![Page 1: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/1.jpg)
HKG18-407: Hypervisors and IoT(IoT Secret Storage)
David Brown
![Page 2: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/2.jpg)
“Yes, your smart toasterreally will be spying on
you for the government”–Steve Ranger, ZDNet.com
![Page 3: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/3.jpg)
Identity● Usually what people think of with “security”● Today’s focus, a single problem: identity● Toaster talks to cloud, how does each know the other is
the right party?
![Page 4: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/4.jpg)
Secrets● tl;dr We need secrets, on both sides● toaster needs something adversary doesn’t have, and the
cloud needs something, too● Anyone getting these secrets can pretend to be that entity
![Page 5: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/5.jpg)
TLS and the Web● Server knows a private key● Generally, browser doesn’t know anything● Yes, this is a problem● Passwords handle this on the web,
that doesn’t really work very well
![Page 6: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/6.jpg)
TLS and the Web (cont.)● To avoid having to log-in to your toaster, it needs its own
secrets● Network secret vs per-device secret● Network is amazingly common● If I get that, I can be any toaster I want
![Page 7: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/7.jpg)
The Problem● Secure communication needs secrets to be stored● PSK common in IoT, needs fewer resources● Key install at provision time● If key leaks, devices can be spoofed● Vulnerability in code allowing read can reveal these to
attacker, can even happen over a network
![Page 8: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/8.jpg)
Secrets● Threat model shows this is an important area of attack● “normal” TLS needs to authenticate, that is a secret● IoT modes such as PSK and bare keys need to store
secrets as well
![Page 9: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/9.jpg)
My Four Solutions● These are arm™ specific (I work for Linaro)● Somewhat Zephyr specific, but not really● Aside from “don’t bother”, I want to hear other ideas
![Page 10: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/10.jpg)
Outside Ideas● TrustZone™
○ Larger CPUs. Common in Arm “A” CPUs○ Example of OP-TEE implemented with this○ Not really helpful with “M” CPUs
![Page 11: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/11.jpg)
Outside for ‘m’● TrustZone™ for Armv8-M
○ Allows a trusted environment to separate secrets○ But only available on Armv8-M cores
![Page 12: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/12.jpg)
Linux-style● Privilege Separation, Linux-style userspace
○ Really wants an MMU, even this is heavy with small memory○ Lots of code on the wrong side of the barrier: network stacks, etc.
Doesn’t satisfy least privilege
![Page 13: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/13.jpg)
What Else CanWe Do?
![Page 14: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/14.jpg)
The Four● Tell everyone to only use Armv8-M● Improve Privilege Separation● Separate CPUs● A Hypervisor-ish approach
![Page 15: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/15.jpg)
Only v8m● Tell people to only use Armv8-M● Lots of existing chips, and new designs still using
Armv7-M● Likely to always be a cost issue
![Page 16: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/16.jpg)
Privilege Separation● Move more code to userspace (network)● Gets complex● Still lots of code to trust● Wants an MMU and more RAM
![Page 17: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/17.jpg)
Separate CPU● Security on its own core (in same SoC)● Temptation to put more code on it (network)● Can be a practical solution
![Page 18: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/18.jpg)
Hypervisor-ish● Use what we have in Armv7-M● Run Zephyr in user mode● It makes hypervisor calls when needs privilege ops● IRQs are complex, need split handling● mbed uVisor as example (but it does much more)
![Page 19: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/19.jpg)
Recommendations● Well● All four
![Page 20: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/20.jpg)
Recommendations● Support Armv8-M where it can be used, best overall● Make user/kernel separation better, at least will help larger
systems and those with MMUs● Define a dual-CPU example with security on other CPU● Prototype the hypervisor, determine if effective/practical
![Page 21: HKG18-407: Hypervisors and IoT (IoT Secret Storage)connect.linaro.org.s3.amazonaws.com/hkg18/... · PSK common in IoT, needs fewer resources Key install at provision time If key leaks,](https://reader034.vdocuments.mx/reader034/viewer/2022050201/5f54be2d15c4e75f355e738a/html5/thumbnails/21.jpg)
Thank You
#HKG18HKG18 keynotes and videos on: connect.linaro.orgFor further information: www.linaro.org