Presentation is loading. Please wait.

Presentation is loading. Please wait.

CHAPTER REPORT BY EUSTACE ASANGHANWA PHYSICAL TAMPER RESISTANCE Physical Tamper ResistanceEustace Asanghanwa 1.

Published byZaria Longbottom Modified over 9 years ago

Similar presentations

Presentation on theme: "CHAPTER REPORT BY EUSTACE ASANGHANWA PHYSICAL TAMPER RESISTANCE Physical Tamper ResistanceEustace Asanghanwa 1."— Presentation transcript:

1 CHAPTER REPORT BY EUSTACE ASANGHANWA PHYSICAL TAMPER RESISTANCE Physical Tamper ResistanceEustace Asanghanwa 1

2 OVERVIEW OF TALK Ross Anderson on Physical Tamper Resistance Chapter report Critique Commentary on Tamper Resistance since 2000 Physical Tamper ResistanceEustace Asanghanwa2

3 KEY TAKE-AWAY A well-grounded understanding of the concept of tamper resistance Physical Tamper ResistanceEustace Asanghanwa3

4 ROSS ANDERSON ON PHYSICAL TAMPER RESISTANCE SECURITY ENGINEERING, 1 EDITION CHAPTER 14 Physical Tamper ResistanceEustace Asanghanwa4

5 HISTORICAL ATTACK TECHNIQUES Attack ObjectVulnerability Keys in PROMLaxity in custody Keys in sealed encasementsEncasement seals Tamper sensing barriersExposure from covering exposure EOL processors via dumpster divingMemory ‘permanent’ remanence RAM content via freezingLonger ‘temporal’ remanence Electromagnetic egressRemote analysis and key extraction Physical Tamper ResistanceEustace Asanghanwa5

6 SECURITY PROCESSOR EXAMPLES ChipSecurityNotes iButtonMediumKeys in RAM No tamper sensing barrier DS5002MediumBus encryption Cipher instruction search attack Capstone/ClipperMediumClaims tamper resistance 16-bit checksum easily brute forced Smartcards & MCUHighSecure application processor Security by obscurity until Pay-TV Physical Tamper ResistanceEustace Asanghanwa6

7 ATTACKER CLASSIFICATION ClassificationDescription Class 1Clever outsiders Class 2Knowledgeable insiders Class 3Funded organizations FIPS PUB 140-1 (Effective 1994)Additive Requirements Level 1Basic security e.g. cryptography Level 2Tamper evidence Level 3Procedural tamper proofing Level 4Environmental tamper proofing Physical Tamper ResistanceEustace Asanghanwa7

8 ATTACKS ON SMARTCARDS Protocol Analysis Anti-tearing Cover V PP Single stepping Micro probing Memory linearization Cryptographic co-processor interfaces FIB through shields Physical Tamper ResistanceEustace Asanghanwa8

9 STATE OF ART SECURITY ARCHITECTURE State of Art Defense in depth (eliminate single points of failure) Tamper resistance versus tamper evidence Stop loss What goes wrong Architectural errors - Trusted card in an untrusted platform Security by obscurity targets IP protection Protocol failure from dangerous combination of commands Function creep as in multiuse cards Physical Tamper ResistanceEustace Asanghanwa9

10 BENEFITS OF TAMPER RESISTANT DEVICES Control information processing by linking to single physical token Assures data destruction at a definite and verifiable time Reduce the need to trust human operators Control value counters Physical Tamper ResistanceEustace Asanghanwa10

11 CRITIQUE Good Comprehensive on evolution of tamper resistance. Grasp on security principles. Opportunities for improvement Smartcard-centric. Some recommendations not consistent with provided principles e.g. Recommends “Using a proprietary (and complicated) encryption algorithm…” after recommending against home- brewed encryption schemes. Techniques behind times even for year 2000. Physical Tamper ResistanceEustace Asanghanwa11

12 CONCLUSION Security Engineering offers a good comprehensive history on tamper resistance with attention to security principles. Threat, tamper resistance, and evaluation techniques have evolved since publication of the first edition. I expect significant updates in the chapter on physical tamper resistance in the second edition (still awaiting my copy from Amazon). Physical Tamper ResistanceEustace Asanghanwa12

13 PERSONAL COMMENTARY ON PHYSICAL TAMPER RESISTANCE Physical Tamper ResistanceEustace Asanghanwa13

14 WHAT IS TAMPER RESISTANCE? Assuring achievement of security goals at all times Guiding Principles Assume capable adversaries Increase cost of analysis Reduce value of compromise Physical Tamper ResistanceEustace Asanghanwa14

15 SINCE 2000 [1 ST EDITION SECURITY ENGINEERING] Stronger adversaries Hackers are smarter Markets are wider fueling motivation Analysis equipment are more affordable Industry demands openness in techniques More professional analysis labs thanks to patent litigations Greater rigor on security evaluation Revision of FIPS PUB140-1 to FIPS PUB 140-2 in 2002 Common Criteria (ISO/IEC 15408) major version revision from 2 to 3 currently at version 3.1. Physical Tamper ResistanceEustace Asanghanwa15

16 FIPS 140-2 FIPS PUB 140-2 (Effective 2002)Additive Requirements Level 1 Basic security e.g. cryptography Untrusted OS Level 2 Tamper evidence Trusted OS Role based authentication Common Criteria EAL 2+ Level 3 Procedural tamper proofing Identity based authentication Plaintext CSP on dedicated ports Common Criteria EAL 3+ Level 4 Environmental tamper proofing Zeroize CSPs on intrusion Common Criteria EAL 4+ Physical Tamper ResistanceEustace Asanghanwa16

17 COMMON MODERN DAY THREATS Micro-probing Security protocols Algorithm exploits Operational environment Operations timing Bug exploits Physical Tamper ResistanceEustace Asanghanwa17

18 CRITICAL ELEMENTS FOR SUCCESS IN IC TAMPER PROOFING Choice and implementation of algorithms Analog tamper monitors Quality of RNG Cost of analysis Practicality of exploits Courtesy Wikipedia Physical Tamper ResistanceEustace Asanghanwa18

19 RECAP Tamper resistance is about achieving security goals at all times Described technology-based methods are common but don’t have to be Other tamper proofing methods may include: Legislation (e.g. in banking networks) Cultural actions e.g. shaming Secured premises Eustace Asanghanwa19Physical Tamper Resistance

20 THANK YOU Physical Tamper ResistanceEustace Asanghanwa20

Download ppt "CHAPTER REPORT BY EUSTACE ASANGHANWA PHYSICAL TAMPER RESISTANCE Physical Tamper ResistanceEustace Asanghanwa 1."

Similar presentations

Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.

Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.
GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.

GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.

Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.
Low Cost Attack on Tamper Resistant Devices Ross Anderson, Markus Kuhn Songpol Manoonpong.

Low Cost Attack on Tamper Resistant Devices Ross Anderson, Markus Kuhn Songpol Manoonpong.
Chapter 14 Physical Tamper Resistance Hack a lock:

Chapter 14 Physical Tamper Resistance Hack a lock:
Larry Wagner Sr. Director of Engineering

Larry Wagner Sr. Director of Engineering
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
Jeff Bilger - CSE P 590TU - Winter 2006 The Role of Cryptography in Combating Software Piracy.

Jeff Bilger - CSE P 590TU - Winter 2006 The Role of Cryptography in Combating Software Piracy.
Information Security of Embedded Systems 6.1.2010: Design of Secure Systems Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : Design of Secure Systems Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
White-Box Cryptography

White-Box Cryptography
Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.

Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
FIPS 140-3 Section 5 – Physical Security Randall J. Easter Director, NIST CMVP Ken Lu CSE CMVP September 28, 2005.

FIPS Section 5 – Physical Security Randall J. Easter Director, NIST CMVP Ken Lu CSE CMVP September 28, 2005.
1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.

1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
VM: Chapter 5 Guiding Principles for Software Security.

VM: Chapter 5 Guiding Principles for Software Security.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Chapter 1 – Introduction

Chapter 1 – Introduction
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

Similar presentations

Ads by Google