Daniel M. Hein

ECC Is Ready for RFID --- A Proof in Silicon

This paper presents the silicon chip ECCon, an Elliptic Curve Cryptography processor for application in Radio-Frequency Identification. The circuit is fabricated on a 180 nm CMOS technology. ECCon features small silicon size (15K GE) and has low power consumption (8.57 μW). It computes 163-bit ECC point-multiplications in 296k cycles and has an ISO 18000-3 RFID interface. ECCons very low and nearly constant power consumption makes it the first ECC chip that can be powered passively. This major breakthrough is possible because of a radical change in hardware architecture. The ECCon datapath operates on 16-bit words, which is similar to ECC instruction-set extensions. A number of innovations on the algorithmic and on the architectural level substantially increased the efficiency of 163-bit ECC. ECCon is the first demonstration that the proof of origin via electronic signatures can be realized on RFID tags in 180 nm CMOS and below.

A PrivacyCA for Anonymity and Trust

Trusted Computing (TC) as envisioned by the Trusted Computing Group promises a solution to the problem of establishing a trust relationship between otherwise unrelated platforms. In order to achieve this goal the platform has to be equipped with a Trusted Platform Module (TPM), which is true for millions of contemporary personal computers. The TPM provides solutions for measuring the state of a platform and reporting it in an authentic way to another entity. The same cryptographic means that ensure the authenticity also allow unique identification of the platform and therefore pose a privacy problem. To circumvent this problem the TCG proposed a trusted third party, the Privacy Certification Authority (PrivacyCA). Unfortunately, currently no PrivacyCA is generally available. In this paper we introduce our freely available implementation of a PrivacyCA. In addition, our PrivacyCA is itself a trusted service. It is capable of reporting its state to clients. Furthermore, we use a novel way to minimize the Trusted Computing Base of Java-based applications in conjunction with hardware-supported virtualization. We automatically generate the service interface from a structural specification. Thus, to the best of our knowledge, we were not only first to make this crucial service publicly available, but now also provide a trustworthy service whose privacy policy can be attested to its users by employing TC mechanisms.

Malware detection by applying knowledge discovery processes to application metadata on the Android Market Google Play

Recent smartphone platforms based on new operating systems, such as iOS, Android, or Windows Phone, have been a huge success in recent years and open up many new opportunities. Unfortunately, 2011 also showed us that the new technologies and the privacy-related data on smartphones are also increasingly interesting for attackers. Especially, the Android platform has been the favorite target for malware, mainly because of the openness of the platform, the ability to install applications from other sources than the Android Market, and the significant gains in market share. Although the processes of detecting and analyzing malware are well known from the PC world, where the arms race between attackers and defenders has continued for the past 15years, they cannot be directly applied to smartphone platforms because of differences in the hardware and software architectures. In this paper, we first give an overview of the current malware situation on smartphone platforms with a special focus on Android and explain relevant malware detection and analysis methods. It turns out that most of the current malware relies on the installation by the user, who represents the last line of defense in malware detection. With these conclusions, we then present a new malware detection method that focuses on the information that the user is able to see prior to the installation of an application-the metadata within the platforms software market. Depending on the platform, this includes the applications description, its permissions, the ratings, or information about the developer. To analyze these data, we use sophisticated knowledge discovery processes and lean statistical methods. By presenting a wide range of examples based on real application metadata extracted from the Android Market, we show the possibilities of the new method. With the possibilities, we argue that it should be an essential part of a complete malware analysis/detection chain that includes other well-known methods such as network traffic analysis, or static, or dynamic code inspection. Copyright

Attacking ECDSA-Enabled RFID Devices

The elliptic curve digital signature algorithm (ECDSA) is used in many devices to provide authentication. In the last few years, more and more ECDSA implementations have been proposed that allow the integration into resource-constrained devices like RFID tags. Their resistance against power-analysis attacks has not been scrutinized so far. In this article, we provide first results of power-analysis attacks on an RFID device that implements ECDSA. To this end, we designed and implemented a passive RFID-tag prototype. The core element of the prototype is a low-power ECDSA implementation realized on 180 nm CMOS technology. We performed power and electromagnetic attacks on that platform and describe an attack that successfully reveals the private-key during signature generation. Our experiments confirm that ECDSA-enabled RFID tags are susceptible to these attacks. Hence, it is important that they implement countermeasures which prevent the forging of digital signatures.

Securing smart maintenance services: Hardware-security and TLS for MQTT

Increasing the efficiency of production and manufacturing processes is a key goal of initiatives like Industry 4.0. Within the context of the European research project ARROWHEAD, we enable and secure smart maintenance services. An overall goal is to proactively predict and optimize the Maintenance, Repair and Operations (MRO) processes carried out by a device maintainer, for industrial devices deployed at the customer. Therefore it is necessary to centrally acquire maintenance relevant equipment status data from remotely located devices over the Internet. Consequently, security and privacy issues arise from connecting devices to the Internet, and sending data from customer sites to the maintainers back-end. In this paper we consider an exemplary automotive use case with an AVL Particle Counter (APC) as device. The APC transmits its status information by means of a fingerprint via the publish-subscribe protocol Message Queue Telemetry Transport (MQTT) to an MQTT Information Broker in the remotely located AVL back-end. In a threat analysis we focus on the MQTT routing information asset and identify two elementary security goals in regard to client authentication. Consequently we propose a system architecture incorporating a hardware security controller that processes the Transport Layer Security (TLS) client authentication step. We validate the feasibility of the concept by means of a prototype implementation. Experimental results indicate that no significant performance impact is imposed by the hardware security element. The security evaluation confirms the advanced security of our system, which we believe lays the foundation for security and privacy in future smart service infrastructures.

An autonomous attestation token to secure mobile agents in disaster response

Modern communication and computing devices have the potential to increase the efficiency of disaster response. Mobile agents are a decentralized and flexible technology to leverage this potential. While mobile agent platforms suffer from a greater variety of security risks than the classic client-server approach, Trusted Computing is capable of alleviating these problems. Unfortunately, Remote Attestation, a core concept of Trusted Computing, requires a powerful networked entity to perform trust decisions. The existence and availability of such a service in a disaster response scenario cannot be relied upon. In this paper we introduce the Autonomous Attestation Token (AAT), a hardware token for mobile computing devices that is capable of guaranteeing the trusted state of a limited set of devices without relying on a networked service. We propose a Local Attestation protocol with user interaction that in conjunction with the AAT allows to prevent unauthorized access to an emergency mobile agent platform.

An Autonomous Attestation Token to Secure Mobile Agents in Disaster Response

Modern communication and computing devices have the potential to increase the efficiency of disaster response. Mobile agents are a decentralized and flexible technology to leverage this potential. While mobile agent platforms suffer from a greater variety of security risks than the classic client-server approach, Trusted Computing is capable of alleviating these problems. Unfortunately, Remote Attestation, a core concept of Trusted Computing, requires a powerful networked entity to perform trust decisions. The existence and availability of such a service in a disaster response scenario cannot be relied upon.

Android encryption systems

The high usability of smartphones and tablets is embraced by consumers as well as the corporate and public sector. However, especially in the non-consumer area the factor security plays a decisive role for the platform-selection process. All of the current companies within the mobile device sector added a wide range of security features to the initially consumer-oriented devices (Apple, Google, Microsoft), or have dealt with security as a core feature from the beginning (RIM, now Blackerry). One of the key security features for protecting data on the device or in device backups are encryption systems, which are available in the majority of current devices. However, even under the assumption that the systems are implemented correctly, there is a wide range of parameters, specific use cases, and weaknesses that need to be considered when deploying mobile devices in security-critical environments. As the second part in a series of papers (the first part was on iOS), this work analyzes the deployment of the Android platform and the usage of its encryption systems within a security-critical context. For this purpose, Androids different encryption systems are assessed and their susceptibility to different attacks is analyzed in detail. Based on these results a workflow is presented, which supports deployment of the Android platform and usage of its encryption systems within security-critical application scenarios.

Hardware-security technologies for industrial IoT: TrustZone and security controller

The transition from product-centric to service-centric business models presents a major challenge to industrial automation and manufacturing systems. This transition increases Machine-to-Machine connectivity among industrial devices, industrial controls systems, and factory floor devices. While initiatives like Industry 4.0 or the Industrial Internet Consortium motivate this transition, the emergence of the Internet of Things and Cyber Physical Systems are key enablers. However, automated and autonomous processes require trust in the communication entities and transferred data. Therefore, we study how to secure a smart service use case for industrial maintenance scenarios. In this use case, equipment needs to securely transmit its status information to local and remote recipients. We investigate and compare two security technologies that provide isolation and a secured execution environment: ARM TrustZone and a Security Controller. To compare these technologies we design and implement a device snapshot authentication system. Our results indicate that the TrustZone based approach promises greater flexibility and performance, but only the Security Controller strongly protects against physical attacks. We argue that the best technology actually depends on the use case and propose a hybrid approach that maximizes security for high-security industrial applications. We believe that the insights we gained will help introducing advanced security mechanisms into the future Industrial Internet of Things.

Group Signatures on Mobile Devices: Practical Experiences

Group signature schemes enable participants to sign on behalf of a group in an anonymous manner. The upcoming ISO20008-2 standard defines seven such schemes, which differ in terms of capabilities, used crypto systems and revocation approaches. Further information about practical considerations, such as runtime performance or implementation overhead is considered useful when deciding for a certain scheme. We present a Java framework that allows for a detailed comparison of the mechanisms, of which three are already implemented. For these implemented mechanisms, a detailed performance evaluation is shown for both a notebook and Android-based mobile devices. Furthermore, significant experiences during implementing and evaluating the schemes as well as crucial bottlenecks are pointed out. We remain in the flexible Java environment, without special platform-specific optimizations. Using precomputation, we already achieve acceptable online signing timings. Signing times are considered most important given proposed application scenarios.