SECURITY OF CONNECTED THINGS. Dr Alain MERLE Cybersecurity Program Manager

Transcription

1 SECURITY OF CONNECTED THINGS Dr Alain MERLE Cybersecurity Program Manager

2 Source: CISCO, AT&T IOT: SOME FIGURES Cisco predicts 50B of connected object by 2020 Estimated market value $2 trillion by 2020 Up-to 1 trillion sensors deployed Traffic grows by 25% per year billions Humans Connected objects 2

3 SECURITY: A SOCIETAL CHALLENGE Source: L usine digitale Source: Mobile Ecosystem Forum (MEF) Massive adoption by citizens relies on confidence on security and privacy 3

4 SECURED COMMUNICATING EMBEDDED SYSTEM Real physical object Embedded hardware and software There is physical access to the object «Telecom» link Often internet connection Use of cryptography Embedded cryptography SECURITY WEAKNESSES? ATTACKS? 4

5 SYSTEM ARCHITECTURE encryption (confidentiality) signature (integrity) certificate (authentication) acknowledgement (non repudiation) replay attack protection (nonce) DoS protection MitM protection Things Gateway SmartObject Cloud Server Application headless authentication lightweight cryptography wireless communication lightweight security protocol lightweight embedded RNG interoperability service pairing service discovery token verification secure bundle authentication authorization access rights identity management trust & reputation key distribution certificate management authentication user management cryptography security protocol embedded RNG 5 5

6 ATTACKS TOWARDS THE WIRELESS LINK Relay Independent of the crypto Man on the middle Denial of service Eavesdropping/Skimming NFC characterization Eavesdropping: > 20m Skimming: > 1m 6

7 Secured by Cryptography Channel is secured. But, if an attacker has a physical access, he can extract the keys 7

8 ATTACKS ON SECURE DEVICES Cryptanalysis RC5, MIFARE, Mathias Wagner, in 700+ Attacks Published on Smart Cards: The Need for a Systematic Counter Strategy proceedings Software of Cosade 2012 attacks Brute force attacks, Etc. Hardware attacks Buffer overflows, Brute force attacks, Attacks on protocols Etc. Extremely powerfull thanks to the direct access to the component: Example: AES-128 key cracking in minutes on a 32-bit unsecure microcontroller 8

9 HW attacks techniques Imaging / Physical Optical Microscope Electronic microscope X-ray Ultrasonic imaging Observation Power Electromagnetic emission Duration of computation Probing internal signal Light, etc. Fault Injection Under/over powering Over clocking Temperature Electromagnetic Laser, Laser cutting, etc. IP reconstruction, data extraction in ROM, sensors/protections identification, etc. Simple/differential/template /algebraic/horizontal attacks/sca dissassemby, side channel reverse engineering Corrupted execution, differential fault analysis, safeerror attacks, fault injection reverse engineering, etc. 9

10 PRACTICAL FAULT INJECTION 10

11 PROTOCOLS? Bootstrapping at high-level User device Security manager Resource Consumer Gateway WAN Session establishment Bootstrapping at low-level data source data source LAN How an user to personalize a virgin node into his network? Lowlevel bootstrapping: local credentials (eg. network access) Highlevel bootstrapping: access to the resources (eg. Service) How to have a Secure Update of the SW? How to recover from a compromised situation? How to change the ownership of an object? Source: CATRENE workshop on smartcities 11

12 COUNTERFEITING Buying a fake branded handbag for your loved one? Finding horse meet in your beef lasagna? Fake portable hard drive? Having easy access to counterfeit medicines? Counterfeiting accounts for 2% of the world trade! Expected to exceed $1.7 trillion by 2015! 12

13 ALSO IN HARDWARE Fake & genuine Atmel chips Genuine & Fake Toshiba transistors Fake chips sold to US military in 2010 (VisionTech scandal) 13

14 THE RACE FOR SECURITY All the crypto schemes are based on a secret: Key management Security is complex Needs for specialists in specification, design & validation (evaluation, certification) Theoretical resistance evolves quickly A never ending race between: Developers Evaluation labs Hackers Moore s law of microelectronics DES, TDES, AES, RSA key length, Hash fns Attack techniques Imagination, the only limit? 14

15 MOORE, MORE THAN MOORE AND The question is not if an attack will come, but when it will come 15

16 SECURING COMPONENTS Security of sensitive data? Security of programs? Confidence in HW? Caracterisation Secured solutions Unique components Testing Analysing, simulating, (AES, Couplages ) HW root of trust HW + SW countermeasures for cryptoprocessors PUF Specialization of each component Protocol analysis IDS for IOT IoT SW analysis. Run-time protection (SW protections, audits) Secure boot key management. Securing Wireless communication On chip Integrity Checking Off chip. Evaluation / Certification (CESTI) Network integrity 16

17 A «GOOD» SYSTEM SHOULD PROPOSE «End to End Security» Secured application over an unsecured architecture Safety & Security Safe kernel Availability Adapted keys management «Up to date» security components Certified security kernel Certified SW components Multi-barrier security «Trusted Computing» Integrity checking / On-line audits Evolution capabilities Facing publications or limited life-time Recovery function Ability to move to a safe state after compromising Security should define the architecture of the system and not be added at the end. 17

18 IN ADDITION No single and perfect solution «Nobody s perfect» Vulnerabilities discovered everyday Secured HW is the best solution but is not perfect Cryptography has also some limits Life time is critical Any error is an attack path Availability is a real challenge for communicating systems Evaluation / Certification is a good tool and should be developed for the IOT. 18

19 Offre du LETI SENSIBILISATION, PRÉ-ÉTUDE - Guide sur la sécurisation (en préparation) - Préanalyse ANALYSE DE RISQUES encourus en cas d attaque - Risques de sécurité classés par criticité avec des méthodologies d analyse éprouvées (EBIOS, STRIDE ) ANALYSE ARCHITECTURALE - Identification des faiblesses structurelles de l architecture - Confrontation des briques du système à l état de l art des attaques TESTS SÉCURITAIRES - Tests sécuritaires et recherche de vulnérabilité sur les dispositifs et le système - Évaluation en vue d une certification CESTI SOLUTION DE SÉCURITÉ - Intégration de patch correctif de sécurisation - Définition de spécification de bloc de sécurité - Design et intégration de bloc sécurisé (HW/SW) 19

20 Merci de votre attention