Io t security-ameba-ppt

Realtek Technical Project Manager
Neo Jou

REALTEK 瑞昱半導體
全球前十大 IC 設計公司
網路通訊 IC – ethernet / wifi
PC 周邊, 多媒體 Audio – AC97 , video – ISP/H.264
TV

WHAT IS IOT
The internet working of physical devices, vehicles (also referred to as
"connected devices" and "smart devices"), buildings and other items—
embedded with electronics, software, sensors, actuators, and network
connectivity that enable these objects to collect and exchange data.
• Ref: wiki IoT

君の名は
90’s : Internet
SUN - JAVA (Oak) 智慧家電
1995 - 比爾蓋茲 - 未來之路
Motorola 銥計畫 - 50億美元 / 66顆衛星
IoE ( Internet of Everything ) - Cisco / Qualcomm
M2M : machine to machine
Web of Things
===> SkyNet?

IOT GROW
* Massive IoT - LPWAN

SMART HOME
- smart lighting
- smart door
- smart coffee machine
- smart air conditioner
- smart weight meter
- smart vacuum cleaner
- smart water heater

IOT SCOPE
市場產品範圍廣泛
技術需求廣泛
Big Data
ASIC / HW design
SW ( HAL / driver/ RTOS / communication protocol / … )
multimedia : video / audio / .. : 視訊與影像處理
AI : 影像識別 / 行為分析規劃 / 購買建議 / ..
Security

WHY SECURITY
家是安全的避風港?

加密 – 18 世紀
Attack at dawn
AT TA CK AT DA WN
CR RC LM CR BL VB
* Modern cryptography

加密 – 19 世紀
Gronsfeld Cipher-1844
Attack at dawn
AUVDGP GZ LJWO
* Modern cryptography

ENIGMA
http://enigmaco.de/enigma/enigma.html

加密
對稱式
Key 只有一把, 速度快, 但如何儲存/傳遞是關鍵
非對稱式
有公鑰/私鑰

對稱式加密
DES – 1970 IBM 金鑰過短, 有效位元只有 56 bits.
AES – 2000 年; 128/192/256
3DES : 112 bits
RC4 – 串流加密; 不安全
NIST FF : finite field ; IF : integer fraction ; EC: Elliptic Curve

RC4 破解
單字節偏移 / 多字節偏移
Cookie 字段開頭 “cookie:”
https://cr.yp.to/streamciphers/rc4biases-20130708.pdf

AES
CBC/CTR/其他更安全加密 : 右圖
ECB 問題

非對稱性加密
RSA
- 憑證 TLS key exchange
ECC
- ECDH :
Elliptic Curve Diffie-Hellman : key 交換
ECDSA : Elliptic Curve Digital Signal Algorithm : 簽章

HASH
MD5 / SHA-1 / SHA-2 / …
MAC : message authentication code

RAINBOW TABLE
一般: 暴力破解法 / 字典攻擊法
Hash chain : 有效縮減儲存空間
儲存起點和終點 : aaaaaa , kiebgt
e.g. Hash 值為 920ECF10 == key : sgfnyd

RANDOM NUMBER
PRNG : pseudo random number generator
TRNG : true random number generator
- NIST random test

量子密碼學
- Grover – 資料庫搜尋演算法
- 秀爾shor 量子演算法 – 質因數分解 - RSA
量子密鑰分發 – BB84 協定

IOT系統架構
攻擊雲端 Server
攻擊中間通訊
攻擊 IoT device

LINE 漏洞賞金計畫
https://bugbounty.linecorp.com/en/

MBED OS
LoRa : https://docs.mbed.com/docs/lora-with-mbed/en/latest/intro-to-lora/

OSI
DataLink : WIFI
WPA2
IP : IPSec
Presentation : TLS
Application :
HTTPS / Apple
Home Kit

DDOS
Distributed
Deny of Service
阻斷服務攻擊
洪水攻擊
- ICMP flood
- ping flood
- UDP flood
- TCP SYNC flood
- HTTP flood
- …
CPU / Network Resource

WEB ATTACK
1. https port 443 掃端口
2. XOR-based firmware encryption 反
組譯
3. found buffer overflow vulnerability in
the CGI script 找漏洞
4. sending a very long session cookie to
the script
5. full control over the device
Ref:
http://126kr.com/article/8fer1xbx1m
9

IOT CLIENT ATTACK
Program
Buffer overflow
random number - TRNG
System
unnecessary open ports
firmware rollback / firmware update
Device Attack
物理接觸 : e.g. flash, steal code
DOS/DDOS/wifi jammer/… : 功能癱瘓

物理性攻擊
側通道攻擊 / 邊通道攻擊 ( side channel attack )
針對加密電子設備在運行過程中, 通過測量功耗、電磁輻射以及產熱量的側通道信息洩露,
來計算出晶元的內部工作
• RSA4096 / SIM card (AES-128) / …
外部 flash / LDPPR
steal code / confidential data
insertion / destroy the code
JTAG
efuse : 不適合存密碼, 但適合做控制保護

緩衝區溢位
改變控制流程
stack-based
buffer overflow

緩衝區溢位
Ref: http://pws.niu.edu.tw/~hbc/StackBO.pdf

SYNC FLOOD
Timeout : 1 sec
首包丟棄 / 封包追蹤/....
SYNC COOKIE
SYNC PROXY

TCP FAST OPEN
RFC7413 - TCP Fast Open : 降低延遲
Linux 3.13 開始, IPv4 的 TCP fast open 預設開啟

SYNC PROXY
可搭配 sync cookie 檢測

SEC PROG
strcpy -> strncpy -> strlcpy
strncpy : NUL , 長度計算
strlcpy 是 OpenBSD 2.4, 不屬於 ANSI C
compiler option : -fstack-protector-strong

緩衝區溢位保護
HW Improve - ARM v8m StackLimit
Improve OS
can not run code in stack
malfunction -> Program DOS

SEC POLICY
用人不疑, 疑人不用
分成 secure / non-secure :
放到 secure 的, 自己人相信他
不要輕易放進 secure
身份認證
ACL
安全門
secure / non-secure 區之間溝通要控管

WHAT TO DO
HW solutions - 以 ARM 為例
ARM v8m TrustZone
RTOS security solutions - 和硬體結合
Communication Security

ARM V7M
privileged
thread / handler
handler only have
privileged mode

ARM MPU
從 ARM11 開始就有
ARMv7m 時, mbed 利用 MPU 做
uvisor
ARM V8M 時, 改進 size 需要是2的
次方倍數的限制
1kB 16kB 256kB 1kB
SINGLE 274kB REGION
PMSAv
7
PMSAv
8
0x3BC00 0x80400

MBED UVISOR - V7M
但 privilege + MPU 來做 uvisor, 會有額外 overhead
interrupt forwarding - ISR 是在 privilege mode , 可以改 MPU 設定

ARM V8M SAU
除了原本 MPU 外, 新增 SAU 來幫忙
做權限管理
memory 先透過 SAU 劃分成 secure
/ no-secure
IRQ 也分為 secure / non-secure
Non-Secure
MPU
Secure
MPU
Security
Attribution
Unit (SAU)
System
Level
Control
Request from CPU
Request to System

ARM TRUSTZONE
v8m 效能增進, 會比 v8A 來得好

網路安全
wifi 不安全, 仍需靠上層 protocol 加密
WEP: RC4->AES;
PSK: DK = PBKDF2(HMAC−SHA1,
passphrase, ssid, 4096, 256)
HTTPS
SSL -> TLS
DTLS : 針對 UDP 安全性加強

回顧
IoT market and architecture
Why Security
Attacks
Solutions
HW based security solution - ARM v8M
RTOS security
Communication Security
工商時間

Io t security-ameba-ppt

More Related Content

What's hot (16)

Viewers also liked (20)

Similar to Io t security-ameba-ppt (20)

Io t security-ameba-ppt