Evaluation and Analysis of Timing Leakage from Hardware Accelerators embedded in Wireless IoT Microcontrollers

Abstract BA Thesis: Evaluation and Analysis of Timing Leakage in the context of Wireless IoT Microcontrollers

Pascal Goldbrunner1, Alexander Wagner2

Technical University of Munich

pascal.goldbrunner@tum.de

In recent years an increasing number of Internet of Things (IoT) devices have been developed for var- ious types of applications. Besides home automation, which is most often associated with the IoT, many more applications exist where these devices are uti- lized. For example remote health monitoring, traf- fic control, smart parking and smart manufacturing. As these applications allow virtually only commod- ity low-cost and resource-constrained devices, they often consist of a standard microcontroller. Despite the use of simple hardware, security and privacy must be guaranteed. Therefore, hardware vendors enhance their microcontrollers by adding feature-rich crypto- graphic hardware accelerators. These accelerators en- able developers to build secure IoT products, while still having most of the general purpose processing power available for their application. However, from a developers point of view, these are a mere black- box. The accelerators are closed source and of course do not allow for any public review by a third party. So developers must currently trust the manufacturer that there are no cryptographic vulnerabilities.

Considering prominent examples such as the ROCA RSA vulnerability [4] and the TPM timing attack [3], we see a need to overcome the trust issue by replacing it with automated testing. In order to achieve this we plan to use existing open source tools, for example the ECTester, which can already be used for smart cards or software libraries. [1] But to allow testing of hardware accelerators, these tools need to be adapted for the microcontroller domain. Ideally, we want to have a tool that verifies if the hardware accelerator of a given microcontroller is susceptible to well known attacks.

In this thesis we focus on timing analyses, which is a side channel analysis especially relevant in the context of networks. In principle they are based on measuring the runtime of an algorithm and then uti- lizing any timing leakage to recover the secret. In the context of Elliptic Curve Cryptography (ECC) they enable so-called lattice attacks [2]. The following briefly describes how we can perform such an analy- sis on the Elliptic Curve Digital Signature Algorithm, short ECDSA.

We start by capturing multiple signatures and measuring the execution time. The runtime is plotted against variants of the inputs of the algorithm, for example the bit length of the nonce, to visualize any timing leakage, that might exist. If such leakage is present, we filter the recordings in order to have signatures where parts of the nonce is known. With that a lattice attack can be performed to recover the secret key.

Furthermore, we will evaluate the potential threat of timing leakage in combination with common IoT protocols, for example Bluetooth Low Energy, Zigbee and WirelessHART. For this, we will first research which protocols use Elliptic Curve Cryptography for their secure communication and are thus susceptible to the previously stated attacks. With the help of ex- emplary implementations, we will take a closer look at the limitations of the timing analysis. This should, for example, allow to estimate whether an attack can be carried out remotely or requires physical access to the device. Based on the results we will evaluate if any attack vectors could be present in real world applications.