-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathappendix.tex
89 lines (86 loc) · 3.48 KB
/
appendix.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
\appendix
\iflong
\begin{landscape}
\section{Defenses against Attackers' Goals and Capabilities}
\label{app:table}
\begin{table}[!ht]
\centering
\begin{tabular}{|c||c|c|c|c|c|}
\hline
\hbox{\diagbox{Capability}{Goal}}
& \thead{Invalid Replalce \\ or \rtok Extract \\ \textbf{(SR3)}}
& \thead{Extract \\ \apin / \adata \\ \textbf{(SR3--4)}}
& \thead{Boot with \\ Invalid AP \\ \textbf{(SR2)}}
& \thead{Boot with \\ Invalid Comp. \\ \textbf{(SR1)}}
& \thead{Tamper Post-\\ Boot Msgs. \\ \textbf{(SR5)}}
\\ \hline\hline
\thead{Impersonate AP \\ \textbf{(AS4)}} % D2: {SR2, SR4} (Black Box)
& \makecell{N/A \\~\![fake \rtok\!\!]}
& \makecell{Encrypted \adata}
& \makecell{CR+Sign AP}% \\ with HW key}
%& %\makecell{C-R with HW \\ only AP secret}
& \makecell{N/A \\~\![all dishonest]}
& \multirow{2}{*}{\makecell{\\[-1em] Digital \\ Signatures w/ \\ pub. key-pinning}} %lmao hacky \\[-0.5em]
\\ \cline{1-5}
\thead{Impersonate Comp. \\ \textbf{(AS2--4})}
& \makecell{Don't send \rtok,\\$\mathsf{Boot}$ CR+Sign Comp.}
& \makecell{Rate-limit \apin}%N/A \\~\![fake \adata\!\!]}
& \makecell{N/A \\~\![all dishonest]}
& \makecell{CR+Sign Comp.}
& % merge above
\\ \cline{1-6}
\thead{C\&C Counterfeit Comp.\\ \textbf{(AS3)}} % D3: {SR1, SR4}
& \makecell{$\mathsf{Boot}$ CR+Sign Comp. \\ NOT based on \rtok}% merge above %\makecell{N/A \\~\![known]}
& \makecell{Encrypted \adata \\ NOT based on \apin}
& \makecell{CR+Sign Comp.\\ with HW key}
& \makecell{N/A \\~\![all dishonest]}
& \makecell{N/A \\~\![pre-boot only]}
\\ \hline%\cline{1-1}\cline{3-6}
\thead{Eavesdrop I2C Bus \\ \textbf{(All AS)}}
& \makecell{Don't send \rtok} % merge above %\makecell{Don't send \\ RToken}
& \makecell{Encrypted \adata,\\Don't send \apin}
& \multicolumn{2}{c|}{\multirow{3}{*}{\makecell{\\[0.5em] CR+Sign AP \& Comp.,\\ Check Unique CSPRNG \\ Challenges \& Nonces}}}
%&
& \multirow{3}{*}{\makecell{\\[1em] Check Unique \\ CSPRNG Nonces}}
\\ \cline{1-3}
\thead{Fake/Replay AP Msg. \\ \textbf{(All AS)}}
& \makecell{$\mathsf{Boot}$ CR+Sign AP, \\ Check Unique Nonces}
& \makecell{Check Unique Nonces}
&\multicolumn{2}{c|}{}
%&
&
\\ \cline{1-3}
\thead{Fake/Replay Comp. Msg. \\ \textbf{(All AS)}}
& \makecell{$\mathsf{Boot}$ CR+Sign Comp.,\\ Check Unique Nonces}
& \makecell{Rate-limit \apin hash \\ with private salt}%N/A\\~\![fake \adata\!\!}
& \multicolumn{2}{c|}{}
%&
&
\\ \hline
\thead{Hardware Access \\ \textbf{(AS1--2, AS4)}}
& \multicolumn{4}{c|}{{Fault Tolerance, No Side-Channels, Hash \apin, \& Encrypt \adata}}
% &
% &
% &
& \makecell{Secure key store, \\ pub. key-pinning\\}
\\ \hline
\thead{Catastrophic Crypto \\ Secret Leakage \\ \textbf{(\iflong\textcolor{red}{AS1},~\fi AS2, AS4)}}
& Rate-limit \rtok
& \makecell{Rate-limit \apin hash}
& \multicolumn{2}{c|}{\makecell{Missing $\mathsf{Sign}$ Keys, Avoid Key Sub.\\ over missing pinned+fixed $\mathsf{Ver}$ keys\iflong~(AS2,AS4)\fi}}
% &
& \textbf{\textcolor{red}{Cope.}}
\\ \hline
\end{tabular}
\end{table}
\end{landscape}
\fi
\section{Terminology and Notation}
\label{app:abbrev}
\vspace{-3em}
\glsaddall % see main.tex
%\setlength{\glsdescwidth}{0.5\linewidth}
%\setlength{\glspagelistwidth}{0.1\linewidth}
\printnoidxglossary[type=acronym,sort=letter,title=Abbreviations]%,style=index]%, style=mcolindex]
\vspace{-1em}
\printnoidxglossary[type=symbols,sort=letter,style=mcolindex]