1 / 24

Mobile Appliance Security: Concerns and Challenges

Mobile Appliance Security: Concerns and Challenges. Mahesh Mamidipaka ICS 259: Seminar in Design Science. 1. Securing Mobile Appliances: New Challenges for the System Designer - A. Raghunathan, S. Ravi, S. Hattangady, J. Quisquater (DATE’ 03) 2. Masking Energy Behavior of DES Encryption

rocco
Download Presentation

Mobile Appliance Security: Concerns and Challenges

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for the System Designer - A. Raghunathan, S. Ravi, S. Hattangady, J. Quisquater (DATE’ 03) 2. Masking Energy Behavior of DES Encryption - H. Saputra, N. Vijaykrishnan, N. Kandemir, et al. (DATE’ 03) 3. Wireless Network Security - Tom Karrygiannis and Jes Owens, NIST http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf

  2. Outline • Introduction • Security Concerns • Design Challenges • Security Attacks on Smart Cards • Power analysis based attack • Masking Energy Behavior for DES Encryption (DATE’ 03)

  3. Introduction • Mobile appliances widely used (PDAs, Cell Phones, Smart Cards, etc.) • Involves sensitive information: increased security concerns • Success of emerging technologies to depend on ensuring adequate security • Security cited as single largest concern among prospective m-commerce users

  4. Unique Challenges • Knowledge and experience from wired internet gives us a head start (not sufficient) • Unique challenges: • Use of public transmission medium • Potentially unlimited points of access • Vulnerable to theft, loss, and corruptibility • Constraints on power, cost, and weight • Need for techniques at every aspect of design to meet the challenges

  5. Outline • Introduction • Security Concerns • Design Challenges • Security Attacks on Smart Cards • Masking Energy Behavior for DES Encryption

  6. Secure SW Execution Secure Storage Secure Data Communication Security Issues Tamper-resistant Implementation User Identification Secure Content Secure Network Access

  7. Secure Data Communication • Employ security protocols to various layers of network protocol stack • Achieve peer authentication, privacy, data integrity etc. • cryptographic algorithms act as building blocks • Examples Network layer protocols: • Cellular technologies: GSM, CDPD • Wireless LAN: IEEE 802.11 • Wireless PAN: Bluetooth • Distinct protocols needed at various layers • Network layer protocol secures link between wireless client, access point, base station or gateway • Need complementary security mechanisms at higher protocol layers (Eg. WTLS in WAP)

  8. Outline • Introduction • Security Concerns • Design Challenges • Security Attacks on Smart Cards • Masking Energy Behavior for DES Encryption

  9. Design Challenges • Various challenges and considerations for mobile appliance security • Flexible security architecture: to support diverse security protocols and crypto algorithms • Computational requirement for security processing • Impact of security processing on battery life • Tamper-resistant implementation

  10. Flexibility • Ability to cater wide variety of security protocols • Example: Support for both WEP and 3GPP algorithms to work in LAN and 3G cellular environments • Support for distinct security standards at different layers of network protocol stack • Example: WEP (link layer) and SSL (transport layer) support for wireless LAN enabled PDA with web support • Security protocols continuously evolving • Protocols revised to enable new security services, new crypto algorithms etc.

  11. Computational Requirements Processing Requirements for a security protocol using RSA based Connection 3DES based encryption/decryption and SHA based integrity

  12. Battery life • Reduced battery life due to increased computational requirements • Case study: Sensor node with Motorola Dragon Ball processor (MC68328) • Energy Consumption: • Transmission: 21.5 mJ/KB • Reception: 14.3 mJ/KB • RSA based encryption: 42mJ/KB

  13. Tamper-Resistance • Security protocols and mechanisms are independent of implementation specifics • Assumption being malicious entities do not have access to implementation • Observing properties of the implementation can enable breaking of ‘secret key’ • Sensitive data is vulnerable • During on-chip communication • When simply stored in mobile appliance (secondary storage like flash, main memory, caches, register files)

  14. Outline • Introduction • Security Concerns • Design Challenges • Security Attacks on Smart Cards • Masking Energy Behavior for DES Encryption

  15. Security Attacks on Smart Cards • Security attacks on smart cards can be classified as: • Microprobing • Invasive technique that manipulates the internal circuits • Software attacks • Focuses on protocol or algorithm weakness • Eavesdropping • Hacks secret keys by monitoring power consumption, EM radiation, and execution time • Fault generation • Based on intentional malfunction of the circuit • Techniques like supply voltage change, exposing circuit to radiation etc.

  16. Eavesdropping power profile • Rationale: Power consumption of an operation depends on its operand values • Operands are plain text and secret key in crypto algorithms • Switching activity varies in memory, buses, datapath units, and pipeline registers based on operand values • Different degrees of sophistication involved in power analysis based attacks • Simple Power Analysis (SPA): uses single power profile • Differential Power Analysis (DPA): uses power profiles from multiple runs

  17. Simple Power Analysis • Based on single power trace for operations • Identify operations being performed based on power profile • Whether a branch is taken or not • Whether an exponentiation operation is performed or not • Knowing the algorithm and power profile, secret key can be revealed • Protection from SPA: • Code restructuring • Random noise insertion for power variation • Adding dummy modules

  18. Differential Power Analysis • Utilizes power profiles gathered from multiple runs • Basic principle similar to SPA: relies on data dependent power variation to break key • Averaging used to eliminate random noises • P.Kocher, J. Jaffer, and B. Jun “Introduction to Differential Power Analysis and Related Attacks”, http://www.cryptography.com/dpa/technical, 1998

  19. Outline • Introduction • Security Concerns • Design Challenges • Security Attacks on Smart Cards • Masking Energy Behavior for DES Encryption

  20. Energy Masking for DES • Architecture to have secure and non-secure instructions • Power consumption for secure instructions data independent • Critical operations in DES encryption: • Assignment • Bit by bit addition modulo 2 (XOR) • Shift operation • Indexing operation • Instructions involving secret key replaced with secure instructions

  21. Secure load instruction

  22. Energy consumption profiles

  23. Masking energy in DES • Energy consumption more for secure instructions than non-secure instructions • EDiss w/o masking: 46.4 uJ • EDiss w/ naïve masking: 63.6 uJ (all loads and stores masked) • EDiss w/ smart masking: 52.6 uJ (only ‘secret key’ related instructions masked)

  24. Back to presentation

More Related