Abstract
Establishing SoftWare-Only Root of Trust (SWORT) on a system comprises the attestation of the system’s malware-free state and loading of an authentic trusted-code image in that state, without allowing exploitable time gaps between the attestation, authenticity measurement, and load operations. In this paper, we present facts and fiction of SWORT protocol design on new embedded-systems architectures, discuss some previously unknown pitfalls of software-based attestation, and propose three new attacks. We describe the implementation of the first attack on a popular embedded-system platform (i.e., on the Gumstix FireStorm COM), establish the feasibility of the second, and argue the practicality of the third. We outline several challenges of attack countermeasures and argue that countermeasures must compose to achieve SWORT protocol security.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Repeating the SWATT protocol only a half a dozen times to identify and disregard false positives would be unrealistic for embedded-system platforms such as the Gumstix FireStorm Com where a single checksum execution takes about thirteen minutes; viz., Sect. 4.1.
- 2.
We assume that other SWATT techniques, such as the ones in VIPER [16] are employed to assure malware-free state of I/O device controllers, including NICs, GPUs, and disk, keyboard, and printer controllers.
- 3.
- 4.
- 5.
\(\frac{4}{512\times 1024} = 0.0000076\).
- 6.
The primary reason the overheard added by the six instructions is so small is that the instruction which reads from a pseudo-random memory address in every code block consumes many more CPU cycles than six instructions.
References
ARM. Cortex-A8 technical reference manual. Revision:r3p2, May 2010
Armknecht, F., Sadeghi, A.-R., Schulz, S., Wachsmann, C.: A security framework for the analysis and design of software attestation. In: Proceedings of ACM Conference on Computer and Communications Security, pp. 1–12 (2013)
Bardou, R., Focardi, R., Kawamoto, Y., Simionato, L., Steel, G., Tsay, J.-K.: Efficient padding oracle attacks on cryptographic hardware. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 608–625. Springer, Heidelberg (2012)
Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the ACM Conference on Computer and Communications Security, November 2009
Erdos, P., Renyi, A.: On a classical problem of probability theory. In: Proceedings of Magyar Tudomanyos Akademia Matematikai Kutato Intezetenek Kozlemenyei, pp. 215–220 (1961)
Franklin, J., Luk, M., Seshadri, A., Perrig, A.: Prism: enabling personal verification of code integrity, untampered execution, and trusted I/O or human-verifiable code execution. CyLab Lab Technical report CMU-CyLab-07-010, Carnegie Mellon University (2007)
Garay, J.A., Huelsbergen, L.: Software integrity protection using timed executable agents. In: Proceedings of ACM Symposium on Information, Computer and Communications Security, pp. 189–200 (2006)
Gligor, V.: Dancing with the adversary: a tale of wimps and giants. In: Christianson, B., Malcolm, J., Matyáš, V., Švenda, P., Stajano, F., Anderson, J. (eds.) Security Protocols 2014. LNCS, vol. 8809, pp. 100–115. Springer, Heidelberg (2014)
Kailar, R., Gligor, V., Gong, L.: Effectiveness analysis of cryptographic protocols. In: Proceedings of IFIP Conference on Distributed Computing for Critical Applications. Springer, January 1994
Kennell, R., Jamieson, L.H.: Establishing the genuinity of remote computer systems. In: Proceedings of the USENIX Security Symposium, pp. 295–308 (2003)
Kim, T.H.-J., Huang, L.-S., Perrig, A., Jackson, C., Gligor, V.: Accountable Key Infrastructure (AKI): a proposal for a public-key validation infrastructure. In: Proceedings of International World Wide Web Conference (WWW) (2013)
Klimov, A., Shamir, A.: A new class of invertible mappings. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523. Springer, Heidelberg (2002)
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 447–462 (2010)
Kovah, X., Kallenberg, C., Weathers, C., Herzog, A., Albin, M., Butterworth, J.: New results for timing-based attestation. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 239–253 (2012)
Li, Y., McCune, J.M., Perrig, A.: SBAP: software-based attestation for peripherals. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 16–29. Springer, Heidelberg (2010)
Li, Y., McCune, J.M., Perrig, A.: VIPER: verifying the integrity of peripherals’ firmware. In: Proceedings of ACM Conference on Computer and Communications Security, pp. 3–16 (2011)
Martignoni, L., Paleari, R., Bruschi, D.: Conqueror: tamper-proof code execution on legacy systems. In: Kreibich, C., Jahnke, M. (eds.) DIMVA 2010. LNCS, vol. 6201, pp. 21–40. Springer, Heidelberg (2010)
Parno, B., McCune, J.M., Perrig, A.: Bootstrapping Trust in Modern Computers. SpringerBriefs in Computer Science, vol. 10. Springer, New York (2011)
Sagoian, C., Stamm, S.: Certified lies: detecting and defeating government interception attacks against SSL. In: Proceedings of ACM Symposium on Operating Systems Principles, pp. 1–18 (2010)
Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: SCUBA: secure code update by attestation in sensor networks. In: Proceedings of ACM Workshop on Wireless Security, pp. 85–94 (2006)
Seshadri, A., Luk, M., Qu, N., Perrig, A.: SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In: Proceedings of ACM Symposium on Operating Systems Principles, pp. 335–350 (2007)
Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: verifying integrity and guaranteeing execution of code on legacy platforms. In: Proceedings of ACM Symposium on Operating Systems Principles, pp. 1–16, October 2005
Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: software-based attestation for embedded devices. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 272–282 (2004)
Shaneck, M., Mahadevan, K., Kher, V., Kim, Y.-D.: Remote software-based attestation for wireless sensors. In: Molva, R., Tsudik, G., Westhoff, D. (eds.) ESAS 2005. LNCS, vol. 3813, pp. 27–41. Springer, Heidelberg (2005)
Shankar, U., Chew, M., Tygar, J.: Side effects are not sufficient to authenticate software. In: Proceedings of the USENIX Security Symposium (2004)
Spinellis, D.: Reflection as a mechanism for software integrity verification. ACM Trans. Inf. Syst. Secur. 3(1), 51–62 (2000)
Tam, S.: Modern clock distribution systems. In: Xanthopoulos, T. (ed.) Clocking in Modern VLSI Systems, Chap. 2. Integrated Circuits and Systems, pp. 6–95. Springer, USA (2009)
Texas Instruments. AM/DM37X multimedia device technical reference manual. Version R, September 2012
The Trusted Computing Group. TPM Main specification version 1.2 (revision 116) (2011)
Wollinger, T., Guajardo, J., Paar, C.: Security on FPGAs: state-of-the-art implementations and attacks. ACM Trans. Embed. Comput. Syst. (TECS) 3, 534–574 (2004)
Wurster, G., van Oorschot, P., Anil, S.: A generic attack on checksumming-based software tamper resistance. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 127–138 (2005)
Zhao, J., Gligor, V., Perrig, A., Newsome, J.: ReDABLS: revisiting device attestation with bounded leakage of secrets. In: Christianson, B., Malcolm, J., Stajano, F., Anderson, J., Bonneau, J. (eds.) Security Protocols 2013. LNCS, vol. 8263, pp. 94–114. Springer, Heidelberg (2013)
Acknowledgements
We are grateful to David Brumely, Tom Forest, Di Jin, and Maverick Woo for their comments and suggestions on the research reported herein. This work was supported in part by the Defense Advanced Research Projects Agency (DARPA) under contract N66001-13-2-404 and by a grant from the General Motors (GM) Corporation at CyLab, Carnegie Mellon University. The views and conclusions contained here are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either express or implied, of CMU, GM, DARPA, or the U.S. Government or any of its agencies.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Li, Y., Cheng, Y., Gligor, V., Perrig, A. (2015). Establishing Software-Only Root of Trust on Embedded Systems: Facts and Fiction. In: Christianson, B., Švenda, P., Matyáš, V., Malcolm, J., Stajano, F., Anderson, J. (eds) Security Protocols XXIII. Security Protocols 2015. Lecture Notes in Computer Science(), vol 9379. Springer, Cham. https://doi.org/10.1007/978-3-319-26096-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-26096-9_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26095-2
Online ISBN: 978-3-319-26096-9
eBook Packages: Computer ScienceComputer Science (R0)