SEGRIDS =

NEWS

2022-04-12

Presentation of a "Canonical DPA attack on HMAC-SHA1/SHA2" at the COSADE conference.

ESE

Abstract

We present a new DPA attack on the secret initial state in the “outer” hash of HMAC-SHA1/SHA2. This attack only requires a suitable leakage of the SHA1/SHA2 working variables a and e. Due to the fact that each value of a working variable a or e is used as an input to copy, add, shift, and logical operations in multiple successive SHA1/SHA2 rounds, they are the primary potential sources of side channel leakage. Our attack is different but equivalent in this aspect to a known attack on the secret initial state in the “inner” hash of HMAC-SHA1/SHA2. The combination of the two attacks provides the first full-fledged attack on HMAC-SHA1/SHA2 that does not depend on leakage assumptions on any ephemeral intermediates. As a proof-of-concept, we present a full key disclosure of the battery authentication key of a fuel gauge.

2020-11-11

"Software-based self-testing for the authentication of car components" at the escar conference.

ESE

Abstract

We present a software solution for the authentication of ECUs based on hardware intrinsic authentication features of standard micro-controllers. It requires that the group of authentic ECUs is characterized by a dedicated MCU model and a group identifier in read-only memory. No secret ECU key is required. We make use of the fact that an MCU running a suitable self-test is a complex dynamical system that is hard to simulate in a cycle-accurate way. We demonstrate that software-based self-testing can serve as a "time-bounded" authentication method. One field of application is the detection or lock-out of counterfeits.

2020-02-11

Presentation of the Original Zone authentication scheme at the Embedded World in Nuremberg.

ESE

PRODUCTS

Original Zone Secure NFC Tag

Details

User programmable secure NFC Tag supporting the Original Zone authentication scheme. This scheme is based on MCU intrinsic group authentication features and will never be compromised by a key leakage. The Original Zone NFC tag provides maximal security at a minimum price. Please get in touch for a quote.

Original Zone Application

Details

Original Zone application software for the detection of counterfeit components. The software can be customized for any device with a data connection to a component required that the component supports Original Zone or any other challenge-response-authentication scheme.

Original Zone Back-End

Details

Original Zone Back-End Server application. In some fields of application, the Original Zone application will sometimes request challenge-response-pairs from a back-end The back-end server needs to be located in a physically secured environment. Please get in touch for a quote for our back-end software, hardware or hosing solutions.

SERVICES

Architecture

Details

Many ways exists to achieve a security objective. An optimal security architecture will take the cheapest way among the bulletproof ones.

Implementation

Details

We implement device-to-device authentication for embedded systems and integrate it into your product.

Vulnerability Analysis

Details

The vulnerability analyst must be at least as strong as the attacker. Rely in our award-winning hacking skills.

COMPANY

Segrids is a small high security service and solution provider located in Bonn. The company was founded in 2014 as security consultancy and evaluation lab by Dr. Frank Schuhmacher, a mathematician, hacker, and certified Common Criteria evaluator.

Since its inception, Segrids has provided testing support for numerous secure hardware development projects. One special field is pentesting of security chips with non-invasive and semi-invasive attack methods. Please get in touch for references.

Another special field is the design and implementation of authentication solutions. Segrids offers an own secrecy free authentication solution based on hardware intrinsic features of standard microcontrollers. The company operates as GmbH since 2019.

PUBLICATIONS

Software-based self-testing for the authentication of car components

Abstract

We present a software solution for the authentication of ECUs based on hardware intrinsic authentication features of standard micro-controllers. It requires that the group of authentic ECUs is characterized by a dedicated MCU model and a group identifier in read-only memory. No secret ECU key is required. We make use of the fact that an MCU running a suitable self-test is a complex dynamical system that is hard to simulate in a cycle-accurate way. We demonstrate that software-based self-testing can serve as a “time-bounded” authentication method. One field of application is the detection or lock-out of counterfeits.

A MIGA design and example implementation

Abstract

MCU intrinsic group authentication (MIGA) is a secrecy free, time bounded authentication method for low ressource ECUs based on characteristic hardware features of a group of MCUs of the same model with a common group identifier. The reference [1] provides a MIGA definition, an attacker model, four security objectives, and a security proof for MIGA, provided that the four security objective are satisfied. This paper demonstrates how to achieve these security objectives for the example of a group of HT32F52 MCUs with a common “custom identifier”. Furthermore, reliability test results are provided.

Relaxed Freshness in Component Authentication

Abstract

We suggests a relaxed freshness paradigm for challenge-response-authentication for each field of application where challenger and re- sponder are tightly coupled and authentication takes place in a friendly environment. Replay attacks are not feasable under this premise, and freshness can be relaxed to relative freshness: no refresh is required as long as all previously tested responders were authentic. One field of application is anti-counterfeiting of electronic device components. The main contribution is a formal security proof of an authentication scheme with choked refresh. A practical implication is the lifetime increase of stored challenge-response-pairs. This is a considerable advan- tage for solutions based on hardware intrinsic security. For solutions based on symmetric keys, it opens the possibility to use challenge- response-pairs instead of secret keys by the challenger – a cheap way to reduce the risk of key disclosure.

×

CONTACT

Lets get in touch. Send us a message:

info@segrids.com