Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC

Filters

3
3 3 3 1
3
Reset filters

Settings
Now showing 1 - 3 of 3
  • Publication
    Breaking TrustZone memory isolation and secure boot through malicious hardware on a modern FPGA-SoC
    ( 2022)
    Gross, M.
    ;
    Jacob, N.
    ;
    Zankl, A.
    ;
    Sigl, G.
    FPGA-SoCs are heterogeneous embedded computing platforms consisting of reconfigurable hardware and high-performance processing units. This combination offers flexibility and good performance for the design of embedded systems. However, allowing the sharing of resources between an FPGA and an embedded CPU enables possible attacks from one system on the other. This work demonstrates that a malicious hardware block contained inside the reconfigurable logic can manipulate the memory and peripherals of the CPU. Previous works have already considered direct memory access attacks from malicious logic on platforms containing no memory isolation mechanism. In this work, such attacks are investigated on a modern platform which contains state-of-the-art memory and peripherals isolation mechanisms. We demonstrate two attacks capable of compromising a Trusted Execution Environment based on ARM TrustZone and show a new attack capable of bypassing the secure boot configuration set by a device owner via the manipulation of Battery-Backed RAM and eFuses from malicious logic.
  • Publication
    Beyond Cache Attacks: Exploiting the Bus-based Communication Structure for Powerful On-Chip Microarchitectural Attacks
    ( 2021)
    Sepulveda, J.
    ;
    Gross, M.
    ;
    Zankl, A.
    ;
    Sigl, G.
    System-on-Chips (SoCs) are a key enabling technology for the Internet-of-Things (IoT), a hyper-connected world where on- and inter-chip communication is ubiquitous. SoCs usually integrate cryptographic hardware cores for confidentiality and authentication services. However, these components are prone to implementation attacks. During the operation of a cryptographic core, the secret key may passively be inferred through cache observations. Access-driven attacks exploiting these observations are therefore a vital threat to SoCs operating in IoT environments. Previous works have shown the feasibility of these attacks in the SoC context. Yet, the SoC communication structure can be used to further improve access-based cache attacks. The communication attacks are not as well-understood as other micro-architectural attacks. It is important to raise the awareness of SoC designers of such a threat. To this end, we present four contributions. First, we demonstrate an improved Prime+Probe attack on four different AES-128 implementations (original transformation tables, T0-Only, T2KB, and S-Box). As a novelty, this attack exploits the collisions of the bus-based SoC communication to further increase its efficiency. Second, we explore the impact of preloading on the efficiency of our communication-optimized attack. Third, we integrate three countermeasures (shuffling, mini-tables, and Time-Division Multiple Access (TDMA) bus arbitration) and evaluate their impact on the attack. Although shuffling and mini-tables countermeasures were proposed in previous work, their application as countermeasures against the bus-based attack was not studied before. In addition, TDMA as a countermeasure for bus-based attacks is an original contribution of this work. Fourth, we further discuss the implications of our work in the SoC design and its perspective with the new cryptographic primitives proposed in the ongoing National Institute of Standard and Technology Lightweight Cryptography competition. The results show that our improved communication-optimized attack is efficient, speeding up full key recovery by up to 400 times when compared to the traditional Prime+Probe technique. Moreover, the protection techniques are feasible and effectively mitigate the proposed improved attack.
  • Publication
    Where Technology Meets Security: Key Storage and Data Separation for System-on-Chips
    ( 2018)
    Sigl, G.
    ;
    Gross, M.
    ;
    Pehl, M.
    This article investigates the dependency between advances in chip technology, architectures, and security. Two major properties of secure systems are analyzed in this context: data separation of different applications and secure storage of cryptographic keys. We discuss first examples for compromising data separation, e.g. the Rowhammer attack on modern DRAMs, enabled by the sensitivity of shrinked DRAM cells for crosstalk effects, or Meltdown and Spectre attacks using cache side channels. These attacks show the dependency between data separation and advances in technology and architecture. Even more powerful attacks exploiting bus and network-on-chip traffic are possible. Another area where technology meets security is the storage of cryptographic keys. New technologies offer new ways to realize non-volatile memory (NVM) for secret data storage and to implement physical unclonable functions (PUFs), which generate the key during system start and do not store it permanently in NVM. To enable good PUFs, technology and security people should work together as early as possible in the development phase, since PUFs must be characterized carefully. Ideally a PUF module is provided as a characterized and reliable security primitive in the design library. If we manage to take security already into account in early technology development phases and during architecture definition, we will get more secure systems-on-chip in the future.