Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for.

Similar presentations


Presentation on theme: "Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for."— Presentation transcript:

1 Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for the System Designer - A. Raghunathan, S. Ravi, S. Hattangady, J. Quisquater (DATE’ 03) 2. Masking Energy Behavior of DES Encryption - H. Saputra, N. Vijaykrishnan, N. Kandemir, et al. (DATE’ 03) 3. Wireless Network Security - Tom Karrygiannis and Jes Owens, NIST

2 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards –Power analysis based attack  Masking Energy Behavior for DES Encryption (DATE’ 03)

3 Introduction  Mobile appliances widely used (PDAs, Cell Phones, Smart Cards, etc.)  Involves sensitive information: increased security concerns  Success of emerging technologies to depend on ensuring adequate security –Security cited as single largest concern among prospective m-commerce users

4 Unique Challenges  Knowledge and experience from wired internet gives us a head start (not sufficient)  Unique challenges: –Use of public transmission medium –Potentially unlimited points of access –Vulnerable to theft, loss, and corruptibility –Constraints on power, cost, and weight  Need for techniques at every aspect of design to meet the challenges

5 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards  Masking Energy Behavior for DES Encryption

6 Tamper-resistant Implementation Secure SW Execution Secure Content Secure Network Access User Identification Secure Storage Secure Data Communication Security Issues

7 Secure Data Communication  Employ security protocols to various layers of network protocol stack –Achieve peer authentication, privacy, data integrity etc. –cryptographic algorithms act as building blocks  Examples Network layer protocols: –Cellular technologies: GSM, CDPD –Wireless LAN: IEEE –Wireless PAN: Bluetooth  Distinct protocols needed at various layers –Network layer protocol secures link between wireless client, access point, base station or gateway –Need complementary security mechanisms at higher protocol layers (Eg. WTLS in WAP)

8 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards  Masking Energy Behavior for DES Encryption

9 Design Challenges  Various challenges and considerations for mobile appliance security –Flexible security architecture: to support diverse security protocols and crypto algorithms –Computational requirement for security processing –Impact of security processing on battery life –Tamper-resistant implementation

10 Flexibility  Ability to cater wide variety of security protocols –Example: Support for both WEP and 3GPP algorithms to work in LAN and 3G cellular environments  Support for distinct security standards at different layers of network protocol stack –Example: WEP (link layer) and SSL (transport layer) support for wireless LAN enabled PDA with web support  Security protocols continuously evolving continuously evolvingcontinuously evolving –Protocols revised to enable new security services, new crypto algorithms etc.

11 Computational Requirements Processing Requirements for a security protocol using RSA based Connection 3DES based encryption/decryption and SHA based integrity

12 Battery life  Reduced battery life due to increased computational requirements  Case study: Sensor node with Motorola Dragon Ball processor (MC68328)  Energy Consumption: –Transmission: 21.5 mJ/KB –Reception: 14.3 mJ/KB –RSA based encryption: 42mJ/KB 42mJ/KB

13 Tamper-Resistance  Security protocols and mechanisms are independent of implementation specifics –Assumption being malicious entities do not have access to implementation  Observing properties of the implementation can enable breaking of ‘secret key’  Sensitive data is vulnerable –During on-chip communication –When simply stored in mobile appliance (secondary storage like flash, main memory, caches, register files)

14 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards  Masking Energy Behavior for DES Encryption

15 Security Attacks on Smart Cards  Security attacks on smart cards can be classified as: –Microprobing  Invasive technique that manipulates the internal circuits –Software attacks  Focuses on protocol or algorithm weakness –Eavesdropping  Hacks secret keys by monitoring power consumption, EM radiation, and execution time –Fault generation  Based on intentional malfunction of the circuit  Techniques like supply voltage change, exposing circuit to radiation etc.

16 Eavesdropping power profile Eavesdropping power profile  Rationale: Power consumption of an operation depends on its operand values –Operands are plain text and secret key in crypto algorithms –Switching activity varies in memory, buses, datapath units, and pipeline registers based on operand values  Different degrees of sophistication involved in power analysis based attacks –Simple Power Analysis (SPA): uses single power profile –Differential Power Analysis (DPA): uses power profiles from multiple runs

17 Simple Power Analysis  Based on single power trace for operations  Identify operations being performed based on power profile –Whether a branch is taken or not –Whether an exponentiation operation is performed or not  Knowing the algorithm and power profile, secret key can be revealed  Protection from SPA: –Code restructuring –Random noise insertion for power variation –Adding dummy modules

18 Differential Power Analysis  Utilizes power profiles gathered from multiple runs  Basic principle similar to SPA: relies on data dependent power variation to break key  Averaging used to eliminate random noises  P.Kocher, J. Jaffer, and B. Jun “Introduction to Differential Power Analysis and Related Attacks”,

19 Outline  Introduction  Security Concerns  Design Challenges  Security Attacks on Smart Cards  Masking Energy Behavior for DES Encryption

20 Energy Masking for DES  Architecture to have secure and non-secure instructions –Power consumption for secure instructions data independent  Critical operations in DES encryption: –Assignment –Bit by bit addition modulo 2 (XOR) –Shift operation –Indexing operation  Instructions involving secret key replaced with secure instructions

21 Secure load instruction

22 Energy consumption profiles

23 Masking energy in DES  Energy consumption more for secure instructions than non-secure instructions –E Diss w/o masking: 46.4 uJ –E Diss w/ naïve masking: 63.6 uJ (all loads and stores masked) –E Diss w/ smart masking: 52.6 uJ (only ‘secret key’ related instructions masked)

24 Back to presentation


Download ppt "Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for."

Similar presentations


Ads by Google