symbian foundation shai security jan 2010

8/14/2019 Symbian Foundation SHAI Security Jan 2010

1/11

Security-Related Hardware Adaptation

Input to SHAI Working Group

January 2010

Craig Heath, Symbian Foundation


2/11

Recap of Proposals from October

cryptography

hardware accelerators, hardware random number generation

use of embedded device keys

hardware root of trust

software and data integrity checking

potentially including IMEI protection and subsidy lock

secure execution environment

e.g. TrustZone, SIM Application Tool Kit

biometric authentication

e.g. fingerprint matching

debug / service state functions

e.g. JTAG access, reflashing

Copyright 2010 Symbian Foundation 2


3/11

Cryptography Candidate APIs

Some APIs already exist, although at perhaps too high a level:

Crypto Token Framework for hardware certificate and key stores

well established (introduced in Symbian OS v7.0?)

standardise interfaces to specific token types?

CryptoSPI for algorithm acceleration (in S^3) further details provided in this slide set

DRM device key abstraction (in S^2)

possible refactor in terms of Crypto Token Framework or CryptoSPI?

Some APIs are potential contributions on the radar: Improved random number generation (not currently in backlog)

better management of the entropy pool



4/11


5/11

Biometric Hardware

S^3 includes framework for authentication plug-ins

Are there classes of peripheral, such as fingerprint scanners,that should have a defined adaptation interface under this?

operations such as template registration and fuzzy matching



6/11

Other Areas

Are there any potential candidate APIs for these areas:

secure execution environment?

debug / service state access?

Are there any other areas in which we should aim to providehardware adaptation interfaces?



7/11

CryptoSPI Design Overview

A unified way to integrate additional crypto algorithmimplementations into the OS using a plug-in mechanism. Thecaller can select between implementations based on theirproperties (e.g. speed, latency).

Maintains backward compatibility with the legacy crypto APIs

using shim classes which use the CryptoSPI to perform thecryptographic operations.

Use Cases:

Crypto acceleration can be used automatically by applications

Alternate implementations of existing algorithms can be provided Implementations of new algorithms can be provided



8/11

CryptoSPI Plug-in Architecture


CryptoSPI

Plug-in Selector

Plug-in Plug-in Plug-in Plug-in

CryptoSPI Setup

Configuration


9/11

CryptoSPI Component Diagram

cryptospi.dll

Application

random.dll

hash.dll

strong/weakcryptography.dll

strong/weaksoftwarecrypto.dll

any number of plug-inscan be implementedhere

Generic crypto factories

Big Integer andPadding Support

plug-in module configuration file

hardwarecrypto.dll

randsvr.exe

Legacy Application

9Copyright 2010 Symbian Foundation


10/11

CryptoSPI Next Steps

If this is seen as useful, a formal proposal can be made toadopt the CryptoSPI as part of SHAI:

use case justification

high level design

detailed API documentation (from Doxygen tags)

Subsequent review and voting on fit for purpose

bearing in mind this is already implemented, tested andcontributed so there are considerable practical advantages inkeeping the APIs as they are

Proposals for future enhancements to CryptoSPI

SHAI v2?



11/11

Other Areas Next Steps

What are the priorities among the following:

hardware random number generation

use of embedded device keys

software and data integrity checking

secure execution environment

biometric authentication

debug / service state functions

anything else?


symbian foundation shai security jan 2010

Documents