Institute Poland Agenda . 1. Introduction 2. Previous efforts 3. Idea 4. Hardware 5. Software 6. Next steps 7.

1.1k views • 79 slides
Regulation 1.17 Remote-Control Devices and Powered Models or Toys FAIRFAX COUNTY PARK

Regulation 1.17 Remote-Control Devices and Powered Models or Toys FAIRFAX COUNTY PARK

Regulation 1.17 Remote-Control Devices and Powered Models or Toys FAIRFAX COUNTY PARK AUTHORITY NORTHERN VIRGINIA REGIONAL PARK AUTHORITY THURSDAY, SEPTEMBER 6, 2018 Virginia Code Alignment Dillons Rule Justice John Dillon,

506 views • 14 slides
Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with

Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with

Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with Ernie Brickell, Liqun Chen, Manu Drivers, Anja Lehmann. jca@zurich.ibm.com, @JanCamenisch, ibm.biz/jancamenisch Direct Anonymous Attestation What

655 views • 31 slides
A Framework for Remote Usability Evaluation on Mobile Devices Bachelorarbeit in Informatik

A Framework for Remote Usability Evaluation on Mobile Devices Bachelorarbeit in Informatik

Technische Universitt Mnchen A Framework for Remote Usability Evaluation on Mobile Devices Bachelorarbeit in Informatik Daniel Bader Technische Universitt Mnchen Introduction Usability - An indicator for the ease of use and

785 views • 56 slides
! Apps Apps RAM ! Ring 0 - 2 OS / Hypervisor OS / Hypervisor Remote Attestation Protected

! Apps Apps RAM ! Ring 0 - 2 OS / Hypervisor OS / Hypervisor Remote Attestation Protected

Keystone : An Open Framework for Architecting Trusted Execution Environments Dayeol Lee , David Kohlbrenner, Shweta Shinde, Krste Asanovic, Dawn Song Dept. of Electrical Engineering and Computer Sciences University of California, Berkeley

599 views • 30 slides

More recommend