Incorrect Decoding of Security Identifiers

The product implements a decoding mechanism to decode certain bus-transaction signals to security identifiers. If the decoding is implemented incorrectly, then untrusted agents can now gain unauthorized access to the asset.


Description

In a System-On-Chip (SoC), various integrated circuits and hardware engines generate transactions such as to access (reads/writes) assets or perform certain actions (e.g., reset, fetch, compute, etc.). Among various types of message information, a typical transaction is comprised of source identity (to identify the originator of the transaction) and a destination identity (to route the transaction to the respective entity). Sometimes the transactions are qualified with a security identifier. The security identifier helps the destination agent decide on the set of allowed actions (e.g., access an asset for read and writes). A decoder decodes the bus transactions to map security identifiers into necessary access-controls/protections.

A common weakness that can exist in this scenario is incorrect decoding because an untrusted agent’s security identifier is decoded into a trusted agent’s security identifier. Thus, an untrusted agent previously without access to an asset can now gain access to the asset.

Demonstrations

The following examples help to illustrate the nature of this weakness and describe methods or techniques which can be used to mitigate the risk.

Note that the examples here are by no means exhaustive and any given weakness may have many subtle varieties, each of which may require different detection methods or runtime controls.

Example One

Consider a system that has four bus masters and a decoder. The table below provides bus masters as well as their security identifiers and trust assumptions:

Bus Master

Security Identifier Decoding

Trust Assumptions

Master_0

"00"

Untrusted

Master_1

"01"

Trusted

Master_2

"10"

Untrusted

Master_3

"11"

Untrusted

The decoder is supposed to decode every bus transaction and assign a corresponding security identifier. The security identifier is used to determine accesses to the assets.

The bus transaction that contains the security information is Bus_transaction [15:14], and the bits 15 through 14 contain the security identifier in formation.

The assets are the AES-Key register’s AES key for encryption or decryption. The key is128 bits implemented as a set of four 32-bit registers. The key registers are assets, and register AES_KEY_ACCESS_POLICY is defined to provide the necessary access controls. The access-policy register defines which agents with a security identifier in the transaction can access the AES-key registers. The size of the security identifier is 4 bits (i.e., bit 3 through 0. Each bit in these 4 bits defines a security identifier. There are only 4 security identifiers that are allowed accesses to the AES-key registers. The number of the bit when set (i.e., “1”) allows respective action from an agent whose identity matches the number of the bit and, if “0” (i.e., Clear), disallows the respective action to that corresponding agent.

Register

Field description

AES_ENC_DEC_KEY_0

AES key [0:31] for encryption or decryption Default 0x00000000

AES_ENC_DEC_KEY_1

AES key [32:63] for encryption or decryption Default 0x00000000

AES_ENC_DEC_KEY_2

AES key [64:95] for encryption or decryption Default 0x00000000

AES_ENC_DEC_KEY_3

AES key [96:127] for encryption or decryption Default 0x00000000

AES_KEY_ACCESS_POLICY

[31:4] Default 0x000000 [3:0] – 0x02 agent with Security Identifier “1” has access to AES_ENC_DEC_KEY_0 through AES_ENC_DEC_KEY_4 registers

Pseudo Code

If (AES_KEY_ACCESS_POLICY[Security_Identifier] == “1”)

Allow access to AES-Key registers

Else

Deny access to AES-Key registers

Below is a decoder’s Pseudo code that only checks for bit [14] of the bus transaction to determine what Security Identifier it must assign.
If (Bus_transaction[14] == “1”)

  Security_Identifier == “1”

Else

  Security_Identifier == “0”

Upon close observation of the security identifiers and the above code, it looks like the Master_3, an untrusted agent, has access to the AES-Key registers in addition to the intended trusted Master_1 because both have their bit “0” set to “1”.

The decoder should check for the entire size of the security identifier in the bus-transaction signal to assign acorresponding security identifier. The following is good Pseudo code:
If (Bus_transaction[15:14] == “00”)

  Security_Identifier == “0”

If (Bus_transaction[15:14] == “01”)

  Security_Identifier == “1”

If (Bus_transaction[15:14] == “10”)

  Security_Identifier == “2”

If (Bus_transaction[15:14] == “11”)

  Security_Identifier == “3”

See Also

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

Weaknesses without Software Fault Patterns

CWE identifiers in this view are weaknesses that do not have associated Software Fault Patterns (SFPs), as covered by the CWE-888 view. As such, they represent gaps in...

Weaknesses Introduced During Implementation

This view (slice) lists weaknesses that can be introduced during implementation.


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.