Hardware-based Security for Virtual Trusted Platform Modules

Virtual Trusted Platform modules (TPMs) were proposed as a software-based alternative to the hardware-based TPMs to allow the use of their cryptographic functionalities in scenarios where multiple TPMs are required in a single platform, such as in virtualized environments. However, virtualizing TPMs, especially virutalizing the Platform Configuration Registers (PCRs), strikes against one of the core principles of Trusted Computing, namely the need for a hardware-based root of trust. In this paper we show how strength of hardware-based security can be gained in virtual PCRs by binding them to their corresponding hardware PCRs. We propose two approaches for such a binding. For this purpose, the first variant uses binary hash trees, whereas the other variant uses incremental hashing. In addition, we present an FPGA-based implementation of both variants and evaluate their performance

Security Enhancement in Networked Embedded System

In the developed system ARM9 is a master and Two ARM7s are slaves. The peripherals are being controlled by two ARM7 boards. The Peripherals are connected to the ARM7 through Complex Programmable Logic Device (CPLD). The CPLD is in turn connected to the ARM7 using Serial Peripheral Interface (SPI). The ARM7 boards collect the information from the peripherals and send it to the ARM9 board. The communication between ARM7 and ARM9 is via UART (Universal Asynchronous Receiver Transmitter) over CAN (Controller Area Network). The ARM9 board has got the software intelligence. The ARM9 behaves as a master and two ARM7 boards behave as slaves. Being master ARM9 passes tokens to ARM7 which in turn returns (Acknowledges) the token. The ARM9 is further connected to Proxy via Ethernet. The proxy is further connected to the service platform (server) via Ethernet. So subsequently any decisions at any stage can be changed at server level. Further these commands can be passed on to ARM9 which in turn controls the peripherals through ARM7. (a) The system which we have developed consists of ARM9 as a master, Two ARM7 as Slaves. The communication between ARM9-ARM7 is via UART over a CAN, (b) Each ARM7 further communicates serially (RS232) with the two 8051 Microcontroller nodes, (c)Thus a networked Embedded System is developed wherein the serial data is brought over Ethernet. The ARM7 board, which is directly linked with the peripherals, can be modified of its functionality as and when required. The functionality of ARM7 can be modified by upgrading its firmware. To upgrade the firmware same communication link has been used. ARM7 receives the new firmware via same ARM9-ARM7 communication link. The Flash Write operation is performed using the source code to write the new firmware. Bootloader application for the ARM7 has been developed. The signature has been incorporated to assure authenticity of the new Firmware. Intel Hex File Format is used to parse the hex file

Teaching FPGA Security

International audienceTeaching FPGA security to electrical engineering students is new at graduate level. It requires a wide field of knowledge and a lot of time. This paper describes a compact course on FPGA security that is available to electrical engineering master's students at the Saint-Etienne Institute of Telecom, University of Lyon, France. It is intended for instructors who wish to design a new course on this topic. The paper reviews the motivation for the course, the pedagogical issues involved, the curriculum, the lab materials and tools used, and the results. Details are provided on two original lab sessions, in particular, a compact lab that requires students to perform differential power analysis of FPGA implementation of the AES symmetric cipher. The paper gives numerous relevant references to allow the reader to prepare a similar curriculum

Attacking Computer Security Using Peripheral Device Drivers

Detection of malicious logic on a hardware device is difficult to detect. This thesis proposes a device driver that emulates a hardware device and that device’s software driver. This device driver attacks the target system by accessing the hard disk in order to perform read and write transactions without the knowledge of the operating system or intrusion detection/prevention software. The attacks performed by the driver compromise the confidentiality, integrity, and availability of data on the target system’s disk drive. The attacks performed by the device driver have a less than one percent impact on system performance. This thesis, while tested in a Windows environment, applies to other operating systems (such as Linux/Unix, etc.) and thus has major implications for a wide range of users

Virtualized Reconfigurable Resources and Their Secured Provision in an Untrusted Cloud Environment

The cloud computing business grows year after year. To keep up with increasing demand and to offer more services, data center providers are always searching for novel architectures. One of them are FPGAs, reconfigurable hardware with high compute power and energy efficiency. But some clients cannot make use of the remote processing capabilities. Not every involved party is trustworthy and the complex management software has potential security flaws. Hence, clients’ sensitive data or algorithms cannot be sufficiently protected. In this thesis state-of-the-art hardware, cloud and security concepts are analyzed and com- bined. On one side are reconfigurable virtual FPGAs. They are a flexible resource and fulfill the cloud characteristics at the price of security. But on the other side is a strong requirement for said security. To provide it, an immutable controller is embedded enabling a direct, confidential and secure transfer of clients’ configurations. This establishes a trustworthy compute space inside an untrusted cloud environment. Clients can securely transfer their sensitive data and algorithms without involving vulnerable software or a data center provider. This concept is implemented as a prototype. Based on it, necessary changes to current FPGAs are analyzed. To fully enable reconfigurable yet secure hardware in the cloud, a new hybrid architecture is required.Das Geschäft mit dem Cloud Computing wächst Jahr für Jahr. Um mit der steigenden Nachfrage mitzuhalten und neue Angebote zu bieten, sind Betreiber von Rechenzentren immer auf der Suche nach neuen Architekturen. Eine davon sind FPGAs, rekonfigurierbare Hardware mit hoher Rechenleistung und Energieeffizienz. Aber manche Kunden können die ausgelagerten Rechenkapazitäten nicht nutzen. Nicht alle Beteiligten sind vertrauenswürdig und die komplexe Verwaltungssoftware ist anfällig für Sicherheitslücken. Daher können die sensiblen Daten dieser Kunden nicht ausreichend geschützt werden. In dieser Arbeit werden modernste Hardware, Cloud und Sicherheitskonzept analysiert und kombiniert. Auf der einen Seite sind virtuelle FPGAs. Sie sind eine flexible Ressource und haben Cloud Charakteristiken zum Preis der Sicherheit. Aber auf der anderen Seite steht ein hohes Sicherheitsbedürfnis. Um dieses zu bieten ist ein unveränderlicher Controller eingebettet und ermöglicht eine direkte, vertrauliche und sichere Übertragung der Konfigurationen der Kunden. Das etabliert eine vertrauenswürdige Rechenumgebung in einer nicht vertrauenswürdigen Cloud Umgebung. Kunden können sicher ihre sensiblen Daten und Algorithmen übertragen ohne verwundbare Software zu nutzen oder den Betreiber des Rechenzentrums einzubeziehen. Dieses Konzept ist als Prototyp implementiert. Darauf basierend werden nötige Änderungen von modernen FPGAs analysiert. Um in vollem Umfang eine rekonfigurierbare aber dennoch sichere Hardware in der Cloud zu ermöglichen, wird eine neue hybride Architektur benötigt

Interdiction in Practice – Hardware Trojan Against a High-Security USB Flash Drive

As part of the revelations about the NSA activities, the notion of interdiction has become known to the public: the interception of deliveries to manipulate hardware in a way that backdoors are introduced. Manipulations can occur on the firmware or at hardware level. With respect to hardware, FPGAs are particular interesting targets as they can be altered by manipulating the corresponding bitstream which configures the device. In this paper, we demonstrate the first successful real-world FPGA hardware Trojan insertion into a commercial product. On the target device, a FIPS-140-2 level 2 certified USB flash drive from Kingston, the user data is encrypted using AES-256 in XTS mode, and the encryption/decryption is processed by an off-the-shelf SRAM-based FPGA. Our investigation required two reverse-engineering steps, related to the proprietary FPGA bitstream and to the firmware of the underlying ARM CPU. In our Trojan insertion scenario the targeted USB flash drive is intercepted before being delivered to the victim. The physical Trojan insertion requires the manipulation of the SPI flash memory content, which contains the FPGA bitstream as well as the ARM CPU code. The FPGA bitstream manipulation alters the exploited AES-256 algorithm in a way that it turns into a linear function which can be broken with 32 known plaintext-ciphertext pairs. After the manipulated USB flash drive has been used by the victim, the attacker is able to obtain all user data from the ciphertexts. Our work indeed highlights the security risks and especially the practical relevance of bitstream modification attacks that became realistic due to FPGA bitstream manipulations

VoteBox Nano: A smaller, stronger FPGA-based voting machine

This thesis describes a minimal implementation of a cryptographically secure direct recording electronic (DRE) voting system, built with a low-cost Xilinx FPGA board. Our system, called VoteBox Nano, follows the same design principles as the VoteBox, a full-featured electronic voting system. The votes are encrypted using El-gamal homomorphic encryption and the correctness of the system can be challenged by real voters during an ongoing election. In order to fit within the limits of a minimal FPGA, VoteBox Nano eliminates VoteBox's sophisticated network replication mechanism and full-color bitmap graphics system. In return, VoteBox Nano runs without any operating or language runtime system and interacts with the voter using simple character graphics, radically shrinking the implementation complexity. VoteBox Nano also integrates a true random number generator (TRNG), providing improved security. In order to deter hardware tampering, we used FPGA's native JTAG interface coupled with TRNG. At boot-time, the proper FPGA configuration displays a random number on the built-in display. Any interaction with the JTAG interface will change this random number, allowing the poll workers to detect election-day tampering, simply by observing whether the number has changed

Techniques for design and implementation of physically unclonable functions

Physically unclonable functions (PUFs) provide a basis for many security, and digital rights management protocols. PUFs exploit the unclonable and unique manufacturing variability of silicon devices to establish a secret. However, as we will demonstrate in this work, the classic delay-based PUF structures have a number of drawbacks including susceptibility to prediction, reverse engineering, man-in-the-middle and emulation attacks, as well as sensitivity to operational and environmental variations. To address these limitations, we have developed a new set of techniques for design and implementation of PUF. We design a secure PUF architecture and show how to predict response errors as well as to compress the challenge/responses in database. We further demonstrate applications where PUFs on reconfigurable FPGA platforms can be exploited for privacy protection. The effectiveness of the proposed techniques is validated using extensive implementations, simulations, and statistical analysis