Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC

Filters

9
9
Reset filters

Settings
Now showing 1 - 9 of 9
  • Publication
    Security and trust in open source security tokens
    ( 2021)
    Schink, M.
    ;
    Wagner, A.
    ;
    Unterstein, F.
    ;
    Heyszl, J.
    Using passwords for authentication has been proven vulnerable in countless security incidents. Hardware security tokens effectively prevent most password-related security issues and improve security indisputably. However, we would like to highlight that there are new threats from attackers with physical access which need to be discussed. Supply chain adversaries may manipulate devices on a large scale and install backdoors before they even reach end users. In evil maid scenarios, specific devices may even be attacked while already in use. Hence, we thoroughly investigate the security and trustworthiness of seven commercially available open source security tokens, including devices from the two market leaders: SoloKeys and Nitrokey. Unfortunately, we identify and practically verify significant vulnerabilities in all seven examined tokens. Some of them are based on severe, previously undiscovered, vulnerabilities of two major microcontrollers which are used at a large scale in various products. Our findings clearly emphasize the significant threat from supply chain and evil maid scenarios since the attacks are practical and only require moderate attacker efforts. Fortunately, we are able to describe software-based countermeasures as effective improvements to retrofit the examined devices. To improve the security and trustworthiness of future security tokens, we also derive important general design recommendations.
  • Publication
    SCA secure and updatable crypto engines for FPGA SoC bitstream decryption: extended version
    ( 2021)
    Unterstein, F.
    ;
    Jacob, N.
    ;
    Hanley, N.
    ;
    Gu, C.
    ;
    Heyszl, J.
    FPGA system on chips (SoCs) are ideal computing platforms for edge devices in applications which require high performance through hardware acceleration and updatability due to long operation in the field. A secure update of hardware functionality can in general be achieved by using built-in cryptographic engines and provided secret key storage. However, reported examples have shown that such cryptographic engines may become insecure against side-channel attacks at any later point in time. This leaves already deployed systems vulnerable without any clear mitigation options. To solve this, we propose a comprehensive concept that uses an alternative and side-channel protected cryptographic engine within the FPGA logic instead of the built-in one for the crucial task of bitstream decryption. Remarkably this concept even allows to update the cryptographic engine itself. As proof of concept, we describe an application to the Xilinx Zynq-7020 FPGA SoC in detail. We provide two options for a leakage resilient decryption engine which are based on the same primitive, a leakage resilient pseudorandom function (LR-PRF). Depending on a side-channel evaluation of this primitive on the target platform, either a version with additional side-channel countermeasures or a more efficient variant is deployed. The lack of accessible secret key storage poses a significant challenge and requires the use of a physical unclonable function (PUF) to generate a device intrinsic secret within the FPGA logic. At the same time this means that manufacturer-provided secret key storage or cryptography is no longer required; only a public key for signature verification of the first stage bootloader and initial static bitstream. We provide empirical results proving the side-channel security of the protected cryptographic engine as well as an evaluation of the PUF quality. The full design and source code is made available to encourage further research in this direction.
  • Publication
    Fast FPGA Implementations of Diffie-Hellman on the Kummer Surface of a Genus-2 Curve
    ( 2018)
    Koppermann, P.
    ;
    Santis, F. De
    ;
    Heyszl, J.
    ;
    Sigl, G.
    We present the first hardware implementations of Diffie-Hellman key exchange based on the Kummer surface of Gaudry and Schost's genus-2 curve targeting a 128-bit security level. We describe a single-core architecture for lowlatency applications and a multi-core architecture for high-throughput applications. Synthesized on a Xilinx Zynq-7020 FPGA, our architectures perform a key exchange with lower latency and higher throughput than any other reported implementation using prime-field elliptic curves at the same security level. Our single-core architecture performs a scalar multiplication with a latency of 82 microseconds while our multicore architecture achieves a throughput of 91,226 scalar multiplications per second. When compared to similar implementations of Microsoft's Fourℚ on the same FPGA, this translates to an improvement of 48% in latency and 40% in throughput for the single-core and multi-core architecture, respectively. Both our designs exhibit constant-time execution to thwart timing attacks, use the Montgomery ladder for improved resistance against SPA, and support a countermeasure against fault attacks.
  • Publication
    Low-latency X25519 hardware implementation
    ( 2017)
    Koppermann, P.
    ;
    Santis, F. de
    ;
    Heyszl, J.
    ;
    Sigl, G.
    In the past few years, there has been a growing interest in Curve25519 due to its elegant design aimed at both high-security and high-performance, making it one of the most promising candidates to secure IoT applications. Until now Curve25519 hardware implementations were mainly optimized for high throughput applications, while no special care was given to low-latency designs. In this work, we close this gap and provide a Curve25519 hardware design targeting low-latency applications. We present a fast constant-time variable-base-point elliptic curve scalar multiplication using Curve25519 that computes a session key in less than 100 its. This is achieved by using a high-speed prime field multiplier that smartly combines the reduction procedure with the summation of the digit-products. As a result, our presented implementation requires only 10465 cycles for one session key computation. Synthesized on a Zynq-7030 and operating with a clock frequency of 115 MHz this translates to a latency of 92 kts which represents an improvement of factor 3.2 compared to other Curve25519 implementations. Our implementation uses Montgomery ladder as the scalar multiplication algorithm and includes randomized projective coordinates to thwart side-channel attacks.
  • Publication
    Fast and reliable PUF response evaluation from unsettled bistable rings
    ( 2017)
    Hesselbarth, R.
    ;
    Heyszl, J.
    ;
    Sigl, G.
    Bistable ring (BR) based strong PUFs are promising candidates for lightweight authentication applications. It has been observed that a good '0'/'1'-balance of their responses correlates with longer settling times. This is problematic, since the state-of-the-art evaluation method requires the BR to be settled in order to generate a reliable PUF response. We show that settling times can easily extend beyond 100 ms for 70 percent of the responses in the TBR PUF, which is a BR-based PUF with good '0'/'1'-balance characteristics. Hence, it is practically impossible to wait for all BRs to settle, which results in a reliability penalty. In order to solve this problem, we present three new methods, which allow the evaluation of unsettled BRs with increased reliability compared to the state-of-the-art method. We were able to improve response reliability from 81 percent to up to 98.5 percent and achieve response reliabilities of 97 percent at an evaluation time of 320 ns. This enables the fast and reliable use of BR-based PUFs in strong PUF applications.
  • Publication
    Herausforderungen für Informationssicherheit in eingebetteten Systemen bei Angreifern mit Hardware-Zugriff
    ( 2016)
    Heyszl, J.
    Die Informationssicherheit von vernetzten eingebetteten Systemen in Anwendungen wie ""Industrie 4.0"", dem Automobilbereich, dem intelligenten Stromnetz und dem Internet der Dinge, das sich zukünftig auch auf medizinische Geräte, Heimautomatisierung und auf das intelligente Messwesen erstrecken wird, ist einerseits ein besonders wichtiges Entwicklungsziel und andererseits auch eine besonders große Herausforderung. Die betreffenden Fragestellungen sind in den genannten Anwendungen sehr ähnlich. Der Kern der Herausforderung ist, Informationssicherheit für dort eingesetzte eingebettete Gerate zu gewährleisten, obwohl Angreifer physischen Zugang zu diesen Geräten haben konnten. Es besteht dabei meist die Gefahr, dass erfolgreiche Angriffe auf einzelne Gerate zu Verwundbarkeiten und Angriffen oder Auswirkungen auf alle vernetzten Gerate fuhren konnten. Schutzmaßnahmen gegen Angreifer mit Hardware-Zugriff benötigen oft Funktionen in Hardware, die nicht nachgerüstet werden können. Aufgrund der potenziell langen Lebenszeit von eingebetteten Geraten im Betrieb ist es aber eine große Herausforderungen, diese notwendigen Hardware-basierten Schutzmaßnahmen vorzusehen, um damit auch die Grundlage für die ebenfalls notwendige Software-Sicherheit zu bilden.
  • Publication
    Geldspielgeräte in Zukunft mit geprüfter Sicherheit
    ( 2015)
    Heyszl, J.
    ;
    Thiel, F.
    Sicherheit gegen Manipulation ist ein klassisches Anliegen an Geldspielgeräte. Demnächst werden die Manipulationssicherheit der Geräte und eine Sicherung der ausgegebenen Daten nach dem Stand der Technik sogar im Rahmen von Sicherheitsgutachten für die Zulassung erforderlich. Als Basis dafür wurde eine umfassende Angriffsanalyse durchgeführt und ein Konzept zur Sicherung der Ausgabedaten erstellt.
  • Publication
    Closing the gap between speed and configurability of multi-bit fault emulation environments for security and safety-critical designs
    ( 2015)
    Nyberg, R.
    ;
    Heyszl, J.
    ;
    Rabe, D.
    ;
    Sigl, G.
    Steadily decreasing transistor sizes and new multi beam laser attacks lead to an increasing amount of multi-bit fault occurrences, e.g., during fault attacks against cryptographic implementations. Therefore, multi-bit fault injection becomes more important during security and safety verification. Fault injection techniques which are applicable during the development cycle of a device are based on either software implementations, e.g. formal methods and simulations, or fault emulation environments in hardware. So far, simulations provide the best configurability whereas fault emulation environments provide the best performance in terms of run time. This contribution presents an FPGA-based emulation environment that combines the advantages of both simulation-based and emulation-based environments. To the best of our knowledge, we are the first to achieve this. Permanent and transient multi-bit faults are configurable at run time where the selection of a fault model, the configuration of the injection time and fault duration is supported without the need for re-synthesizing the design. We propose three measures for performance optimization allowing us to support all the fault configuration capabilities at run time without performance penalty. Experimental results are provided for a hardened 8051-like microprocessor showing that the presented emulation environment reaches the theoretical optimal performance for a wide range of fault configurations using our proposed optimizations.
  • Publication
    Hardware Trojans. Current challenges and approaches
    ( 2014)
    Jacob, N.
    ;
    Merli, D.
    ;
    Heyszl, J.
    ;
    Sigl, G.
    More and more manufacturers outsource parts of the design and fabrication of integrated circuits (ICs) for cost reduction. Recent publications show that such outsourcing can pose serious threats to governments and corporations, as they lose control of the development process. Until now, the threat of hardware Trojans is mostly considered during fabrication. Third party intellectual properties (IPs) are also gaining importance as companies wish to reduce costs and shorten the time-to-market. Through this study, the authors argue that the threat of Trojans is spread throughout the whole IC development chain. They give a survey of both hardware Trojan insertion possibilities and detection techniques. Furthermore, they identify the key vulnerabilities at each stage of IC development and describe costs of hardware Trojan insertion and detection. This way, the threat level based on feasibility of Trojan insertion and the practicability of Trojan detection techniques is evaluated. Lately, detection techniques address the issue of including third party IP. However, those techniques are not sufficient and need more research to effectively protect the design. In this way, the authors' analysis provides a solid base to identify the issues during IC development, which should be addressed with higher priority by all entities involved in the IC development.