connecting securely to the cloud - stmicroelectronics securely to the cloud presented by enrico...

Connecting Securely to the Cloud

Presented by

Enrico GregorattoAndrew Marsh

Security Primer

Trusting The Connection Transport Layer Security Enrico GregorattoConnecting to the Cloud

IoT Device Integrity – Building Trust

Raising The Bar – Use a SE Andrew MarshConclusion

Q & A

Agenda

Speaker

Presentation

2

Communications With A Cloud Service 3

Overview

Gateway

Cloud Service

Network

IoT Device

Identifying Threats 4

Gateway

Cloud Service

Network

IoT Device

Fake Service

Eavesdropper

Tampering with Data

Compromised Device Tampering with Data

Cloned or Counterfeit Device

Classes of Attacks

IoT Device

Internet

5

Misuse of network protocols• Exploit communication protocol errorsFlaws in software design / implementation

Software Attack

Cloud Service

Device de-packaged• Circuit analysis and probingFault injection• Laser beam

Silicon Level Attack

BOX

With the case opened / removed• Test / debug port access• Inter device bus and IO probing• Reset, clock attacks• Power analysis• Temperature / electrical attacks (glitch,

overvoltage)

Board Level Attack

ATTACKS

Classes of Attacks

IoT Device

ATTACKS

Internet

6



BOX


overvoltage)

Confidentiality• Data / Identity Protection• Secure Communications• Secure Storage

Integrity and Availability• Secure Boot• Secure Firmware Upgrade• Trusted Processing

Authentication• Device to Server• Server to Device

SOLUTION


Board Level Attack

Software Attack

Cloud Service

Securing the Connection

7

Secure Communications 8

• Cloud Services have selected to use a standards based secure communication protocols

• Cloud Services vendors use "lightweight" messaging protocols like • MQTT - Message Queue Telemetry Transport (ISO / IEC PRF 20922) • CoAP - Constrained Application Protocol (RFC7252)

• These messaging protocols were designed for connections with remote devices with limited resources (memory / CPU) or where network bandwidth is limited

• These messaging protocols use Transport Layer Security (TLS) to secure communications

Crypto Basics

9

Secret KeyCryptography(Symmetric)

CryptographyOne Key or Two?

10

Data File Data FileData File

Clear Text Clear Text

Cipher Text

Encryption Decryption

Sender ReceiverCommunicationsChannel

Public KeyCryptography(Asymmetric)

Data File Data FileData File

Clear Text Clear Text

Cipher Text

Encryption Decryption

PrivatePublic

CryptographyHASH Algorithms

• Cryptographic Hash• Easy to compute and quick• A one way function, non-reversible (computationally infeasible to obtain the original

message from the hash), unique (practically impossible for two different messages to generate same result)

• Used in many processes like authentication, secure boot, secure downloads

• NIST (Secure Hashing Algorithm) SHA-2, SHA-3

11

Data FileCode File

Clear Text

Hash ValueOne Way Function

Hash function has no key, and the clear text can not be recovered from the hash value

CryptographyDigital Signatures

• Digital Signatures• Used to check the authenticity of information - code, files, messages, Public Keys

12

Sign / Encrypt

Signing Code File

Clear Text

Hash Hash Value

Private

Using RSA

Verify / Decrypt

Authentication

Public

Hash Value

Code File

Clear Text

Hash Calculated Hash Value

Compare If the Hash values areequal the file is authentic

Using RSA

Transport Layer Security - TLS

13

Transport Layer Security• Transport Security Layer - TLS (RFC 5446) protocol provides -

• Device / Server Authentication (optional) • making use of asymmetrical crypto like :- RSA and ECC

• Information Confidentiality / Data Protection • key exchange crypto like:- Diffie-Hellman • encryption using symmetric ciphers like :- AES, Triple DES

• Message Integrity

• Makes extensive use of X.509 certificates and a Public Key Infrastructure

• Device authentication may be carried out at the Application Layer

• A IoT Device due to its limited capabilities (memory/processing) does not need to support a full crypto suite

14

TLS Exchange Overview 15

IoT Device

IP Connection

Cloud Service

Server’s Certificate

Client Hello

Data File

Cipher Text

Server ClientHello !

AES

Data File

Clear Text

Data File

Clear Text

AES

SecuredLink

Session

Crypto

Diffie-Hellman key exchange Establish a

shared key

Sessionkey

Crypto

Server’s CA Certificate

Mutual Authentication

Digital Signature

Authentication

Crypto

CryptoDevice

Key-Pair

Device Certificate

RNG

Device Certificate

Connecting to The Cloud

16

Example of Registering to Cloud Service1) Gather the End-Point Credentials and

Server CA Certificate2) Generate a Public/Private key pair3) Create a Certificate Signing Request (CSR)4) Request a Device Certificate5) Register the Device Certificate into Your

IoT Account6) Program Certificates, End-Point

Credentials and keys into the IoT Device

17

Cloud Service

Your IoTAccount


Device Key-Pair

BOX


Device Key-Pair

End-Point Credentials

DeviceCertificate

IoT Device

DeviceCertificate

DeviceCertificate

DeviceCertificate

SigningProcess

CSR

TLS

Now the IoT Device can establish a secure communications

channel with the Cloud Service



Registering Demo to Cloud Service1) Gather the End-Point Credentials and

Server CA Certificate from the Cloud Services Provider

2) Request a Device Certificate and Public/Private key pair

3) Register the Device Certificate into Your IoT Account with the Cloud Services Provider

4) Program Certificates, End-Point Credentials and keys into the IoT Device

18

Cloud Service

Your IoTAccount



Device Key-Pair


DeviceCertificate

DeviceCertificate

DeviceCertificate

Device Key-Pair

DeviceCertificate

CryptoProcess

TLS

Now the IoT Device can establish a secure communicate channel

with the Cloud Service



BOX

IoT Device

Handling TLS Credentials

• Protect the keys (especially the Private Key )

• Store certificates and other credentials such that they cannot be easily replaced

• 95% attacks today are software

19

BOX


Device Key-Pair


DeviceCertificate

IoT Device

IoT Device Integrity – Building Trust

20

Classes of Attacks

IoT Device

Internet

21


Software Attack

Cloud Service



BOX


overvoltage)

Board Level Attack

ATTACKS

Security Needs for an IoT Device 22

Cloud Service providers wish to protect their services, their network and their brand Information/data confidentiality and

integrity through the use of cryptography Trust-worthiness through

cryptographic authentication between communicating devices Trust-worthiness of the platform

through device integrity

Example of a Simple IoT Device 23

Sensor MCU

CommunicationsDevice

Communication Device

Sensor

MCU

Foundation of Trust

Physical Layer• Network physical layer security• e.g. WiFi – WPA2, 802.11i,

Security Layering• Silicon Security Features

• Used to establish a robust platform on which trusted processes and associated cryptography can be performed

• Secure Boot-Loader (SB)• Establishing a Root-of-Trust• Verifying firmware image on every boot

• Secure Firmware Update (SFU)• Building a system that can evolve to counter new

threats, add new functionality, fix bugs in a controlled and secure way once device is in the field

24

Application• Access control and right management• Feature and product management

Secure Communications Layer• TLS / DTLS

Device Security Services• Secure Boot, Secure Firmware Update

Silicon Security Features

RDP WRP MPUPCROPFirewall

Secure Boot• Secure Boot uses cryptographic functions to confirm the authenticity of

firmware before allowing it to run

• A multi-stage boot process consists of each stage authenticating the next

25

First Stage

Code

Cert.Reset

Chain of Trust

Second stage

Loader

Code Cert.

AuthenticatesTrusted

Third Stage

RTOS

Code Cert.

Authenticates

Application

Authenticates

Secure Boot Process• Performed after a RESET, using a Public Key stored in the device

• It is a stateful process for predictable behavior

26

State Based Process

Reset

Trusted

Verify / Decrypt

Code Authentication

Public

Hash Value

File

Code Image

Hash

Calculated Hash Value

Compare

OK

NOK

Reload

Run Code

RESET

Secure BootState Machine

Jump to User App

Disable DMAs

Secured by the M

emory Protection U

nit

ConfigureWRP/RDP/PCROP

Secure Boot Flow 27

FirewallProtection

Exit Protected Enclave

Enter Protected Enclave

Disable IRQs

Enter Firewall

Exit Firewall

Secure Processing

Enable IRQs

Enclave

Enable MPU

Disable MPU

Zero’s SRAM

Enable Firewall

• Secure Processing Environment• Secure cryptographic functions• Protected access to Shared Info. data-space

• Single access point – Call Gate• Code segment cannot be executed without

passing through it• Volatile and Non-Volatile Data cannot be

accessed from outside

• Environment Configured to protect -• Volatile data (SRAM) • Non-volatile data (FLASH)• Code - no jump calls

Secure Processing 28

SRAM Non Secure Region

SRAM

Firewall Protection

User App #2 or

Download Area (opt)

SB: SFU-En Boot

SFU: SFU-En App

User App #1

Secure Processing

Shared Info.

Non Protected Data

C-STACK

Protected Volatile Data

Secure Region

Keys

Enclave

FLASH

SingleAccessPoint

Secure Engine APIs 29

Firewall Protection

user_file.c

secure_engine.o/.h

Exit Protected Enclave

Enter Protected Enclave

Disable IRQs

Enter Firewall

Exit Firewall

Secure Processing

Enable IRQs

Secure Engine APIs

Enclave

• Wrapper of internal protected functions

• Encryption / Decryption• Shared Info. - Read / Write

• User-level APIs handling• Parameter parsing for the single

Secure Engine • Entering and exiting of the secure

environment

Handling TLS Assets

30

Handling TLS Assets 31

IoT Device

IPConnection

Cloud Service

MCUServer’s CA Certificate

Device Certificate

Device

Key-Pair

Comms Sensor

• Make use of the security mechanisms provided by the MCU to protect code, cryptographic functions and protect the keys (especially the Private Key )

• Store certificates and credentials in such that they cannot be easily replaced


Crypto

Firewall

Sensor MCU


Device Security Services

Silicon Security Features

Enhanced Integrityby adding a Secure Element

32

Cloud Service

Classes of Attacks

IoT Device

BOX

Internet

33


overvoltage)



Board Level Attack

Remote Software

Attack


ATTACKS

Add a Secure Element 34

Sensor MCU


STM32

Communication Device

Sensor

MCU SecureElement

STSAFESecure Element

To Improve Integrity

Adding a Secure Element 35

STM32

STSAFE

Sensor MCU


SecureElement

• A Secure Element is designed to thwart silicon invasive attacks

• Independently assessed, achieving very high standards like EAL5+ Common Criteria Certified

• Protects keys and performs cryptographic functions (ECC, AES)

• For Secure Communications, Boot and Firmware Updates

• Provides a Secure Data Store

• Secure keys and certificates are provisioned during the manufacturing process

TLS Exchange using an MCU 36

IoT DeviceCloud Service

Diffie-Hellman key exchange


Establish a shared key

Device Certificate


Client Hello


Data File

Cipher TextData File

Clear Text

AES

Hello !

SecuredLink

Session

Sessionkey

Digital Signature

Authentication

Crypto

Crypto

Device

Key-Pair

Device Certificate

MCU

STM32

RNG

TLS Exchange with Secure Element 37

IoT DeviceCloud Service

Diffie-Hellman key exchange


Establish a shared key

Device Certificate


Client Hello


Data File

Cipher TextData File

Clear Text

AES

Hello !

SecuredLink

Session

Sessionkey

Digital Signature

Authentication

Crypto

Crypto

Device

Key-Pair

Device Certificate

MCU

STM32

Secure Element

STSAFE

I2C

RNG

Data File

Session Key

Pairingkey

Crypto

• Put Secret Keys• Store Certificates

Production Flow with PersonalizationStandard MCU

CUSTOMERPackageDiffusion and Test

Fabrication

Factory Personalization

HardwareSecurityModule

38

CM / OEM

MCU Code

Products

Trusted ?

Device

Key-Pair

• Put Secret Keys• Store Certificates

Production Flow with Personalization Secure Element

CUSTOMERPackage PersonalizationDiffusion and Test

Fabrication and Personalization Phases

Approved by

ST Secure Factory Personalization

HardwareSecurityModule

39

CM / OEM

MCU Code

+

Products

Factory Personalization

Device

Key-Pair

Impact on Software Stack• The Secure Elements crypto functions replace software

implementations in the Crypto Library

40

TLSCryptoLib

MQTT

Application

STSAFE

Driver

Crypto FunctionsIP StackOS

TLSCryptoLib

MQTT

Application

HAL

CPU, Crypto H/W, Interfaces

IP Stack

OS HAL

CPU, Crypto H/W, Interfaces

SE Driver

I2C Secure Element

Conclusion

Conclusion• Internet of Things presents a wealth of opportunities, a growth for commerce but an

increased of risk of theft, mischief and damage or loss of life• Secure communications is essential for success

• Secure and trustworthy IoT devices, well fortified against threats, are essential• Design products resistant against threats throughout their life-cycle• Most of the software related attacks today can be thwarted by good firmware

development practices

• Consider enhancing your IoT Devices integrity by using a Secure Element

42

ST Solution for Security in IoT 44

With STM32 Nucleo and sensors Expansion Board

Secure MCU

CLOUD

Service Provider

Secure Boot

Encryption

Authentication

Solution for IoT Device

Helping to Fortify Your IoT Solutions.ST the Strong Element.STMicroelectronics

2017

connecting securely to the cloud - stmicroelectronics securely to the cloud presented by enrico...

Documents