In AXI Bus protocol,
Can anyone explain me about the ARPROTS[2:0] and AWPROTS[2:0] ?
Like each bit corresponds to what?
and
what is privileged access and non-privileged?
what is data access and instruction access?
in AXI
AxPROTS[0] :-
privileged means some kind of administrative access, like when we update any system write access to ROM, so you can say some kind of root access.
AxPROTS[1] :-
secure means restriction, like all system has some secure addresses that addresses only access by trusted transactions, non-secure addresses access by any transactions.
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.den0024a/ch12s03s01.html
AxPROTS[2] :-
data access and instruction access, in data access you only have set of data form that you do relative operation on memory like read and write, in instruction access you know who made change in memory, in this case you know the source and what operation to be preformed.
what is difference between instruction access and data access
correct me if i am wrong
-Dhaval Sanepara
Related
I am in need to build a secure application for Mac. For that I am using a master password that only exists in the head of the creator.
To retrieve it the password first needs to be entered in a secure textfield* it can then be used to encrypt and decrypt files. While the application remains open that master password will be stored in a variable, meaning it exists in memory. Would encrypting this password in memory be overkill?
The reason why I am asking this question is that before the master password can be encrypted for memory it already exists as a variable, meaning it's already open for memory scanning attacks. Is this something I should be worried about?
I read the following on https://www.apple.com/macos/security/:
Runtime protections defend at the core. The technically sophisticated
runtime protections in macOS work at the very core of your Mac to help
keep your system safe. Built right into the processor, the XD (execute
disable) feature creates a strong wall between memory used for data
and memory used for executable instructions. This protects against
malware that attempts to trick the Mac into treating data the same way
it treats a program in order to compromise your system. Address Space
Layout Randomization (ASLR) changes the memory locations where
different parts of an app are stored. This makes it difficult for an
attacker to do harm by finding and reordering parts of an app to make
it do something it wasn’t intended to do. macOS brings ASLR to the
memory used by the kernel at the heart of the operating system, so the
same defenses work at every level in your Mac.
Can I conclude that Mac has already build in protection against memory scanning and hijacking?
(* I am aware this might cause keylogger vulnerability)
In every case, you would first derrive a key from the user password, and use this key to encrypt the files. So instead of holding the password in memory, you can immediately calculate the key with a key-derivation-function, and hold the key in memory. The advantage you get is, that an attacker can only learn the key, which allows to decrypt the files, but not the original password, which can possibly be reused.
Some OS offer a specialized SecureString, which is probably the nearest you can get to what you want, it holds a string encrypted in memory and can remove it from there. I do not know whether OSX provides anything like this.
I doubt that an encrypted key in memory is of much use. If an attacker is capable of analysing the memory, (s)he will probably be able to decrypt the memory as well, the application must be able to decrypt the key after all. But certainly it raises the bar and needs more work to do.
The linked article addresses another problem in my opinion, it prevents to place executable code in memory (as input data) and trick the processor to execute it afterwards.
The existence of tools such as mach_inject and Cycript clearly indicate your program's memory is never safe. In iOS world the security of keychain comes from the fact the key is engraved in a separate hardware chip and it's never copied to application memory. If you're doing the encryption/decryption inside your program by definition it's prone to being hijacked in some form. Key things to consider:
what do you want protect? The data? The encryption method? Both?
having access to your binary program an attacker is likely to reverse engineer it, what are the implications?
Do you need the actual encryption/decryption to happen in your program? If at least one crucial step required for the data to be useful would be moved to a external backend it could be way safer
Supplementing your solution with file system encryption like FileVault or TrueCrypt will always improve security
my questions is about general crypto implementations, specifically how they prevent reading the private key out from the memory.
i know e.g. in ssh, the private key is saved on the HDD, with permissions only for the user. But when the ssh process (or any other crypto implementation, regardless if asymmetric of symmetric) needs to decrypt sth, they obviously have to read the private key(if they use one) - how do such implementations prevent that other processes can read out the memory address for the private key variable?
Without encapsulating encryption hardware the key will be available.
iOS gets around this when decryption binaries to run by using hardware decryption in the DMA (hardware path) between flash storage and RAM.
Serious security such as iMessages cloud store/forward and banking to name a couple use HSMs (Hardware Encryption Modules). The keys are never outside the hardware unless encrypted by an HSM key. The encryption is done in the HSM. But that is not enough in some situations the HSM must be in a secure area with sign-in. Further they are tamper resistant, they clear their keys if they sense a physical or access attack. To administer two keys are needed for the HSM and three or more administrators must be present each inserting their Smart Card (which in the case of iMessages is shredded after initial setup) and entering the associated code.
OK, but the real question is how much security do you need? Carefully evaluate who your potential attacker are, how much time, money and technical talent they have and how much they are willing to spend on your data. Evaluate the value of your data to you, your users, attackers and reputation.
If you protecting against the device's authorized user(s) there is little you can do, what you need is DRM.
If you are protecting agains a well-funded or repressive government there is little chance.
But if you do it right, control the software and hardware, you can come very close until the court order is issued (see FBI vs Apple).
I have been attempting to access different OID's with no luck and significant research has lead me to believe that snmp is just configured to protect these parts of the system and I simply don't have access. How do I change the configuration to allow access to all OID's?
Or, how do I create a user who requires no authentication and no encryption (no priv)?
Can some one provide me some in-depth understanding what exactly software accessible registers, means?
What I understand is that since these registers are memory mapped so you can send in data through it which can be accessed by processor /custom ip /ram as per needed.
Please correct me if I am wrong.
I will grateful if someone can correct my understanding!
Regards
Software accessible registers would mean that the software running on the CPU would be able to read and write to the registers located inside the custom IP.
The software will be using memory instructions to read and write to the register. Please note, that all xfers are initiated by the software. So if you would like the custome ip to send some data via the registers, then you have inform the software/cpu that the data is available. This can be done via an interrupt or if you setup the software to monitor the register periodically.
If you clarify what you are trying to achieve and the type of cpu that you are using, then you may get a clearer answer.
follow up to: Windows Filesystem Minifilter Drivers: can I monitor and prevent FS operations using them?
I'm looking for a method to filter access to certain file system resources.
This includes removable media and non-ntfs file systems - so standard ACL won't work.
from what I read, a files system driver filter might be helpful - but I didn't find a way to get the user id of the initiating user.
Is this possible?
other recommendations \ references to existing tools are also welcome.
I am not sure what does "user id" mean. But this might be useful:
When handling IRP_MJ_CREATE look at IrpSp->Parameters.Create.SecurityContext->AccessState.
ACCESS_STATE contains SecurityDescriptor and SubjectSecurityContext.
From SubjectSecurityContext you can retrieve PACCESS_TOKEN if you need it (call SeLockSubjectContext and SeQuerySubjectContextToken).
Have a nice day!
In most cases obtaining security information (token) of the user that initiated the call is possible, at least for operations such as file open and directory enumeration (and these are main points of filtering when you plan to prevent access of the user to the resource). And then you can cancel or modify request as you need. The only limitation I can think of is when the network redirector accesses the disk on behalf of the remote user impersonated as local system account. But these are border cases that you would need to investigate yourself in your particular task.