Secure Code Update for Embedded Devices via Proofs of Secure Erasure

Abstract. Remote attestation is the process of verifying internal state of a remote embedded device. It is an important component of many security protocols and applications. Although previously proposed re-mote attestation techniques assisted by specialized secure hardware are effective, they not yet viable for low-cost embedded devices. One no-table alternative is software-based attestation, that is both less costly and more efficient. However, recent results identified weaknesses in some proposed software-based methods, thus showing that security of remote software attestation remains a challenge. Inspired by these developments, this paper explores an approach that relies neither on secure hardware nor on tight timing constraints typi-cal of software-based technqiques. By taking advantage of the bounded memory/storage model of low-cost embedded devices and assuming a small amount of read-only memory (ROM), our approach involves a new primitive – Proofs of Secure Erasure (PoSE-s). We also show that, even though it is effective and provably secure, PoSE-based attestation is not cheap. However, it is particularly well-suited and practical for two other related tasks: secure code update and secure memory/storage erasure. We consider several flavors of PoSE-based protocols and demonstrate their feasibility in the context of existing commodity embedded devices.

Remote software protection by orthogonal client replacement *

ABSTRACT In a typical client-server scenario, a trusted server provides valuable services to a client, which runs remotely on an untrusted platform. Of the many security vulnerabilities that may arise (such as authentication and authorization), guaranteeing the integrity of the client code is one of the most difficult to address. This security vulnerability is an instance of the malicious host problem, where an adversary in control of the client's host environment tries to tamper with the client code. We propose a novel client replacement strategy to counter the malicious host problem. The client code is periodically replaced by new orthogonal clients, such that their combination with the server is functionally-equivalent to the original client-server application. The reverse engineering efforts of the adversary are deterred by the complexity of analysis of frequently changing, orthogonal program code. We use the underlying concepts of program obfuscation as a basis for formally defining and providing orthogonality. We also give preliminary empirical validation of the proposed approach

Static Transformation of Power Consumption for Program Tracing and Software Attestation

This thesis presents methods to statically modify programs at compile-time to improve the effectiveness of power consumption based program analyses. Two related applications are considered, and algorithms are introduced for both. The first is power consumption based program tracing, and the second is software attestation with power consumption as a side-effect. We propose a framework for increasing the effectiveness of power-based program tracing techniques. These systems determine the most likely block of source code that produced an observed power trace. Our framework maximizes distinguishability between power traces for different code sections. To this end, we introduce a static transformation to reduce the probability of misclassification by reordering intermediate representation (IR) to find the ordering that produces power traces with the highest distances between them. Experimental results confirm the effectiveness of our technique. We also consider improvements to the algorithm, replacing the naïve, exhaustive permutation algorithm used in the original solution with Monte Carlo permutations. Due to the complexity of the naïve solution, its search space is constrained, making it unlikely to find a good solution when the number of instructions in a program section is too large. Variations on a basic stochastic implementation are described, and their expected results are compared. The Monte Carlo algorithms consistently found better solutions than their exhaustive counterpart while showing improved scalability. We then introduce a related technique to statically transform programs to use power consumption as the side-effect for software attestation. We show how to circumvent the undecidable nature of program execution for this purpose and present a static compiler transformation which implements the algorithm. Our approach is less intrusive than traditional software attestation because the system does not require interruption to compute a cryptographic checksum. It is particularly well suited to real-time systems where consistent timing is more important than speed

AEGIS : a single-chip secure processor

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2005.Includes bibliographical references (p. 225-240).Trust in remote interaction is a fundamental challenge in distributed computing environments. To obtain a remote party's trust, computing systems must be able to guarantee the privacy of intellectual property and the integrity of program execution. Unfortunately, traditional platforms cannot provide such guarantees under physical threats that exist in distributed environments. The AEGIS secure processor enables a physically secure computing platform to be built with a main processor as the only trusted hardware component. AEGIS empowers a remote party to authenticate the platform and guarantees secure execution even under physical threats. To realize the security features of AEGIS with only a single chip, this thesis presents a secure processor architecture along with its enabling security mechanisms. The architecture suggests a technique called suspended secure processing to allow a secure part of an application to be protected separately from the rest. Physical random functions provide a cheap and secure way of generating a unique secret key on each processor, which enables a remote party to authenticate the processor chip.(cont.) Memory encryption and integrity verification mechanisms guarantee the privacy and the integrity of off-chip memory content, respectively. A fully-functional RTL implementation and simulation studies demonstrate that the overheads associated with this single-chip approach is reasonable. The security components in AEGIS consumes about 230K logic gates. AEGIS, with its off-chip protection mechanisms, is slower than traditional processors by 26% on average for large applications and by a few percent for embedded applications. This thesis also shows that using AEGIS requires only minor modifications to traditional operating systems and compilers.by Gookwon Edward Suh.Ph.D