DIY: Using trust to secure embedded projects
Posted on 04 April 2013.
This talk from Shmoocon 2013 provides a DIY guide to using Trusted Computing on embedded devices.

The authors introduce a low-cost schematic using Atmel's CryptoModule (AT97SC3204T) and CryptoAuthentication (AT88SA102S) ICs, and release drivers for UEFI, U-Boot, and the Linux kernel.

Using these ICs as a base, they demonstrate (and provide code) ways anyone can use Trusted Computing concepts for embedded projects (Linux IMA, signed data exchange), most importantly, a secured bootstrap from ROM code to a userland application.

They also demonstrate how the TPM can be used to encrypt and sign Ethernet frames. This is a response (and implementation of a well-known mitigation strategy) to attack vectors using various pre-boot environments such as UEFI, BIOS, Option ROM, and other bootloaders.

By the end of the presentation, participants should understand how to use a TPM to secure their creative embedded projects.



About the authors

Teddy is a computer science researcher working for the USA with a focus on large-scale enterprise network modeling and simulation. He has a passion for security and CTF competitions.

David is currently employed as an incident responder with a strong interest in software engineering. He is a recent college graduate with a passion for cryptography, cryptanalysis and digital privacy.





Spotlight

How to keep your contactless payments secure

Posted on 19 September 2014.  |  Fraudsters can pickpocket a victimís financial data using low-cost electronics that can fit into a rucksack. Here are the top security threats you should be aware of if youíre using a RF-based card, along with our top safety tips to keep your payments secure.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //