hardware, and trust security: explain it like i’m 5!

Hardware, and Trust Security: Explain it like I’m 5!

Teddy Reed teddy.reed@gmail.com

…or maybe 15, 27, 55??

Nicholas Anderson nanderson7@gmail.com

DEFCON 0x17=23 Hardware and Trust Security

Objectives

To simplify some otherwise complex explanations of hardware security

Provide an overview of obscure protocols, technologies, features

Satisfy our burning desire for lego & Pokémon references

Highlight previously controversial uses of hardware security

Inspire hardware security and trust enthusiasm3.

Outline

Designer and administrator goals

Failures, uses, and use cases

Hardware security building blocks

Components; technologies, protocols, features 3.

Outline

Designer and administrator goals1.

We want to protect processes and code the same way we protect machines on a network

Authentication, confidentiality, trust relationships

Isolate, reduce attack surface, audit

to protect:

DEFCON 0x17=23 Hardware and Trust Security6

unprivileged

privileged

unprivileged

privileged0

3unprivileged

privileged0

3unprivileged

most privileged

privileged0

3unprivileged

most privileged

Crossing a protection domaindefined by the architecture, not the operating system

this is NOT checking capabilities, comparing integers or consulting a bitmask mode of permissions

API defined by instruction set architecture

operating system implements both domains

some instructions [rdmsr] limited to privileged1.2.

4.concept should apply to all forms of memory*3.

*virtual address translation logic within MMU

Crossing a protection domaindefined by the architecture, not the operating system

kernel userthere are LOTs of ways to cross‘most’ cause a context switch

rippling effects on performance of the process and the system in general!

staticinlinelonglongunsignedtime_ns(structtimespec*constts){if(clock_gettime(CLOCK_REALTIME,ts)){exit(1);}return((longlongunsigned)ts->tv_sec)*1000000000LLU+(longlongunsigned)ts->tv_nsec;}

intmain(void){constintiterations=10000000;structtimespects;constlonglongunsignedstart_ns=time_ns(&ts);for(inti=0;i<iterations;i++){if(syscall(SYS_gettid)<=1){exit(2);}}constlonglongunsigneddelta=time_ns(&ts)-start_ns;return0;} by Benoit Sigoure

@github.com/tsuna/contextswitch

Measure context switch impact

staticinlinelonglongunsignedtime_ns(structtimespec*constts){if(clock_gettime(CLOCK_REALTIME,ts)){exit(1);}return((longlongunsigned)ts->tv_sec)*1000000000LLU+(longlongunsigned)ts->tv_nsec;}

intmain(void){constintiterations=10000000;structtimespects;constlonglongunsignedstart_ns=time_ns(&ts);for(inti=0;i<iterations;i++){if(syscall(SYS_gettid)<=1){exit(2);}}constlonglongunsigneddelta=time_ns(&ts)-start_ns;return0;} by Benoit Sigoure

@github.com/tsuna/contextswitch

Measure context switch impact

Various cache invalidations, and look-aside buffer trampling, scheduling on

different hardware threads (affinity)

Crossing a protection domain

kernel user

Crossing a protection domain

process net

Crossing a ‘protection’ domain

process netTCP/443

your PC LAN

You defined a protocol to handle/serve requests that separates two trust domains

API defined by protocol and RFC*

operating system implements both domains

lots of capability limited to service*1.2.

4.concept should apply to all forms of memory3.

Hardware and trust security

The operating system (software) provides primitives that help us build and secure network services

…hardware provides primitives to build and secure operating systems and software

Begins at primitives, then forms features and technology often encapsulated into a security-focused capability

Hardware and trust stack

primitives

features and specifications

technologies

capability

primitives

technologies

capability

primitives

technologies

capability

primitives

technologies

capability

primitives

technologies

capability or implementation

Outline

Hardware security building blocks2.

Consider building the perfect Pokémon team

…pretty much always on our minds

Psychic:Poison, Fighting

Water/Ice Hybrid:Fire, Grass, Dragon, Rock, Ground, Flying

Grass, Electric

Electric: Water, Flying vs. Ground, Grass

Dragon:Dragon vs. Ice

Fire: Grass, Bug, Ice

Rock, Ground, Water

Normal, or Fighting:Creativity

The line up is well understood based on a series of attributes

each lineup attribute is a primitive

Psychic:Poison, Fighting

Water/Ice Hybrid:Fire, Grass, Dragon, Rock, Ground, Flying

Grass, Electric

Electric: Water, Flying vs. Ground, Grass

Dragon:Dragon vs. Ice

Fire: Grass, Bug, Ice

Rock, Ground, Water

Normal, or Fighting:Creativity

Pro tip: Information security

Like balancing your Pokémon team

eventually you’ll get beat by a 12 y/o

suck it up and always hold grudges

Reminder

Building blocks

dedicated storage

algorithm implementations

tamper resilience

extendable trust

isolated execution

monitoring & auditingstate maintenance

dedicated I/O

Building blocks

dedicated storage

tamper resilience

extendable trust

isolated execution

dedicated I/O

Example: Build a TPM

dedicated storage

tamper resilience

extendable trust

isolated execution

dedicated I/O

Trusted Platform Module

Example: Build a HSM

dedicated storage

tamper resilience

extendable trust

isolated execution

dedicated I/O

Hardware Security Module

Building blocks

dedicated storage

tamper resilience

extendable trust

isolated execution

dedicated I/O

Building blocks

dedicated storage

0x7FFF

FFFFFFFF…

0x800000

*Memory sizes not to scale

Building blocks

dedicated storage

0x7FFF

FFFFFFFF…

0x800000

*Memory sizes not to scale

open, inw, outwbyte transfer over bus

(1)(2)(3)

Building blocks

dedicated storage

means plus

providing a policy enforcement point or limiting transformation

Building blocks

dedicated storage

plus equals

Building blocks

dedicated storage

plus equals

Building blocks

dedicated storage

plusMISTY CANT USE ASH’S POKEMON

equals

Building blocks

dedicated storage

Building blocks

read/write

Building blocks

sign, encrypt/decrypt

Building blocks

sign, encrypt/decrypt

provide algorithm in as hardware fast path

caller provides all data including keying materials

Building blocks

🔑🔐

dedicated storagealgorithm implementations

dedicated I/O

Building blocks

🔑🔐

💩💩

dedicated I/Otamper resilience

Building blocks

🔑🔐

💩💩

📜📜📜

state maintenance

Building blocks

🔑🔐

💩💩

📜📜📜

state maintenance

📜📜📜 📜📜📜 📜📜📜 📜📜📜 📜📜📜extendable trust

monitoring & auditing

Building blocks

🔑🔐

💩💩

📜📜📜

state maintenance

📜📜📜 📜📜📜 📜📜📜 📜📜📜 📜📜📜extendable trust

A Pokéball is a Hardware Security Module

Outline

Secure Boot

Secure Bootdedicated storage

extendable trust

state maintenanceUEFI 2+ firmware platform

extendable trust

state maintenanceUEFI 2+ firmware platformTrusted certificate stores

(1)(2)

extendable trust

state maintenanceUEFI 2+ firmware platform

Signed boot loaderTrusted certificate stores

(1)(2)

Secure Boot

Trusted certificate storesPlatform Key (PK)

Signature Database (db)

(2)Key enrollment key database (Kek)

Secure Boot

“I choose you Gyarados!!!”

Secure Boot

SecureBoot:Disabled

Secure Boot

SecureBoot:Disabled

Secure Boot

SecureBoot:Enabled

Misty runsLinux & used

MOKutil!

Boot “trust”

Secure Boot: Verify that the firmware has been digitally signed…or the user has manually approved the boot loaders digital signature

Trusted Boot: Verify the digital signature of the Windows 8.1 Kernel…including boot drivers, startup files and ELAM

Measured Boot: Check measurements against TPM

fetch code and size

compute hash and extend: H(V1) || H(V0)

apply signature check using certificate store and blacklist

allow signing of extended hashes

make decision

Boot “trust”

…the leg firmware is connected to the… ______ firmware

…the ______ firmware is connected to the… boot-loader

Boot “trust”

Reminder

TrustZone

Highly configurable hardware and software specifications for SoC on ARM

ARM Cortex-A57 ARM Cortex-A53 ARM Cortex-A17 ARM Cortex-A15 ARM Cortex-A9 ARM Cortex-A8 ARM Cortex-A7 ARM Cortex-A5 ARM1176

Hardware layer Software layer

TrustZone

A privilege domain providing an execution environment (TEE)

Applications (TA) run in a secure world protected bymemory controllers and interrupts

tamper resilience

extendable trustisolated execution

monitoring & auditingstate maintenancededicated I/O

TrustZone

Implement remaining building blocks using SecureCore

tamper resilience

extendable trustisolated execution

monitoring & auditingstate maintenancededicated I/O

Isolated Execution

TrustZone

Guarantee Confidentiality and Integrity; while also providing standard execution functionality

TrustZone

Image/block diagram from arm.com

Reminder

Hardware Security Tour

Atmel AC97C204T I2C, SMBus, LPC

🔑🔐

💩💩💩

📜📜📜 📜📜📜

CACs, Smartcards, YubiHSM

TrustZone & SecureCore

privileged0

Qualcomm’s SecureMSMImplements custom Secure Boot and TrustZone application API

TXT, IOMMU

privileged0

Isolate devices on MMU

Measure specific executions then isolate by CPU & memory

Oracle for attestation

privileged0Unprivileged mode

bootstrapped protection

Hardware & Trust enabled auditing

privileged

OS X kauth sysent[exec]()

Good idea? (y/n)

Audit event

Log sent

privileged

OS X kauth sysent[exec]()

Good idea? (y/n)Audit event to OOB

Log sent

Audit event to OOB

Log sent

API defined by hardware features

no software trapping required (fast)

privileged mode not needed, but helpful1.2.

4.signing, buffering, compression supported3.

IPMI, iLO, DRAC

privileged0

AMT, SecurityEngine (ME)Embedded Controllers

Circuit Heuristics

Hardware IDS for Supply-chain threats

- Nathan Edwards

Failures & Uses

TrustZoneEnabled2015AndroidPhones:HTCOneM9,LGG4,OnePlus2,GalaxyS6

Verified boot on Chrome OS

UEFI Secure Boottboot & ‘dynamic’ roots of trust

Android security report: Frost & Sullivan

Attesting mobile app containers

DC23: Remote Exploitation of an Unaltered Passenger Vehicle

DC23: ThunderStrike 2: Sith Strike

DC23: Attacking Hypervisors Using Firmware and Hardware

DC23: NSA Playset: JTAG Implants

hardware, and trust security: explain it like i’m 5!

Technology

joie de vivre - colleen friesen · i pride myself on...

hardware lesson 5 1. starter 2 name these devices and...

i’m ……………………………………………. ....

“i’m an engineer—not a writer.” “i don’t have...

ps3 hardware explain

lesson 9 networking core hardware fundamentals objectives...

what is your name? i’m pex. i’m a parrot hello! i’m...

i’m i’m i’m i’m i’m i’ll i’ll i’ll i’ll...

mary lisa i’m 160 cm tall i’m 45 kg i’m 28i’m 26...

programski in strojni vmesnik za krmiljenje robotske … ·...

trading my sorrows i’m trading my sorrows i’m trading my...

hi, i’m anon ymous and i’m an

sciaticalm · in this guide i’m going to explain about...

gcse ict study guidegcse ict study guide . handbook . ......

and jack m. balkin - columbia law school · sanford...

course outline - sault college · course outline course...

computer systems - wordpress.com · 1.1 explain the role of...

sh7710, sh7712, sh7713 group user's manual: hardware ·...

hi, i’m ivan. i’m a gorilla

i’m nobody emily dickinson close read. why close reading?...