DIY: Using trust to secure embedded projects
Posted on 04 April 2013.
This talk from Shmoocon 2013 provides a DIY guide to using Trusted Computing on embedded devices.

The authors introduce a low-cost schematic using Atmel's CryptoModule (AT97SC3204T) and CryptoAuthentication (AT88SA102S) ICs, and release drivers for UEFI, U-Boot, and the Linux kernel.

Using these ICs as a base, they demonstrate (and provide code) ways anyone can use Trusted Computing concepts for embedded projects (Linux IMA, signed data exchange), most importantly, a secured bootstrap from ROM code to a userland application.

They also demonstrate how the TPM can be used to encrypt and sign Ethernet frames. This is a response (and implementation of a well-known mitigation strategy) to attack vectors using various pre-boot environments such as UEFI, BIOS, Option ROM, and other bootloaders.

By the end of the presentation, participants should understand how to use a TPM to secure their creative embedded projects.



About the authors

Teddy is a computer science researcher working for the USA with a focus on large-scale enterprise network modeling and simulation. He has a passion for security and CTF competitions.

David is currently employed as an incident responder with a strong interest in software engineering. He is a recent college graduate with a passion for cryptography, cryptanalysis and digital privacy.





Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //