Intro to Hardware Security & Smartcards Erik Poll Digital Security Radboud University Nijmegen 1 Overview • What is hardware security? – Applications – Attacker models – Security requirements • Smartcards What is hardware security? hardware as security solution physical attacks on hardware as threat Applications of ‘secure’ hardware solution Hardware as security Payment authentication Authentication (and non-repudiation?) (or just identification?) 5 solution Hardware as security smart meter physical access control HSM voting computer (Hardware Security Module) 6 solution Hardware as security Fngerprint scanner, hard disk encryption, ... Security features of chips in these devices: TPM, ARM TrustZone, Intel SGX, Apple Secure Enclave, ... (aka TEEs) At a more fundamental level, most CPUs have some hardware security features (with privilege levels, eg kernel vs user mode) 7 Exit smart cards? mDL mobile payments (mobile Driving License) Common types of functionality here • Crypto: storing cryptographic keys & executing cryptographic operations • Access control in the device to secure the functionality provided – Eg with a PIN code Incl. functionality to install keys! Easy to overlook, but crucial of course… Crypto solves some problems • ensuring integrity, authenticity, non-repudiation, confidentiality,… but also introduces new problems: – Where to store keys? – How to distribute them? – What hw/sw can we trust to do crypto operations? – How to ensure integrity & confidentiality of the cryptographic key? Here we will need access control again