what is a secure element

SECURE ELEMENT
THE CORNER STONE
FOR A SAFE
CONNECTED OBJECT
GUILLAUME CRINON
BUSINESS DEV MANAGER
INTERNET OF THINGS – OUR OPPORTUNITY
Internet of Everything
People
6B
Third step
2005M2M - IoT
Lower cost connection
Lower power connection
Booming mkt
May 15
Things
20-50B
Data
First step
19901G/2G/3G/4G
xDSL/Fiber/Sat
Mature mkt
Second step
1995Data centers
Cloud computing
Booming mkt
THE IOT IS OUR 2ND TELECOM REVOLUTION
• Connecting people was once luxury, a
• Connecting “things” was once luxury
• Connecting people is now a mature
• Expanding the market of connected
privilege reserved to the rich
business reaching saturation
reserved to high-end machines
“things” is simply pushing down the cost
boundary
Complex machine
Simple machine
Hardware
value of the
connected
“thing”
Complex object
Simple object
Smart sensor
Disposable sensor
May 15
Connected
Not worth connecting
BEING CONNECTED IS GREAT UNLESS…
… you get exposed while poorly protected
May 15
4
HOW SECURE ARE STANDARD MCUS ?
It takes 16min, a laptop,
Matlab, a 150€ USB
oscilloscope & probe to
extract an AES128 key
from any non-secure MCU
May 15
Courtesy of Driss Aboulkassimi – CEATech – FR – driss.aboulkassimi@cea.fr
5
SPENDING MONEY ON SECURITY
• Security requirements depend both on the value of what is being protected
and the anticipated attacks
• Questions to ask
• How valuable is the data or service being protected?
• To whom is it valuable to?
• Who does the system require me to trust?
• What are the skills/time/resources necessary to attack the system?
• What would the cost of compromise be, including loss of time and
manpower, loss of reputation, costs to fix already fielded systems?
May 15
6
RISK ASSESSMENT MATRIX
LIKELIHOOD
Near certainty
$
$$$$
$$$$$$$
$$$$$$$$
$$$$$$$$
$$
$
$$$$
$$$$
$$$$$$$
$$$$$$$$
$
$
$$$$
$$$$$
$$$$$$$
$
$
$$
$$$$
$$$$$$
$
$
$$
$$$
$$$$$$
Highly likely
Likely
Low likelihood
May 15
CONSEQUENCES
Severe
Significant
Moderate
Minor
Minimal
Not likely
7
SHIFTING RISK ASSESSMENT MATRIX
LIKELIHOOD
Near certainty
$
$$$$$$
$$$$$$$
$$$$$$$$
$$$$$$$$
$$
$
$$$$$
$$$$$
$$$$$$$
$$$$$$$$
$
$$$
$$$$$
$$$$$
$$$$$$$
$
$
$$$
$$$$$
$$$$$$
$
$
$$
$$$$
$$$$$
Highly likely
Likely
Low likelihood
May 15
CONSEQUENCES
Severe
Significant
Moderate
Minor
Minimal
Not likely
8
ATTACK TREE – COST OF ATTACK
Do not pay for
water at home
Fool data reporting
to concentrator
Slow down meter
Alter electronics
Alter mechanics
Alter firmware
Report fake water
consumption with
dummy meter
Insert pulse divider
between spinning
contact and
counter
…
Disassemble
firmware and
reprogram
Reverse engineer
wireless protocol
and security key
May 15
Hack my record @
water company
Find back-door on
water company IT
system
Bribe employee
9
SECURE CONNECTIVITY PROTOCOL MODEL
Network association request
Object identity check
(Network identity check)
(Exchange of session key(s)
and nonces)
Exchange of messages
Encryption - Integrity
May 15
10
SECURITY TOOLBOX FOR CONNECTED OBJECTS
= CRYPTOGRAPHY
Access control
Non-repudiation
Authentication
Signature
Authentication
Secure
memory
Signature
Data integrity
Anti-cloning
IP protection
Encryption
Confidentiality
May 15
11
CRYPTOGRAPHY IS A SCIENCE
DEFINITIONS 1/2
• Authentication
• Proving someone’s identity by
verifying the validity of identification
parameters:
•
•
•
•
•
PIN code
Secret key
Password
Biometrics
Certificate
• Encryption
• Encoding messages so that
unauthorized readers cannot
understand them
• ≠ Steganography
• Concealing the messages from
unauthorized readers
May 15
12
CRYPTOGRAPHY IS A SCIENCE
DEFINITIONS 2/2
• Integrity
• Providing evidence that a message
has not been altered by a third party
•
Checksum can be considered as a
very basic integrity algorithm
• Digital signature
• Association of
•
Authentication of sender
•
Integrity of message
• Secure Element
• Crypto-dedicated IC
• Tamper-resistant to side-channel
attacks
•
May 15
Vault for keeping secret keys
13
STATE-OF-THE-ART CRYPTOGRAPHY IN HISTORY
ANTIQUITY TO MODERN TIMES
Scytale –
transposition
Bellaso,
Vigenère,
Gronsfeld –
polyalphabetic
substitution
Caesar’s substitution
cipher
-700
-150
0
800
Birth
of
private
key
1500
Plaintext A V N E T M E M E C
T E C H D A Y T E C
Key
Ciphertext T Z P L W M C F I E
Polybius
square
May 15
Abu Yusuf Al-Kindi,
invents frequency
analysis and breaks
Caesar’s cipher
STATE-OF-THE-ART CRYPTOGRAPHY IN HISTORY
CONTEMPORARY PERIOD
Diffie-Hellman
invention of
public key
1880
Sir William
Herschel fingerprints
1900
1920
First transatlantic
radio
transmission
SSH
PGP
1945
AES
WEP
Radio
ENIGMA
May 15
RSA
Rivest, Shamir,
Adleman
Alan Turing
Claude Shannon
Modern
cryptography
Franck Miller
One-Time-Pad –
Polyalphabetic
substitution
“Perfect secrecy”
Wireless
www
& IoT
www
1975
EMVco
UWB
CDMA
1990
DES
WPA
2000
IPv6
SHA-0
Banking
smart card
SIM card
SSL
TLS
ECC
Koblitz, Miller
Cheap Secure
Element
WPA2
2010
SHA-2
802.15.4
iPhone
SHA-3
LWC
CRYPTOGRAPHY IS MATURE
• Since RSA, AES, ECC, SHA, cryptography has reached maturity
• “Cryptography is now by far the best settled part of Information Security”
(Whitfield Diffie, 2005)
• Computational complexity for brute-force attack ~ 2^length(key)
• 2048-bit key takes 2^2048 ~ 10^600 steps to solve
• 10^82 atoms in universe
• Assuming // computing with 1 computer per atom still takes > 10^500
steps per computer
•
•
May 15
Assuming lightning-fast computing with 10^100 steps per second
Computation would take 10^400 seconds >> life-time of galaxy
16
SO WHY IS NOTHING SECURE ?
• Human factor
• Strange tendency to use “home-brewed” cryptosystems
• Misunderstanding properties of crypto components
• Easy to get implementation wrong – many subtleties
• Combining secure primitives in insecure way
• Strict efficiency requirements for crypto/security:
 The cost is visible but benefit invisible
• Compatibility issues, legacy systems
• Cryptography is only part of designing secure systems
• Chain is only as strong as weakest link
• A “dormant bug” is often a security hole
• Many subtle issues (e.g., caching & virtual memory, side channel attacks)
• Key storage and protection issues
May 15
17
BUILDING AN UNSECURE SYSTEM
WITH ALBEIT SECURE ELEMENTS
May 15
18
WHAT IS A UICC (SIM CARD) ?
Customized and personalized by the MNO/VNO for the subscriber
MNO profiles
SMS & directory
storage
Crypto Library
Key Management
32 bit
CPU
SHA
ECC
RSA
AES
3DES
Phone locking
Hidden MNO
functions
JavaCard OS
Applet Management
Secure Storage
Applet Installer
TIMER
True
Random
Gen.
Flash
RAM
JavaCard Applets
ISO7816
protocols
Secure Firmware
I/O
Secure Hardware
Interface
May 15
19
WHAT IS A SECURE ELEMENT ?
Customized and personalized by AVNET for the client
Crypto Library
Key Management
32 bit
CPU
Counterfeiting
applet
Usage Control
applet
Tracking
applet
SHA
ECC
RSA
AES
3DES
IP protection
applet
I²C
&
ISO7816
protocols
Applet Management
Secure Storage
Applet Installer
TIMER
True
Random
Gen.
Flash
RAM
I/O
Applets
Secure Firmware
Secure Hardware
Interface
May 15
20
2G/3G/4G
CONNECTIVITY PROTOCOL (SIMPLIFIED)
Network association request
Object identity check
Network identity check
Exchange of session key(s)
and nonces
Exchange of messages
Encryption - Integrity
May 15
21
2G/3G/4G
HW SECURITY HANDLED BY UICC (SIM CARD)
unique ID and keys
safely locked inside
UICC (SIM card)
Network association request
Object identity check
Network identity check
Exchange of session key(s)
and nonces
Exchange of messages
Encryption - Integrity
May 15
22
OTHER LAN AND WAN
SAME CONNECTIVITY PROTOCOL MODEL
Network association request
Object identity check
(Network identity check)
(Exchange of session key(s)
and nonces)
Exchange of messages
Encryption - Integrity
May 15
…
23
OTHER LAN AND WAN
HW SECURITY HANDLED BY SECURE ELEMENT
unique ID and keys locked in
Secure Element by AVM Factory
Network association request
Object identity check
(Network identity check)
(Exchange of session key(s)
and nonces)
Exchange of messages
Encryption - Integrity
May 15
…
24
100% SECURE SUPPLY CHAIN
Supply chain is EMV Co compliant
Customer
Secure
boot-loader
Chip is
« unlocked »
Firmware &
Applet are
loaded
Chip is personalized
with secret keys
Every chip is unique
Secure
logistics
User keys and certificates
are generated by Avnet’s
secure servers
May 15
25
BEYOND WIRELESS
APPLICATIONS OF A SECURE ELEMENT
Authentication of
removable part,
consumable, electronic
board….
Protection against
unauthorized
modifications of
software
Integrity control of
every node of a
network
Sensitive data secure
storage
Usage control of
peripherals (medical)
Secure login to
remote system
Anti-Cloning
May 15
Secure tracking
IP protection
Usage control
26
COST EFFECTIVE SAFETY IS REALITY
SECURITY
LEVEL
Do not dive here
Ask our experts
COST
May 15
27
GLOSSARY
• AES: Advanced Encryption Standard
• CBC-MAC: Cipher Block Chaining
Message Authentication Code
• CCM*: Counter with CBC-MAC
• CDMA: Code Division Multiple Access
• DES: Data Encryption Standard
• ECC: Elliptic Curve Cryptography
• LWC: Lightweight Cryptography
• MAC: Message Authentication Code
• PGP: Pretty Good Privacy
May 15
• PKI: Public Key Infrastructure
• PRF: Pseudo-Random Function
• PRNG: Pseudo-Random Number Generator
• RSA: Rivest, Shamir, Adleman
• SHA: Secure Hash Algorithm
• SSL: Secure Sockets Layer
• TLS: Transport Layer Security
• UWB: Ultra-Wide Band
• WEP: Wired Equivalent Privacy
• WPA: WiFi Protected Access
28
BIBLIOGRAPHY – FURTHER READING
CREDITS TO…
• Boaz Barak course @ Princeton
http://www.cs.princeton.edu/courses/archive/spr10/cos433/
• Bruce Schneier https://www.schneier.com/
• Simon Singh http://simonsingh.net/books/the-code-book/the-book/
• Whitfield Diffie – Before and After Public-Key Cryptography
http://www.youtube.com/watch?v=1BJuuUxCaaY
guillaume.crinon@avnet-memec.eu
May 15
29
Thank you
May 15
30
PRIVATE KEY – SYMMETRIC ALGORITHMS  AES
• Alice & Bob want to exchange messages without Eve understanding
• Private key
 Same key shared by Alice & Bob, unknown to Eve
EVE
ALICE
BOB
Shares with Bob
a secret key k
Shares with Alice
a secret key k
Encodes m into
c=m⊕k
c=m⊕k
Decodes c into
m=c⊕k
Not secure in the long-term because key k is re-used
 EVE will eventually guess it
May 15
31
PRIVATE KEY – SYMMETRIC ALGORITHMS  AES
IMPROVEMENT WITH RAND NUMBER GENERATOR
• Alice & Bob want to exchange messages without Eve understanding
• Private key
Same key shared by Alice & Bob, unknown to Eve
ALICE
BOB
EVE
Shares with Bob a
secret key k and
PRF Fk
Shares with Alice a
secret key k and
PRF Fk
Generates random
number r
Computes Fk(r)
Computes Fk(r)
Decodes c into
m = c ⊕ Fk(r)
Encodes m into
c = m ⊕ Fk(r)
Secure because key Fk(r) is randomized for every message
May 15
32
DIFFIE HELLMAN KEY CONTRACT
• Is it possible to exchange privately between 2 entities not requiring them
trusting each other, ie not having them disclose any secret ?
PUBLIC
P very large prime number (2048 bits) – g primitive root mod P
Group theory – Arithmetic modulo P
ALICE
EVE
BOB
Has a secret x
Calculates g^x
Has a secret y
Calculates g^y
Calculates key
(g^y)^x = g^xy
Calculates key
(g^x)^y = g^xy
Encodes m into
c = m.g^xy
c = m.g^xy
Decodes c into m
= c.(g^x)^(|G|-b)
• Eve eavesdropping has a very complex maths problem to solve !!
May 15
 Discrete logarithm problem
33
PUBLIC KEY – ASYMMETRIC ALGORITHMS  RSA
• Application: 1 public key used for encryption paired with 1 private key for
decryption
PUBLIC
n=prime_1 x prime_2 ; e coprime with (prime_1-1)x(prime_2-1)
Group theory – Arithmetic modulo P
ALICE
EVE
Uses public key
e to encode m
Encodes m into
c = (m^e)mod n
c = (m^e)mod n
BOB
Knows prime_1 &
prime_2
Calculates
p=(prime_11)x(prime_2-1)
Calculates d=e^-1
mod p
Decodes c into m
= (c^d) mod n
• Eve eavesdropping has a very complex maths problem to solve !!
May 15
 Discrete logarithm problem
34
AUTHENTICATION  SHA
INTEGRITY
• Alice sends Bob a message with a digital signature proving:
 The message comes from her
 The message has not been altered by a third party
ALICE
BOB
Shares with Bob a
secret key k
Shares with Alice a
secret key k
Computes
M=MAC(k,m)
m, M
Computes
MAC(k,m)
If MAC(k,m)=M then
message and
sender are
authenticated
May 15
35