top of page

Stop backdoored firmware by using digital signatures

Do you remember these guys? Charlie Miller and Chris Valasek - they hacked a Jeep around 2015. When I started at Ford I referenced their DEFCON talk and white paper extensively.

Charlie Miller and Chris Valasek - Jeep Hack

Image 1 Reference [1]


Part of the kill chain for the Jeep hack was to update the CAN Interface Chip on the Infotainment Unit. The Renesas RH850 that the Tier-1 was using did not use firmware signing as a security control. So Chris and Charlie were able to upload their backdoored firmware and the chip ran it without hesitating. [2]

This blog entry is going to be about firmware signing and how it is used in the automotive industry today. Aiming to do this in 4 minutes - stay with me.

When firmware is downloaded now-a-days, there is a step to check the digital signature on the firmware update. If this signature check does not pass, then the update is not saved to flash memory. This keeps the chip from permanently writing malicious instructions into nonvolatile memory.

So what is a digital signature? It is built off of asymmetric cryptography - where there is both a private key and a public key that are used for separate purposes. A digital signature is a fixed length set of bytes sent along with the original input data that can be checked with "crypto math." It guarantees that only someone who has access to the private key could have generated that digital signature. A digital signature guarantees the integrity of the signed data (that the data was not tampered with) and that the source of the data is authentic (I can trust that the data came from who I think it came from).

Remember

  • Access to the private key = the ability to generate the signature

  • Access to the public key = the ability to verify the signature

For example, from this Wikipedia diagram [3], Alice wants to send Bob a message and Bob wants cryptographic proof that the message came from Alice. If Alice is practicing cybersecurity correctly she has her private key stored in a place that only she has access to (like a Network HSM - but I'm not going to get into private key storage beyond that in this post).

Alice uses her private key to generate a digital signature and sends this along with the message to Bob.

Bob uses Alice's public key to verify the digital signature. A successful verification means that he is certain Alice sent the message and that it wasn't tampered with.

Digital Signature Basic Example

Image 1 Reference [3]


In practice, Hash functions are added into a digital signature scheme to make it so that an arbitrary sized input can be signed by the asymmetric algorithm. (For example, RSA has a limit and can only operate on small amounts of data.) A hash function is used so that variable length input can be mapped to a fixed length hash digest. The hash digest is "encrypted" with the private key according to the asymmetric algorithm being used. (I realize calling a digital signature an "encrypted hash" may not be 100% correct but for the purposes of this blog that is the best way I see to explain it)

To end, here's an example going back to firmware signing.


Overview of the firmware signing process (Example with RSA 2048 and SHA-256 for hashing)

Firmware Signing Service for Firmware Security
  1. Input firmware is hashed from beginning address to end address

  2. RSA Digital Signing operation is performed with the RSA Private Key (abstracting out padding for this level of discussion)

  3. Output digital signature is appended to the firmware update file at a known address


Overview of the firmware signing verification process (Example with RSA 2048 and SHA-256 for hashing)


Firmware Verification Process by checking digital signature
  1. Calculate hash from the beginning of the firmware update image to the end of it

  2. Decrypt the digital signature from the firmware image

  3. Compare the first 32 bytes of the decrypted hash to the hash value calculated

  4. If the hashes are the same, the signature verification is successful. If not, it fails and something is wrong with the firmware image or the key used to verify the signature.

Example Using OpenSSL to generate keys and Cyberchef

These OpenSSL commands produce 2 files - one for a private key and another for a public key. I am using RSA 2048 keypairs.

openssl genrsa -out demo_private_key.pem 2048

openssl rsa -in demo_private_key.pem -pubout -out demo_public_key.pem

Here is the cat of the file (again we would never publish actual private keys - this is just for a learning exercise):

-----BEGIN RSA PRIVATE KEY-----

MIIEowIBAAKCAQEA0kBq2FwXizU9yOIptZDr3x7vK9Muyr+te2uXX+QaIuKYwPss

5zH6pS0ZFQZ4kRBrStu3J09odSjpCjJJ7vjxhVQrVivZvRNXOQJ2ME1eVK+zDJDn

JRCvT03AwjLjTfxYMicOYnFaBlOC3ipfljMO24cOd/Ix4jWM3fatUSYcMsaIpBTh

hoqnxnbCHM4FNZ7SpFGVGghR736ux7ENeAoWuUV6VvX+Wb37tl3k91qJt0vJcLvU

S2nFYqhQyQ93qHPsVnvXySGmfLCYKjWShC9Yci/0XslsSiuMM5j9oQWwCH3u6gRL

IpJOjria1egU4UXdEGrb1uD4J9YmDHwtye56kwIDAQABAoIBAA1MN7XBdVe/oU3A

SCUMqm5tNXFPJQl7wAwrTOKquaB1NnYWLMvelFy4EnsK8rsyD6cnaFkbI58tXDfh

4F0174igPzFvCpFz1LNtXW5Gpm2ywx9LVuM4P+5DG6rsrwWyrR1W7Qj65Fe8Fm3Y

vjzws8LcsuSRM+h7vJIZVPLp9ySa3oMhDOhrmcR/7dfpxMkSBcghuXtPxnEywK2V

3qpq5cWv9jgs8UHKCy5+n1GROpjyHhp6LolWEuM00sH0C+zsXHiS/nn8FE3YNi90

bo523FLRxlTUlfuM7AT+ls42YPh18ldMvxj1uJByfELgKQrX2Ho6VyPSRzAJ+Pse

fmuDy3kCgYEA+Vx4zTUgXO8VL0DGhVrjYaAmGuIeo13k2EteNya6h+KQDSCZ3GAv

4ScC4tlzagBNtXPJyt7ZYbRm10ra7p2J1x4cQApTSWpcs7fKZnsf1ZXck1DIG/AK

EzqJYyBhdZ+FNo6VyVFrdEqsDSdTZlkUBsD/iqFl+6wyICrUgwEdNEcCgYEA19lk

nZWBoF/UjT+8Ws7DK7Xy7ZYFXbmcMUDv8Sp9b03slcfrwzAiJaTMeZzpZhybcUW+

hvPYU8pvzDR5d9/5ATatWM/hLtEzGGifTDgomWxYvjcFB/Wmt8oF61ww6KXvWD3X

uTwiIFq2WlYNDzAhU74bQIX9u+xIfeCy/3VdaVUCgYEAvEruUQ4PvP0vwvmnriT+

U8aJX31lYzjQR99Jal3NNjSHT9JRPE5JeTtq+371npJSG3UuaAk0nomJqoI0pT/C

SPTMojLpxyMQkwhyRkYsuKwr3fV+1VHBWdm2ymo2DYqCHbs3MchQWoTUPC541Gzp

KVxs2fKbvpm9U/rjc3TQ55sCgYBLg7K/rt56zQv/npy26D8/u5gRprqZ36XVVXKc

XNElb42lmRvSXbSUluMyaML/BmMbbdsKO6UjK1+RgYo9dg4XbpmWyKNvTaEimPei

IsORaWZipb0M29RH2FXZ0ZcKzYK+zGP8Wh1WVGYXlKNc/Omr8oZ2PGpYpIF4CHSX

CuhzQQKBgGDV3fbAvOPmHU63DKgAkiuno8V0sH3pjY+JJFYOVGUaM0n4I51BYHl/

RGdX5LHJsA17AspZLWyblCY+4YxEtqVUiYDOGQHhwq5BpecaO9AfnmQ+ftG3OCPD

G1Lwnncu+1e5HVdlJOSvoIl3gApp54F+jKNP1Wnwwox3Bbs4VXis

-----END RSA PRIVATE KEY-----


And the corresponding public key:

-----BEGIN PUBLIC KEY-----

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kBq2FwXizU9yOIptZDr

3x7vK9Muyr+te2uXX+QaIuKYwPss5zH6pS0ZFQZ4kRBrStu3J09odSjpCjJJ7vjx

hVQrVivZvRNXOQJ2ME1eVK+zDJDnJRCvT03AwjLjTfxYMicOYnFaBlOC3ipfljMO

24cOd/Ix4jWM3fatUSYcMsaIpBThhoqnxnbCHM4FNZ7SpFGVGghR736ux7ENeAoW

uUV6VvX+Wb37tl3k91qJt0vJcLvUS2nFYqhQyQ93qHPsVnvXySGmfLCYKjWShC9Y

ci/0XslsSiuMM5j9oQWwCH3u6gRLIpJOjria1egU4UXdEGrb1uD4J9YmDHwtye56

kwIDAQAB

-----END PUBLIC KEY-----






Generating a digital signature in CyberChef

  1. Search for "RSA Sign" and drag the block to the "Recipe" box

  2. Copy and paste the private key above into the "RSA Private Key (PEM)" Box

  3. Change the "Message Digest Algorithm" to SHA-256

  4. Input data in the Input text box to be signed (enter: "Bob hates Java")

  5. Under the search bar, search for "To Hex" and add it to the recipe to format the output nicer in a hex dump

  6. Notice how any change to the input data will change the digital signature

Verifying the digital signature in CyberChef

Cyberchef example turning off hex view
  1. In the recipe window, disable the "To Hex" block by clicking on the following icon (see above)

  2. Copy the public key above into the "RSA Public Key (PEM)" box

  3. Change the "Message Digest Algorithm" to be SHA-256

  4. Input the same ASCII text that was signed above in the input box (i.e. "Bob hates Java")

  5. Note that the "Verified OK" appears in the Output box

  6. Change the input data and note that the verification fails


Conclusion

Employing firmware signing makes it much harder for a hacker to upload malicious instructions during the firmware update process. This keeps cars running vetted firmware and not backdoored firmware like was done by Miller and Valasek.


Thanks for reading - if you liked it - please consider sharing on LinkedIn.




References

[3] By FlippyFlink - Combined changed the image https://en.wikipedia.org/wiki/File:Public_key_encryption.svg from encryption to signing., CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=78867393




598 views0 comments
bottom of page