La sécurité dans l'IoT : difficultés, failles et contre-mesures @DevoxxFR

Transcript

1. #DevoxxFR La sécurité dans l'IoT : difficultés, failles et contre-mesures

   Alexis DUQUE @alexis0duque

2. #DevoxxFR ALEXIS DUQUE Embedded Software engineer & R&D leader at

   Rtone PhD Student at CITI Lab, INSA de Lyon @alexis0duque alexisduque [email protected] alexisduque.me https://goo.gl/oNUWu6 About Me 2

3. #DevoxxFR Roadmap • THE INTERNET OF THINGS • NEWS •

   VULNERABILITIES & OWASP TOP 10 • BLUETOOTH LE (UN)SECURITY • DEMO: BLUETOOTH LE (UN)SECURITY • SIDE CHANNELS ATTACKS • COUNTERMEASURES

4. #DevoxxFR Internet Of Things 4

5. #DevoxxFR 5 “20 billions interconnected devices by the year 2020”

   Gartner

6. #DevoxxFR 6 Security ?

7. #DevoxxFR • Uncontrolled Environment • Heterogeneity • Users and Manufacturers

   not aware of security risks • Surface of attacks: hardware + software • Scalability • Constrained Resources 7 IoT Security ?

8. #DevoxxFR • Objects are small and everywhere and connected •

   Prone to environmental influences • Weak calculation and memory (limited for crypto) • They are autonomous • Cyber attacks have real world consequences 8 IoT+Security Challenges

9. #DevoxxFR Attack Surface Area Around 20 attack surface areas on

   the OWASP IoT Project E.g. web Interfaces, physical interfaces, firmware, network, cloud, mobile, API, etc Each attack surface has multiple potential vulnerabilities Firmware packages use old and/or unsupported versions of 3rd party components

10. #DevoxxFR IoT Security Happens On 4 Different Levels 10

11. #DevoxxFR • Need to be able to update firmware •

    Automatic updates? • Needs to be tested on all hardware variants • Download path needs to be secure • Update path needs to be secure 11 Firmware Update

12. #DevoxxFR An Attacket Drem The Hacker’s Paradise!

13. #DevoxxFR IoT Privacy Challenges • How to obtain informed consent?

    • How can people have control over data? • Who is responsible? • How data can be safeguarded? • How do you detect attacks or leaks?

14. #DevoxxFR

15. #DevoxxFR Who Are IoT Hackers ?

16. #DevoxxFR Many of the vulnerabilities discovered are 10 years old!

17. #DevoxxFR SOUS-TITRE Est ut paucos caritas autem.

18. #DevoxxFR

19. #DevoxxFR The Mirai Botnet Over 200,000 devices in original botnet

    623 Gbps attack on Krebs 1 Tbps attack on Dyn Source code released Default credentials Also Reaper (2016), Hajime, Okiru, ...

20. #DevoxxFR

21. #DevoxxFR Vulnerability in the transmitter that reads the device’s data

    Hackers could control a device 465,000 Abbott pacemakers vulnerable to hacking Need a firmware fix Hackable Cardiac Devices

22. #DevoxxFR Bluetooth Vulnerabilities BlueBorne https://www.armis.com/blueborne/ Android, Windows, iOS & Linux

    Amazon Echo and Google Home 8 vulnerabilities

23. #DevoxxFR Heap-based Buffer Overflow Integer Underflow Memory Corruption + Privilege

    Escalation + Remote Code Execution Payload Injection + Remote Code Execution “Heartbleed Like” Data Leak Fake Ip Interface + Packets Interception Bluetooth Vulnerabilities

24. #DevoxxFR OS Vulnerability CVE Id. Description Android Remote Code Execution

    CVE-2017-0781 Furtive attack Android Remote Code Execution CVE-2017-0782 Furtive attack Android Data leak CVE-2017-0785 Heartbleed like Android "Man-In-The-Middle" (MiTM) CVE-2017-0783 Bluetooth "Pineapple" Linux Remote Code Execution CVE-2017- 1000251 - Linux Data leak CVE-2017- 1000250 Heartbleed like iOS Remote Code Execution CVE-2017- 14315 - Windows "Man-In-The-Middle" (MiTM) CVE-2017-8628 Bluetooth "Pineapple"

25. #DevoxxFR

26. #DevoxxFR OWASP IoT Top 10

27. #DevoxxFR What Is OWASP? [owasp.org] “The Open Web Application Security

    Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software” [owasp.org] “The OWASP Internet of Things Project is designed to help manufacturers, developers, and consumers better understand the security issues associated with the Internet of Things, and to enable users in any context to make better security decisions when building, deploying, or assessing IoT technologies”

28. #DevoxxFR OWASP IoT Top 10 1. Insecure Web Interface 2.

    Insufficient Authentication/Authorization 3. Insecure Network Services 4. Lack of Transport Encryption/Integrity Verification 5. Privacy Concerns 6. Insecure Cloud Interface 7. Insecure Mobile Interface 8. Insufficient Security Configurability 9. Insecure Software/Firmware 10.Poor Physical Security

29. #DevoxxFR 1. Insecure Web Interface “Attacker uses weak credentials, captures

    plain-text credentials or enumerates accounts to access the web interface.” • A1:2017 Injection • A7:2017 Cross-Site Scripting (XSS) • A13:2017 Cross-Site Request Forgery (CSRF) Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability EASY Prevalence COMMON Detectability EASY Impact SEVERE Application / Business Specific

30. #DevoxxFR 2. Insufficient Authentication “Attacker uses weak passwords, insecure password

    recovery mechanisms, poorly protected credentials or lack of granular access control to access a particular interface.” A2:2017 Broken Authentication (Mirai) Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence COMMON Detectability EASY Impact SEVERE Application / Business Specific

31. #DevoxxFR Threat Agents Attack Vectors Security Weakness Technical Impacts Business

    Impacts Application Specific Exploitability AVERAGE Prevalence Detectability AVERAGE Impact MODERATE Application / Business Specific 3. Insecure Network Services “Attacker uses vulnerable network services to attack the device itself or bounce attacks off the device.” • Unnecessary open ports • Wifi access to network, e.g. iKettle

32. #DevoxxFR 4. Lack of Transport Encryption/Integrity Verification “Attacker uses the

    lack of transport encryption to view data being passed over the network.” • A5:2017 Broken Access Control • Devices not always connected to internet • Certificates expire Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence COMMON Detectability EASY Impact SEVERE Application / Business Specific

33. #DevoxxFR 5. Privacy Concerns “Attacker uses multiple vectors such as

    insufficient authentication, lack of transport encryption or insecure network services to view personal data which is not being properly protected or is being collected unnecessarily.” • EU General Data Protection Regulation (GDPR) - 25th May 2018 • Requirements for User Consent and Pseudonymisation. • Legal obligation to notify the Supervisory Authority of data breach without undue delay (72 hours?) Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence COMMON Detectability EASY Impact SEVERE Application / Business Specific

34. #DevoxxFR 6. Insecure Cloud Interface “Attacker uses multiple vectors such

    as insufficient authentication, lack of transport encryption and account enumeration to access data or controls via the cloud website.” • A1:2017 Injection Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence COMMON Detectability EASY Impact SEVERE Application / Business Specific

35. #DevoxxFR 7. Insecure Mobile Interface “Attacker uses multiple vectors such

    as insufficient authentication, lack of transport encryption and account enumeration to access data or controls via the mobile interface.” • No best practice? • National Institute of Standards and Technology (NIST) “Guide to Bluetooth Security” Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence COMMON Detectability EASY Impact SEVERE Application / Business Specific

36. #DevoxxFR 8. Insufficient Security Configurability “Attacker uses the lack of

    granular permissions to access data or controls on the device. The attacker could also us the lack of encryption options and lack of password options to perform other attacks which lead to compromise of the device and/or data.” Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence COMMON Detectability EASY Impact MODERATE Application / Business Specific

37. #DevoxxFR 9. Insecure Software/Firmware “Attacker uses multiple vectors such as

    capturing update files via unencrypted connections, the update file itself is not encrypted or they are able to perform their own malicious update via DNS hijacking.” Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability DIFFICULT Prevalence COMMON Detectability EASY Impact SEVERE Application / Business Specific

38. #DevoxxFR 10. Poor Physical Security “Attacker uses vectors such as

    USB ports or other storage means to access the Operating System and potentially any data stored on the device.” • JTAG • Serial bus spy: BUS PIRATE • Oscilloscope Threat Agents Attack Vectors Security Weakness Technical Impacts Business Impacts Application Specific Exploitability AVERAGE Prevalence COMMON Detectability AVERAGE Impact SEVERE Application / Business Specific
39. None

40. #DevoxxFR Bluetooth Low Energy

41. #DevoxxFR Bluetooth Low Energy, BLE, Bluetooth 4/5, Bluetooth SMART One

    of most exploding recently IoT technologies Completely different than previous Bluetooth 2, 3 (BR/EDR) Designed for low energy usage, simplicity rather than throughput Bluetooth LE

42. #DevoxxFR 3 devices roles: Peripheral / Central / Advertiser Read

    - Write - Notifications - Indication Bluetooth 4.0 has weak security mechanisms Bluetooth 4.2 adds strong encryption Bluetooth 5 increase throughput and range Bluetooth LE

43. #DevoxxFR Uses AES-128 with CCM (Counter with CBC-MAC) encryption Uses

    Diffie-Hellman Key Distribution to share various keys • Identity Resolving Key is used for privacy (IRK) • Signing Resolving Key provides fast authentication without encryption (SRK) • Long Term Key is used (LTK) Pairing encrypts the link using a Temporary Key (TK) • Derived from passkey & then distribute keys BLE Security & Pairing

44. #DevoxxFR How to determine the temporary key (TK)? Just Works

    • Devices without display cannot implement other • It’s actually a key of zero 6-digit PIN : In case the device has a display Out of band (OOB) • Not common (understatement – haven’t seen one yet) BLE Security & Pairing

45. #DevoxxFR Bluetooth Core Specification “None of the pairing methods provide

    protection against a passive eavesdropper”

46. #DevoxxFR 4.2 brings strong encryption with Elliptic Curves Diffie-Hellman (ECDH)

    with LE Secure Connection Numeric Comparison to determine the TK In practice, ~80% of tested devices do not implement BLE-layer encryption Bluetooth 4.2 Security

47. #DevoxxFR Why? • Mobile apps cannot control the pairing (OS

    level) • Security is left behind (cost, time, etc.) • Multiple users/apps using the same devices • Hardware, software or even UX • Compatibilities/requirements Bluetooth 4.2 Security

48. #DevoxxFR BLE USB dongle (CSR8510) Ubertooth nRF or TI Sniffer

    Wireshark Hacking Bluetooth LE

49. #DevoxxFR Bluetooth MiTM Attack Btlejuice https://github.com/DigitalSecurity/btlejuice 2 CSR BLE Dongles

50. #DevoxxFR Bluetooth MiTM Attack

51. #DevoxxFR Demo Time

52. #DevoxxFR

53. #DevoxxFR Side Channel Attacks

54. #DevoxxFR • A source of information about secret information besides

    the actual communication channel • Side channels and side-channel analysis is very common – also in everyday life What is a “side channel”? Personal identification system based on rotation of toilet paper rolls, Kurahashi et al. , IEEE PCC 2017

55. #DevoxxFR Side Channel Attacks Example: A PIN Code Check r

    = strcmp(secret_pwd, typed_pwd); if (r==0) { /* grant access */ s = access_secret_data(); } else { /* deny access */ incorrect_password(); } int strcmp(const char* s1, const char* s2) { while(*s1 && (*s1 == *s2)) { s1++; s2++; } return *(const unsigned char*)s1 - *(const unsigned char*)s2; } The execution time of strcmp() is directly proportional to the number of correct PIN digits at the beginning of the PIN!

56. #DevoxxFR Differential Power Analysis (DPA) on AES Side Channel Attacks

57. #DevoxxFR EXAMPLE Meltdown & Spectre

58. #DevoxxFR Countermeasures and best practices

59. #DevoxxFR Security objectives must be considered during the product life

    cycle! • Security “by design” • Risks analysis • Technologies choices and their threat • Architecture requirements for security • Integration in the project workflow • Security review during the project IoT Security Best Practises

60. #DevoxxFR IoT Security Best Practises Cover the main risks! •

    Security Upgrade • Communications encryption and authentication • Use standard crypto • Don’t shared key between devices! • Code integrity, data confidentiality • Restrict and control local access (hardware, …)

61. #DevoxxFR IoT Security Best Practises Cover the main risks! •

    Security Upgrade • Communications encryption and authentication • Use standard crypto • Don’t shared key between devices! • Code integrity, data confidentiality • Restrict and control local access (hardware, …)

62. #DevoxxFR • Lightweight Crypto for the IoT (LWC) • Software

    Security • Code security and proof (standard, best practices, formal analysis) • Hardware Security • Side channel-attack and fault-injection • Secure boot and secure firmware update What Is Coming?

63. #DevoxxFR Protocoles et Algorithmes Cryptographiques Légers pour l’Internet des Objets

    Consortium: Airbus, Loria-CNRS, Rtone, Université de Limoge, Trusted Object, Sophia Conseil Goals: Develop new and IoT compliant crypto primitives and protocols forr domotics (BLE), Smart- Cities @fui_paclido paclido.fr PACLIDO

64. #DevoxxFR • Tamper resistant hardware • Secure firmware • Secret

    keys storage, keys renewal • Crypto. algorithm • Data encryption & decryption Secure Elements

65. #DevoxxFR Conclusion

66. #DevoxxFR 84 billion devices out there. • Devices deployed need

    to be updated Developers need help! • Solutions already exist • Researchers are designing future IoT security standards IoT is going to get worse before it gets better!
67. None

68. #DevoxxFR Merci / Thanks you