sancus low cost trustworthy extensible networked devices
play

Sancus: Low-cost trustworthy extensible networked devices with a - PowerPoint PPT Presentation

Sancus: Low-cost trustworthy extensible networked devices with a zero-software Trusted Computing Base Pieter Agten Wilfried Daniels Raoul Strackx Job Noorman Anthony Van Herrewege Christophe Huygens Bart Preneel Ingrid Verbauwhede Frank


  1. Sancus: Low-cost trustworthy extensible networked devices with a zero-software Trusted Computing Base Pieter Agten Wilfried Daniels Raoul Strackx Job Noorman Anthony Van Herrewege Christophe Huygens Bart Preneel Ingrid Verbauwhede Frank Piessens 16 Aug 2013

  2. Noorman et al. Sancus 16 Aug 2013 2 / 29

  3. Carna Botnet Port scanning /0 using insecure embedded devices (Anonymous researcher) Carna Botnet client distribution March to December 2012. ∼ 420K Clients Noorman et al. Sancus 16 Aug 2013 2 / 29

  4. Although very relevant, low-end devices lack effective security features More threats on embedded devices Due to network connectivity and third-party extensibility No effective solutions exist It’s “a mess” (Viega and Thompson) Researchers are exploring this area E.g., SMART (El Defrawy et al.) Noorman et al. Sancus 16 Aug 2013 3 / 29

  5. Goal: design and implement a low-cost, extensible security architecture Strong isolation of software modules Given third-party extensibility Secure communication and attestation Both locally and remotely Counteracting attackers with full control over infrastructural software Zero-software Trusted Computing Base Noorman et al. Sancus 16 Aug 2013 4 / 29

  6. Target: a generic system model Infrastructure provider IP IP owns and administers nodes N i N 1 · · · SM 1 , 1 SM 2 , 1 SP 1 Software providers SP j wants to use the insfrastructure N 2 · · · SM 2 , 2 SM j , k SP 2 Software modules . . . . . . SM j , k is deployed by SP j on N i Noorman et al. Sancus 16 Aug 2013 5 / 29

  7. Example node configuration Node SM 1 SP 1 . . . . SM S S . IP . SM n SP n Noorman et al. Sancus 16 Aug 2013 6 / 29

  8. Preview Module isolation 1 Key management 2 Remote attestation and secure communication 3 Secure linking 4 Results 5 Noorman et al. Sancus 16 Aug 2013 7 / 29

  9. Overview Module isolation 1 Module layout Access rights enforcement Key management 2 Remote attestation and secure communication 3 Secure linking 4 Results 5 Noorman et al. Sancus 16 Aug 2013 8 / 29

  10. Modules are bipartite with a public text section and a protected data section Public text section Containing code and constants Protected data section Containing secret runtime data Noorman et al. Sancus 16 Aug 2013 9 / 29

  11. Node with one software module loaded Node SM 1 protected data section SM 1 text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM 1 SM 1 metadata Protected storage area K N Layout Keys Noorman et al. Sancus 16 Aug 2013 10 / 29

  12. Node with one software module loaded Public and protected sections Node SM 1 protected data section SM 1 text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM 1 SM 1 metadata Protected storage area K N Layout Keys Noorman et al. Sancus 16 Aug 2013 10 / 29

  13. Node with one software module loaded Module layout Node SM 1 protected data section SM 1 text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM 1 SM 1 metadata Protected storage area K N Layout Keys Noorman et al. Sancus 16 Aug 2013 10 / 29

  14. Node with one software module loaded Module identity Node SM 1 protected data section SM 1 text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM 1 SM 1 metadata Protected storage area K N Layout Keys Noorman et al. Sancus 16 Aug 2013 10 / 29

  15. Node with one software module loaded Module entry point Node SM 1 protected data section SM 1 text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM 1 SM 1 metadata Protected storage area K N Layout Keys Noorman et al. Sancus 16 Aug 2013 10 / 29

  16. Node with one software module loaded Module keys Node SM 1 protected data section SM 1 text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM 1 SM 1 metadata Protected storage area K N Layout Keys Noorman et al. Sancus 16 Aug 2013 10 / 29

  17. Modules are isolated using program-counter based memory access control Variable access rights Depending on the current program counter Noorman et al. Sancus 16 Aug 2013 11 / 29

  18. Modules are isolated using program-counter based memory access control Variable access rights Depending on the current program counter From/to Text Protected Unprotected Text Other Noorman et al. Sancus 16 Aug 2013 11 / 29

  19. Modules are isolated using program-counter based memory access control Variable access rights Depending on the current program counter From/to Text Protected Unprotected Text Other Noorman et al. Sancus 16 Aug 2013 11 / 29

  20. Modules are isolated using program-counter based memory access control Variable access rights Depending on the current program counter From/to Text Protected Unprotected Text Other Noorman et al. Sancus 16 Aug 2013 11 / 29

  21. Modules are isolated using program-counter based memory access control Variable access rights Depending on the current program counter Isolation of data Only accessible from text section From/to Text Protected Unprotected Text rw- Other --- Noorman et al. Sancus 16 Aug 2013 11 / 29

  22. Modules are isolated using program-counter based memory access control Variable access rights Depending on the current program counter Isolation of data Only accessible from text section Protection against code misuse (e.g., ROP) From/to Text Protected Unprotected Text r-x rw- Other r-- --- Noorman et al. Sancus 16 Aug 2013 11 / 29

  23. Node with one software module loaded Module entry point Node SM 1 protected data section SM 1 text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM 1 SM 1 metadata Protected storage area K N Layout Keys Noorman et al. Sancus 16 Aug 2013 11 / 29

  24. Modules are isolated using program-counter based memory access control Variable access rights Depending on the current program counter Isolation of data Only accessible from text section Protection against code misuse (e.g., ROP) Enter module through single entry point From/to Text Protected Unprotected Entry r-x rw- Text r-x rw- Other r-- --- Noorman et al. Sancus 16 Aug 2013 11 / 29

  25. Modules are isolated using program-counter based memory access control Variable access rights Depending on the current program counter Isolation of data Only accessible from text section Protection against code misuse (e.g., ROP) Enter module through single entry point From/to Entry Text Protected Unprotected Entry r-x r-x rw- Text r-x r-x rw- Other r-x r-- --- Noorman et al. Sancus 16 Aug 2013 11 / 29

  26. Modules are isolated using program-counter based memory access control Variable access rights Depending on the current program counter Isolation of data Only accessible from text section Protection against code misuse (e.g., ROP) Enter module through single entry point From/to Entry Text Protected Unprotected Entry r-x r-x rw- rwx Text r-x r-x rw- rwx Other r-x r-- --- rwx Noorman et al. Sancus 16 Aug 2013 11 / 29

  27. Isolation can be enabled/disabled using new instructions Noorman et al. Sancus 16 Aug 2013 12 / 29

  28. Node with one software module loaded Module layout Node SM 1 protected data section SM 1 text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM 1 SM 1 metadata Protected storage area K N Layout Keys Noorman et al. Sancus 16 Aug 2013 12 / 29

  29. Isolation can be enabled/disabled using new instructions protect layout, SP Enables isolation at layout unprotect Disables isolation of current SM Noorman et al. Sancus 16 Aug 2013 12 / 29

  30. Overview Module isolation 1 Key management 2 Remote attestation and secure communication 3 Secure linking 4 Results 5 Noorman et al. Sancus 16 Aug 2013 13 / 29

  31. Providing a flexible, inexpensive way for secure communication Establish a shared secret Between SP and its module SM Use symmetric crypto Public-key is too expensive for low-cost nodes Ability to deploy modules without IP intervening After initial registration, that is Noorman et al. Sancus 16 Aug 2013 14 / 29

  32. Key derivation scheme allowing both Sancus and SP ’s to get the same key Infrastructure provider is trusted party IP Able to derive all keys Every node N stores a key K N N 1 N 2 N 3 Generated at random Derived key based on SP ID SP 1 SP 2 SP 3 K SP = kdf ( K N , SP ) Derived key based on SM identity SM 1 SM 2 SM 3 K SM = kdf ( K SP , SM ) Noorman et al. Sancus 16 Aug 2013 15 / 29

  33. Key derivation scheme allowing both Sancus and SP ’s to get the same key Infrastructure provider is trusted party IP Able to derive all keys Every node N stores a key K N N 1 N 2 N 3 Generated at random Derived key based on SP ID SP 1 SP 2 SP 3 K SP = kdf ( K N , SP ) Derived key based on SM identity SM 1 SM 2 SM 3 K SM = kdf ( K SP , SM ) Noorman et al. Sancus 16 Aug 2013 15 / 29

Recommend


More recommend