motorola cmu security conf wd 3-31-03 rev 1.0 - 1 - wireless security walt davis senior vice pres....
TRANSCRIPT
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 1 -
Wireless Security
Walt DavisSenior Vice Pres. & DirectorAdvanced Consumer
Systems Research LabsMotorola Labs
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 2 -
Contents• Wireless Security Requirements
– Requirements– Threats– Consequences of a Breach
• Wireless is Becoming Ubiquitous– Cellular– Wireless LAN
• Motorola Approach to the Security Problem– Common Architecture– Product Interoperability– Hardware and Software Systems
• Industry Issues
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 3 -
Summary of Key Points
• Trusted System Operation Is an Absolute Must for RF Systems
• The Levels of Liability Associated With a Security Breach In Rf Applications Can Be Enormous, and Require Security Levels Previously Associated With Government Systems
• The Volumes Associated With Rf Products Will Make Them the Driving Application for Many of the New Developments in Security
• The Characteristics of the Rf Channel Impose Unique Limitations on the Security Schemes That Can Be Used
• The Standards Setting Bodies – i.e. IEEE, etc – Are Often Controlled by Groups With No Security Expertise, and Are Doing a Poor Job of Defining RF Systems With Adequate Security
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 4 -
Secure Downloads
Secure Transactions
Security Is a Critical Enabling Technology for Wireless
Content Protection
MESSAGING
CORPORATEPRODUCTIVITY
M-COMMERCE
LOCATIONSERVICES
ENTERTAINMENT
Security Provides:EncryptionIntegrityVerificationAuthenticationNon-RepudiationTrusted Operation
“Personal Trusted Devices”
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 5 -
Theft PreventionCloning Protection Serial Number modification Configuration Protection Operator Lock Upgrade Prevention Accessory LockDisruption of factory production Theft of Authentication keys Service Shop Threats Subsidy Locks
The RequirementsM-Commerce
Secure Internet Access (WAP/WTLS/iMode)Financial information sent over-the-airSecure Sale of Software UpgradesDigital Rights Management
Prevention of System DisruptionVirus / Worm ProtectionControl of Call Processor or Power AmplifierDenial of Service Protection
PrivacyUser Privacy of Over-the-Air ConversationsUser Data Privacy (e.g. e-mail, Messaging)Access Short Range Links (such as Bluetooth and IR Link)Distribution of secure digital content (e.g. music, video, …)
The HACKER’s Companion
Am I in the factory???
My BARKER code says I amSo it must be
OK
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 6 -
Commercial
Government
• Comsec modernization Program• Dependence on COTS
• Enhanced Features• Financial control (DRM)• Liability
Hig
h A
ssuran
ceLo
w
Ass
ura
nce
Merging Technology Requirements
Commercial
Critical Infrastructure
Law Enforcement
Military
Top Secret National Defense
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 7 -
WorldTomorrow
Tuesday November 16, 2004
Trinidad Wins WorldBobsled Championship
Hackers Disrupt AT&T’s Global Wireless Operations
Re-Program Phones To Call 800 Porno
Sites Every 5 Minutes
WorldTomorrow
Wednesday October 12, 2005
White Sox Win World SeriesBreak 85 Year Jinx
Hackers Disable All Cars in Southern California
Re-Program Enginesto Self Destruct
Lawyers Eager To Sue -Ride Bicycles to Clients
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 8 -
Increasing Incidents of Theft Are Driving Requirements for Security
WorldTomorrow
(08/06/01, 1:18 p.m. EST) MANHASSET, N.Y. — A new report dashes any remaining illusions that 802.11-based (Wi-Fi) wireless local-area networks are in any way secure. The paper, written by three of the world's foremost cryptographers, describes a devastating attack on the RC4 cipher, on which the WLAN wired-equivalent privacy (WEP) encryption scheme is based.
Cipher Attack Delivers Heavy Blow to WLAN Security
August 6, 2001xWorld TodayWorld
TomorrowCompany Goes public with Hack Tools aimed at PCS P2K phones
Company uses CES show in Las Vegas to demonstrate tools to modify software configuration for Motorola P2K phones
GSM solutions demonstrates product capable of removing subsidy locks, change IMEI numbers, modify flex values and turn on software features for Motorola P2K based phones at their booth at the CES show in Los Vegas January 7, 2002.
December 2001x WorldTomorrow
UK Home office estimates 700,000 Cell phones stolen in 2001
Report lays the blame on cell phone manufacturers whodo not secure critical information in products
London Times – U.K.’s Home Office reports Robberies involving a wireless phone have risen from 8% two years ago to 28% in the last two years; in London, 36% of robberies involved mobile phones. The
January 7, 2002xreport estimates some 710,000 phones were stolen last year, almost double the number recorded by the police. One survey suggests more than 500,000 of those phones were taken from children aged between 11 and 15.
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 9 -
1997 1998 1999 2000 2001 2002Estimate
2003Estimate
Americas
Europe, Middle-East, and Africa
Asia
Cellular Industry UpdateCellular Industry UpdateCumulative Subscriptions by RegionCumulative Subscriptions by Region
Sources: Motorola and Other Industry Estimates
205M205M
308M308M
475M475M
715M715M
940M940M
~1.1B~1.1B
50%50%
54%54%
50%50%
3131%%
~~2121%%
71M66M68M
93M
113M
102M
130M
187M
158M
175M
315M
225M
220M
395M
325M
260M
460M
420M
~1.3B~1.3B~~1818%%
300M
525M
520M
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 10 -
0
500
1,000
1,500
2,000
2000 2001 2002 2003 2004 2005 2006
3G (W-CDMA, UMTS, 1X-EV, TD-SCDMA)2.75G (EDGE, 1XRTT)2.5G (GPRS, IS95B)2G (GSM, CDMA, TDMA, PDC)
1G (Analog)
(M)(M)
Cumulative Subscription Forecast by Cumulative Subscription Forecast by Technology GenerationTechnology Generation
Source: Motorola
EstimateEstimate
715M715M
940M940M
1.1B1.1B1.3B1.3B
1.5B1.5B1.7B1.7B
1.8B1.8B
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 11 -
0
20
40
60
80
100
120
140
1993 1994 1995 1996 1997 1998 1999 2000 2001 2002
Worldwide PC ShipmentsWorldwide PC Shipments
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 12 -
0%
20%
40%
60%
80%
100%
120%
140%
1985 1990 1995 2000 2005
Cel
lula
r P
enet
ratio
n
United States
France
Germany
Italy
Finland
Sweden
Spain
Switzerland
U.K.
Russia
Australia & New Z
China
Hong Kong
India
Japan
S. Korea
World Total
Cellular Penetration By CountryCellular Penetration By Country
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 13 -
1
10
100
1000
10000
1997 1998 1999 2000 2001 2002 2003* 2004* 2005*
Su
bsc
rib
ers
[Mill
ion
s]
Wireless Usage Has Surpassed Land-line Phones!Wireless Usage Has Surpassed Land-line Phones!
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 14 -
New Wireless Applications• Personal Devices
•• e-Commerce•• Video Phone
•• Multimedia Phone•• Over-the-Air Maintenance and Monitoring•• Wireless Networking
• Home Systems•• e-Commerce•• Video Distribution
•• Multimedia Distribution•• Wireless Networking
• Automotive Systems•• e-Commerce•• Wireless Networking•• Over-the-Air Maintenance and Monitoring•• Car-to-Roadway Communication
A D S L o rC a b le
T V w ith S T B
M u lt im e d iaH o m e T h e a tre
T V w ith S T B
E th e r n e t
N ID
5 G H z
5 G H z
5 G H z
5 G H z
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 15 -
Security = Secure Voice
SecurityServices
SystemIntegrity
=
Theft of S
ervice Interception ofSensitive Data
“Wireless” Fraud“Wireless” Hacking
SoftwarePiracy
MaliciousSystem Attacks
Liability Customer
Acceptance
An Evolving Security Perspective a Breakaway Opportunity
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 16 -
Wings and BeyondUniversal Interoperable Products Span the Entire User Environment
In-Building
Neighborhood
Personal
Satellite
Wide Area
Beyond
PicoMicro FemtoGlobal Macro
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 17 -
Cryptography Requirements
SolutionRequirement Description
Authentication Confirm the originof information
Authenticationprotocol
Privacy Insure information cannot be viewed or heard by others
Encryption
Integrity Insure informationhas not been modified in transit
DigitalSignatures
Verify a sender’s orreceiver’s participationin a transaction
Non-repudiationDigitalSignatures
Trusted SystemOperation
Insure software isexecuted exactly asintended
Fail-Safe DesignAssurance
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 18 -
Cryptographic Considerations for RF Channels
• Bandwidth / data rate / transaction file size are scarce resources in most Wireless Systems due to the cost of RF Spectrum and Infrastructure
• Most stringent cryptographic requirements are associated with financial transactions
• Existing security standards for financial transactions were designed for wire line environments - they are highly inefficient for RF networks
Theme: RF is different and requires special designs
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 19 -
ADVANTAGES OF ELLIPTIC CURVE ENCODING
• Short Codeword lengths for a given level of security•• Less Bandwidth / Airtime for Wireless Applications•• Easier, more power efficient encryption / decryption
processes•• Less memory for key storage
• Readily scales to higher levels of security•• Advantage over RSA increases exponentially as the
security level is increased•• Easier, more power efficient encryption / decryption
processes
• NSA is moving to Elliptic Curve Technology
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 20 -
Key Length Comparison
Elliptic CurveSize in Bits
106
132
160
256
384
512
RSA Key Size in Bits
512
768
1,024
3,072
15,360
Ratio of RSA to ECC
4.83
5.82
6.40
Time to Break Code in
MIP Years
1012
1036
1078
10168
• Verifying Advantage ~ 4:1• Signing Advantage
Compute Time 65:1 Power Consumption 72:1 Bandwidth 10:1
7,680
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 21 -
Key Points and Issues
• The world of wireless is changing via:
•• Widespread consumer acceptance•• Evolution of e-Commerce and the Internet•• Dramatic increases in bandwidth•• New applications for Wireless Products
• These changes will greatly increase the potential for fraud, loss of privacy, the theft information and denial of service attacks.
Wireless is “where its at” and will be a key driver for future enhancements in Security features and services
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 22 -
Security Implementation Strategy• Define and use a common Security
Architecture across Motorola product lines to provide for product interoperability.
• Insure that the architecture is scalable to meet a range of requirements for cost, performance and security level.
• Implement the common architecture using a library of re-useable hardware and software cryptographic elements.
• Evolve the architecture over time to provide enhanced features.
PKHARSA
ECHA
Public Key Hardware Accelerators
PKHAPKHARSARSA
ECHAECHA
Public Key Hardware Accelerators
3DES
MDHAAFHAAES
SHAWiCC
Symmetric Key Hardware Accelerators
3DES3DES
MDHAMDHAAFHAAFHAAES
SHASHAWiCCWiCC
Symmetric Key Hardware Accelerators
Security Builder®
Secure Boot Code
Trustpoint®/CSecurity Kernel
Module Drivers
SSL Plus™WTLS Plus™
Software Security Modules
Mot Labs
Toolkit
Security Builder®
Secure Boot Code
Trustpoint®/CSecurity Kernel
Module Drivers
SSL Plus™WTLS Plus™
Software Security Modules
Mot Labs
Toolkit
4
PWM
WatchDog
DPLLx2
OSCx2
CSPI
I2S
APB#1
EIM
APB#2
INTC
AHBbus
SDRAMC
APB#2
I/O
pad
s
11
5
92
25
2
I/O
pad
s
I2C
BTA
Timerx2
BusArbiter
RTC
A/ D
SIM
MMC
UART1
UART2
Video I/ F
USBd
LCDC
eSRAM
Bootstrap
7
4
8
3
1
14
2
3
6
1
OnCE5
13
Bus I/ F
ClockControl
SecureRAM /Laser ID
HA functions
SecureROM
(controller)
ARM9TDMI
I Cache D Cache
ARM920T
SecureBoot Code
DSPA
SecurityMonitor
APB#1
MemoryBounds
DMA(11 chnl)
MMU
SymmetricEncryption
AsymmetricEncryption
RNGMessageDigest
SAHARAInterface
Wicc AlgoDecr.
Tam.Det.
Optional
4
PWM
WatchDog
DPLLx2
OSCx2
CSPI
I2S
APB#1
EIM
APB#2
INTC
AHBbus
SDRAMC
APB#2
I/O
pad
s
11
5
92
25
2
I/O
pad
s
I2C
BTA
Timerx2
BusArbiter
RTC
A/ D
SIM
MMC
UART1
UART2
Video I/ F
USBd
LCDC
eSRAM
Bootstrap
7
4
8
3
1
14
2
3
6
1
OnCE5
13
Bus I/ F
ClockControl
SecureRAM /Laser ID
HA functions
SecureROM
(controller)
ARM9TDMI
I Cache D Cache
ARM920T
SecureBoot Code
DSPA
SecurityMonitor
APB#1
MemoryBounds
DMA(11 chnl)
MMU
SymmetricEncryption
AsymmetricEncryption
RNGMessageDigest
SAHARAInterface
Wicc AlgoDecr.
Tam.Det.
Optional
PISA
PISA I PISA II
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 23 -
Security Implementation Strategy• Define and use a common Security
Architecture across Motorola product lines to provide for product interoperability.
• Insure that the architecture is scalable to meet a range of requirements for cost, performance and security level.
• Implement the common architecture using a library of re-useable hardware and software cryptographic elements.
• Evolve the architecture over time to provide enhanced features.
4
PWM
WatchDog
DPLLx2
OSCx2
CSPI
I2S
APB#1
EIM
APB#2
INTC
AHBbus
SDRAMC
APB#2
I/O
pad
s
11
5
92
25
2
I/O
pad
s
I2C
BTA
Timerx2
BusArbiter
RTC
A/ D
SIM
MMC
UART1
UART2
Video I/ F
USBd
LCDC
eSRAM
Bootstrap
7
4
8
3
1
14
2
3
6
1
OnCE5
13
Bus I/ F
ClockControl
SecureRAM /Laser ID
HA functions
SecureROM
(controller)
ARM9TDMI
I Cache D Cache
ARM920T
SecureBoot Code
DSPA
SecurityMonitor
APB#1
MemoryBounds
DMA(11 chnl)
MMU
SymmetricEncryption
AsymmetricEncryption
RNGMessageDigest
SAHARAInterface
Wicc AlgoDecr.
Tam.Det.
Optional
4
PWM
WatchDog
DPLLx2
OSCx2
CSPI
I2S
APB#1
EIM
APB#2
INTC
AHBbus
SDRAMC
APB#2
I/O
pad
s
11
5
92
25
2
I/O
pad
s
I2C
BTA
Timerx2
BusArbiter
RTC
A/ D
SIM
MMC
UART1
UART2
Video I/ F
USBd
LCDC
eSRAM
Bootstrap
7
4
8
3
1
14
2
3
6
1
OnCE5
13
Bus I/ F
ClockControl
SecureRAM /Laser ID
HA functions
SecureROM
(controller)
ARM9TDMI
I Cache D Cache
ARM920T
SecureBoot Code
DSPA
SecurityMonitor
APB#1
MemoryBounds
DMA(11 chnl)
MMU
SymmetricEncryption
AsymmetricEncryption
RNGMessageDigest
SAHARAInterface
Wicc AlgoDecr.
Tam.Det.
Optional
PISA
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 24 -
Platform Independent Security Architecture (PISA)
PKHARSA
ECHAPKHA
RSA
ECHAECHA
3DES
MDHAAFHAAES
SHAWiCC3DES3DES
MDHAMDHAAFHAAFHAAES
SHASHAWiCCWiCC
Security Builder®
Secure Boot Code
Trustpoint ®/C Security Kernel
Module Drivers
SSL Plus™WTLS Plus™ Mot Labs
Toolkit
Security Builder®
Secure Boot Code
Trustpoint ®/C Security Kernel
Module Drivers
SSL Plus™WTLS Plus™ Mot Labs
Toolkit
Tamper Detect
Memory Bounds
Monitor
Debug Detector
Tamper Detect
Memory Bounds
Monitor
Debug Detector
Secure Boot & ExecutiveSecure Boot & Executive
Memory Separation
Memory Separation
Monitor & Control
Monitor & Control
Secure Key Storage
Secure Key Storage
FSDA: Fail Safe Design
Architecture
FSDA: Fail Safe Design
ArchitecturePKHARSA
ECHAPKHA
RSA
ECHAECHA
3DES
MDHAAFHAAES
SHAWiCC3DES3DES
MDHAMDHAAFHAAFHAAES
SHASHAWiCCWiCC
Security Builder®
Secure Boot Code
Trustpoint ®/C Security Kernel
Module Drivers
SSL Plus™WTLS Plus™ Mot Labs
Toolkit
Security Builder®
Secure Boot Code
Trustpoint ®/C Security Kernel
Module Drivers
SSL Plus™WTLS Plus™ Mot Labs
Toolkit
Tamper Detect
Memory Bounds
Monitor
Debug Detector
Tamper Detect
Memory Bounds
Monitor
Debug Detector
Secure Boot & ExecutiveSecure Boot & Executive
Memory Separation
Memory Separation
Monitor & Control
Monitor & Control
Secure Key Storage
Secure Key Storage
FSDA: Fail Safe Design
Architecture
FSDA: Fail Safe Design
Architecture
Secure Boot & ExecutiveSecure Boot & Executive
Memory Separation
Memory Separation
Monitor & Control
Monitor & Control
Secure Key Storage
Secure Key Storage
FSDA: Fail Safe Design
Architecture
FSDA: Fail Safe Design
Architecture
PISA = A combination of hardware and software modules architected into high-assurance systems
SoftwareSoftware
HardwareHardware ArchitectureArchitecture
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 25 -
Security Implementation Strategy• Define and use a common Security
Architecture across Motorola product lines to provide for product interoperability.
• Insure that the architecture is scalable to meet a range of requirements for cost, performance and security level.
• Implement the common architecture using a library of re-useable hardware and software cryptographic elements.
• Evolve the architecture over time to provide enhanced features.
PKHARSA
ECHA
Public Key Hardware Accelerators
PKHAPKHARSARSA
ECHAECHA
Public Key Hardware Accelerators
3DES
MDHAAFHAAES
SHAWiCC
Symmetric Key Hardware Accelerators
3DES3DES
MDHAMDHAAFHAAFHAAES
SHASHAWiCCWiCC
Symmetric Key Hardware Accelerators
Security Builder®
Secure Boot Code
Trustpoint®/CSecurity Kernel
Module Drivers
SSL Plus™WTLS Plus™
Software Security Modules
Mot Labs
Toolkit
Security Builder®
Secure Boot Code
Trustpoint®/CSecurity Kernel
Module Drivers
SSL Plus™WTLS Plus™
Software Security Modules
Mot Labs
Toolkit
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 26 -
IPSec
WAPSSL, TLS
S-MIMESHTTP SET
X.509
EMV
PKHAFMHA
ECHA
Asymmetric (Public Key) Hwd Accelerators
3DES
MDHAAFHAAES
SHAWiCC
Symmetric Key Hwd Accelerators & misc fn
Tamper Detect
Memory Bounds
Monitor
Debug Detector
SecurityAssurance Hardware Modules
Security Builder®
Secure Boot Code
Trustpoint ®/C
Security Kernel Module Drivers
SSL Plus™
WTLS Plus™
Software Security Modules
RNG
Security / Privacy
CADRE Portfolio of Retargetable and Re-usable
Crypto Modules
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 27 -
Security / Privacy
Strategy: Develop a core set of retargetable hardware
and software security technologies and architectures that can be deployed widely across Motorola’s products. This family of compatible technologies and architectures can then be used to implement a wide range of interoperable market and technology leadership products.
Focal points:• Basic Security Services·
+ Encryption + Non-Repudiation+ Verification + Personal Privacy+ Authentication + Trusted Operation
• Digital Rights Management • Development of High-Assurance Software·• Theft Prevention• Immunity from System Disruption• Product Interoperability• Scalable Security from Low Level to Top Secret• Participation in Key Standards Organizations
Impact:• Product leadership
MPC180 MPC190
REG4REG4REG1-3REG1-3GPADCGPADCTOSWTOSW
S-OnyxUS-OnyxU
RAM109kx32RAM
109kx32
ARM7TDMI-SARM7
TDMI-S
VIACVIAC
SAPSAP
DMADMA
ROM792kx32ROM
792kx32
DSIHDSIH
CMONCMON
CCMCCM
AEIMAEIM
CAMPCAMP
MCTLMCTLREFPLLREFPLL
A2DIGLA2DIGL
TUNECTUNECPACPAC
ANATSTANATST
PORPOR
TXTXTRSYNTTRSYNTRXAFERXAFE
RXCPRORXCPRODCADPDCADPRXSDGRXSDG
OnCE
BBPBBP
AMARBAMARB
VOCODVOCOD
Lev
el T
ransl
ator
sLev
el T
ransl
ator
s
ICE
AIPIAIPI
DM
A B
us
26MHz CLK
AHB
MMUXMMUXMXRAM32kx32
MXRAM32kx32
DMCTLDMCTL
A(23:0)D(15:0)
32kHz CLK
DCLKGDCLKG
DMACDMAC
TCMTCM
GPIOGPIO
RTCRTC
DSMDSMMQSPIMQSPIRTRRTRKPPKPP
EGPTEGPTSIMSIM
UARTUART
USBUSBREFPLLREFPLL
DTimerDTimer
PDDMPDDM
SJCSJC
Shared8kx16Shared8kx16
XRAM10kx16XRAM10kx16XROM24kx16XROM24kx16PRAM3.5kx24PRAM3.5kx24PROM104kx24PROM104kx24
YRAM16kx16YRAM16kx16YROM16kx16YROM16kx16
Yw/Viac2kx16
Yw/Viac2kx16
Yw/DMA2kx16
Yw/DMA2kx16
Lev
el T
ransl
ator
sLev
el T
ransl
ator
s
AH
BM
UX
AH
BM
UX
AITCAITC AWPTAWPT
APIG2APIG2APIG1APIG1
CARBCARB
LEMLEM
MDIMDI
JTAG
IP Bus
SPMB
Dev
elop
men
tPac
kage
Onl
y
PIG Bus
HACCHACC
SecRAMSecRAMSecMonSecMonSecROMSecROM
GEMGEMINTINT
WDogWDogIIMIIM
L1TimerL1Timer
MemSepMemSepPISA “Baseline”Additions
REG4REG4REG1-3REG1-3GPADCGPADCTOSWTOSW
S-OnyxUS-OnyxU
RAM109kx32RAM
109kx32
ARM7TDMI-SARM7
TDMI-S
VIACVIAC
SAPSAP
DMADMA
ROM792kx32ROM
792kx32
DSIHDSIH
CMONCMON
CCMCCM
AEIMAEIM
CAMPCAMP
MCTLMCTLREFPLLREFPLL
A2DIGLA2DIGL
TUNECTUNECPACPAC
ANATSTANATST
PORPOR
TXTXTRSYNTTRSYNTRXAFERXAFE
RXCPRORXCPRODCADPDCADPRXSDGRXSDG
OnCE
BBPBBP
AMARBAMARB
VOCODVOCOD
Lev
el T
ransl
ator
sLev
el T
ransl
ator
s
ICE
AIPIAIPI
DM
A B
us
26MHz CLK
AHB
MMUXMMUXMXRAM32kx32
MXRAM32kx32
DMCTLDMCTL
A(23:0)D(15:0)
32kHz CLK
DCLKGDCLKG
DMACDMAC
TCMTCM
GPIOGPIO
RTCRTC
DSMDSMMQSPIMQSPIRTRRTRKPPKPP
EGPTEGPTSIMSIM
UARTUART
USBUSBREFPLLREFPLL
DTimerDTimer
PDDMPDDM
SJCSJC
Shared8kx16Shared8kx16
XRAM10kx16XRAM10kx16XROM24kx16XROM24kx16PRAM3.5kx24PRAM3.5kx24PROM104kx24PROM104kx24
YRAM16kx16YRAM16kx16YROM16kx16YROM16kx16
Yw/Viac2kx16
Yw/Viac2kx16
Yw/DMA2kx16
Yw/DMA2kx16
Lev
el T
ransl
ator
sLev
el T
ransl
ator
s
AH
BM
UX
AH
BM
UX
AITCAITC AWPTAWPT
APIG2APIG2APIG1APIG1
CARBCARB
LEMLEM
MDIMDI
JTAG
IP Bus
SPMB
Dev
elop
men
tPac
kage
Onl
y
PIG Bus
HACCHACC
SecRAMSecRAMSecMonSecMonSecROMSecROM
GEMGEMINTINT
WDogWDogIIMIIM
L1TimerL1Timer
MemSepMemSepPISA “Baseline”Additions
4
PWM
WatchDog
DPLLx2
OSCx2
CSPI
I2S
APB#1
EIM
APB#2
INTC
AHBbus
SDRAMC
APB#2
I/O
pad
s
11
5
92
25
2
I/O
pad
s
I2C
BTA
Timerx2
BusArbiter
RTC
A/ D
SIM
MMC
UART1
UART2
Video I/ F
USBd
LCDC
eSRAM
Bootstrap
7
4
8
3
1
14
2
3
6
1
OnCE5
13
Bus I/ F
ClockControl
SecureRAM /Laser ID
HA functions
SecureROM
(controller)
ARM9TDMI
I Cache D Cache
ARM920T
SecureBoot Code
DSPA
SecurityMonitor
APB#1
MemoryBounds
DMA(11 chnl)
MMU
SymmetricEncryption
AsymmetricEncryption
RNGMessageDigest
SAHARAInterface
Wicc AlgoDecr.
Tam.Det.
Optional
4
PWM
WatchDog
DPLLx2
OSCx2
CSPI
I2S
APB#1
EIM
APB#2
INTC
AHBbus
SDRAMC
APB#2
I/O
pad
s
11
5
92
25
2
I/O
pad
s
I2C
BTA
Timerx2
BusArbiter
RTC
A/ D
SIM
MMC
UART1
UART2
Video I/ F
USBd
LCDC
eSRAM
Bootstrap
7
4
8
3
1
14
2
3
6
1
OnCE5
13
Bus I/ F
ClockControl
SecureRAM /Laser ID
HA functions
SecureROM
(controller)
ARM9TDMI
I Cache D Cache
ARM920T
SecureBoot Code
DSPA
SecurityMonitor
APB#1
MemoryBounds
DMA(11 chnl)
MMU
SymmetricEncryption
AsymmetricEncryption
RNGMessageDigest
SAHARAInterface
Wicc AlgoDecr.
Tam.Det.
Optional
PISA
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 28 -
Talon-Integrated (A820) & Paragon-II (A920) with High Assurance Security Platform
• Security Requirements• Unauthorized control of PDA• Cloning protection• Configuration protection• Theft of keys• Accessory lock• Serial number modification• Theft of service
• Security System Elements• High Assurance Boot Code• High Assurance functions• Secure RAM / Laser (Unique) ID• Security Monitor• Secure ROM (controller)• MMU (Memory Separation)• HACC (hashing)
TalonTalon
Star*Core140
IPCM
DSP/MCUInterface
ROM
RAM
AudioCODEC
Serial Port
BasebandCODEC
Serial Port
ViterbiAccelerator
EncryptionCoProcessor
Timer
Reset &Mode Ctrl
Watchdog
One WireBus
KeypadInterface
2 slotSIM I/F
Enh
anc
edL
1 T
imer
Dua
lM
QSP
I
SDI
InterruptController
GPIO
EnhancedGPT
2 sl
otSI
M I
/F
LCDController
ExternalMemoryInterface
3G Accelerator
Uni
que
ID
M•CoreM340/540
WithCache/ MMU
Secure ROM(controller)
ROM
HACC
MMU
Secure RamSecurit y Monitor
Secure Boot
Secure ID
Star*Core140
IPCM
DSP/MCUInterface
ROM
RAM
AudioCODEC
Serial Port
BasebandCODEC
Serial Port
ViterbiAccelerator
EncryptionCoProcessor
Timer
Reset &Mode Ctrl
Watchdog
One WireBus
KeypadInterface
2 slotSIM I/F
Enh
anc
edL
1 T
imer
Dua
lM
QSP
I
SDI
InterruptController
GPIO
EnhancedGPT
2 sl
otSI
M I
/F
LCDController
ExternalMemoryInterface
3G Accelerator
Uni
que
ID
M•CoreM340/540
WithCache/ MMU
Secure ROM(controller)
ROM
HACC
MMU
Secure RamSecurit y Monitor
Secure Boot
Secure ID
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 29 -
Security Implementation Strategy• Define and use a common Security
Architecture across Motorola product lines to provide for product interoperability.
• Insure that the architecture is scalable to meet a range of requirements for cost, performance and security level.
• Implement the common architecture using a library of re-useable hardware and software cryptographic elements.
• Evolve the architecture over time to provide enhanced features. PISA I PISA II
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 30 -
Evolving the Architecture
Software
Secure Boot Loader
Security Services
Secure Operating System
Application Software
Security API
AustraliaS-Core Boot
Crypto Hardware Building Blocks
Hardware Subsystems
Hardware Hardware Devices
Secure RAM
Titan, Cerberus, Talos, Draco, Styx
RainbowDragonBall
PatriotNeptune
Memory Protection Unit
MMU Assurance MonitorDebug Detector
Secure ROMPKHA
Monitoring Services
Vulnerability Assessment Services
Services
FSDA
Secure Boot &
Executive
MemorySeparation
SecureKey Storage
Monitor &Control
Authentication
Integrity Privacy
No
n-r
epu
dia
tio
n
Tru
sted
pro
cess
ing
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 31 -
Next Challenges – Content Management Software: FamilyDomain™ DRM Vision
These device are outside of domain
Preview samples
allowed out of domain
Up to 10 devicesper account
Home Network
BlueTooth
Domain AuthorityRegistration
Protocol
Cryptographic Services
Protocol Manager
Device Registration Manager
Fraud Detector
Database
Domain Keys and
Certificates
• Mot Labs FamilyDomain™ Digital Rights Management (DRM) allows sharing
of content among multiple devices
• Working with Nokia, Siemens, etc. to define DRM systems for wireless
• Our DRM concepts were presented at 3GPP and OMA standards• Domain authority capabilities added to Motorola’s prototype system
MotorolaCMU SECURITY CONF WD 3-31-03 Rev 1.0
- 32 -
Summary of Key Points
• Trusted System Operation Is an Absolute Must for RF Systems
• The Levels of Liability Associated With a Security Breach In RF Applications Can Be Enormous, and Require Security Levels Previously Associated With Government Systems
• The Volumes Associated With RF Products Will Make Them the Driving Application for Many of the New Developments in Security
• The characteristics of the RF channel impose unique limitations on the security schemes that can be used
• The Standards Setting Bodies – i.e. IEEE, etc – Are Often Controlled by Groups With No Security Expertise, and Are Doing a Poor Job of Defining RF Systems With Adequate Security