security in modern cpu
play

Security in modern CPU Guillaume Bouffard ( - PowerPoint PPT Presentation

Security in modern CPU Guillaume Bouffard ( guillaume.bouffard@ssi.gouv.fr ) Hardware Security Labs National Cybersecurity Agency of France (ANSSI) DIENS, ENS, CNRS, PSL University Workshop SILM 21 November 2019 Who am I? Me Expert in


  1. Security in modern CPU Guillaume Bouffard ( guillaume.bouffard@ssi.gouv.fr ) Hardware Security Labs – National Cybersecurity Agency of France (ANSSI) DIENS, ENS, CNRS, PSL University Workshop SILM — 21 November 2019

  2. Who am I? Me Expert in Embedded System Security (Hardware Security Labs — ANSSI) Associate Researcher in the Information Security Group at ENS Research subjects Embedded sofware security against hardware and sofware attacks Java Card, IC (secure component, micro-controller and SoC). Security in modern CPU Guillaume Bouffard 21 November 2019 1 / 43

  3. Aim of this Tutorial This tutorial aims at introducing an overview of root of trust hardware and sofware security. During this tutorial: I will focus on security from secure element to system-on-chip No cryptographic implementations will be mistreated during this presentation Security in modern CPU Guillaume Bouffard 21 November 2019 2 / 43

  4. 1. Introduction

  5. The Root of Trust Several features must be executed in a trust environment where is able to: host sensitive applications: ◮ where sensitive and cryptographic data protection are ensured; compute sensitive (as cryptographic) operations: ◮ without any leak. Security in modern CPU Guillaume Bouffard 21 November 2019 3 / 43

  6. The Root of Trust (cont.) The root of trust is a secure environment. Security in modern CPU Guillaume Bouffard 21 November 2019 4 / 43

  7. The Root of Trust (cont.) The root of trust is a secure environment. Mainly , it’s a secure component. Security in modern CPU Guillaume Bouffard 21 November 2019 4 / 43

  8. The Root of Trust (cont.) The root of trust is a secure environment. Mainly , it’s a secure component. The most populate secure component is the smart card. Security in modern CPU Guillaume Bouffard 21 November 2019 4 / 43

  9. The Root of Trust (cont.) Several sofware implementations of a secure component exist: Hardware secure component emulation: ◮ Changing TPMs by secure enclaves, (as ARM TrustZone) ◮ this is not a secure component . Whitebox cryptographic: ◮ It’s basically less secure. ◮ How to ensure the security level of those implementations? ◮ How and under which condition make those evaluations? Security in modern CPU Guillaume Bouffard 21 November 2019 5 / 43

  10. Attacks against Root of Trust Physical attacks ◮ Side Channel attacks (timing attacks, power analysis attack, etc.); ◮ Fault attacks (electromagnetic injection, laser beam injection, etc.). Sofware attacks Combined attacks ◮ Execution of malicious ◮ Mix of physical and sofware instructions. attacks. Security in modern CPU Guillaume Bouffard 21 November 2019 6 / 43

  11. The Secure Component? A secure component is a component with securities features: A micro-controller with 1-core CPU and limited-resources; Confidentiality and integrity of the flash memory data; Random number generator; Cryptographic accelerators; Detect probing attacks or signal corruption; Side channel attacks protection; Hardened sofware. Security in modern CPU Guillaume Bouffard 21 November 2019 7 / 43

  12. The Secure Component? (cont.) Secure component Applications JCVM OS (~10-30kB) CPU Crypto-processor Power management Bus Interconnection Memories (with MPU) ISO 7816/SPI Security in modern CPU Guillaume Bouffard 21 November 2019 8 / 43

  13. How to ensure security level of Secure Component? Customers specify the security requirements. Developers implement security requirements in the product. ITSEFs evaluate the product security level. Certification Body certify products and checks each step of the evaluation process. Security in modern CPU Guillaume Bouffard 21 November 2019 9 / 43

  14. How to ensure security level of Secure Component? Customers specify the security requirements. Developers implement security requirements in the product. ITSEFs evaluate the product security level. Certification Body certify products and checks each step of the evaluation process. A scheme: the Common Criteria Common Criteria is an international standard (ISO/IEC 15408) for certification of secure products. International recognition Security in modern CPU Guillaume Bouffard 21 November 2019 9 / 43

  15. How to ensure security level of Secure Component? Customers specify the security requirements. Developers implement security requirements in the product. ITSEFs evaluate the product security level. Certification Body certify products and checks each step of the evaluation process. A scheme: the Common Criteria Common Criteria is an international standard (ISO/IEC 15408) for certification of secure products. International recognition Evaluation area: ◮ Smartcards & similar devices ◮ Hardware Devices with Security Boxes ◮ Sofware Security in modern CPU Guillaume Bouffard 21 November 2019 9 / 43

  16. Common Criteria Evaluation Level Several certification classes exist: Level Description EAL1 Functionally Tested EAL2 Structurally Tested EAL3 Methodically Tested and Checked EAL4 Methodically Designed, Tested and Reviewed EAL5 Semiformally Designed and Tested EAL6 Semiformally Verified Design and Tested EAL7 Formally Verified Design and Tested For each class may be augmented : ◮ For instance: a smartcard can be evaluated as: EAL4 + ALC_DVS.2 + AVA_VAN.5 Each evaluation is not time constraint. Security in modern CPU Guillaume Bouffard 21 November 2019 10 / 43

  17. CC CSPN EAL 1 to 7 Only one level Grey/white box Black box International certification recognition No recognition No time constraint 25md (+10 for crypto) Product update during the evaluation Fixed product version Developer must provide compliant docs No specific knowledge Very expensive (60 to 200k€) Relatively low cost (25 to 35k€) Security in modern CPU Guillaume Bouffard 21 November 2019 11 / 43

  18. CC CSPN EAL 1 to 7 Only one level Grey/white box Black box International certification recognition No recognition No time constraint 25md (+10 for crypto) Product update during the evaluation Fixed product version Developer must provide compliant docs No specific knowledge Very expensive (60 to 200k€) Relatively low cost (25 to 35k€) CPSN-like scheme available in Germany (BSZ — Accelerated Security Certification) and Spain (LINCE). Security in modern CPU Guillaume Bouffard 21 November 2019 11 / 43

  19. From the Secure Component to the System of Chip Sensitive assets are in and computed on the secure component. Secure component are designed (and evaluated) to be tamper-resistant against physical and sofware attacks. System on Chips (SoC) are everywhere: ◮ Automotive ◮ Smartphone ◮ IoT Secure component are limited resources devices. For sensitive operations where more resources are required, SoCs are used. Security in modern CPU Guillaume Bouffard 21 November 2019 12 / 43

  20. Secure Component vs SoC Smartcard Mobile device Same services, different securities Security in modern CPU Guillaume Bouffard 21 November 2019 13 / 43

  21. Secure Component vs SoC Based on a secure component Based on a full System on Chip Simple CPU Complex CPU Designed for security Designed for performance Adding TEE 1 for sofware security Certified 1 Trusted Environment Execution Security in modern CPU Guillaume Bouffard 21 November 2019 14 / 43

  22. What is a System on Chip? System on Chip (Exynos like) Standard Apps Trusted Apps Rich OS Trusted OS Trusted Kernel CPUs (4x Big & 4x Little Cores) GPU (8 cores) & VPU 2 PMIC 3 Multi-layer AXI/AHB Bus & Cache Coherent Interconnection Internal ROM & RAM (with MMU) Modem Interfaces 2 Video Processing Unit 3 Power Management Integrated Circuit Security in modern CPU Guillaume Bouffard 21 November 2019 15 / 43

  23. Secure Component vs System on Chip System on Chip (Exynos like) Secure component Standard Apps Trusted Apps Applications Rich OS Trusted OS JCVM Trusted Kernel Kernel & OS (~kB) CPUs (4x Big & 4x Little Cores) GPU (8 cores) & VPU PMIC CPU (1 ARMv7-M core) Crypto-processor Power management Multi-layer AXI/AHB Bus & Cache Coherent Interconnection Bus Interconnection Internal ROM & RAM (with MMU) Modem Interfaces Memories (with MPU) Interfaces Run at 4 to 60 MHz Run at 300 MHz to 3 GHz Not multi-threaded Multi-threaded Fine engraving > 40 nm Fine engraving < 20 nm Constant Voltage & Frequency Dynamic Voltage & Frequency management Trusted hardware & apps only Trusted Environment Execution Hardware mitigation No hardware mitigation Security in modern CPU Guillaume Bouffard 21 November 2019 16 / 43

  24. The Packaging Smart card package with secure SoC with package on package component Secure component Package Package Contact Stacked RAM Wirebounds Card body Wirebounds BGA 4 SoC mini PCB 4 Ball Grid Array Security in modern CPU Guillaume Bouffard 21 November 2019 17 / 43

  25. 2. Security of SoC

  26. An overview of state-of-the-art SoC attacks Injection medium Physical target Sofware target Sofware security Virtual to physical Sofware RAM Memory partitioning translation table Glitch voltage Clock Key Cryptography Laser Register Instruction Secure boot EM Bus Execution flow integrity Return value Program counter Confidentiality Cache User rights MMU Pipeline Data Security in modern CPU Guillaume Bouffard 21 November 2019 18 / 43

Recommend


More recommend