diff options
author | jaseg <git@jaseg.de> | 2021-03-02 19:26:37 +0100 |
---|---|---|
committer | jaseg <git@jaseg.de> | 2021-03-02 19:26:37 +0100 |
commit | 6eddc61626d470363ba464c57a5fc5ec7e8ce329 (patch) | |
tree | a67edf0e06be59e3cdd546d508beac4199cdcd30 | |
parent | 02bb84022801232c5a27b060dfe7cfd357bbbc46 (diff) | |
download | secure-hid-6eddc61626d470363ba464c57a5fc5ec7e8ce329.tar.gz secure-hid-6eddc61626d470363ba464c57a5fc5ec7e8ce329.tar.bz2 secure-hid-6eddc61626d470363ba464c57a5fc5ec7e8ce329.zip |
Repo re-org
-rw-r--r-- | old/architecture/Makefile | 60 | ||||
-rw-r--r-- | old/architecture/architecture.tex | 195 | ||||
-rw-r--r-- | old/architecture/bibliography.bib | 0 | ||||
-rw-r--r-- | old/architecture/extract_excerpts.py | 22 | ||||
-rw-r--r-- | old/architecture/sources_input.txt | 1 | ||||
-rw-r--r-- | old/architecture/sources_output.txt | 1 | ||||
-rw-r--r-- | paper/.gitignore (renamed from directions/.gitignore) | 0 | ||||
-rw-r--r-- | paper/directions.bib (renamed from directions/directions.bib) | 0 | ||||
-rw-r--r-- | paper/mouse_mockup.png (renamed from directions/mouse_mockup.png) | bin | 31357 -> 31357 bytes | |||
-rw-r--r-- | paper/pcb_back.png (renamed from directions/pcb_back.png) | bin | 556955 -> 556955 bytes | |||
-rw-r--r-- | paper/pcb_front.png (renamed from directions/pcb_front.png) | bin | 1106308 -> 1106308 bytes | |||
-rw-r--r-- | paper/research_directions.pdf (renamed from directions/research_directions.pdf) | bin | 1252961 -> 1252961 bytes | |||
-rw-r--r-- | paper/research_directions.tex (renamed from directions/research_directions.tex) | 0 | ||||
-rw-r--r-- | paper/system_diagram.svg (renamed from directions/system_diagram.svg) | 0 | ||||
-rw-r--r-- | paper/system_diagram.svg.2018_11_29_15_52_48.0.svg (renamed from directions/system_diagram.svg.2018_11_29_15_52_48.0.svg) | 0 | ||||
-rw-r--r-- | paper/system_diagram_with_secureusb.eps (renamed from directions/system_diagram_with_secureusb.eps) | 0 | ||||
-rw-r--r-- | paper/system_diagram_with_secureusb.svg (renamed from directions/system_diagram_with_secureusb.svg) | 0 | ||||
-rw-r--r-- | paper/system_diagram_without_secureusb.eps (renamed from directions/system_diagram_without_secureusb.eps) | 0 | ||||
-rw-r--r-- | paper/system_diagram_without_secureusb.svg (renamed from directions/system_diagram_without_secureusb.svg) | 0 | ||||
-rw-r--r-- | paper/takachi_case.png (renamed from directions/takachi_case.png) | bin | 203417 -> 203417 bytes |
20 files changed, 0 insertions, 279 deletions
diff --git a/old/architecture/Makefile b/old/architecture/Makefile deleted file mode 100644 index 1423d3f..0000000 --- a/old/architecture/Makefile +++ /dev/null @@ -1,60 +0,0 @@ - - -SRCDIR := ../src -PYGMENTDIR := pygments -#SOURCES := $(shell ls $(SRCDIR)/*.cpp $(SRCDIR)/*.h $(SRCDIR)/*.pro|grep -v /moc_|grep -v Java|grep -v /qrc_) -PYGMENTIZE := pygmentize -f latex -l cpp -O verboptions='formatcom=\scriptsize',linenos=True -LINTER := clang-format -style="{BasedOnStyle: llvm, ColumnLimit: 48}" -TARGET := architecture - -all: $(TARGET).pdf - - -.PHONY: stats -stats: - @echo -e "\e[1mPages:\e[91m" $(shell cat $(TARGET).toc|grep References|egrep -o '[0-9]+') "\e[0m" - @echo -e "\e[1mFile size:\e[92m" $(shell ls -sh $(TARGET).pdf|cut -d' ' -f1) "\e[0m" - @echo -e "\e[1mAbstract:\e[92m" $(shell grep -A1000 '\\paragraph{English}' $(TARGET).tex|sed '/\\newpage/Q'|tail -n+2|grep -v '^%'|wc -w) "\e[0mwords" - @echo -e "\e[1mFixmes:\e[93m" $(shell grep FIXME $(TARGET).tex|wc -l) "\e[0m" - @grep -no '%FIXME.*' $(TARGET).tex|sed 's/%FIXME//;s/^/\x1b[93m/;s/: /\x1b[0m: /1' - -$(TARGET).pdf: $(TARGET).tex bibliography.bib - pdflatex $< - biber $(TARGET) - pdflatex $< - -pygments/excerpt%.cpp: $(SOURCES) - python extract_excerpts.py $(*F) $^ | $(LINTER) > $@ - -$(PYGMENTDIR)/%.cpp: $(SRCDIR)/%.cpp - $(LINTER) $< > $@ - -$(PYGMENTDIR)/%.h: $(SRCDIR)/%.h - $(LINTER) $< > $@ - -$(PYGMENTDIR)/%.pro: $(SRCDIR)/%.pro - cp $< $@ - -$(PYGMENTDIR)/%.tex: $(PYGMENTDIR)/% - $(PYGMENTIZE) -o $@ $< - -sources.zip: $(SOURCES) - zip -j $@ $^ - -.PHONY: sources -sources: $(PYGMENTDIR)/sourcelist.tex $(PYGMENTDIR)/pygmentdefs.tex sources.zip - - -$(PYGMENTDIR)/sourcelist.tex: $(addprefix $(PYGMENTDIR)/,$(notdir $(patsubst %.cpp,%.cpp.tex,$(patsubst %.h,%.h.tex,$(patsubst %.pro,%.pro.tex,$(SOURCES)))))) - @echo $^ | tr ' ' '\n'> sources_output.txt - @echo $(notdir $(patsubst %.tex,%,$^)) | tr ' ' '\n'> sources_input.txt - paste -d! sources_input.txt sources_output.txt | sed 's/^\(.*\)!\(.*\)$$/\\includesource{\1}{\2}/g' > $(PYGMENTDIR)/sourcelist.tex - -$(PYGMENTDIR)/pygmentdefs.tex: - pygmentize -S default -f latex > $(PYGMENTDIR)/pygmentdefs.tex - -.PHONY: clean -clean: - rm -f *.aux *.log *.out *.toc *.bbl *.blg - rm -f pygments/* - diff --git a/old/architecture/architecture.tex b/old/architecture/architecture.tex deleted file mode 100644 index 3e5b302..0000000 --- a/old/architecture/architecture.tex +++ /dev/null @@ -1,195 +0,0 @@ -\documentclass[12pt,a4paper,notitlepage]{article} -\usepackage[utf8]{inputenc} -\usepackage[a4paper,textwidth=17cm, top=2cm, bottom=3.5cm]{geometry} -\usepackage[T1]{fontenc} -\usepackage{natbib} -\usepackage{ngerman} -\usepackage{amssymb,amsmath} -\usepackage{listings} -\usepackage{eurosym} -\usepackage{wasysym} -\usepackage{amsthm} -\usepackage{tabularx} -\usepackage{multirow} -\usepackage{multicol} -\usepackage{tikz} -\usepackage{hyperref} -\usepackage{tabularx} -\usepackage{commath} -\usepackage{subfigure} -\usepackage[pdftex]{graphicx,color} -\usepackage{epstopdf} -\newcommand{\re}{\text{Re}} -\newcommand{\im}{\text{Im}} -\newcommand{\foonote}[1]{\footnote{#1}} -\newcommand{\degree}{\ensuremath{^\circ}} -\author{Sebastian Götte {\texttt<securehid@jaseg.net>}} -\title{SecureHID} -\subtitle{Hardening the USB input stack in virtualized environments} -\date{August 12 2018} -\begin{document} -\maketitle - -\section{Introduction} -\subsection{Human input devices in a modern desktop system's Trusted Computing Base} -Security in modern computer systems is a complex topic with many practical intricacies. Despite decades-long efforts to -increase the security of end-user systems modern systems provide ample room for catastrophic failure. While some modern -technologies such as web browsers have become hardened to a degree that their user cannot unwittingly fully compromise -their system many other systems such as email have not progressed as much. Today, still, the opening of a seedy email -attachment will in general suffice to cause a full compromise of the user's system. A few dialog boxes and warning -messages have been added but the user experience of causing full compromise is still fundamentally the same only with -the number of clicks now being some four instead of two. - -Various architectural solutions to this problem have been proposed, the most promising of which being based on radical -compartmentalization. Smartphone operating systems such as Apple's iOS or Google's Android are single-user systems with -strict application-based compartmentalization. In this paper however we will focus on desktop operating systems due to -their more critical role. Probably the most advanced hardened desktop operating system currently publicly available is -QubesOS. QubesOS uses the Xen hypervisor to enforce strict compartmentalization by usage domain and has been endorsed by -several respected individuals and organizations. - -Any system like QubesOS is faced by the fundamental problem of reducing the system's trusted computing base and thereby -reducing attack surface while staying usable in everyday work. A computer bolted to the foundation of a bank vault -guarded by ninjas and having no input devices and no network connections would be as secure as it would be practically -useless. - -A particular point of contention in the trusted computing base of any secure system is human input devices. Since -they're used for any authentication and authorization as well as the issuance of any user commands, human input -devices--not some part of the CPU or some trusted platform module--are the single most privileged component of any -system. An attacker in control of the input device or any upstream part of the input stack can observe passwords and -emulate user input amounting to full control of the machine. - -\subsection{Attack surface in reasonably secure systems} -\begin{figure} -\tikzstyle{block} = [rectangle, draw, text centered, minimum height=4em] -\begin{tikzpicture}[node distance=2cm, auto] - \node[block](matrix){Key matrix} - \node[block](hidctrl){Keyboard controller} - \node[block](hubs){USB hubs} - \node[block](roothub){USB host controller} - \node[block](pcie){PCIe bus} - \node[block](sys-usb-kernel){USB VM kernel} - \node[block](sys-usb-agent){USB VM userspace agent} - \node[block](dom0){dom0 agent} -\end{tikzpicture} -\label{qubes-hid-stack} -\caption{The USB HID input stack in a QubesOS setup} -\end{figure} - -Figure \ref{qubes-hid-stack} gives an overview of the components of the USB input stack on a QubesOS system up to dom0, -i.e. the hypervisor. Once an input event arrives at the hypervisor it is propagated back down through a pair of agents -into the domain that currently has keyboard focus. - -The QubesOS-specific parts of this stack (the event proxies forwarding the event from the USB VM into dom0 and further -into the target VM) have been designed with security in mind. Their implementations are well-reviewed and their -interfaces have deliberately been kept as simple as possible to reduce the attack surface. Clean design on the part of -QubesOS allows for a high degree of trust into these interfaces. In contrast to this, most of the practical attack -surface in this stack lies on both ends of the physical USB interface. On the one hand, USB is expressly designed to -allow for hot-plugging and online re-enumeration of devices which means any device plugged in to any USB port could -potentially masquerade as a keyboard. This is a very large problem in case of physical access to the device but can also -become a problem for remote attackers gaining some degree of local privilege. With rare exceptions USB firmware -programmers do not recognize the USB interface as a potential target for attack which means an attacker with access to -one USB device can potentially compromise this USB device as part of a larger attack. - -Issues like these can in part be mitigated with host-based filtering, such as explicit whitelisting of physical USB -ports for HID devices. In this case, however, the USB driver stack of the linux kernel running the USB VM remains as an -attack surface. - -A possible secure solution for this problem would be to completely separate security-critical USB devices such as -keyboard and mouse from everything else. A practical implementation of this would require two separate USB host -controllers in two separate PCIe devices attached to two separate USB VMs, one of which has HID privileges and -everything but the HID drivers blacklisted. This approach has two primary drawbacks. One, it only works in desktop -computers and not in laptops, which often only have a single USB controller soldered onto the mainboard with the input -devices hard-wired into the system. Two, this approach incurs a very large overhead of an entire separate PCIe device -and VM just for HID stack isolation. - -In the following sections we will explore a way of securing the USB HID stack at the example of QubesOS without -modifications to the computer itself. Section \ref{commodityhardware} will give an overview over existing secure input -solutions and list some of the challenges to be overcome. - -\section{Synthesizing a secure input device from commodity hardware} -\label{commodityhardware} -\subsection{The state of technology} -% FIXME: Definition for "secure input device" -There is two widespread uses of secure input devices in everyday systems. One are the keyboards used for PIN entry on -ATMs and card payment terminals. ATM keyboards form a system that can be described as a Hardware Security Module (HSM) -with buttons. They have their own buffer batteries for always-on active tamper detection. They incorporate security -meshes to form a manipulation-proof security envelope as is usual for other HSMs. Finally, they contain cryptographic -key material to encrypt and authenticate any user input to prevent a manipulated ATM from recording PINs. Though it -provides a reasonable level of security a solution like this is unworkable for everyday use with a computer. A -specialized keyboard built like a HSM would be both very expensive and exceedingly unpopular with users, who in many -cases have very strong preferences regarding their input devices. - -Another widespread application of a secure input device is TAN generators used with some electronic payment cards as -part of a ``ChipTAN'' scheme. These devices contain a battery, a small numeric keypad and a small display. Their intent -is to provide a secure channel for transaction confirmation in online banking or online shopping irrespective of the -security of the host machine. The system works by a trusted server generating a challenge for each transaction that is -entered into the TAN generator along with a smartcard. The smartcard uses the TAN generator's keypad and display to ask -the user for confirmation, and in case of confirmation generates a 6-digit response code. The response code is entered -by the user and sent to the trusted server who validates it and executes the transaction. - -A scheme like this might work for authorization of infrequent but dangerous actions but fails to work in everyday use. - -\subsection{Requirements to a secure input device in the QubesOS setting} -A secure input device in the QubesOS setting has to provide three general characteristics to be useful. -\begin{enumeration} -\item \emph{Authentication} means that only actual input the user gave is accepted, and there is no way for an adversary - to forge malicious input. Input may neither be re-ordered nor suppressed. Only a complete denial of service is - acceptable in an attack scenario as it will alert the user that things are amiss. -\item \emph{Secrecy} means that an adversary must not be able to learn the contents of the input the user provides. This - does not cover timing attacks, which unfortunately will always be possible on a low-latency channel such as - this. -\item \emph{USB compatibility} means that any solution must be compatible with regular HID devices such as keyboards and - mice. Special hardware may be required, but no modifications of the existing input device are permittable. -\end{enumeration} - -\subsection{Attacker model} -As part of our work we consider attacks on the HID stack as shown in figure \ref{qubes-hid-stack}. We ignore any part -upstream of the USB VM as the codebase of QubesOS is already well-reviewed and engineered to a very high standard of -security. - -We consider an attacker that has gained full control of the USB VM and any attached devices. We don't consider a -malicious keyboard a threat due to the \emph{USB compatibility} requirement. Our goal is to protect both the host system -as well as the keyboard from malicious action by the attacker. - -\subsection{Security maxims} -Our central design criterion is to keep any interfaces between zones of different trust as simple as possible to reduce -attack surface. Complex interfaces inevitably lead to programming errors which in many cases lead to security -vulnerabilities. In particular we observe that on a high-level view in the HID model information flows from the input -device to the host. The only exception from this is the status of a keyboard's indicator LEDs, which is much -lower-bandwidth than the keyboard input data. This means that an appropriately minimalist implementation of our system -can get away with asymmetric interfaces or, if the status LEDs are dispensable, an entirely one-way interface. - -\subsection{Usability challenges and their implications} -% ??? - -\subsection{System overview} -Our system consists of a small device plugged in between a regular USB keyboard or mouse and the host computer. To -accomodate both keyboard and mouse in one device a two-port USB hub is integrated. The device is internally split into -two sides: The secure side facing keyboard and mouse consists of a powerful, USB host-capable micocontroller. The -insecure side facing the host has a less powerful microcontroller that is only USB device-capable. Both are separated -with an isolation barrier and some supply rail decoupling to frustrate potential side-channel attacks. -% Is an isolation barrier really needed here? - -The device has three external USB ports: Keyboard, mouse and host. The device contains both a very bright LED and a -buzzer which are used to signify keyslot changes. - -A small button hidden in a hole on the device's back side triggers device/host pairing and a large rotary switch on the -top allows manual keyslot selection. The first position of the keyslot switch is used for insecure HID passthrough for -compatibility with legacy systems. - -\section{Hardware implementation} - -\section{Cryptographic implementation} -\subsection{Security requirements and attack model} -\subsection{Asymmetric, authenticated ECDH key agreement} -\subsection{Key management} - -\section{Firmware considerations} - -\section{Conclusion} - -\bibliographystyle{plain} -\nocite{*} -\bibliography{overview} - -\end{document} diff --git a/old/architecture/bibliography.bib b/old/architecture/bibliography.bib deleted file mode 100644 index e69de29..0000000 --- a/old/architecture/bibliography.bib +++ /dev/null diff --git a/old/architecture/extract_excerpts.py b/old/architecture/extract_excerpts.py deleted file mode 100644 index cd7bc11..0000000 --- a/old/architecture/extract_excerpts.py +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env python3 - -if __name__ == '__main__': - import argparse - parser = argparse.ArgumentParser() - parser.add_argument('id', type=str) - parser.add_argument('infile', type=argparse.FileType('r'), nargs='+') - args = parser.parse_args() - - for f in args.infile: - with f: - marker = 'BEGIN EXCERPT {}'.format(args.id) - for line in f: - if marker in line: - break - - marker = 'END EXCERPT {}'.format(args.id) - for line in f: - if marker in line: - break - print(line.rstrip()) - diff --git a/old/architecture/sources_input.txt b/old/architecture/sources_input.txt deleted file mode 100644 index 8b13789..0000000 --- a/old/architecture/sources_input.txt +++ /dev/null @@ -1 +0,0 @@ - diff --git a/old/architecture/sources_output.txt b/old/architecture/sources_output.txt deleted file mode 100644 index 8b13789..0000000 --- a/old/architecture/sources_output.txt +++ /dev/null @@ -1 +0,0 @@ - diff --git a/directions/.gitignore b/paper/.gitignore index 0cc2376..0cc2376 100644 --- a/directions/.gitignore +++ b/paper/.gitignore diff --git a/directions/directions.bib b/paper/directions.bib index 95b5ebf..95b5ebf 100644 --- a/directions/directions.bib +++ b/paper/directions.bib diff --git a/directions/mouse_mockup.png b/paper/mouse_mockup.png Binary files differindex cefcd01..cefcd01 100644 --- a/directions/mouse_mockup.png +++ b/paper/mouse_mockup.png diff --git a/directions/pcb_back.png b/paper/pcb_back.png Binary files differindex 15c7478..15c7478 100644 --- a/directions/pcb_back.png +++ b/paper/pcb_back.png diff --git a/directions/pcb_front.png b/paper/pcb_front.png Binary files differindex 0fb8850..0fb8850 100644 --- a/directions/pcb_front.png +++ b/paper/pcb_front.png diff --git a/directions/research_directions.pdf b/paper/research_directions.pdf Binary files differindex ff9610f..ff9610f 100644 --- a/directions/research_directions.pdf +++ b/paper/research_directions.pdf diff --git a/directions/research_directions.tex b/paper/research_directions.tex index 602d09b..602d09b 100644 --- a/directions/research_directions.tex +++ b/paper/research_directions.tex diff --git a/directions/system_diagram.svg b/paper/system_diagram.svg index f8b55e9..f8b55e9 100644 --- a/directions/system_diagram.svg +++ b/paper/system_diagram.svg diff --git a/directions/system_diagram.svg.2018_11_29_15_52_48.0.svg b/paper/system_diagram.svg.2018_11_29_15_52_48.0.svg index e27ac7f..e27ac7f 100644 --- a/directions/system_diagram.svg.2018_11_29_15_52_48.0.svg +++ b/paper/system_diagram.svg.2018_11_29_15_52_48.0.svg diff --git a/directions/system_diagram_with_secureusb.eps b/paper/system_diagram_with_secureusb.eps index c7bbc18..c7bbc18 100644 --- a/directions/system_diagram_with_secureusb.eps +++ b/paper/system_diagram_with_secureusb.eps diff --git a/directions/system_diagram_with_secureusb.svg b/paper/system_diagram_with_secureusb.svg index 0d4b7aa..0d4b7aa 100644 --- a/directions/system_diagram_with_secureusb.svg +++ b/paper/system_diagram_with_secureusb.svg diff --git a/directions/system_diagram_without_secureusb.eps b/paper/system_diagram_without_secureusb.eps index 1e1bc45..1e1bc45 100644 --- a/directions/system_diagram_without_secureusb.eps +++ b/paper/system_diagram_without_secureusb.eps diff --git a/directions/system_diagram_without_secureusb.svg b/paper/system_diagram_without_secureusb.svg index fa35c52..fa35c52 100644 --- a/directions/system_diagram_without_secureusb.svg +++ b/paper/system_diagram_without_secureusb.svg diff --git a/directions/takachi_case.png b/paper/takachi_case.png Binary files differindex 6b41ffd..6b41ffd 100644 --- a/directions/takachi_case.png +++ b/paper/takachi_case.png |