hardware, and trust security: explain it like i’m 5!
TRANSCRIPT
Hardware, and Trust Security: Explain it like I’m 5!
Teddy Reed [email protected]
…or maybe 15, 27, 55??
Nicholas Anderson [email protected]
DEFCON 0x17=23 Hardware and Trust Security
Objectives
2
To simplify some otherwise complex explanations of hardware security
Provide an overview of obscure protocols, technologies, features
Satisfy our burning desire for lego & Pokémon references
Highlight previously controversial uses of hardware security
1.
2.
4.
Inspire hardware security and trust enthusiasm3.
DEFCON 0x17=23 Hardware and Trust Security
Outline
3
Designer and administrator goals
Failures, uses, and use cases
Hardware security building blocks
1.
2.
4.
Components; technologies, protocols, features 3.
DEFCON 0x17=23 Hardware and Trust Security
Outline
4
Designer and administrator goals
Failures, uses, and use cases
Hardware security building blocks
1.
2.
4.
Components; technologies, protocols, features 3.
DEFCON 0x17=23 Hardware and Trust Security
Outline
5
Designer and administrator goals1.
We want to protect processes and code the same way we protect machines on a network
Authentication, confidentiality, trust relationships
Isolate, reduce attack surface, audit
Use:
to protect:
DEFCON 0x17=23 Hardware and Trust Security6
unprivileged
privileged
DEFCON 0x17=23 Hardware and Trust Security7
unprivileged
privileged0
3
DEFCON 0x17=23 Hardware and Trust Security8
privileged0
3unprivileged
user
root
DEFCON 0x17=23 Hardware and Trust Security9
privileged0
3unprivileged
user
root
most privileged
-1
DEFCON 0x17=23 Hardware and Trust Security10
privileged0
3unprivileged
user
root
most privileged
-1
DEFCON 0x17=23 Hardware and Trust Security11
Crossing a protection domaindefined by the architecture, not the operating system
this is NOT checking capabilities, comparing integers or consulting a bitmask mode of permissions
API defined by instruction set architecture
operating system implements both domains
some instructions [rdmsr] limited to privileged1.2.
4.concept should apply to all forms of memory*3.
*virtual address translation logic within MMU
DEFCON 0x17=23 Hardware and Trust Security12
Crossing a protection domaindefined by the architecture, not the operating system
kernel userthere are LOTs of ways to cross‘most’ cause a context switch
rippling effects on performance of the process and the system in general!
0 3
DEFCON 0x17=23 Hardware and Trust Security13
staticinlinelonglongunsignedtime_ns(structtimespec*constts){if(clock_gettime(CLOCK_REALTIME,ts)){exit(1);}return((longlongunsigned)ts->tv_sec)*1000000000LLU+(longlongunsigned)ts->tv_nsec;}
intmain(void){constintiterations=10000000;structtimespects;constlonglongunsignedstart_ns=time_ns(&ts);for(inti=0;i<iterations;i++){if(syscall(SYS_gettid)<=1){exit(2);}}constlonglongunsigneddelta=time_ns(&ts)-start_ns;return0;} by Benoit Sigoure
@github.com/tsuna/contextswitch
Measure context switch impact
DEFCON 0x17=23 Hardware and Trust Security14
staticinlinelonglongunsignedtime_ns(structtimespec*constts){if(clock_gettime(CLOCK_REALTIME,ts)){exit(1);}return((longlongunsigned)ts->tv_sec)*1000000000LLU+(longlongunsigned)ts->tv_nsec;}
intmain(void){constintiterations=10000000;structtimespects;constlonglongunsignedstart_ns=time_ns(&ts);for(inti=0;i<iterations;i++){if(syscall(SYS_gettid)<=1){exit(2);}}constlonglongunsigneddelta=time_ns(&ts)-start_ns;return0;} by Benoit Sigoure
@github.com/tsuna/contextswitch
Measure context switch impact
Various cache invalidations, and look-aside buffer trampling, scheduling on
different hardware threads (affinity)
DEFCON 0x17=23 Hardware and Trust Security15
Crossing a protection domain
kernel user
DEFCON 0x17=23 Hardware and Trust Security16
Crossing a protection domain
process net
DEFCON 0x17=23 Hardware and Trust Security17
Crossing a ‘protection’ domain
process netTCP/443
your PC LAN
You defined a protocol to handle/serve requests that separates two trust domains
API defined by protocol and RFC*
operating system implements both domains
lots of capability limited to service*1.2.
4.concept should apply to all forms of memory3.
DEFCON 0x17=23 Hardware and Trust Security18
Hardware and trust security
The operating system (software) provides primitives that help us build and secure network services
…hardware provides primitives to build and secure operating systems and software
Begins at primitives, then forms features and technology often encapsulated into a security-focused capability
DEFCON 0x17=23 Hardware and Trust Security19
Hardware and trust stack
primitives
features and specifications
technologies
capability
DEFCON 0x17=23 Hardware and Trust Security20
Hardware and trust stack
primitives
features and specifications
technologies
capability
DEFCON 0x17=23 Hardware and Trust Security21
Hardware and trust stack
primitives
features and specifications
technologies
capability
DEFCON 0x17=23 Hardware and Trust Security22
primitives
features and specifications
technologies
capability
DEFCON 0x17=23 Hardware and Trust Security23
primitives
features and specifications
technologies
capability or implementation
DEFCON 0x17=23 Hardware and Trust Security
Outline
24
Designer and administrator goals
Failures, uses, and use cases
Hardware security building blocks
1.
2.
4.
Components; technologies, protocols, features 3.
DEFCON 0x17=23 Hardware and Trust Security
Outline
25
Hardware security building blocks2.
Consider building the perfect Pokémon team
…pretty much always on our minds
DEFCON 0x17=23 Hardware and Trust Security26
Psychic:Poison, Fighting
Water/Ice Hybrid:Fire, Grass, Dragon, Rock, Ground, Flying
Grass, Electric
Electric: Water, Flying vs. Ground, Grass
Dragon:Dragon vs. Ice
Fire: Grass, Bug, Ice
Rock, Ground, Water
Normal, or Fighting:Creativity
The line up is well understood based on a series of attributes
each lineup attribute is a primitive
DEFCON 0x17=23 Hardware and Trust Security27
Psychic:Poison, Fighting
Water/Ice Hybrid:Fire, Grass, Dragon, Rock, Ground, Flying
Grass, Electric
Electric: Water, Flying vs. Ground, Grass
Dragon:Dragon vs. Ice
Fire: Grass, Bug, Ice
Rock, Ground, Water
Normal, or Fighting:Creativity
DEFCON 0x17=23 Hardware and Trust Security28
Pro tip: Information security
Like balancing your Pokémon team
eventually you’ll get beat by a 12 y/o
suck it up and always hold grudges
DEFCON 0x17=23 Hardware and Trust Security
Reminder
29
Designer and administrator goals
Failures, uses, and use cases
Hardware security building blocks
1.
2.
4.
Components; technologies, protocols, features 3.
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
30
dedicated storage
algorithm implementations
tamper resilience
extendable trust
isolated execution
monitoring & auditingstate maintenance
dedicated I/O
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
31
dedicated storage
algorithm implementations
tamper resilience
extendable trust
isolated execution
monitoring & auditingstate maintenance
dedicated I/O
DEFCON 0x17=23 Hardware and Trust Security
Example: Build a TPM
32
dedicated storage
algorithm implementations
tamper resilience
extendable trust
isolated execution
monitoring & auditingstate maintenance
dedicated I/O
✔
✔
✔
✔
✔
✔
Trusted Platform Module
DEFCON 0x17=23 Hardware and Trust Security
Example: Build a HSM
33
dedicated storage
algorithm implementations
tamper resilience
extendable trust
isolated execution
monitoring & auditingstate maintenance
dedicated I/O
✔
✔
✔
✔
✔
✔
✔
Hardware Security Module
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
34
dedicated storage
algorithm implementations
tamper resilience
extendable trust
isolated execution
monitoring & auditingstate maintenance
dedicated I/O
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
35
dedicated storage
DRAM
0x0
0x7FFF
FFFFFFFF…
NVRAM
0x0
0x800000
*Memory sizes not to scale
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
36
dedicated storage
DRAM
0x0
0x7FFF
FFFFFFFF…
NVRAM
0x0
0x800000
*Memory sizes not to scale
open, inw, outwbyte transfer over bus
(1)(2)(3)
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
37
dedicated storage
means plus
providing a policy enforcement point or limiting transformation
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
38
dedicated storage
providing a policy enforcement point or limiting transformation
plus equals
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
39
dedicated storage
providing a policy enforcement point or limiting transformation
plus equals
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
40
dedicated storage
providing a policy enforcement point or limiting transformation
plusMISTY CANT USE ASH’S POKEMON
equals
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
41
dedicated storage
providing a policy enforcement point or limiting transformation
magic
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
42
algorithm implementations
read/write
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
43
algorithm implementations
sign, encrypt/decrypt
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
44
algorithm implementations
sign, encrypt/decrypt
provide algorithm in as hardware fast path
caller provides all data including keying materials
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
45
algorithm implementations
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
46
🔑🔐
dedicated storagealgorithm implementations
dedicated I/O
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
47
🔑🔐
💩💩
💩💩
dedicated storagealgorithm implementations
dedicated I/Otamper resilience
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
48
🔑🔐
💩💩
💩💩
📜📜📜
state maintenance
dedicated storagealgorithm implementations
dedicated I/Otamper resilience
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
49
🔑🔐
💩💩
💩💩
📜📜📜
state maintenance
dedicated storagealgorithm implementations
dedicated I/Otamper resilience
📜📜📜 📜📜📜 📜📜📜 📜📜📜 📜📜📜extendable trust
monitoring & auditing
DEFCON 0x17=23 Hardware and Trust Security
Building blocks
50
🔑🔐
💩💩
💩💩
📜📜📜
state maintenance
dedicated storagealgorithm implementations
dedicated I/Otamper resilience
📜📜📜 📜📜📜 📜📜📜 📜📜📜 📜📜📜extendable trust
monitoring & auditing
A Pokéball is a Hardware Security Module
DEFCON 0x17=23 Hardware and Trust Security
Outline
51
Designer and administrator goals
Failures, uses, and use cases
Hardware security building blocks
1.
2.
4.
Components; technologies, protocols, features 3.
DEFCON 0x17=23 Hardware and Trust Security
Outline
52
Designer and administrator goals
Failures, uses, and use cases
Hardware security building blocks
1.
2.
4.
Components; technologies, protocols, features 3.
DEFCON 0x17=23 Hardware and Trust Security
Secure Boot
53
???
DEFCON 0x17=23 Hardware and Trust Security
Secure Bootdedicated storage
algorithm implementations
extendable trust
monitoring & auditing
state maintenanceUEFI 2+ firmware platform
54
(1)
DEFCON 0x17=23 Hardware and Trust Security
Secure Bootdedicated storage
algorithm implementations
extendable trust
monitoring & auditing
state maintenanceUEFI 2+ firmware platformTrusted certificate stores
55
(1)(2)
DEFCON 0x17=23 Hardware and Trust Security
Secure Bootdedicated storage
algorithm implementations
extendable trust
monitoring & auditing
state maintenanceUEFI 2+ firmware platform
Signed boot loaderTrusted certificate stores
56
(1)(2)
(3)
DEFCON 0x17=23 Hardware and Trust Security
Secure Boot
Trusted certificate storesPlatform Key (PK)
Signature Database (db)
57
(2)Key enrollment key database (Kek)
DEFCON 0x17=23 Hardware and Trust Security
Secure Boot
58
“I choose you Gyarados!!!”
DEFCON 0x17=23 Hardware and Trust Security
Secure Boot
59
SecureBoot:Disabled
DEFCON 0x17=23 Hardware and Trust Security
Secure Boot
60
SecureBoot:Disabled
DEFCON 0x17=23 Hardware and Trust Security
Secure Boot
61
SecureBoot:Enabled
Misty runsLinux & used
MOKutil!
DEFCON 0x17=23 Hardware and Trust Security
Boot “trust”
62
Secure Boot: Verify that the firmware has been digitally signed…or the user has manually approved the boot loaders digital signature
Trusted Boot: Verify the digital signature of the Windows 8.1 Kernel…including boot drivers, startup files and ELAM
Measured Boot: Check measurements against TPM
DEFCON 0x17=23 Hardware and Trust Security63
fetch code and size
compute hash and extend: H(V1) || H(V0)
apply signature check using certificate store and blacklist
allow signing of extended hashes
make decision
Boot “trust”
DEFCON 0x17=23 Hardware and Trust Security64
…the leg firmware is connected to the… ______ firmware
…the ______ firmware is connected to the… boot-loader
Boot “trust”
DEFCON 0x17=23 Hardware and Trust Security
Reminder
65
Designer and administrator goals
Failures, uses, and use cases
Hardware security building blocks
1.
2.
4.
Components; technologies, protocols, features 3.
DEFCON 0x17=23 Hardware and Trust Security
TrustZone
66
Highly configurable hardware and software specifications for SoC on ARM
ARM Cortex-A57 ARM Cortex-A53 ARM Cortex-A17 ARM Cortex-A15 ARM Cortex-A9 ARM Cortex-A8 ARM Cortex-A7 ARM Cortex-A5 ARM1176
Hardware layer Software layer
DEFCON 0x17=23 Hardware and Trust Security
TrustZone
67
A privilege domain providing an execution environment (TEE)
Applications (TA) run in a secure world protected bymemory controllers and interrupts
dedicated storagealgorithm implementations
tamper resilience
extendable trustisolated execution
monitoring & auditingstate maintenancededicated I/O
DEFCON 0x17=23 Hardware and Trust Security
TrustZone
68
Implement remaining building blocks using SecureCore
dedicated storagealgorithm implementations
tamper resilience
extendable trustisolated execution
monitoring & auditingstate maintenancededicated I/O
DEFCON 0x17=23 Hardware and Trust Security69
Isolated Execution
TrustZone
Guarantee Confidentiality and Integrity; while also providing standard execution functionality
DEFCON 0x17=23 Hardware and Trust Security
TrustZone
70
Image/block diagram from arm.com
DEFCON 0x17=23 Hardware and Trust Security
Reminder
71
Designer and administrator goals
Failures, uses, and use cases
Hardware security building blocks
1.
2.
4.
Components; technologies, protocols, features 3.
DEFCON 0x17=23 Hardware and Trust Security
Hardware Security Tour
72
DEFCON 0x17=23 Hardware and Trust Security
TPMs
73
Atmel AC97C204T I2C, SMBus, LPC
DEFCON 0x17=23 Hardware and Trust Security
HSMs
74
🔑🔐
💩💩💩
💩
📜📜📜 📜📜📜
💩
CACs, Smartcards, YubiHSM
DEFCON 0x17=23 Hardware and Trust Security
TrustZone & SecureCore
75
privileged0
Qualcomm’s SecureMSMImplements custom Secure Boot and TrustZone application API
DEFCON 0x17=23 Hardware and Trust Security
TXT, IOMMU
76
privileged0
Isolate devices on MMU
Measure specific executions then isolate by CPU & memory
Oracle for attestation
DEFCON 0x17=23 Hardware and Trust Security
SGX
77
privileged0Unprivileged mode
bootstrapped protection
DEFCON 0x17=23 Hardware and Trust Security78
Hardware & Trust enabled auditing
privileged
exec
OS X kauth sysent[exec]()
Good idea? (y/n)
Audit event
Log sent
DEFCON 0x17=23 Hardware and Trust Security79
Hardware & Trust enabled auditing
privileged
exec
OS X kauth sysent[exec]()
Good idea? (y/n)Audit event to OOB
Log sent
DEFCON 0x17=23 Hardware and Trust Security80
Hardware & Trust enabled auditing
Audit event to OOB
Log sent
API defined by hardware features
no software trapping required (fast)
privileged mode not needed, but helpful1.2.
4.signing, buffering, compression supported3.
DEFCON 0x17=23 Hardware and Trust Security
IPMI, iLO, DRAC
81
privileged0
AMT, SecurityEngine (ME)Embedded Controllers
DEFCON 0x17=23 Hardware and Trust Security
Circuit Heuristics
82
Hardware IDS for Supply-chain threats
- Nathan Edwards
DEFCON 0x17=23 Hardware and Trust Security
Failures & Uses
83
DEFCON 0x17=23 Hardware and Trust Security
Failures & Uses
84
TrustZoneEnabled2015AndroidPhones:HTCOneM9,LGG4,OnePlus2,GalaxyS6
Verified boot on Chrome OS
UEFI Secure Boottboot & ‘dynamic’ roots of trust
Android security report: Frost & Sullivan
Attesting mobile app containers
DEFCON 0x17=23 Hardware and Trust Security
~fin
85
DC23: Remote Exploitation of an Unaltered Passenger Vehicle
DC23: ThunderStrike 2: Sith Strike
DC23: Attacking Hypervisors Using Firmware and Hardware
DC23: NSA Playset: JTAG Implants