Bibliographic record and links to related information available from the Library of Congress catalog.
Note: Contents data are machine generated based on pre-publication provided by the publisher. Contents may have variations from the printed book or be incomplete or contain other coding.
Table of Contents Hardware-Based Computer Security: Techniques to Defeat Hackers 7 Chapter 1: The Elements of Computer Security 7 Cryptography 7 Symmetric Key Cryptography 8 Asymmetric Key Cryptography 8 Passwords and Keys 10 Password/Key Strength 11 Password/Key Storage and Theft 12 Passwords and Authentication 13 Something You Know 14 Something You Have 14 Something You Are 14 Random Number Generators 15 Pseudo-Random Number Generators (PRGs) 16 Hardware-based Random Number Generators 16 Measurement of a user?s interaction with the computer 16 Noisy diodes/thermal noise/Field Programmable Gate Array (?FPGA?) devices 17 Radioactive decay times 17 Radio Frequency (?RF?) noise 17 Hybrid Hardware/Software Random Number Generators 17 Key generation 17 Test 1: 18 Test 2: 18 Security and the Internet 18 Chapter 2: Cryptography ? Approaches and Attacks 20 Symmetric Key Cryptography 20 One Time Pad 20 DES and Triple DES 21 IDEA 26 RC4 26 Weaknesses of RC4 29 Blowfish 30 Weaknesses of the Blowfish Algorithm 32 AES 32 Weaknesses of AES 34 Quantum Cryptography 35 Weaknesses of Quantum Cryptography 37 Hash Algorithms 38 The Birthday Paradox and Hash Algorithms 39 Brute force and Birthday attacks on hash functions 41 Chapter 3: Key Generation and Distribution ? Approaches and Attacks 41 Key Generation 41 Test 1: 43 Test 2: 43 Software Key Generation 43 Hardware Key Generation 46 Noise Based Approaches 46 Noisy Diodes and Resistors 47 Radio Frequency Sources 47 Brownian Motion Devices 47 Quantum Devices 48 Nuclear Decay Devices 48 Optical Devices 49 Other Hardware Sources of Randomness 50 Key Distribution 50 Key Distribution for Software-based PRGs 51 Step 3: Key Distribution for PRGs 51 Step 5: Key Storage 52 Step 6: Key Use 52 Key Distribution for Hardware-based RNGs 52 Step 1: Creation of RNGs 52 Step 2: Initialization of RNGs 53 Step 4: Distribution of RNGs 53 Steps 5 and 6: Key Storage and Use 53 Minimizing Hardware Attack Risks 53 Chapter 4: What is Needed ? The Qualities of Security Solutions that will Work 54 Secure Coprocessors 55 Secure Coprocessor Attack Vectors 55 Steps to Create Strong Secure Coprocessors 56 Secure Bootstrap Loading 57 Protection of the Bootstrap Process 57 Secure Memory Management 58 Protection of Memory Management 58 Trusted Platform Module 58 TPM Attack Vectors 59 LaGrande (Trusted Execution Technology) 60 Video Protection 60 Input Devices 60 Memory Protection 61 Trusted Execution Technology Attack Vectors 61 Field Programmable Gate Array (?FPGA?) 61 Hardware Based Authentication 63 Person Authentication Using Biometrics 63 Fingerprint Scanners 63 Voiceprints 64 Iris Scans 65 Palm Prints 65 Radio Frequency IDs (?RFIDs?) 65 Hardware Based RNGs 66 Hardware Token Authenticators 66 Chapter 5: Secure Coprocessors 67 The Need for Secure CoProcessors 67 Physical Security 68 Initialization 69 Usability, Accessibility and Security 69 Support and Upgrades 71 Anticipatory Design 71 Authentication 72 Chapter 6: Secure Bootstrap Loading 74 The Need for Secure Bootstrap Loading 74 Implementation of Secure Bootstrap Loading 74 The Boundary Between Hardware, Firmware and Software 76 The Trusted Computing Base 77 Lessons from Common Criteria 77 Concluding Remarks On Secure Bootstrapping 78 The Benefits of Secure Bootstrapping 79 Chapter 7: Secure Memory Management and Trusted Execution Technology (LaGrande) 79 The Need for Secure Memory Management 79 Buffer Overflows 80 Memory Pointer Attacks 80 The Impact of Memory Management Attacks 81 Programmer Steps to Minimize Memory Management Attacks 81 Secure Memory Management Platform Design Considerations 81 Trusted Execution Technology (LaGrande) 82 Protected Execution 82 Protected Storage 82 Protected Input 82 Protected Graphics 83 Environment Authentication and Protected Launch 83 Domain Manager 83 The TET Platform and its Hardware Requirements 84 Unplanned Events 86 Privacy and User Control 86 Chapter 8: Trusted Platform Module (TPM) 86 The Need for Increased Network and PC Security 87 Trust 88 The Need for a Trusted Platform Module 88 The Concept of ?Trusted Computing? 89 The Creation of the Trusted Platform Module 90 Structure of the TPM 91 The TPM?s Primary Roles 92 Functions NOT Performed by the TPM 92 TPM and Rootkits 93 Complications Introduced by TPM 94 Residual Vulnerabilities 94 Notes on Remaining Issues: Privacy and Digital Rights Management 95 Concluding Observations on TPM 97 Chapter 9: Field Programmable Gate Arrays (FPGAs) 98 Background 98 Why Use an FPGA? 99 Security Considerations 100 Attack Vectors 102 Black Box Attacks 103 Readback Attacks 104 SRAM FPGAs 105 AntiFuse FPGAs 106 Flash FPGAs 106 Indirect Attacks 106 Preventing Attacks 107 Chapter 10: Hardware Based Authentication 107 Who is at the Other End? 107 Authentication of a Person 108 Enrollment 109 Recognition 109 The Use of Multiple Biometrics 111 Common Biometric Technologies 111 Signature 111 Face 112 Gait 113 Keystroke Timing 113 Fingerprint 113 Voice Print 115 Retinal Scan 116 Iris Scan 117 Palm Print 117 Hand Geometry 117 Infrared thermogram 118 DNA 118 Authentication of a Device 119 Authentication of the Surrounding Environment 119 Wifi Hotspot 120 IP address 120 Clock Skew 120 GPS 121 Radio Frequency Measurements 122 Radio Frequency Spectrum 122 Location Fingerprints using RF 122 Chapter 11: A Closer Look at Biometrics 123 Fingerprint Scanners 123 Optical Fingerprint Scanners 123 Ultrasonic Fingerprint Scanners 126 Capacitance Fingerprint Scanners 127 E-Field Fingerprint Scanners 127 Fingerprint Analysis Basics 128 Iris Scans 130 Factors Affecting Iris Scans 132 Retinal Scans 134 Chapter 12: Tokens ? Something You Have 137 Token Overview 137 RFIDs 137 Passive RFID 138 Active RFIDs 139 RFID Attack Vectors 139 RF Sniffing 140 Smart Cards 141 Smart Card Attack Vectors 143 Interactive Tokens 144 Synchronization 145 Token Attack Vectors 146 Seed Attacks 146 Man in the Middle Attacks 146 Chapter 13: Location Technologies 146 Overview 146 Location?s Place in Security 147 Geolocation 147 Key Requirements for Proper Operation of Geolocation 150 Assisted GPS 151 Geolocation Attack Vectors 151 Jammers 151 Attenuation 151 Artificial Constellations 151 Fraudulent Timing Pulses 152 Corruption of Assist and Initial Location Information 152 Possible Protection Measures 152 Wi-Fi HotSpot Triangulation 153 Wi-Fi Location Attack Vectors 155 Jamming 155 File Compromise on the Client and Server 155 Spoofing 156 Inadvertent Confusion 156 Time of Flight 156 TOF Attack Vectors 157 Short Range Beacons 157 RF Power Spectrum 158 Power Spectrum Attack Vectors 158 RF Signatures 158 RF Signature Attack Vectors 159 IP Address and Clock Skew 160 Clock Skew Attack Vectors 160 Chapter 14: Putting It All Together 160 Overview 160 The Checklist 161 Common Elements 161 Specific Elements 161 Common Elements 162 o 1. Cryptographic Algorithm 162 Symmetric vs. Asymmetric Cryptography 162 2. Key Generation 163 3. Hash Algorithm for Digital Signatures 164 Specific Elements 164 1. Cryptographic Coprocessor 164 o 2. Secure Bootstrap 165 o 3. TPM (Trusted Platform Module) 165 o 4. Secure Memory Management 167 o 5. TET (Trusted Execution Technology or LaGrande) 167 o 6. Biometric Device 168 o 7. Secure Tokens 168 o 8. Location Control 169 Two Examples of Secure Implementations 170 High Security Environment 170 Low Security Environment with Privacy Concerns 171 Concluding Remarks 171
Library of Congress Subject Headings for this publication:
Computer security -- Equipment and supplies.
Computer security -- Computer programs.
Computer input-output equipment.
Computer crimes -- Prevention.