Application note
Approach to a Secure Bootloader
A Framework for obtaining Firmware Upgrade Integrity
While designing in the Automotive, Industrial and Medical sectors, security of firmware upgrade is a requirement of the utmost importance, yet often underestimated in the beginning.
Starting with the right approach can save time, effort and company reputation.
Overview
Products based on electronic systems and software increasingly require safety (in their functioning) and security (in their being connected to the Internet and to other devices).
The level of security that in the past was usual for avionics and military, is now mandatory also in the design of medical equipment, vehicles and appliances.
The weak point in all connected products is firmware upgrade.
For more information contact us: support@bluewind.it
Solution
An upgrade process that rely on such concepts as digital signatures, and advanced cryptographic algorithms for integrity and protection helps avoiding: unauthorized access, submission of fake firmware images, and leakage of intellectual property.
Well known solutions are now in use in this context among conscious and prepared developers.
But this is a world in continuous evolution and no single recipe exist for all situations.
Today, post-quantum cryptography is under evaluation and tomorrow this will be standard.
Technology
Rivest Shamir Adleman (RSA) and Elliptic Curve Cryptography (ECC) are well known public-keys cryptosystems.
ChaCha20 and Poly1305 are strong and not too heavy stream ciphers, suitable for implementation on embedded systems.
Other solutions exist that fit special purposes or keep robustness a bit beyond the limit of known attacks, sometimes at the cost of specialized hardware.
Implementation
Implementing a strong cryptosystem for a bootloader at Bluewind starts by selecting the right approach: architecture, algorithms, hardware limits and cost/benefit balance, everything reviewed with the stakeholders.
The full process of firmware upgrade includes building a new firmware image with a command by the developer, signing, delivering to the devices in the wild, tracing the integrity of the upgraded firmware and avoiding intrusions.
All steps must be assessed for cryptographic robustness against known and promised attack vectors.
The exposed surface includes communication channels, individuals involved in the process, physical connectors in the devices, exposed databases and web sites, and so on.
The most dangerous effects are caused by situations that were not forecasted at design time and this is where Bluewind adds to the producer’s knowledge an experience from all fields of applications.
Success story
Several implementation of secure bootloaders for industrial, CAV and automotive market have been developed with different approached based on cost/benefit balance and hardware availability.
The most effective solutions were obtained by leveraging opensource cryptography libraries selected for being reviewed and widely in use.
Points of special care during the discussion with the client are how to avoid that an evil can:
- deliver a forged firmware image (signing)
- impersonate our build or deploy servers exposed to the Internet (identification)
- intercept and reverse engineer a signed firmware (confidentiality)
- deliver firmware images to the wrong device (matching)
- compromise existing infrastructure to disruption (keys revocation and restore)
For the informed reader this is no news in the Internet world of connected hosts. The challenge of shrinking everything in the small memory footprint of a bootloader without compromising security makes the difference.