On Inexpensive Methods for Improving Security of Embedded Systems Kostengünstige Maßnahmen zur Erhöhung der Sicherheit eingebetteter Systeme Der Technischen Fakultät der Friedrich-Alexander-Universität Erlangen-Nürnberg zur Erlangung des Grades DOKTOR-INGENIEUR vorgelegt von Johannes Bauer aus Lichtenfels Als Dissertation genehmigt von der Technischen Fakultät der Friedrich-Alexander-Universität Erlangen-Nürnberg Tag der mündlichen Prüfung: 25. November 2016 Vorsitzender des Promotionsorgans: Prof. Dr.-Ing. Reinhard Lerch Gutachter: Prof. Dr.-Ing. Felix Freiling Prof. Dr.-Ing. habil. Falko Dressler Contents Abstract ............................................................... 1 Zusammenfassung ..................................................... 3 Acknowledgment ...................................................... 5 1 Introduction ........................................................ 6 1.1 Security Quantification.............................................6 1.2 Embedded Devices as a Target......................................9 1.3 Contributions..................................................... 11 1.4 Outlook.......................................................... 13 2 Power Analysis ..................................................... 14 2.1 Introduction...................................................... 14 2.1.1 Related Work.............................................. 16 2.1.2 Contributions.............................................. 18 2.1.3 Outline.................................................... 19 2.2 Background...................................................... 19 2.2.1 Transistors and Switching Loss............................... 19 2.2.2 Power Analysis............................................. 22 2.2.3 Cortex-M Barrel Shifter..................................... 24 2.3 Code Polymorphism as a DPA Countermeasure....................... 25 2.3.1 Displaced Loading.......................................... 25 2.3.2 Exclusive OR Instruction.................................... 27 2.3.3 Register Transfer Instructions................................ 29 2.3.4 Bitwise Masking Instructions................................. 30 2.4 Efficient Runtime Recompilation.................................... 32 2.4.1 Virtual Machine Internals.................................... 33 2.4.2 Examples.................................................. 34 i Contents 2.4.3 Workflow.................................................. 36 2.4.4 Hardware True Random Number Generators................... 38 2.5 Experimental Evaluation........................................... 39 2.5.1 Static Analysis of Target..................................... 39 2.5.2 Masking Results............................................ 40 2.5.3 Entropy Collection.......................................... 43 2.6 Conclusion....................................................... 44 3 Timing Channels ................................................... 45 3.1 Introduction...................................................... 45 3.1.1 Related Work.............................................. 46 3.1.2 Contributions.............................................. 48 3.1.3 Outline.................................................... 48 3.2 Background...................................................... 48 3.2.1 Factors Influencing Execution Time in Modern CPUs............ 48 3.2.2 STM32 Cortex-M4 Specifics.................................. 50 3.3 Cycle-Accurate Timing Simulation................................... 50 3.3.1 Execution Time Prediction................................... 51 3.3.2 Architectural Modeling...................................... 54 3.4 Evaluation....................................................... 56 3.4.1 Experimental Setup......................................... 56 3.4.2 Experimental Results........................................ 58 3.4.3 Semi-automatic vetting...................................... 60 3.5 Conclusion and Outlook............................................ 61 4 Covert Channels.................................................... 63 4.1 Introduction...................................................... 63 4.1.1 Attacker Scenario: Covert Communication..................... 65 4.1.2 Abuse of Anti-EMI Features.................................. 66 4.1.3 Related Work.............................................. 67 4.1.4 Contributions.............................................. 68 ii Contents 4.1.5 Outline.................................................... 69 4.2 Background...................................................... 69 4.2.1 Electromagnetic Interference................................. 69 4.2.2 EMI Countermeasures....................................... 70 4.3 Implementation of the Covert Channel............................... 73 4.3.1 Implementation using Spread Spectrum Clocking............... 73 4.3.2 Implementation using Rise Time Control....................... 74 4.4 Data Encoding.................................................... 75 4.4.1 Channel Capacity........................................... 77 4.5 Practical Example................................................. 79 4.6 Conclusion....................................................... 81 5 Hardware Trust Anchors ........................................... 83 5.1 Introduction...................................................... 84 5.1.1 Related Work.............................................. 85 5.1.2 Contributions.............................................. 86 5.1.3 Outline.................................................... 87 5.2 Background...................................................... 87 5.2.1 Transport Layer Security.................................... 87 5.2.2 TLS with Pre-shared Keys................................... 88 5.2.3 Elliptic Curve Cryptography................................. 92 5.2.4 OMA Lightweight M2M..................................... 97 5.3 Implementation with Symmetric Cryptography HSMs.................. 97 5.4 Implementation with Asymmetric Cryptography HSM................. 102 5.5 Security Evaluation................................................ 105 5.5.1 Security with Asymmetric Cryptography HSMs................. 105 5.5.2 Security with Symmetric Cryptography HSMs.................. 106 5.5.3 Attack Scenarios and Assumptions............................ 106 5.5.4 Theoretic Analysis.......................................... 108 5.5.5 Practical Analysis........................................... 109 5.6 Conclusion....................................................... 111 iii Contents 6 DRAM Scrambling ................................................. 112 6.1 Introduction...................................................... 112 6.1.1 Contributions.............................................. 114 6.1.2 Outline.................................................... 115 6.2 Background...................................................... 115 6.2.1 Scrambling................................................. 115 6.2.2 Linear-feedback Shift Registers............................... 116 6.2.3 DRAM.................................................... 118 6.2.4 LFSR RAM Scrambling..................................... 118 6.3 Problem Description............................................... 119 6.4 Towards Descrambling............................................. 122 6.4.1 Practical LFSR Algorithms.................................. 122 6.4.2 Calculating Memory Offsets.................................. 124 6.4.3 Distinguishing the Scrambler Type............................ 125 6.4.4 Attacking Constant Scrambling............................... 127 6.4.5 Attacking Randomized Scrambling............................ 127 6.4.6 Stencil Attack.............................................. 128 6.4.7 Mathematical Approach..................................... 129 6.4.8 Deinterleaving of Memory.................................... 130 6.5 Experimental Evaluation........................................... 130 6.5.1 Investigated Machines....................................... 130 6.5.2 Applying the Stencil Attack.................................. 131 6.5.3 Dual Channel Mode and Decay Rate.......................... 133 6.5.4 Remanence Effect of DDR3 Memory.......................... 134 6.6 Conclusion and Outlook............................................ 135 7 Conclusion .......................................................... 136 7.1 Absence of a Security Silver Bullet.................................. 136 7.2 Security Silver Linings............................................. 138 Bibliography ........................................................... 140 iv List of Figures 2.1 N-channel metal-oxide semiconductor field effect transistor............. 20 2.2 Idealized inverting CMOS output stage.............................. 21 2.3 CMOS output stage with CGS and CGD modeled...................... 21 2.4 Simplified view of a 4 bit barrel shifter construction made from 16 tri-state buffers.................................................... 24 2.5 Unobfuscated version.............................................. 28 2.6 9 bit, obfuscated ror5 ............................................. 28 2.7 32 bit, obfuscated ror1 ............................................ 28 2.8 32 bit, obfuscated ror2 ............................................ 28 2.9 32 bit, obfuscated ror4 ............................................ 28 2.10 32 bit, obfuscated ror16 ........................................... 28 2.11 Internal construction of the morphing VM...........................