Posts Tagged ‘embedded security’

Newer Entries »

The Rise of the Smartphone & Need for Secure Open OS

Tuesday, May 4th, 2010

The smartphone segment of the mobile phone market is growing rapidly. Smartphones use a number of different mobile operating systems, known collectively as “open operating systems.” Initially dominated by Symbian and Windows Mobile, the latest figures give a significant share of the market to Apple’s iPhone OS, Android and Research In Motion (RIM). New open mobile operating systems such as LiMo, MeeGo – based on the Linux kernel, are also expected to gain significant traction. These operating systems differ in their user experience and feature set, yet they all enable the phone’s owner to install applications on the device. While the ability to download applications allows the end-user to use the device in ways he never believed possible, it comes with huge security risks. These risks are not limited to the individual subscribers, but extend to service providers and enterprises as well.

Click here to read about the risks posed to smartphones and the need for security in open operating systems: http://wirelessweek.com/Articles/2010/03/Devices-Secure-Open-OS-Smartphones/

No Comments

Low Voltage Fault Attacks to AES and RSA on General Purpose Processors

Tuesday, March 9th, 2010

It is well known that if a secret processed by a device can be correlated with side-effects of the calculation, then the secret can be deduced by measuring these side-effects. Such attacks were used back in time of mechanical rotary encryption machines.

Modern electronic cryptographic devices in addition to the acoustic side-channel of their mechanical predecessors, leak information by means of variation of their power consumption and electro-magnetic radiation. Aside from passively analyzing side-effects of cryptographic computations, an attacker can also actively subvert the environment to introduce faults into the computation. This approach is known as a “fault attack”.

Although the side-channel attacks on a general purpose CPU (especially, timing attacks) were known for a long time, the fault attacks were limited to very small devices, primarily, smart cards.

Recently, a team of researchers from Italy http://eprint.iacr.org/2010/130 presented a fault injection attack against cryptographic software run on an ARM9 general purpose CPU.

Fault injection attacks have proven in recent times a powerful tool to exploit implementative weaknesses of robust cryptographic algorithms. A number of different techniques aimed at disturbing the computation of a cryptographic primitive have been devised, and have been successfully employed to leak secret information inferring it from the erroneous results. In particular, many of these techniques involve directly tampering with the computing device to alter the content of the embedded memory, e.g. through irradiating it with laser beams.

In this contribution we present a low-cost, non-invasive and effective technique to inject faults in an ARM9 general purpose CPU through lowering its feeding voltage. This is the first result available in fault attacks literature to attack a software implementation of a cryptosystem running on a full fledged CPU with a complete operating system. The platform under consideration (an ARM9 CPU running a full Linux 2.6 kernel) is widely used in mobile computing devices such as smartphones, gaming platforms and network appliances.

At first, we validate the effectiveness of the proposed fault model to lead practical attacks to implementations of RSA and AES cryptosystems, using techniques known in open literature. Then we devised two new attack techniques, one for each cryptosystem. The attack to AES is able to retrieve all the round keys regardless both their derivation strategy and the number of rounds. A known ciphertext attack to RSA encryption has been devised: the plaintext is retrieved knowing the result of a correct and a faulty encryption of the same plaintext, and assuming the fault corrupts the public key exponent. Through experimental validation, we show that we can break any AES with roughly 4 kb of ciphertext, RSA encryption with 3 to 5 faults and RSA signature with 1 to 2 faults.

No Comments

The need for content and platform protection and the “cost” of poor security

Thursday, November 12th, 2009

Recent reports indicate widespread pirating of iPhone games.

  • FRally Master Pro 95% piracy
  • Tap-Fu game 70% piracy

    • Piracy is a fact of life, however at these levels its places a massive question mark over the viability of mobile game developers. When properly implemented digital rights management (DRM) is effective in ensuring a sustainable business for the developer community, offering attractive usage models and encouraging the legal usage of the content.

    In order for DRM to be effective it must be incorporated into the device from the ground up. DRM needs to have a “root of trust” in the application processor hardware, moreover the DRM application must be tightly integrated into the device OS. The device firmware and OS should also be better protected, with verification mechanisms, deployed at boot and run time. These embedded security mechanisms together with secure execution environment, secure key storage and robust crypto engines will also limit “Jailbreak” attacks.

    It is estimated that the cost of fixing a security problem grows by a factor of 10 for each successive phase of the product life cycle. While eliminating security breaks entirely is close to impossible, designing security into the system from the start creates a solution that is far more effective and ultimately significantly cheaper in the long run.

    No Comments

    iPhone doesn’t neither does Droid

    Monday, November 9th, 2009

    Verizon are doing level best to expose the weaknesses of the iPhone in the current “droiddoes” campain. Both the Apple iPhone and Motorola Droid devices are packed full of features, but both do not do security. The ability to install applications on the device – something common to all smartphones – comes with huge security risks, for individual subscribers, service providers and enterprises.

    Limiting subscribers to downloading applications from approved app stores, certainly mitigates some of the risk. However there are several well known and freely available cracks online that will effectively bypass almost any restrictions and protection mechanisms.

    Just in case the simple man on the street felt he had nothing to lose, vulnerabilities of the operating system pose other threats, placing the end-user at risk. Viruses and the trojan horse can reveal and/or modify personal information. These viruses can grab personal payment information such as credit card numbers, illegally obtain contact information from our private phone book stored on the mobile phone, and access our home network using a mobile device’s WiFi capabilities.

    As smartphones become more prevalent and entrenched in our work and home lives, their security requirements increase as well. Without such safeguards in place, people will never feel safe using smartphones, thereby preventing these powerful innovations from ever reaching their full potential.

    No Comments

    Welcome to Discretix’ Blog dedicated to embedded security

    Tuesday, October 27th, 2009

    Since Discretix was founded the world of embedded security has evolved and grown in ways that few thought possible. Embedded security cuts across a wide spectrum of markets, playing a critical role in their development.  As the market continues to evolve at a rapid pace, this blog will allow us to share relevant information, news and announcements with our customers and partners. We welcome your feedback and comments and look forward to being part of a productive dialog about the issues facing our industry.

    No Comments

    Newer Entries »