connecting securely to the cloud - stmicroelectronics securely to the cloud presented by enrico...
TRANSCRIPT
Trusting The Connection Transport Layer Security Enrico GregorattoConnecting to the Cloud
IoT Device Integrity – Building Trust
Raising The Bar – Use a SE Andrew MarshConclusion
Q & A
Agenda
Speaker
Presentation
2
Identifying Threats 4
Gateway
Cloud Service
Network
IoT Device
Fake Service
Eavesdropper
Tampering with Data
Compromised Device Tampering with Data
Cloned or Counterfeit Device
Classes of Attacks
IoT Device
Internet
5
Misuse of network protocols• Exploit communication protocol errorsFlaws in software design / implementation
Software Attack
Cloud Service
Device de-packaged• Circuit analysis and probingFault injection• Laser beam
Silicon Level Attack
BOX
With the case opened / removed• Test / debug port access• Inter device bus and IO probing• Reset, clock attacks• Power analysis• Temperature / electrical attacks (glitch,
overvoltage)
Board Level Attack
ATTACKS
Classes of Attacks
IoT Device
ATTACKS
Internet
6
Misuse of network protocols• Exploit communication protocol errorsFlaws in software design / implementation
Device de-packaged• Circuit analysis and probingFault injection• Laser beam
BOX
With the case opened / removed• Test / debug port access• Inter device bus and IO probing• Reset, clock attacks• Power analysis• Temperature / electrical attacks (glitch,
overvoltage)
Confidentiality• Data / Identity Protection• Secure Communications• Secure Storage
Integrity and Availability• Secure Boot• Secure Firmware Upgrade• Trusted Processing
Authentication• Device to Server• Server to Device
SOLUTION
Silicon Level Attack
Board Level Attack
Software Attack
Cloud Service
Secure Communications 8
• Cloud Services have selected to use a standards based secure communication protocols
• Cloud Services vendors use "lightweight" messaging protocols like • MQTT - Message Queue Telemetry Transport (ISO / IEC PRF 20922) • CoAP - Constrained Application Protocol (RFC7252)
• These messaging protocols were designed for connections with remote devices with limited resources (memory / CPU) or where network bandwidth is limited
• These messaging protocols use Transport Layer Security (TLS) to secure communications
Secret KeyCryptography(Symmetric)
CryptographyOne Key or Two?
10
Data File Data FileData File
Clear Text Clear Text
Cipher Text
Encryption Decryption
Sender ReceiverCommunicationsChannel
Public KeyCryptography(Asymmetric)
Data File Data FileData File
Clear Text Clear Text
Cipher Text
Encryption Decryption
PrivatePublic
CryptographyHASH Algorithms
• Cryptographic Hash• Easy to compute and quick• A one way function, non-reversible (computationally infeasible to obtain the original
message from the hash), unique (practically impossible for two different messages to generate same result)
• Used in many processes like authentication, secure boot, secure downloads
• NIST (Secure Hashing Algorithm) SHA-2, SHA-3
11
Data FileCode File
Clear Text
Hash ValueOne Way Function
Hash function has no key, and the clear text can not be recovered from the hash value
CryptographyDigital Signatures
• Digital Signatures• Used to check the authenticity of information - code, files, messages, Public Keys
12
Sign / Encrypt
Signing Code File
Clear Text
Hash Hash Value
Private
Using RSA
Verify / Decrypt
Authentication
Public
Hash Value
Code File
Clear Text
Hash Calculated Hash Value
Compare If the Hash values areequal the file is authentic
Using RSA
Transport Layer Security• Transport Security Layer - TLS (RFC 5446) protocol provides -
• Device / Server Authentication (optional) • making use of asymmetrical crypto like :- RSA and ECC
• Information Confidentiality / Data Protection • key exchange crypto like:- Diffie-Hellman • encryption using symmetric ciphers like :- AES, Triple DES
• Message Integrity
• Makes extensive use of X.509 certificates and a Public Key Infrastructure
• Device authentication may be carried out at the Application Layer
• A IoT Device due to its limited capabilities (memory/processing) does not need to support a full crypto suite
14
TLS Exchange Overview 15
IoT Device
IP Connection
Cloud Service
Server’s Certificate
Client Hello
Data File
Cipher Text
Server ClientHello !
AES
Data File
Clear Text
Data File
Clear Text
AES
SecuredLink
Session
Crypto
Diffie-Hellman key exchange Establish a
shared key
Sessionkey
Crypto
Server’s CA Certificate
Mutual Authentication
Digital Signature
Authentication
Crypto
CryptoDevice
Key-Pair
Device Certificate
RNG
Device Certificate
Example of Registering to Cloud Service1) Gather the End-Point Credentials and
Server CA Certificate2) Generate a Public/Private key pair3) Create a Certificate Signing Request (CSR)4) Request a Device Certificate5) Register the Device Certificate into Your
IoT Account6) Program Certificates, End-Point
Credentials and keys into the IoT Device
17
Cloud Service
Your IoTAccount
Server’s CA Certificate
Device Key-Pair
BOX
Server’s CA Certificate
Device Key-Pair
End-Point Credentials
DeviceCertificate
IoT Device
DeviceCertificate
DeviceCertificate
DeviceCertificate
SigningProcess
CSR
TLS
Now the IoT Device can establish a secure communications
channel with the Cloud Service
End-Point Credentials
Server’s CA Certificate
Registering Demo to Cloud Service1) Gather the End-Point Credentials and
Server CA Certificate from the Cloud Services Provider
2) Request a Device Certificate and Public/Private key pair
3) Register the Device Certificate into Your IoT Account with the Cloud Services Provider
4) Program Certificates, End-Point Credentials and keys into the IoT Device
18
Cloud Service
Your IoTAccount
Server’s CA Certificate
Server’s CA Certificate
Device Key-Pair
End-Point Credentials
DeviceCertificate
DeviceCertificate
DeviceCertificate
Device Key-Pair
DeviceCertificate
CryptoProcess
TLS
Now the IoT Device can establish a secure communicate channel
with the Cloud Service
End-Point Credentials
Server’s CA Certificate
BOX
IoT Device
Handling TLS Credentials
• Protect the keys (especially the Private Key )
• Store certificates and other credentials such that they cannot be easily replaced
• 95% attacks today are software
19
BOX
Server’s CA Certificate
Device Key-Pair
End-Point Credentials
DeviceCertificate
IoT Device
Classes of Attacks
IoT Device
Internet
21
Misuse of network protocols• Exploit communication protocol errorsFlaws in software design / implementation
Software Attack
Cloud Service
Device de-packaged• Circuit analysis and probingFault injection• Laser beam
Silicon Level Attack
BOX
With the case opened / removed• Test / debug port access• Inter device bus and IO probing• Reset, clock attacks• Power analysis• Temperature / electrical attacks (glitch,
overvoltage)
Board Level Attack
ATTACKS
Security Needs for an IoT Device 22
Cloud Service providers wish to protect their services, their network and their brand Information/data confidentiality and
integrity through the use of cryptography Trust-worthiness through
cryptographic authentication between communicating devices Trust-worthiness of the platform
through device integrity
Foundation of Trust
Physical Layer• Network physical layer security• e.g. WiFi – WPA2, 802.11i,
Security Layering• Silicon Security Features
• Used to establish a robust platform on which trusted processes and associated cryptography can be performed
• Secure Boot-Loader (SB)• Establishing a Root-of-Trust• Verifying firmware image on every boot
• Secure Firmware Update (SFU)• Building a system that can evolve to counter new
threats, add new functionality, fix bugs in a controlled and secure way once device is in the field
24
Application• Access control and right management• Feature and product management
Secure Communications Layer• TLS / DTLS
Device Security Services• Secure Boot, Secure Firmware Update
Silicon Security Features
RDP WRP MPUPCROPFirewall
Secure Boot• Secure Boot uses cryptographic functions to confirm the authenticity of
firmware before allowing it to run
• A multi-stage boot process consists of each stage authenticating the next
25
First Stage
Code
Cert.Reset
Chain of Trust
Second stage
Loader
Code Cert.
AuthenticatesTrusted
Third Stage
RTOS
Code Cert.
Authenticates
Application
Authenticates
Secure Boot Process• Performed after a RESET, using a Public Key stored in the device
• It is a stateful process for predictable behavior
26
State Based Process
Reset
Trusted
Verify / Decrypt
Code Authentication
Public
Hash Value
File
Code Image
Hash
Calculated Hash Value
Compare
OK
NOK
Reload
Run Code
RESET
Secure BootState Machine
Jump to User App
Disable DMAs
Secured by the M
emory Protection U
nit
ConfigureWRP/RDP/PCROP
Secure Boot Flow 27
FirewallProtection
Exit Protected Enclave
Enter Protected Enclave
Disable IRQs
Enter Firewall
Exit Firewall
Secure Processing
Enable IRQs
Enclave
Enable MPU
Disable MPU
Zero’s SRAM
Enable Firewall
• Secure Processing Environment• Secure cryptographic functions• Protected access to Shared Info. data-space
• Single access point – Call Gate• Code segment cannot be executed without
passing through it• Volatile and Non-Volatile Data cannot be
accessed from outside
• Environment Configured to protect -• Volatile data (SRAM) • Non-volatile data (FLASH)• Code - no jump calls
Secure Processing 28
SRAM Non Secure Region
SRAM
Firewall Protection
User App #2 or
Download Area (opt)
SB: SFU-En Boot
SFU: SFU-En App
User App #1
Secure Processing
Shared Info.
Non Protected Data
C-STACK
Protected Volatile Data
Secure Region
Keys
Enclave
FLASH
SingleAccessPoint
Secure Engine APIs 29
Firewall Protection
user_file.c
secure_engine.o/.h
Exit Protected Enclave
Enter Protected Enclave
Disable IRQs
Enter Firewall
Exit Firewall
Secure Processing
Enable IRQs
Secure Engine APIs
Enclave
• Wrapper of internal protected functions
• Encryption / Decryption• Shared Info. - Read / Write
• User-level APIs handling• Parameter parsing for the single
Secure Engine • Entering and exiting of the secure
environment
Handling TLS Assets 31
IoT Device
IPConnection
Cloud Service
MCUServer’s CA Certificate
Device Certificate
Device
Key-Pair
Comms Sensor
• Make use of the security mechanisms provided by the MCU to protect code, cryptographic functions and protect the keys (especially the Private Key )
• Store certificates and credentials in such that they cannot be easily replaced
End-Point Credentials
Crypto
Firewall
Sensor MCU
CommunicationsDevice
Device Security Services
Silicon Security Features
Cloud Service
Classes of Attacks
IoT Device
BOX
Internet
33
With the case opened / removed• Test / debug port access• Inter device bus and IO probing• Reset, clock attacks• Power analysis• Temperature / electrical attacks (glitch,
overvoltage)
Misuse of network protocols• Exploit communication protocol errorsFlaws in software design / implementation
Device de-packaged• Circuit analysis and probingFault injection• Laser beam
Board Level Attack
Remote Software
Attack
Silicon Level Attack
ATTACKS
Add a Secure Element 34
Sensor MCU
CommunicationsDevice
STM32
Communication Device
Sensor
MCU SecureElement
STSAFESecure Element
To Improve Integrity
Adding a Secure Element 35
STM32
STSAFE
Sensor MCU
CommunicationsDevice
SecureElement
• A Secure Element is designed to thwart silicon invasive attacks
• Independently assessed, achieving very high standards like EAL5+ Common Criteria Certified
• Protects keys and performs cryptographic functions (ECC, AES)
• For Secure Communications, Boot and Firmware Updates
• Provides a Secure Data Store
• Secure keys and certificates are provisioned during the manufacturing process
TLS Exchange using an MCU 36
IoT DeviceCloud Service
Diffie-Hellman key exchange
Server’s CA Certificate
Establish a shared key
Device Certificate
Server’s Certificate
Client Hello
Mutual Authentication
Data File
Cipher TextData File
Clear Text
AES
Hello !
SecuredLink
Session
Sessionkey
Digital Signature
Authentication
Crypto
Crypto
Device
Key-Pair
Device Certificate
MCU
STM32
RNG
TLS Exchange with Secure Element 37
IoT DeviceCloud Service
Diffie-Hellman key exchange
Server’s CA Certificate
Establish a shared key
Device Certificate
Server’s Certificate
Client Hello
Mutual Authentication
Data File
Cipher TextData File
Clear Text
AES
Hello !
SecuredLink
Session
Sessionkey
Digital Signature
Authentication
Crypto
Crypto
Device
Key-Pair
Device Certificate
MCU
STM32
Secure Element
STSAFE
I2C
RNG
Data File
Session Key
Pairingkey
Crypto
• Put Secret Keys• Store Certificates
Production Flow with PersonalizationStandard MCU
CUSTOMERPackageDiffusion and Test
Fabrication
Factory Personalization
HardwareSecurityModule
38
CM / OEM
MCU Code
Products
Trusted ?
Device
Key-Pair
• Put Secret Keys• Store Certificates
Production Flow with Personalization Secure Element
CUSTOMERPackage PersonalizationDiffusion and Test
Fabrication and Personalization Phases
Approved by
ST Secure Factory Personalization
HardwareSecurityModule
39
CM / OEM
MCU Code
+
Products
Factory Personalization
Device
Key-Pair
Impact on Software Stack• The Secure Elements crypto functions replace software
implementations in the Crypto Library
40
TLSCryptoLib
MQTT
Application
STSAFE
Driver
Crypto FunctionsIP StackOS
TLSCryptoLib
MQTT
Application
HAL
CPU, Crypto H/W, Interfaces
IP Stack
OS HAL
CPU, Crypto H/W, Interfaces
SE Driver
I2C Secure Element
Conclusion• Internet of Things presents a wealth of opportunities, a growth for commerce but an
increased of risk of theft, mischief and damage or loss of life• Secure communications is essential for success
• Secure and trustworthy IoT devices, well fortified against threats, are essential• Design products resistant against threats throughout their life-cycle• Most of the software related attacks today can be thwarted by good firmware
development practices
• Consider enhancing your IoT Devices integrity by using a Secure Element
42
ST Solution for Security in IoT 44
With STM32 Nucleo and sensors Expansion Board
Secure MCU
CLOUD
Service Provider
Secure Boot
Encryption
Authentication
Solution for IoT Device