:::: MENU ::::
Posts tagged with: security
Mar 9, 2020    |      0 comments

Bluetooth 보안 문제 – SweynTooth

블루투스 소프트웨어 스텍에서 발견된 문제들. 다수의 칩 벤더들의 SDK에 문제(deadlocks, crashes and buffer overflows or completely bypass security)가 있어서 패치가 제공되었다.

Table 1: Vulnerabilities type and affected vendors
Type
Vulnerability Name
Affected Vendors
 CVE
Crash
Link Layer Length Overflow
Cypress
 CVE-2019-16336 (6.1)
NXP
 CVE-2019-17519 (6.1)
Truncated L2CAP Dialog Semiconductors CVE-2019-17517 (6.3)
Silent Length Overflow Dialog Semiconductors CVE-2019-17518 (6.4)
Public Key Crash Texas Instruments CVE-2019-17520 (6.6)
Invalid L2CAP Fragment Microchip CVE-2019-19195 (6.8)
Key Size Overflow Telink Semiconductor CVE-2019-19196 (6.9)
Deadlock
LLID Deadlock
Cypress
 CVE-2019-17061 (6.2)
NXP
 CVE-2019-17060 (6.2)
Sequential ATT Deadlock STMicroelectronics CVE-2019-19192 (6.7)
Invalid Connection Request Texas Instruments CVE-2019-19193 (6.5)
Security Bypass Zero LTK Installation Telink Semiconductor CVE-2019-19194 (6.10)
Table 2: Vulnerabilities and SDK versions of the affected SoCs.* indicates extra affected SoCs reported by the vendor not tracked by our team.
Vuln.
SoC Vendor
SoC Model
 SDK Ver.
Qualification ID(s)
BLE Version 5.0/5.1
6.1,6.2 Cypress (PSoC 6) CYBLE-416045 2.10 99158
6.5,6.6 Texas Instruments CC2640R2 3.30.00.20 94079
6.9,6.10 Telink TLSR8258 3.4.0 92269, 136037
6.7 STMicroelectronics WB55 1.3.0 111668
6.7 STMicroelectroncis BlueNRG-2 3.1.0 87428, 106700, 94075
6.4 Dialog DA1469X* 10.0.6 100899
6.3 Dialog DA14585/6* 6.0.12.1020 91436
BLE Version 4.2
6.1,6.2 Cypress (PSoC 4) CYBL11573 3.60 62243, 136808, 79697, 82951, 79480
6.1,6.2 NXP KW41Z 2.2.1 84040
6.4 Dialog DA14680 1.0.14.X 87407, 84084, 71309, 75255
BLE Version 4.1
6.5 Texas Instruments CC2540 1.5.0 23454, 127418
6.3 Dialog DA14580 5.0.4 83573
6.8 Microchip ATSAMB11 6.2 73346

2.1 Attacks on IoT

Table 3: Products verified to be vulnerable
Product
 Category
BLE SoC
Vulnerability
 Impact
Eve Energy Smart Home
DA14680
(6.4) Silent Length Overflow
Crash
August Smart Lock Smart Home
DA14680
(6.4) Silent Length Overflow
Crash
Fitbit Inspire
Wearables
CY8C68237
(6.1) LL Length Overflow
Crash
(6.2) LLID Deadlock
Crash
CubiTag Gadget Tracking CC2640R2
(6.6) Public Key Crash
 Deadlock
eGeeTouch TSA Lock Security CC2540
(6.5) Invalid Connection Request
 Deadlock

문제가 있는 제품들

출처: https://asset-group.github.io/disclosures/sweyntooth/

Nov 14, 2017    |      0 comments

삼성 Artik Edge-to-cloud Security

삼성 아틱의 보안은 Edge-to-cloud Security라고 설명을 한다. 즉 칩레벨에서 부터 클라우드까지 보안요소가 있다는 얘기.

Device Protection and Trusted Code Execution

Hardware의 경우 Device protection과 trusted code execution이 가장 중심이 되는 요소임.

  • Secure Boot
    타겟 디바이스에서 동작하는 코드의 신뢰성을 보장이 필요
    소프트웨어는 타겟장치에서 코드 실행을 허용하기 위해 소프트웨어 공급자가 서명해야함.
  • KMS infrastructure for code signing
    코드 서명을 쉽게하기위한 Key Management Service (KMS), ARTIK CodeSigner service, FIPS-certified hardware security modules (HSM)를 제공
  • Secure Element
    각 디바이스에 SmartThings cloud에 등록된 private/public key쌍이 저장이 되어서 출시됨.
  • Secure JTAG access
    JTAG을 사용시 패스워드 필요

Protected Communications

디바이스와 클라우드 사이의 통신 보안

  • Encryption
    Transport Layer Security (TLS) 또는 datagram transport layer security (DTLS)사용
    ARTIK modules also provide hardware acceleration (Crypto Engine) for AES and RSA encryption and decryption. Additionally, the ARTIK platform uses Elliptic Curve Diffie–Hellman (ECDH) for session encryption key generation, which provides a high level of protection with low power consumption.
  • Authentication
    Public Key Infrastructure (PKI) 사용
  • Easy secure onboarding
    Secure Device Registration (SDR): Mutual authentication between a gateway device and the cloud registration servers

Edge-to-cloud Security


이 한장의 그림으로 지금까지 설명된 내용이 나와있음.

참고