-
Notifications
You must be signed in to change notification settings - Fork 2
/
target.html
344 lines (225 loc) · 12.3 KB
/
target.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
<!DOCTYPE html>
<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>1. WooKey project — Wookey 0.9.0 documentation</title>
<link rel="shortcut icon" href="_static/wookey.ico"/>
<link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />
<link rel="next" title="2. Quick start" href="quickstart.html" />
<link rel="prev" title="Welcome to the WooKey project documentation!" href="index.html" />
<script src="_static/js/modernizr.min.js"></script>
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search">
<a href="index.html" class="icon icon-home"> Wookey
<img src="_static/wookey_w.png" class="logo" alt="Logo"/>
</a>
<div class="version">
0.9
</div>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
<input type="text" name="q" placeholder="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
<p class="caption"><span class="caption-text">Table of Contents</span></p>
<ul class="current">
<li class="toctree-l1 current"><a class="current reference internal" href="#">1. About the WooKey project</a><ul>
<li class="toctree-l2"><a class="reference internal" href="#building-trusted-usb-devices-and-iots">1.1. Building trusted USB devices and IoTs</a></li>
<li class="toctree-l2"><a class="reference internal" href="#wookey-threat-model">1.2. WooKey threat model</a></li>
<li class="toctree-l2"><a class="reference internal" href="#security-features">1.3. Security features</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="quickstart.html">2. Quickstart</a></li>
<li class="toctree-l1"><a class="reference internal" href="demo.html">3. Demo applications</a></li>
<li class="toctree-l1"><a class="reference internal" href="architecture.html">4. Wookey architecture</a></li>
<li class="toctree-l1"><a class="reference internal" href="ewok/index.html">5. EwoK kernel</a></li>
<li class="toctree-l1"><a class="reference internal" href="libs.html">6. Libraries</a></li>
<li class="toctree-l1"><a class="reference internal" href="drivers.html">7. Drivers</a></li>
<li class="toctree-l1"><a class="reference internal" href="javacard/index.html">8. Javacard Applets</a></li>
<li class="toctree-l1"><a class="reference internal" href="tataouine.html">9. Tataouine SDK</a></li>
<li class="toctree-l1"><a class="reference internal" href="hard.html">10. Hardware</a></li>
<li class="toctree-l1"><a class="reference internal" href="publi.html">11. Publications</a></li>
<li class="toctree-l1"><a class="reference internal" href="roadmap.html">12. Roadmap</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
<nav class="wy-nav-top" aria-label="top navigation">
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="index.html">Wookey</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="breadcrumbs navigation">
<ul class="wy-breadcrumbs">
<li><a href="index.html">Docs</a> »</li>
<li>1. WooKey project</li>
<li class="wy-breadcrumbs-aside">
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<div class="section" id="wookey-project">
<span id="target"></span><h1><a class="toc-backref" href="#id2">1. WooKey project</a><a class="headerlink" href="#wookey-project" title="Permalink to this headline">¶</a></h1>
<div class="contents topic" id="contents">
<p class="topic-title first">Contents</p>
<ul class="simple">
<li><a class="reference internal" href="#wookey-project" id="id2">WooKey project</a><ul>
<li><a class="reference internal" href="#building-trusted-usb-devices-and-iots" id="id3">Building trusted USB devices and IoTs</a></li>
<li><a class="reference internal" href="#wookey-threat-model" id="id4">WooKey threat model</a></li>
<li><a class="reference internal" href="#security-features" id="id5">Security features</a></li>
</ul>
</li>
</ul>
</div>
<div class="section" id="building-trusted-usb-devices-and-iots">
<h2><a class="toc-backref" href="#id3">1.1. Building trusted USB devices and IoTs</a><a class="headerlink" href="#building-trusted-usb-devices-and-iots" title="Permalink to this headline">¶</a></h2>
<p>Securing the USB stack, and hence the USB hosts and devices, has been a growing
concern since exploitable flaws have been revealed with the BadUSB
threat <a class="reference internal" href="#nohl2014badusb" id="id1">[nohl2014badusb]</a>.
As a consequence: USB devices firmwares, operating systems, and user data are
at risk!</p>
<p>The WooKey project aims at prototyping a secure and trusted USB mass storage
device featuring user data encryption and strong user authentication, with
fully open source and open hardware foundations.</p>
<p>The Wookey is a custom STM32 based USB thumb drive with mass storage
capabilities designed for user data encryption and protection, with a
full-fledged set of in-depth security defenses:</p>
<ul class="simple">
<li>A secure DFU (Device Firmware Update) ensuring firmware integrity and
authenticity</li>
<li>Up-to-date cryptography</li>
<li>An external and extractable authentication token embedding a secure element</li>
<li><a class="reference internal" href="ewok/index.html#ewok-kernel"><span class="std std-ref">EwoK: a secure microkernel for building secure embedded systems</span></a>, a secure microkernel implemented in
Ada/SPARK</li>
<li>Memory confinement using the MPU (Memory Protection Unit), privilege
separation, W^X principle, stack and heap anti-smashing</li>
<li><strong>Tataouine</strong>, a versatile SDK developed to easily integrate user
applications in C and Rust.</li>
<li>Open source and open hardware</li>
</ul>
<p>Informations about the security concerns are detailed in the section
<a class="reference internal" href="publi.html#publi"><span class="std std-ref">Publications</span></a>.</p>
<p>Even though the current WooKey focuses on the mass
storage USB class, it’s
easily portable to other USB device classes such as HID or CDC.</p>
<p>Beyond the mere USB oriented devices, the WooKey many defense in depth
primitives can be ported and used in <strong>many IoT projects</strong>.</p>
</div>
<div class="section" id="wookey-threat-model">
<h2><a class="toc-backref" href="#id4">1.2. WooKey threat model</a><a class="headerlink" href="#wookey-threat-model" title="Permalink to this headline">¶</a></h2>
<p>We consider that the adversary has logical or physical access to the
device:</p>
<ul class="simple">
<li>The adversary may try to read the data simply by connecting the device
to a host</li>
<li>The adversary may try to physically reading the mass storage cells, for
example when the device is lost or stolen.</li>
<li>The adversary may try to tamper with the device using logical attacks,
for example when it is connected to an untrusted host, exploiting
weaknesses in protocols used for external communication
such as the USB stack or the external data storage buses.</li>
<li>Side-channel and fault injection attacks on the device during
the pre-authentication phase.</li>
<li>The adversary may open the device to physically tamper with the
internal storage, firmware, or any other component present on the
actual device.</li>
</ul>
<p>However, some threats are out of scope:</p>
<ul class="simple">
<li>We will only consider physical attacks where the adversary does not possess
the legitimate user PIN code of the external authentication token.</li>
<li>Side-channel and fault injection attacks on the device in
a post-authentication phase are explicitly out of scope.</li>
<li>The data integrity is out of scope.</li>
</ul>
</div>
<div class="section" id="security-features">
<h2><a class="toc-backref" href="#id5">1.3. Security features</a><a class="headerlink" href="#security-features" title="Permalink to this headline">¶</a></h2>
<p>The WooKey provides the following main security features:</p>
<ul class="simple">
<li><strong>User data protection</strong>: all data at rest are encrypted, and their
confidentiality protected.</li>
<li><strong>Strong user authentication</strong>: the legitimate user must be present when data
is decrypted. When a user PIN code is used, attack vectors to steal it must
be limited.</li>
<li><strong>Secure device software update (DFU)</strong>: the device’s software is securely
upgradable for system maintenance (e.g. security patches). Update files
are authenticated and integrity is checked with no possible rollback to
old versions. A software upgrade must be a voluntary and
authenticated action. The firmware updates is reliable with no
possible platform bricking.</li>
<li><strong>Firmware robustness against software attacks</strong>: the firmware implements
many security mechanisms and mitigation techniques to hinder
an adversary attacking the exposed software surface (on the USB bus
for instance) to be able to get a privileged access to the platform, and
to gain access to the critical materials (such as sensitive cryptographic
keys). The MPU (Memory Protection Unit) is used to confine
software attacks in unprivileged and isolated containers.</li>
</ul>
<p class="rubric">References</p>
<table class="docutils citation" frame="void" id="nohl2014badusb" rules="none">
<colgroup><col class="label" /><col /></colgroup>
<tbody valign="top">
<tr><td class="label"><a class="fn-backref" href="#id1">[nohl2014badusb]</a></td><td>BadUSB-On accessories that turn evil, Karsten Nohl and Jakob Lell, Black Hat USA, 2014</td></tr>
</tbody>
</table>
</div>
</div>
</div>
</div>
<footer>
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
<a href="quickstart.html" class="btn btn-neutral float-right" title="2. Quick start" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right"></span></a>
<a href="index.html" class="btn btn-neutral" title="Welcome to the WooKey project documentation!" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left"></span> Previous</a>
</div>
<hr/>
<div role="contentinfo">
<p>
© Copyright 2019, ANSSI
</p>
</div>
</footer>
</div>
</div>
</section>
</div>
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT:'./',
VERSION:'0.9.0',
LANGUAGE:'None',
COLLAPSE_INDEX:false,
FILE_SUFFIX:'.html',
HAS_SOURCE: true,
SOURCELINK_SUFFIX: '.txt'
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<script type="text/javascript" src="_static/language_data.js"></script>
<script type="text/javascript" src="_static/js/theme.js"></script>
<script type="text/javascript">
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>