Information Security of Embedded Systems 27.1.2010: remote access, wireless networks Prof. Dr....

Information Security of Embedded Systems

27.1.2010: remote access, wireless networks

Prof. Dr. Holger SchlingloffInstitut für Informatik

undFraunhofer FIRST

27.1.2010Embedded Security © Prof. Dr. H. Schlingloff 2010 2

Structure

1. Introductory example2.Embedded systems

engineering1. definitions and terms2. design principles

3.Foundations of security1. threats, attacks, measures2. construction of safe

systems

4.Design of secure systems1. design challenges2. safety modelling and

assessment3. cryptographic algorithms

5. Communication of embedded systems

1. remote access2. sensor networks

6. Algorithms and measures

1. digital signatures2. key management3. authentication4. authorization

7. Formal methods for security

1. protocol verification2. logics and proof

methods


Communication of Embedded Systems

•Various wired and wireless bus systems are being used CAN, LIN, MOST, I2C, … GSM, UMTS, … WiFi, Bluetooth, …

•Security considerations general rule: newer standards are more secure known problems with nearly all standards


Wireless Data Communication

•History: replacement of cables First: “make it work” Then: specialization (application-specific) Now: security vs. resource limitations

•Trend: All IP coalescence of telephone and data

communication(“B3G”, “NGN”, “4G”)

data- vs. knowledge-communication, semantic net


WLAN (802.11x)

• 802.11 a,b (1999); 802.11 g,h(2003)

• Widely used (2003 Intel Centrino)

• Point-to-point and Access-point networking

• Local data transfer, internet-connectivity, integration in company or private networks

• Air frequencies openly accessible (cf. mobile phones)

• Threats: illegitimate foreign hard disk access, unauthorized use of connectivity, unauthorized data access, masking and fake identities


WLAN Security Measures

•Frequency hopping ( pseudo-random)

•SSID cloaked mode ( eavesdropping)

•MAC address control ( spoofing)•VPN and CHAP (Server must know user

passwords, Client calculates hash key possible attacks)

•WEP ( next slide)

•WPA with EAP and TKIP


WEP

• “Wired Equivalent Privacy”, Authentication & secured communication via symmetric encryption and checksums

• Authentication by challenge-response; client proves knowledge of the common key up to 4 keys are possible; choice by client; 40 bit weak all user (and all access points) need to know the key(s);

key exchange difficult access point does not authentify itself to the client!

- sending of challenges, analysing responses- denial-of-service, logoff of clients

• Checksums (CRC) instead of secure hashing modification and generation of messages even without key! redirection of communication (IP-address-faking)


WEP-Attack 1

• CRC-property: CRC(M M’)=CRC(M) CRC(M’)

• RC-4-property: M Key Key = M

(M|CRC(M)) Key

(M|CRC(M)) Key (D|CRC(D))

(M|CRC(M)) Key (D|CRC(D)) Key =(M+D)|CRC(M+D)


WEP-Attack 2

2. (M|CRC(M)) Key 3. (M|CRC(M)) Key (M|CRC(M)) (M’|CRC(M’))

1. M

M’|CRC(M’)


WPA

•WiFi Protected Access•128 bit, AES/TKIP (temporal key integrity

protocol) message integrity code (MIC) sequence numbering against replay-attacks key management, key mixing, quasi asymmetric encryption master key, session keys, key renewal

•EAP (extensible authentication protocol) password-based, certificate-based, SIM-based forwarding of requests to a designated server still no authentication of server! ( PEAP)


Sensor Networks

• Network of small, cheap, low-power nodes e.g. earthquake early warning system e.g. ambient assisted living e.g. wireless controller network e.g. logistics routing

Construction of threat scenarios?

• Self-organization new nodes must integrate into the network the network must be able to build “trust”

• Several emerging radio technologies


Bluetooth Security

•Replacement of IrDA•Bluetooth profiles (> 30)

headset, AV remote control, telephony, obj exchange, ftp, serial, lan, pan, health devices…

•Security mechanisms visibility restrictions (“non-discoverable”) pairing via passkey or PIN unit keys encrypted communication frequency hopping


Bluetooth Security

http://grouper.ieee.org/groups/1451/5/Comparison%20of%20PHY/Bluetooth_24Security_Paper.pdf


Vulnerabilities and Attacks

• Passkey for headsets: 1234 or 0000• Default discoverability• Pairing in public areas

mobile phone always accepts a basic L2CAP connection request without acceptance of the user

• Scanning for bluetooth addresses MAC address ranges of devices are known

• Eavesdropping air frequencies Pseudo-random frequency hopping scheme

• Reading passkeys from compromised devices• Unauthorized access to information on devices

http://www.securityfocus.com/infocus/1830


• Public “Blue Kiosk” vulnerability: display of

device by name only

• Stack overflow attacks vCard file names in File Transfer or

Object Push

• Activating the microphone• Tracking and positioning attacks

triangulation antenna extensions


ZigBee

http://www.zigbee.org/imwp/idms/popups/pop_download.asp?contentID=9436






• Infrastructure security network access; keys installed in a trusted

environment integrity of packet routing

• Application data security message integrity authentication data encryption

• Configurability of security memory and computational constraints

Date post:	21-Dec-2015
Category:	Documents
View:	212 times
Download:	0 times

Information Security of Embedded Systems 27.1.2010: remote access, wireless networks Prof. Dr....

Documents