testing the security of embedded systems: side-channel ......kasper & oswald gmbh, bochum,...
TRANSCRIPT
![Page 1: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/1.jpg)
Kasper & Oswald GmbH, Bochum, Ruhrpott
www.kasper-oswald.de
Stuttgart, 7. Mai 2019
Testing the Security of Embedded Systems: Side-Channel Attacks,Reverse Engineering, and more
David Oswald
Vector Testing Symposium
![Page 2: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/2.jpg)
2
Classical IT security (software, interfaces)
![Page 3: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/3.jpg)
3
Embedded security (hardware, firmware,
interfaces)
CC-BY-SA-3.0Albert Belchers
![Page 4: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/4.jpg)
4
Research Question:
Security of Embedded Devices?
![Page 5: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/5.jpg)
5
An implementation attack ...
![Page 6: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/6.jpg)
6
Principle of Side-Channel Analysis(here: listen to Sound)
A Bank Robbery
![Page 7: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/7.jpg)
7
Principle of Side-Channel Analysis
The world is changing…
![Page 8: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/8.jpg)
8
Principle of Side-Channel Analysis(Monitor the power consumption / run-time)
The world is changing…
…the tools are, too.
![Page 9: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/9.jpg)
9
![Page 10: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/10.jpg)
10
![Page 11: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/11.jpg)
Case Study:Remote Keyless Entry
![Page 12: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/12.jpg)
12
Remote Keyless Entry (1)Uni-directional
First systems: Fixed code
123xbhdsgf …123xbhdsgf …123xbhdsgf …
![Page 13: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/13.jpg)
14
Remote Keyless Entry (2)Uni-directional with Crypto
Industry reacts: Rolling code
encrypt(124)encrypt(125)
…
Cipher
![Page 14: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/14.jpg)
15
Remote Keyless Entry (2)Uni-directional with Crypto
Industry reacts: Rolling code
encrypt(124)encrypt(125)
…
Cipher
BUT there are attacks ...
Option 1:Attack key management
Option 2:Attack crypto
![Page 15: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/15.jpg)
Side-Channel Attacks on KeeLoq
(Crypto 2008)
![Page 16: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/16.jpg)
17
Side-Channel Analysis of KeeLoq:Management Summary
Power analysis attack (with physical access):
clone a remote control from 10 power measurements
obtain manufacturer key from 1 power measurement
Flaw of KeeLoq system:
Key derivation from manufacturer key kM
– kremote_control = f(#ser, kM)
– kM used in every receiver of manufacturer M
– Single point-of-failure
![Page 17: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/17.jpg)
18
Case Study: KeeLoq RollcodeGerman TV (3Sat NANO, 2008)
![Page 18: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/18.jpg)
Automotive RKE(Usenix 2016)
![Page 19: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/19.jpg)
20
Santa‘s Problem
![Page 20: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/20.jpg)
21
Santa’s Secret: RKE of Cars
![Page 21: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/21.jpg)
So how did Santa do it?
22
![Page 22: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/22.jpg)
23
VW Group RKE
Step 1: Eavesdropping & decoding
![Page 23: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/23.jpg)
Step 2: Obtain ECUs for analysis (eBay) ...
24
![Page 24: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/24.jpg)
25
25
![Page 25: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/25.jpg)
26
26
![Page 26: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/26.jpg)
27
27
![Page 27: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/27.jpg)
28
Reverse engineering
Step 3: Reverse-engineering ECUs
![Page 28: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/28.jpg)
29
Management Summary
VW Group: secure crypto ≠ secure system
• extract a few worldwide keys
instantly copy a remote control from 1 signal
• RF attack highly practical and scalable
![Page 29: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/29.jpg)
30
VW Group: Affected Vehicles
• Audi: A1, Q3, R8, S3, TT, other types of Audi cars (e.g. remote control 4D0 837 231)
• VW: Amarok, (New) Beetle, Bora, Caddy, Crafter, e-Up, Eos, Fox, Golf 4, Golf 5, Golf 6, Golf Plus, Jetta, Lupo, Passat, Polo, T4, T5, Scirocco, Sharan, Tiguan, Touran, Up
• Seat: Alhambra, Altea, Arosa, Cordoba, Ibiza, Leon, MII, Toledo
• Skoda: City Go, Roomster, Fabia 1, Fabia 2, Octavia, Superb, Yeti
• In summary: most VW group vehicles between 1995 and 2016/17 except the new Golf 7 (MQB) platform
![Page 30: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/30.jpg)
31
Hitag2 RKE Attack Demo
![Page 31: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/31.jpg)
32
Vehicles we tested using Hitag2 RKE
Opel | Astra H | 2008Opel | Corsa D | 2009Fiat | Grande Punto | 2009
![Page 32: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/32.jpg)
33
Management Summary
VW Group: secure crypto ≠ secure system
• extract a few worldwide keys
instantly copy a remote control from 1 signal
• RF attack highly practical and scalable
Hitag2: diversified keys but bad crypto
• eavesdrop ≈ 4 to 8 signals (key presses)
copy remote control with some computations
Poor crypto is bad, but poor key management is worse.
![Page 33: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/33.jpg)
Case Study: RFID Cards
![Page 34: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/34.jpg)
36
Examples for RFID cards w/ crypto
Broken crypto
• 125 kHz: Hitag 1/2/S, Megamos, …
• 13.56 MHz: Mifare Classic, HID iClass, Legic Prime, …
Cloning possible with medium effortsSecure crypto
• 13,56 MHz: Mifare DESfire EV1/2, NXP SmartMX, Infineon SLE XX, JCOP, …
Cloning „impossible“
Unknown: Legic Advant
![Page 35: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/35.jpg)
KeeLoq(Crypto 2008)
![Page 36: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/36.jpg)
38
Analysis of the ID-Card 1/2 Extracting Keys
• test our key-recovery on ID-Card extraction of all secret keys
• another ID-Card contains the same keys
• a third ID-Card contains the same keys
...• surprising discovery:
All ID-Cards have identical keys !
38
![Page 37: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/37.jpg)
39
Real-World Tests
• clone ID-Cards (copy to blank card)
payments with clones accepted ?
• modify credit balances payments with “counterfeit money” possible ?
• production of “new” cards (new card number) pay with arbitrarily generated cards ?
No effective countermeasures in the back-end !
![Page 38: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/38.jpg)
40
new issued cards are Mifare DESfire (EV1)
old Mifare Classic cards are still working
improved backend: shadow accounts are used(…and still manually checked…)
Analysis of a Contactless Payment System5 years after the Attack ….
Improve
Report flaws
![Page 39: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/39.jpg)
41
as a Virtual Wallet
![Page 40: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/40.jpg)
A Versatile NFC Emulator and more
![Page 41: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/41.jpg)
43
2006: Kaffeetassen Transponder(Coffee Cup Tag)
![Page 42: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/42.jpg)
44
Rev.E
open source project: https://github.com/emsec/ChameleonMini
• 8 card slots
• Integratedantenna
• Improved USBcommand set
• Widespread
![Page 43: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/43.jpg)
45
Rev.Evisits the University of Aveiro, Portugal, Part 1: Barriers
![Page 44: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/44.jpg)
46
Rev.G
• (Basic) RFID Reader• ATXMega128 + FRAM• Li-Ion Battery
• 8 virtual card slots• ISO 14443/ ISO 15693• Log Mode
![Page 45: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/45.jpg)
47
and E-Mobility(“Ladekarten” used all over Europe)
Source: https://github.com/emsec/ChameleonMini/issues/140
Identify with UID ofMifare Classic …
![Page 46: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/46.jpg)
48
and E-Mobility
Source: youtube
![Page 47: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/47.jpg)
What to do?A system designer‘s
perspective
![Page 48: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/48.jpg)
50
Secure Against Cyber Attacks
![Page 49: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/49.jpg)
51
A System Designer‘s Perspective:How to Secure The Internet of Things?
Use standard crypto and standard protocols
Test the security of your system!
Implementation attacks: Practical threat, but:
– Use certified devices (secure hardware)
– Algorithmic countermeasures (secure software)
System level: Second line of defense!
– Shadow accounts / Logging (detect fraud)
– Key diversification (minimize impact)
– Fallback plan (update, notify, …)
![Page 50: Testing the Security of Embedded Systems: Side-Channel ......Kasper & Oswald GmbH, Bochum, Ruhrpott Stuttgart, 7. Mai 2019 Testing the Security of Embedded Systems: Side-Channel Attacks,](https://reader031.vdocuments.net/reader031/viewer/2022013022/5f31571d16c4e1238302b9b2/html5/thumbnails/50.jpg)
52
Expect the unexpected.