Upload
lynguyet
View
216
Download
0
Embed Size (px)
Citation preview
Cryptographic Protocolsand Smart Cards
Nicolas T. Courtois 1, ex. 2
1 - University College of London, UK2 = [Axalto+Gemplus]
Crypto Protocols and Smart Cards
Outline• Smart Cards• Crypto Protocols • Confidentiality• Integrity, Authenticity• Entity Authentication
2 Nicolas T. Courtois 2006-2009
• Entity Authentication• GSM SIM cards and authentication• Oyster card• Public Key Authentication• Bank cards• Electronic Passports
Crypto Protocols and Smart Cards
Scope and References
3 Nicolas T. Courtois 2006-2009
Scope and References
Crypto Protocols and Smart Cards
Applied Cryptography:
Learn principles of cryptographic and security engineering.
How things are done in practice? A mix of
4 Nicolas T. Courtois 2006-2009
• Crypto protocols– with crypto algorithms viewed as black boxes.
• Hardware devices: – smart cards, RFID, etc…
Crypto Protocols and Smart Cards
Cryptography at UCL
1. COMPGA03 Introduction to Cryptography=> Basic Crypto Techniques
2. *COMPGA04 Advanced Cryptography=> Provable Security and Advanced
5 Nicolas T. Courtois 2006-2009
=> Provable Security and Advanced Crypto Constructions
3. *COMPGA12 Applied Cryptography=> How Security Problems in the Industry
are Solved with Help of Cryptography
Crypto Protocols and Smart Cards
What is a Smart Card ?
Set of standards ISO.• cards with contacts:
––– ISO 7816ISO 7816ISO 7816---1..161..161..16
• contact-less
6 Nicolas T. Courtois 2006-2009
––– ISO 14443 AISO 14443 AISO 14443 A---..C [Oyster]..C [Oyster]..C [Oyster]––– ISO 15693 [NFC]ISO 15693 [NFC]ISO 15693 [NFC]––– ISO 18000 [RFID]ISO 18000 [RFID]ISO 18000 [RFID]
Crypto Protocols and Smart Cards
Books About Smart Cards
1) Security Engineering [Cambridge]• by Ross Anderson• MUCH larger scope, may selectively read
Chapters 3-5,10,11,16, 22,26 etc.
2)2)2) Smart Card Handbook [Germany, 2002]Smart Card Handbook [Germany, 2002]Smart Card Handbook [Germany, 2002]••• by Wolfgang Rankl and Wolfgang Effingby Wolfgang Rankl and Wolfgang Effingby Wolfgang Rankl and Wolfgang Effing
7 Nicolas T. Courtois 2006-2009
••• by Wolfgang Rankl and Wolfgang Effingby Wolfgang Rankl and Wolfgang Effingby Wolfgang Rankl and Wolfgang Effing
3)3)3) Smart Card Applications [Germany, 2007]Smart Card Applications [Germany, 2007]Smart Card Applications [Germany, 2007]••• by Wolfgang Ranklby Wolfgang Ranklby Wolfgang Rankl
4)4)4) LATEST BOOK [RHUL, 2008]LATEST BOOK [RHUL, 2008]LATEST BOOK [RHUL, 2008]Smart Cards, Tokens, Security and ApplicationsSmart Cards, Tokens, Security and ApplicationsSmart Cards, Tokens, Security and Applications
••• by Keith Mayes and Konstantinos Markantonakis (Editors)by Keith Mayes and Konstantinos Markantonakis (Editors)by Keith Mayes and Konstantinos Markantonakis (Editors)
Crypto Protocols and Smart Cards
Philosophy
8 Nicolas T. Courtois 2006-2009
Philosophy
Crypto Protocols and Smart Cards
Security:
Protecting Assets from Threats
9 Nicolas T. Courtois 2006-2009
Protecting Assets from Threats
asset holder
Crypto Protocols and Smart Cards
Main Goals:
• Confidentiality• Integrity• Authenticity Accountability
10 Nicolas T. Courtois 2006-2009
• AuthenticityAvailability
Accountability
Crypto Protocols and Smart Cards
Magic Formulas…
or “Security Mantras”:• repeat after me: C.I.A. C.I.A.In fact we have no silver bullet.
on the contrary:
11 Nicolas T. Courtois 2006-2009
on the contrary:Security is about trade-offs. Conflicting engineering criteria…. Conflicting requirements… Overcoming human,
technology and market failures.insecure rubbish!
Crypto Protocols and Smart Cards
Least Privilege [or Limitation] Principle
[Saltzer and Schroeder 1975]
Every entity should be able to access only such information and resources that are necessary to its legitimate purpose.
12 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Proportionality Principle
Maximize security???
Maximize “utility”
13 Nicolas T. Courtois 2006-2009
Maximize “utility” while limiting risk
to an acceptable level within reasonable cost…» all about economics…
Crypto Protocols and Smart Cards
Defence in Depth Principle
Military: layer the defences.
14 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Example
Steal Private Signature Key
user control
15 Nicolas T. Courtois 2006-2009
spec secrecy
authenticate terminal
PIN check
crypto implementation
Crypto Protocols and Smart Cards
Goals
16 Nicolas T. Courtois 2006-2009
Goals
Crypto Protocols and Smart Cards
Security
Protecting Assets from ThreatsProtecting Assets from ThreatsProtecting Assets from Threats
17 Nicolas T. Courtois 2006-2009
Protecting Assets from ThreatsProtecting Assets from ThreatsProtecting Assets from Threats
asset asset asset holderholderholder
Crypto Protocols and Smart Cards
Security EngineeringDefinition: [Ross Anderson]
building systems to remain dependable
18 Nicolas T. Courtois 2006-2009
to remain dependable in face of malice, error or mischance.
Crypto Protocols and Smart Cards
Key RemarkSoftware CANNOT be protected by software.
19 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Main Function of a Smart Card = = to be “a secure hardware device”.
1. ”intelligent” (Smart): the card
USB interface ISO, [USB], [RF]
ISO, [USB,RFRFRF]
USB Token form factorSIM card form factor
credit card form factor
20 Nicolas T. Courtois 2006-2009
1. ”intelligent” (Smart): the card – handles computations (e.g. crypto)– manages data (OS, file system, access rights)– takes informed security decisions (…block itself !)
2. Hopefully ”unbreakable”: nobody can know/modify what is inside.
Crypto Protocols and Smart Cards
Magnetic Stripe Cards [since 60s]
Which one is counterfeit ?
21 Nicolas T. Courtois 2006-2009
Chip cards: much harder to read, much harder to counterfeit.
Crypto Protocols and Smart Cards
History
22 Nicolas T. Courtois 2006-2009
History
Crypto Protocols and Smart Cards
Short Plastic Card History1878 US fiction writer Bellamy: In 2000 everybody will be paying
by a credit card (!). Cf. Edward Bellamy “Looking Backward, 2000 to 1887”.
1914-1940 Metal credit cards in the US, forbidden during WW2forbidden during WW2forbidden during WW21950 Invention of plastic money (PVC): Frank McNamara@Diners Club Frank McNamara@Diners Club Frank McNamara@Diners Club
[NY, USA] issues first universal plastic [charge] credit cards . [NY, USA] issues first universal plastic [charge] credit cards . [NY, USA] issues first universal plastic [charge] credit cards .
23 Nicolas T. Courtois 2006-2009
1967 First cash machines [DeLaRue] with punch cards. 1967 First cash machines [DeLaRue] with punch cards. 1967 First cash machines [DeLaRue] with punch cards.
1967 France: first magnetic stripe card for access control.1967 France: first magnetic stripe card for access control.1967 France: first magnetic stripe card for access control.
1972 [UK] First on-line ATM with magnetic stripe cards.
Crypto Protocols and Smart Cards
History - Chip Cards1960s1. French science-fiction book “La nuit de temps” by
René Barjavel: A portable object/jewel that opens doors.
2. Plastic credit cards were standardized and used
24 Nicolas T. Courtois 2006-2009
2. Plastic credit cards were standardized and used since the 50s [plastic money].
1970s: 1+2 = Embedding electronic components in credit cards: Many patents in USA, Germany, Japan and then France.
Crypto Protocols and Smart Cards
Smart Card Odyssey
Two Key Patents:• Roland Moreno [France]:
– chip card [1974]– security limitations [1975]
25 Nicolas T. Courtois 2006-2009
• Michel Ugon, Bull CP8: – microprocessor card [1977]
10 years ago, half of chip cards in the world were French. Wider adoption around 2000.
Crypto Protocols and Smart Cards
SPOM, October 1981 - Bull CP8
Patented• NMOS 3,5 µ, • 42 K Transistors,• RAM: 36 bytes (!),
26 Nicolas T. Courtois 2006-2009
• RAM: 36 bytes (!), • ROM: 1,6 Kbytes, • EPROM: 1 Kbyte
Crypto Protocols and Smart Cards
History of Electronic Bank Cards - in 1984:Schlumberger pilot in Lyon, France: • a simple wired logic card
Bull CP8 pilot in Blois, France: • a microprocessor card
Gemplus
27 Nicolas T. Courtois 2006-2009
• a microprocessor card
The banks adopted the Bull CP8 solution, the fore-father of current smart bank cards (EMV).
100% in France in 1992. 100% in the world around 2010 ?
=> Close the loophole.
Gemplus
Crypto Protocols and Smart Cards
Vocabulary, Typology, Features
28 Nicolas T. Courtois 2006-2009
Vocabulary, Typology, Features
Crypto Protocols and Smart Cards
Vocabulary
magnetic stripe card
IC= Integrated CircuitICC, chip card :
carte à piste magnétique
puce, circuit intégrécarte à puce :
29 Nicolas T. Courtois 2006-2009
ICC, chip card :• memory card
• wired logic card• smart card
carte à puce :• carte à mémoire• c. à logique câblée• carte à microprocesseur[+crypto co-processeur]
Crypto Protocols and Smart Cards
More Vocabulary
card reader, CAD (Card Acceptance Device)
lecteur carte
30 Nicolas T. Courtois 2006-2009
BO’ card [1985-2004]EMV card [1996-2020?]
carte bancaire françaisenouveau standard
Crypto Protocols and Smart Cards
Types of cards
memory/wired logic microprocessor
0 CPU 1 CPU
31 Nicolas T. Courtois 2006-2009
micropr.+crypto contactless
Source: Gartner, 2005
2 CPU 1-2 CPU
Crypto Protocols and Smart Cards
Memory/Wired Logic CardMemory/Wired Logic Card
• Primitive• NVM – non-
volatile memory
32 Nicolas T. Courtois 2006-2009
volatile memory(E2PROM, Flash
memory)• simple function• e.g. prepay card
Crypto Protocols and Smart Cards
Smart CardSmart Card
• Microcontroller = CPU+memory
• Universal, Turing machine, software
33 Nicolas T. Courtois 2006-2009
machine, software driven
• flexibility• security features• [Hardware DES]
Crypto Protocols and Smart Cards
CryptoCrypto--processor IC Cardsprocessor IC Cards
• Additional crypto-processor for RSA or elliptic curves
34 Nicolas T. Courtois 2006-2009
curves• Hardware security
counter-measures
Crypto Protocols and Smart Cards
ContactContact--less Smart Cardless Smart Card
• with RF transceiver• 0.1 s transaction
– much less energy– even less computing
35 Nicolas T. Courtois 2006-2009
– even less computing power
Crypto Protocols and Smart Cards
Memory on Smart Cards• ROM (‘hard mask’: C/Assembly, contains OS,
secure file access, I/O, libraries[crypto!], JVM) = 100 - 300 Kbytes now
• RAM = 4-16 K now(expensive, first Bull CP8 card had 36 bytes)
• NVM: (‘soft mask’, compiled C, more libraries…)
36 Nicolas T. Courtois 2006-2009
• NVM: (‘soft mask’, compiled C, more libraries…)– EPROM: 1980s, high voltage needed to erase it– E2PROM: 8-64 Kbytes,
recently 128-256 K GSM SIM.– New trend: Flash memory:
• Much cheaper, dense and shrinkable process.• Random read, harder to manage,
hard to re-write and very slow to erase.• Spansion 2006: 1 Giga in a SIM card!
≈≈≈≈≈≈≈≈10001000 times slower times slower to writeto write than RAMthan RAM
Crypto Protocols and Smart Cards
Life Cycle of a Smart Card [ISO 10202-1]• Manufacturing: [e.g. Infineon, Gemalto]
– ROM <= ‘hard mask’, remove test functionality
• Initialize: [e.g. Gemalto, Card Issuer]– E2PROM <= ‘soft mask’, completing O.S. install
• Personalize: [Card Issuer]
37 Nicolas T. Courtois 2006-2009
– Init apps– E2PROM <= data, keys etc. for an individual user!
• Use it: [e.g. ATM]– issue commands (APDUs)
• Death: [e.g. local bank]– invalidate the chip / destroy the card.
Crypto Protocols and Smart Cards
Functionalities of Chip/Smart Cards
38 Nicolas T. Courtois 2006-2009
Functionalities of Chip/Smart Cards
Crypto Protocols and Smart Cards
Advantages of Smart Card
• storage capacity• security functionalities• multiple functions
39 Nicolas T. Courtois 2006-2009
• user acceptability, effective packaging• successful business model
Crypto Protocols and Smart Cards
Crypto Functionalities of a Smart Card (1)
• Cardholder verification by the card. – Check PIN or biometric data.– Not always done with crypto, but otherwise
necessary to activate the crypto capabilities of the card.
40 Nicolas T. Courtois 2006-2009
the card.
• Key generation, its secure storage, safe “usage” and (why not) erasure.
• Encrypt data (public and secret key)– emails, files, etc… e.g. PGP PKI badge– secure messaging, like VPN
Crypto Protocols and Smart Cards
Crypto Functionalities of a Smart Card (2)Authentication – from weaker to stronger:• Integrity checks (CRC, or better: cryptographic hash).• Origin checks (storing a static signature)• Dynamic Challenge-Reply card authentication (proof of
identity, should be a Zero-knowledge mechanism).• Dynamic authentication of any data with a 3-DES
41 Nicolas T. Courtois 2006-2009
• Dynamic authentication of any data with a 3-DES cryptogram or a MAC (symmetric-key signatures).
• Dynamic authentication of any data with a “real” (=public-key) digital signature. – Provides authenticity and non-repudiation of every individual action
taken in a complex protocol !
• Also verification: the authenticity of a terminal / external word.
Crypto Protocols and Smart Cards
Smart Card Applications
42 Nicolas T. Courtois 2006-2009
Smart Card Applications
Crypto Protocols and Smart Cards
Some Applications of a Smart Card
• PayTV - Broadcast Encryption and Traitor Tracing.– First PayTV Card: Philips+Bull, 1980-81
• Storing private data (emails, passwords etc…)• First phone cards with a chip: [1983 Schlumberger
43 Nicolas T. Courtois 2006-2009
• First phone cards with a chip: [1983 Schlumberger Télécarte, France], [1984 G&D Telekarte, Germany],
Remark: wired logic, contact placement later changed
• GSM / 3G phones – First SIM card: Gemplus 1989, MANY billions sold since
• Electronic passport, ID– PKI, Belgium by Axalto.– Biometric passports: required since October 2005.
Crypto Protocols and Smart Cards
More Applications of a Smart Card
• Bank Cards [since 1984, Bull CP8]• Home Banking, Internet Shopping• PC access, corporate badge, secure email
PGP
44 Nicolas T. Courtois 2006-2009
PGP• Electronic purse, parking: [1996-] Proton[Be],
Geldkarte, later integrated with bank cards• First student card [restaurant, library, etc.]
– First in 1988, Italy, Bull CP8
Crypto Protocols and Smart Cards
Part 2
Modern
45 Nicolas T. Courtois 2006-2009
Modern Cryptography
Crypto Protocols and Smart Cards
What is Cryptography ?
• Much more than encrypting things.• Can achieve all kinds of security goals,
not only privacy.
46 Nicolas T. Courtois 2006-2009
not only privacy.
Crypto Protocols and Smart Cards
Goals of Cryptography
1. Confidentiality: privacy, privacy, privacy, anonymity or pseudonymity.anonymity or pseudonymity.anonymity or pseudonymity.
2. Authenticity, Integrity, Non-repudiation…
47 Nicolas T. Courtois 2006-2009
Integrity, Non-repudiation…3.3.3. Fair play and resistance to malicious Fair play and resistance to malicious Fair play and resistance to malicious
behaviours in multiparty protocols…behaviours in multiparty protocols…behaviours in multiparty protocols…4.4.4. Meta: Trust (or Accountability), Openness, Meta: Trust (or Accountability), Openness, Meta: Trust (or Accountability), Openness,
Governance, Compliance, Auditing, Governance, Compliance, Auditing, Governance, Compliance, Auditing, Alerting, Risk Assessment...Alerting, Risk Assessment...Alerting, Risk Assessment...
Crypto Protocols and Smart Cards
Means to Achieve These GoalsCryptographic Schemes / Cryptographic
Protocols: Necessary ingredients:
1. The best mathematics and 2. computer science on earth. 3. Review and constant scrutiny of hundreds of
independent experts.
48 Nicolas T. Courtois 2006-2009
independent experts.How to use these correctly: 4. people/programmers understanding “how to use it” 5. + appropriate software/hardware environment (e.g.
smart cards) 6. + “trusted infrastructure” (trusted companies).
Crypto Protocols and Smart Cards
Means and Tools to Achieve Security
MAIN TOOL in Cryptography / Security:
49 Nicolas T. Courtois 2006-2009
Security:The Secret
(or Secrecy)
Crypto Protocols and Smart Cards
Jacques Stern book:
La Sciencedu Secret
50 Nicolas T. Courtois 2006-2009
du Secret
(éditions Odile Jacob)
Crypto Protocols and Smart Cards
3 Stages
51 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Trouble with Secrecy
• Secrecy is almost always imposed by business considerations.
52 Nicolas T. Courtois 2006-2009
• Secrecy has almost always led to shoddy security.
Crypto Protocols and Smart Cards
Evolution of Information Security
3 stages [Courtois] : 1.Protections that are
secret
53 Nicolas T. Courtois 2006-2009
secret2.Based on a secret key 3.Public key solutions.
Crypto Protocols and Smart Cards
First Stage – Security By Obscurity
The stone age of cryptography...Like hiding the key under the
doormat.Usually broken if you try long enough.
54 Nicolas T. Courtois 2006-2009
Usually broken if you try long enough. Hackers paradise: just give me
enough coffee…Unpredictable and catastrophic when
some information leaks out…
Crypto Protocols and Smart Cards
Second Stage – Secret Key Cryptography
Shared Key.
The key remains secret.
55 Nicolas T. Courtois 2006-2009
The key remains secret.Algorithm can be published !
Crypto Protocols and Smart Cards
Kerckhoffs principle: [1883]
“The system must remain secure should it fall in
56 Nicolas T. Courtois 2006-2009
secure should it fall in enemy hands …”
Crypto Protocols and Smart Cards
****Short History of CryptologyUntil 1977 all cryptographic algorithms were secret...
Until about 1945-60s all ciphers were broken...
Cryptanalysis with machines -> computers – increasing computing power
Statistical cryptanalysis: frequency and language -> DC, LC, GLC, BLC,
57 Nicolas T. Courtois 2006-2009
1939-45 70s 90s1900 2000s9th
commercial
cryptography
strong commercial cryptography
used by anyone
Algebraic Cryptanalysis
from art to higher mathematics… [Cocks, RSA, Public Key Cryptology]
DES
public
Crypto Protocols and Smart Cards
Second Stage – Secret Key Cryptography
Appeared with perfecting Enigma… More and more computation, necessity to build machines called
58 Nicolas T. Courtois 2006-2009
build machines called “bombs”.
Computational Security: time+money.
Crypto Protocols and Smart Cards
Second Stage – Secret Key Cryptography
Good Crypto: can publish the algorithm.
• In 1977 the American government publishes DES.
59 Nicolas T. Courtois 2006-2009
government publishes DES.• Before: good encryption
algorithms were highly classified weapons.
Crypto Protocols and Smart Cards
Proprietary Algorithms
• Maybe I can break it ? • No time, no motivation: many
“lousy” algorithms, few
60 Nicolas T. Courtois 2006-2009
“lousy” algorithms, few people able to break them…
Crypto Protocols and Smart Cards
Partial Solution…
• If one can break RSA-2048 bits, RSA Security offers
200 000 US$.• For ECC: Certicom offers
61 Nicolas T. Courtois 2006-2009
• For ECC: Certicom offers 725 000 US$.
• For AES: 0 $ is offered.The US government wants cryptologists to work for free…
Crypto Protocols and Smart Cards
Crypto Tools: here seen as black boxes.
ConfidentialityIntegrity
62 Nicolas T. Courtois 2006-2009
IntegrityAuthenticity
Crypto Protocols and Smart Cards
Confidentiality
63 Nicolas T. Courtois 2006-2009
Alice
Bob
Crypto Protocols and Smart Cards
Case Studies:PayTV
64 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Pay TV
65 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cardsvideo
CW (10 sec.)
E_CW (video)
CW
videoDVB / CSA DVB / CSA
KC (1 mois) KC
F F
E_KC (CW)
Encrypted videowith ECM
66 Nicolas T. Courtois 2006-2009
EMM channel
KC (1 mois) KC
E_KU (KC)
FKU (10 ans..)
F KU
E2PROM
Crypto Protocols and Smart Cards
Public Key Encryption – Better
encryption algorithm
m
decryption algorithmc
m or invalid
Eve
c
r
67 Nicolas T. Courtois 2006-2009
pk(public key)
sk(private key)
key generation algorithm
past: setup phase
Crypto Protocols and Smart Cards
Data Authentication
68 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Message Authenticity – GoalsDifferent security levels: 1. Correct transmission – no (random) transmission error. A malicious attacker
can always modify it. • Achieved with CRC and/or error correction/detection codes.
2. Integrity – no modification possible if the “tag/digest” is authentic. If we cannot guarantee the authenticity of the tag, a malicious attacker can still modify and re-compute the hash.
• Achieved with cryptographic hash functions (= MDC). (e.g. SHA-1).
69 Nicolas T. Courtois 2006-2009
• Achieved with cryptographic hash functions (= MDC). (e.g. SHA-1).
3. Authenticity – specific source. Authentified with some secret information (key). • Achieved with a MAC (= a hash function with a key = a secret-key signature).
4a. Non-repudiation – very strong requirement. Only one person/entity/device can produce this document.
• Achieved with Digital Signatures. The strongest method of message authentication.
4b. Public verify-ability. Everybody can be convinced of the authenticity (trust the bank ?).
• Achieved with Digital Signatures. The strongest method of message authentication.
Crypto Protocols and Smart CardsAuthenticity – Public Key
SignaturesCan be:
70 Nicolas T. Courtois 2006-2009
Public key:
•Real full-fledgedDigital Signatures.
Secret key:
•Not « real signatures » but MACs = Message Authentication Codes.
Crypto Protocols and Smart Cards
MACs = Message Authentication Codes = “Secret-Key Signatures”
MAC
m
MAC σ
(m,σ)
yes/no
71 Nicolas T. Courtois 2006-2009
algorithm
sk(secret key)
algorithm
sk(secret key)
σ
forgery
Crypto Protocols and Smart Cards
Digital Signatures (Public Key)
signing
m
verification σ
(m,σ)
yes/no
72 Nicolas T. Courtois 2006-2009
algorithm
sk(private key)
algorithm
pk(public key)
σ
forgery
Crypto Protocols and Smart Cards
Message Authenticity: Hash-then-Sign
A hash function (or hash algorithm) is a reproducible method of turning data (usually a message or a file) into a number suitable to be handled by a computer. These functions provide a way of creating a small digital "fingerprint" from any kind of data. The function chops
DigitalSignature
H(m)
m
σ
73 Nicolas T. Courtois 2006-2009
from any kind of data. The function chops and mixes (i.e., substitutes or transposes) the data to create the fingerprint, often called a hash value. The hash value is commonly represented as a short string of random-looking letters and numbers (Binary data written in hexadecimal notation).
Signature e.g. RSA-
PSS
H
>=160 bits
0-∞ bits
>=80 bits
098f6bcd4621d373cade4e832627b4
Crypto Protocols and Smart Cards
Signatures - Requirements
1. Authenticity – guarantees the document signed by…2. Non-repudiation – normally only possible with public-key
signatures.– Unless if we assume that we dispose of a tamper-resistant hardware (e.g. a smart
card) the non-repudiation can be achieved with a MAC based on AES !
74 Nicolas T. Courtois 2006-2009
3. Public verify-ability - normally only possible with public-key signatures.
– Unless there is a trusted third party (e.g. independent and trusted authority, an electronic notary service), then public verify-ability will be achieved with a MAC based on AES !
CONCLUSION; secret key signatures can work in practice… but are fundamentally either less secure or less practical (what if the notary stops responding, the smart card destroys itself because it thinks it is being attacked etc..).
Crypto Protocols and Smart Cards
Digital Signatures: Top of the Top:
• The strongest known form of Message Authentication:––– Integrity, and more:Integrity, and more:Integrity, and more:––– Authenticity, and more:Authenticity, and more:Authenticity, and more:
75 Nicolas T. Courtois 2006-2009
––– Authenticity, and more:Authenticity, and more:Authenticity, and more:––– Public Verifiability (Public Verifiability (Public Verifiability (≠≠≠ secret key signatures, secret key signatures, secret key signatures,
MACs), and more:MACs), and more:MACs), and more:––– NonNonNon---repudiation: I’m the only person that repudiation: I’m the only person that repudiation: I’m the only person that
can sign…can sign…can sign…
Crypto Protocols and Smart Cards
*Digital Signatures vs. Authentication• Strongest known form of Message
Authentication.• Allows also authentication of a
token/device/person (e.g. EMV DDA, US Passport):
76 Nicolas T. Courtois 2006-2009
– challenge –response (just sign the challenge)
• The reverse does not hold: – Not always possible to transform authentication
into signature. More costly in general !
Sym. encryption << P.K. authentication < signature
Crypto Protocols and Smart Cards
Multi-Party
Protocols
77 Nicolas T. Courtois 2006-2009
Protocols
Crypto Protocols and Smart Cards
Protocols
A security protocol is a sequence ofcommunications that two or more principalsundertake to securely achieve an objective.
78 Nicolas T. Courtois 2006-2009
Principals: people, organizations, governments, computers, USB devices, smart cards, concurrently running processes, etc…
Crypto Protocols and Smart Cards
Objective?No limits in how complex they are. Examples: • Secure Transmission of Data (encryption)• Anonymous Transmission of Data• Mutual Authentication (2x proof of identity).• Multiparty Computation: Jointly compute 1 function. Keep inputs private. E.g.
– Millionaires’ problem, – Electronic election – Auction with specific rules
hard only when there is no trusted third party
79 Nicolas T. Courtois 2006-2009
– Online casino• Complex systems that never stop running:
– run an online betting exchange – run a stock exchange– Payment systems – Pay TV systems
• Secret sharing (verifiable, resistant to cheating, access structures…).• Key Establishment.• Joint random generation (no one can make it non-random).• etc…
usually a trusted party (called a Dealer) only needed at the beginning ()
Crypto Protocols and Smart Cards
Securely?
Need for a formal definition:1. Objectives of the Attacker (win a certain game).2. Resources3. Access
80 Nicolas T. Courtois 2006-2009
However carefully designed, protocols have subtle flaws found 20 years later.
Types of attacks that the designer did neither intend nor imagine.
Crypto Protocols and Smart Cards
What If?
Many protocols have the following properties:• if all participants are honest, they work.• If participants are honest but curious,
they learn nothing• if one participant cheats,
81 Nicolas T. Courtois 2006-2009
• if one participant cheats, – it will be detected – not always possible to know who cheated
• It is usually always possible to disturb the protocol (denial of service)
– not always possible to know who’s fault it was
Crypto Protocols and Smart Cards
Overall Goal:
The protocol will either securely succeed or abort.
• moreover, if all participants are honest,
82 Nicolas T. Courtois 2006-2009
including honest but curious, the protocol should always succeed
Crypto Protocols and Smart Cards
The Dolev-Yao Model
Defines an attacker for all cryptographic protocols.
This attacker is powerful, but that’s precisely the point: protocols should be designed to resist this type of attacker, and be nevertheless secure.
83 Nicolas T. Courtois 2006-2009
nevertheless secure. Sets a sort of minimal standard for protocols.
They will be also secure when the attacker is less powerful.
Crypto Protocols and Smart Cards
The Dolev-Yao Model
Attacker = the Network• the attacker can read, modify, copy and create
his own messages. • In other words, the attacker has totally compromised the
ambient medium of communication (the network).
========== our minimum standard ==========
84 Nicolas T. Courtois 2006-2009
========== our minimum standard ==========
optional:• in addition, many protocols assume
that the attacker can corrupt some participants• at certain moments in time he can read or modify their private data• not all are corrupted,
– it wouldn’t make sense to still talk about security
Crypto Protocols and Smart Cards
Entity Authentication
85 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
PasswordsBad user: password systems fail...
86 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Entity Authentication / Identification
A person/device can be authenticated by 1. Something that he/it knows.
• PIN, password, knowledge of an AES key, private RSA key etc..
2. Something that he/it has.
87 Nicolas T. Courtois 2006-2009
2. Something that he/it has.• Smart card, USB key, TPM module, and other
tamper-resistant hardware…
3. Something that he/it is.• Biometrics, unique physical characteristics (cf. snow
flake).
Crypto Protocols and Smart Cards
Multi-factor authentication:
To enter the office, one needs:1. A PIN.2. A smart card.We speak about 2-factor system.
88 Nicolas T. Courtois 2006-2009
We speak about 2-factor system.
High security systems (e.g. bank vault, military lab, etc.) requires to systematically and simultaneously use 3 factors
=> Good security.
Crypto Protocols and Smart Cards
Passwords = Static Authentication
89 Nicolas T. Courtois 2006-2009
Passwords = Static Authentication
Crypto Protocols and Smart Cards
Skimming Bank Cards
90 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Can We Do Better?
91 Nicolas T. Courtois 2006-2009
Can We Do Better?
Crypto Protocols and Smart Cards
Beyond Passwords In the real world, passwords are • low entropy, • yet impossible to remember,• shared,• reused Hackers do
92 Nicolas T. Courtois 2006-2009
Hackers do • guess / crack them• intercept/record and replay
Can we defend against all these? • reset passwords frequently… check if strong• or move from static to dynamic schemes!
Crypto Protocols and Smart Cards
Dynamic Authentication
93 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Dynamic vs. Static Authentication
Dynamic as opposed to static.
dynamic (authentication) systems:• One-Time Passwords (OTP),
– in any order, counter-based, frame number-based
• time based
94 Nicolas T. Courtois 2006-2009
• time based• random challenge-based• data-based == MAC• data+challenge based: : :
better, data can be the samebetter, data can be the samebetter, data can be the same
Crypto Protocols and Smart Cards
One Time and Better…
95 Nicolas T. Courtois 2006-2009
One Time and Better…
Crypto Protocols and Smart Cards
One-Time Passwords (OTP)Key properties:• The password is changed each time• The attacker cannot know it in advance,
– real-time MIM = Man In the Middle attacks remain possible
• The fraudulent authentication attempts are detected
96 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
One-Time Passwords in BankingA card with printed random numbers.
Problem: can be photocopied…– and the user still has it, naively thinking it is secure…
97 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
One-Time Passwords?Time-synchronized OTPRSA SecureID etc.Wrong:This is NOT a OTP scheme.
Though everybody calls it a OTP token…
98 Nicolas T. Courtois 2006-2009
It is no longer a OTP, it is nearly a challenge-response system, kind of half way.
Where challenge = time.• Except that the challenge is fixed for 30-60 s.
Window of opportunity: 30 s, second session possible connected from another location…
Crypto Protocols and Smart Cards
RSA SecureID is a 2-factor System
99 Nicolas T. Courtois 2006-2009
=> PC login…
Crypto Protocols and Smart Cards
Proprietary Symmetric Algorithm
100 Nicolas T. Courtois 2006-2009
(secret)
Crypto Protocols and Smart Cards
Another Example = OTP Mode
16-bit counter
101 Nicolas T. Courtois 2006-2009
CBC 3DES MAC
64-bit cryptogram
selected bits7+ lower bits
4+4 digits output
Crypto Protocols and Smart Cards
Challenge-Response Protocols
• Better, – the right answer to replay attacks.––– essential and indispensableessential and indispensableessential and indispensable
102 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
CC--R Authentication R Authentication -- HistoryHistory
IFF: Identify Friend or Foe (1942)
Challenge-
103 Nicolas T. Courtois 2006-2009
-Response
problem: relay attacksproblem: relay attacksproblem: relay attacks
Crypto Protocols and Smart Cards
Man In the Middle Man In the Middle ≥≥ Relay AttacksRelay Attacks
104 Nicolas T. Courtois 2006-2009
Mitigated by precise measure of timing.travel faster than speed of light travel faster than speed of light travel faster than speed of light
��� travel in time.travel in time.travel in time.
problem: relay attacksproblem: relay attacksproblem: relay attacks
Crypto Protocols and Smart Cards
Nonces and Time Stamps
105 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Has Been Done…
106 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Ross Anderson’s MITM Complete Setup
107 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Noncesnonce = a number used once, counter/sequence number
• less secure
in the sense of challenge-response
108 Nicolas T. Courtois 2006-2009
random nonce = a random challenge = a random
Warning: frequently, a random nonce will be called just nonce, but what is meant is a random nonce.
Crypto Protocols and Smart Cards
Time vs. NonceTime can replace a random nonce, can simplify protocols, • between very slightly and a lot less secure,
• mainly depending on time granularity.
Dynamic, half way between static authentication and
challenge-response systems (the best).
109 Nicolas T. Courtois 2006-2009
challenge-response systems (the best).
Crypto Protocols and Smart Cards
Uni-directional
110 Nicolas T. Courtois 2006-2009
Authentication
Crypto Protocols and Smart Cards
Unilateral Authentication
statement,
my ID
111 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Unilateral Authentication
statement,
my ID
112 Nicolas T. Courtois 2006-2009
[interactive] proof
preferably challenge-response
Crypto Protocols and Smart Cards
Unilateral Authentication
statement,
my ID
113 Nicolas T. Courtois 2006-2009
[interactive] proof
preferably challenge-response this is really
my ID
Crypto Protocols and Smart Cards
Unilateral Authentication
114 Nicolas T. Courtois 2006-2009
with Random Nonces
Crypto Protocols and Smart Cards
Unilateral with a Random Nonce
randomB
A B
KK
115 Nicolas T. Courtois 2006-2009
can also use a block or stream cipher, but always works as a MAC herecan also use a block or stream cipher, but always works as a MAC herecan also use a block or stream cipher, but always works as a MAC here
Q1: why the name of A is included? Q1: why the name of A is included? Q1: why the name of A is included? Q2: why the name of B is included? Q2: why the name of B is included? Q2: why the name of B is included?
Reflection attack: reuse when B authenticating to A Reflection attack: reuse when B authenticating to A Reflection attack: reuse when B authenticating to A concurrently without knowing the key.concurrently without knowing the key.concurrently without knowing the key.
A, MACK(randomB, B)
Crypto Protocols and Smart Cards
Case Studiesor How Is It Done?
(cf. also the UCL Smart Cards Lab)(cf. also the UCL Smart Cards Lab)(cf. also the UCL Smart Cards Lab)
116 Nicolas T. Courtois 2006-2009
(cf. also the UCL Smart Cards Lab)(cf. also the UCL Smart Cards Lab)(cf. also the UCL Smart Cards Lab)
Crypto Protocols and Smart Cards
Case Studies:PIN Sentry Again
117 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
C-R Mode
16-bit counter 4-digit challenge
118 Nicolas T. Courtois 2006-2009
CBC 3DES MAC
64-bit cryptogram
selected bits
4+4 digits output
7+ lower bits
Crypto Protocols and Smart Cards
Sign Mode
16-bit counter 4-digit challengeamount,currency,account nb
8 digits
119 Nicolas T. Courtois 2006-2009
CBC 3DES MAC
64-bit cryptogram
selected bits
4+4 digits output
7+ lower bits
Crypto Protocols and Smart Cards
Case Studies:GSM
120 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
GSM Security
A3
GSM OperatorAuthentication Center
A3Ki Ki
challenge RANDSIM card
Signed RESponse (SRES)
precomputed triples:(RAND,SRES,Kc)
121 Nicolas T. Courtois 2006-2009
Mobile Equipment
A8
A5
A8
A5
KcKc
mi Encrypted Data mi
SRESSRES
Fn Fnare = ?
Base Station
Crypto Protocols and Smart Cards
SIM Card Side
secret key
Triples RAND, SRES, Ki are stored in BS
122 Nicolas T. Courtois 2006-2009
Data with redundancy: terrible mistake…
data block of 114 bits.
Crypto Protocols and Smart Cards
Authentication in Practice
A3 A3Ki Ki
challenge RANDSIM card
Signed RESponse (SRES)
are = ?
123 Nicolas T. Courtois 2006-2009
• RUN GSM ALGORITHMExample: A0 88 00 00 10 XX …………….XX
16 bytes random nonce
no L_e, no data in reply expected, result will be visible in the status bytes = 0x9F Le
both 0INSCLA
Crypto Protocols and Smart Cards
Running the Secret Algorithm (with secret key)Custom crypto,
operator-dependent.
124 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Embarrassing Discoveries
• Keys generated by typical UK and French cards (I’ve checked many): 64 bits.
• Key in Polish Orange card: 64 bits.• All Chinese cards checked: 64 bits.
125 Nicolas T. Courtois 2006-2009
• Card bought in Russia in 2007 (operator = “MTC”): – 54 bits only
• What about Estonia, member of the EU?– I went to Estonia last year (2009).– Bought a SIM card from “simpel”:
• The key also is restricted to 54 bits.– The weakest GSM keys in the EU… Also in Greece.
Crypto Protocols and Smart Cards
Unilateral vs. Mutual
126 Nicolas T. Courtois 2006-2009
Authentication
Crypto Protocols and Smart Cards
Unilateral AuthenticationHistorically very popular.Examples:• password -> login
––– OK if we trust the browser + the DNS, OK if we trust the browser + the DNS, OK if we trust the browser + the DNS, ••• or a PK certificateor a PK certificateor a PK certificate---based secure tunnel is needed.based secure tunnel is needed.based secure tunnel is needed.
• SIM card -> GSM base station (fixed in 3G)
127 Nicolas T. Courtois 2006-2009
• SIM card -> GSM base station (fixed in 3G)• offline bank card transactions -> Point of Sale terminal
Problems: • login page spoofing etc.• false GSM base stations, • false ATMs,
Crypto Protocols and Smart Cards
Uni-directional vs. Mutual Authentication
statement1,
K
K
128 Nicolas T. Courtois 2006-2009
[interactive] proof1
statement2,
[interactive] proof2
Crypto Protocols and Smart Cards
Asymmetry
129 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
AsymmetryNot good,
why one party should authenticate first? No reason.So in fact most of the time we have both
authentications interconnected together in one indivisible protocol.
130 Nicolas T. Courtois 2006-2009
Can the asymmetry be removed? ••• well can “almost” be removed, but we don’t really want to, more well can “almost” be removed, but we don’t really want to, more well can “almost” be removed, but we don’t really want to, more
about this later…about this later…about this later…
Crypto Protocols and Smart Cards
Who Goes First?Typically:• one device A first gives its ID first• another device B first sends a “cryptogram” that depends on this secret
key.
If one device is easier to capture for the attacker,it should NOT respond first anything related to the secret keys.
131 Nicolas T. Courtois 2006-2009
it should NOT respond first anything related to the secret keys.
This makes such devices unbreakable, • even by offline brute force attacks
– even if the attacker has infinite computing power
• more importantly, also very robust against by side channel attacksremains breakable by online brute force, but this is too slow to be handled in remains breakable by online brute force, but this is too slow to be handled in remains breakable by online brute force, but this is too slow to be handled in
practice.practice.practice.
Crypto Protocols and Smart Cards
Example:Contactless smart cards: • Oyster Cards, • building passes, etc.
The card never answers anything related to the secret key before the reader first proves his identity
132 Nicolas T. Courtois 2006-2009
Thus the attacker can only break it if he has access to the legitimate terminal,
• must penetrate inside the building etc, • cannot just make a copy of card at home.It is like a key that can only be copied if the attacker has
access to both the key and the actual lock in the actual door.
Crypto Protocols and Smart Cards
AsymmetryCan the asymmetry be removed? • in theory no, not completely, • can be “almost” removed:
– more precisely the information leaked by the first entity to disclose anything can be very small (1 bit)
133 Nicolas T. Courtois 2006-2009
disclose anything can be very small (1 bit)• progressive disclosure… • then the protocol would be slow, tens of messages…
• in practice not removed at all, in fact this is used by designers of systems to their advantage…
Crypto Protocols and Smart Cards
Case Studies:Oyster Card
134 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Mutual Authentication + Secure Messaging
tag random 32 bits
card ID 32 bits
135 Nicolas T. Courtois 2006-2009
=> starting from now, all read/write commands data is sent encrypted…
tag resp. 32 bits
encr. rdr random + rdr resp. 2x32 bits
Crypto Protocols and Smart Cards
Key
136 Nicolas T. Courtois 2006-2009
Establishment
Crypto Protocols and Smart Cards
Extension:In many cases the “in one piece” protocols go further:
they also include a key establishment part.
This is key is later used for channel encryption (secure messaging) of all further commands and data.
137 Nicolas T. Courtois 2006-2009
Key establishment is an independent question of great interest.
Plan: Plan: Plan: ••• study key establishment firststudy key establishment firststudy key establishment first••• see how this is combined with mutual authentication see how this is combined with mutual authentication see how this is combined with mutual authentication
encrypted
Crypto Protocols and Smart Cards
Secure Messaging:like VPN, Point to Point
DESK
encrypted still
Issuer bank
138 Nicolas T. Courtois 2006-2009
encryptedDESK
encrypted still
Crypto Protocols and Smart Cards
The NeedSecure messaging:
encrypt all exchanges (commands and data)
between Alice and Bob. Encrypted
139 Nicolas T. Courtois 2006-2009
Key establishment is kind of always needed, even if Alice and Bob already share a key.
Need for a session key (a short term key):
Crypto Protocols and Smart Cards
Why Short Term Keys?Need for a session key (a short term key): • limit key exposure,
– in many systems (e.g. GSM) session keys are pre-computed in advance by a more secure part of the system (!)
– Bank card master key never used with data chosen by the user (foil DPA).
• keys should be fresh in order to prevent reply of the messages from the last session => total session independence
140 Nicolas T. Courtois 2006-2009
the last session => total session independence• cryptanalysis: security of symmetric crypto degrades with usage,
=> limit amount of data that the attacker can dispose of.
• better to re-establish keys when needed, – avoid expensive storage of too many keys locally
• in PK case, it is in fact TOTALLY impossible to use PK crypto to encrypt quantities of data, just too slow, so a symmetric key is always needed.
– one method to get it is key establishment, studied here later.– second method is called hybrid encryption, e.g. in PGP / GNU PG.
Crypto Protocols and Smart Cards
Key EstablishmentThree types:• symmetric crypto + TTP • public key crypto + authentic[ated] channel ••• no crypto + noisy channels not covered hereno crypto + noisy channels not covered hereno crypto + noisy channels not covered here
?
141 Nicolas T. Courtois 2006-2009
encrypted
Crypto Protocols and Smart Cards
Key
142 Nicolas T. Courtois 2006-2009
Derivation
Crypto Protocols and Smart Cards
Symmetric Key DerivationAgain needed even if the key is already shared.
key diversification = key derivation, very widely used in the industry:
• bank cards• car locks
long-term shared key
K
IV / data
143 Nicolas T. Courtois 2006-2009
• car locks• contactless cards [e.g. Oyster]• built-in component in stream ciphers• etc.
EncryptK or Hash
session keyshort-lived
Crypto Protocols and Smart Cards
Cracking theOyster Card
144 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Attacks with a [Genuine] Reader
145 Nicolas T. Courtois 2006-2009
a [Genuine] Reader
Crypto Protocols and Smart Cards
Key Recovery:
Brute ForceBrute ForceBrute Force••• About 4 years on 1 CPU. Minutes w. FPGA.About 4 years on 1 CPU. Minutes w. FPGA.About 4 years on 1 CPU. Minutes w. FPGA.
Nijmegen Attack
146 Nicolas T. Courtois 2006-2009
Nijmegen Attack• 0.05 seconds.
[de Koning Gans et al, Esorics 2008]
These are mild threats. Why?
Crypto Protocols and Smart Cards
Keystream Needed:
In Theory:Keystream Data => 0.05 seconds.
In practice: Very hard to get this data.
147 Nicolas T. Courtois 2006-2009
Very hard to get this data.
Small window of opportunity for the thief.
Crypto Protocols and Smart Cards
HoweverKnown attacks: Require to either • scan legitimate card reader
[that must already know the key!]• eavesdrop and record genuine
transactions
148 Nicolas T. Courtois 2006-2009
••• and also later: access to the card and also later: access to the card and also later: access to the card (<10 cm).(<10 cm).(<10 cm).
NOT very practical. Require to already penetrate
inside the building with equipment etc…
Crypto Protocols and Smart Cards
Interception - Another Slight Problem…
Regulation of Investigatory Powers Act RIPA [2000].
[…] “It shall be an offence for a person intentionally and without lawful authority
149 Nicolas T. Courtois 2006-2009
to intercept, at any place in the United Kingdom, any communicationin the course of its transmission “ […]
Crypto Protocols and Smart Cards
Card-Only Attacks
150 Nicolas T. Courtois 2006-2009
Card-Only Attacks
Crypto Protocols and Smart Cards
Card-Only Attacks
The real security question is:
Can I copy it, when I am sitting near the cardholder for a few
151 Nicolas T. Courtois 2006-2009
near the cardholder for a few minutes in the underground (contactless card queries).
Yes!
Crypto Protocols and Smart Cards
Card-Only Attacks
Danger is 24h/24:
Anybody that is sitting/standing next to you can steal your
152 Nicolas T. Courtois 2006-2009
next to you can steal your identity (or at least enter some very nice building…)
Crypto Protocols and Smart Cards
Card-Only AttacksInfeasible -> Possible?
153 Nicolas T. Courtois 2006-2009
Infeasible -> Possible?
Crypto Protocols and Smart Cards
Parity Attacks
Problem 1: The card does encrypt data with redundancy.
One should never do that.• more costly
154 Nicolas T. Courtois 2006-2009
• more costly• weaker
– and even weaker with a stream cipher: Ciphertext Only attack (weak)=>
gives (small weight) LINEAR equations on the keystream (very strong)
Crypto Protocols and Smart Cards
Compare to GSM
BTW:For the same reason it is currently easy to
eavesdrop to GSM communications.And sometimes make free calls…
155 Nicolas T. Courtois 2006-2009
And sometimes make free calls…Cf. [Biham-Barkan-Keller: Instant Ciphertext-
Only Cryptanalysis of GSM.. Crypto’03 and JoC’08]
Crypto Protocols and Smart Cards
Problem 2: A Bug in MiFare Classic
Discovered accidentally. • sometimes, under certain conditions, the card outputs a
mysterious 4 bits…
156 Nicolas T. Courtois 2006-2009
• given the fact that many RFID readers are not 100 % reliable, it is easy to overlook it
Crypto Protocols and Smart Cards
The Bug?
Or maybe a backdoor?• Stop pretending that everything happens by
accident.• We need to assume the worst scenario and
157 Nicolas T. Courtois 2006-2009
• We need to assume the worst scenario and examine the consequences:
– Smart can companies are in the position to embed backdoors in products and these will NOT be found for many many years…
Crypto Protocols and Smart Cards
Secure Product Development
158 Nicolas T. Courtois 2006-2009
Secure Product Development
Crypto Protocols and Smart Cards
Secure Hardware Dev. Management[In smart cards] one design criterion differs from the criteria used for
standard chips but is nonetheless very important is that absolutely no undocumented mechanisms or functions must be present in the chip ('that's note a bug, that's a feature').
Since they are not documented, they can be unintentionally overlooked during the hardware evaluation and possibly be used later for attacks.
159 Nicolas T. Courtois 2006-2009
later for attacks. The use of such undocumented features is thus strictly prohibited [...]
[pages 518-519 in the Smart Card handbook by Wolfgang Rankl and Wolfgang Effing, 1088 pages, Wiley, absolute reference in the industry]
Crypto Protocols and Smart Cards
Application Development ManagementGoals:• Avoid backdoors, Trojans, covert channels, bugs etc.• Kleptography: techniques to leak keys to the attacker,
• form of perfect crime.
160 Nicolas T. Courtois 2006-2009
There are various forms of leaking keys:• intentionality impossible to prove• intentionality provable
ONLY with source code
Crypto Protocols and Smart Cards
Application Development ManagementSolutions:
• Never one developer works alone on an application.
161 Nicolas T. Courtois 2006-2009
• One developer knows only some parts of the spec(!).
Crypto Protocols and Smart Cards
Application Development ManagementSolutions:
• Security audits– auditor from the customer: large bank, etc.
162 Nicolas T. Courtois 2006-2009
• Common Criteria evaluations:– The source code is inspected by an independent
company: government agency [e.g. GCHQ] or an evaluation lab [such as CEA-LETI] mandated and paid by the customer [to avoid conflicts of interests].
Crypto Protocols and Smart Cards
***Common Criteria Certificates
• CESG at GCHQ – Communications-Electronics Security Group at
Government Communications Headquarters
=> Common Criteria Scheme
163 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
EAL = Evaluation Assurance Level• EAL1: Functionally Tested
• no need disclose the design/sources to government agencies…
• EAL2: Structurally Tested• 6 months, 150 K$
• EAL3: Methodically Tested and Checked• EAL4: Methodically Designed, Tested, and Reviewed
commercia
164 Nicolas T. Courtois 2006-2009
• EAL4: Methodically Designed, Tested, and Reviewed– EAL4+: augmented requirements [better crypto!]– 24 months, 150 K$ - 2.5 M$ per product
– Ms. Windows 2000 was certified for an undisclosed amount
• EAL5: Semi-formally Designed and Tested• EAL6: Semi-formally Verified Design and Tested• EAL7: Formally Verified Design and Tested
al
military
Crypto Protocols and Smart Cards
Card-Only AttacksInfeasible -> Possible?
165 Nicolas T. Courtois 2006-2009
Infeasible -> Possible?
Crypto Protocols and Smart Cards
The “Bug”
Under certain (parity) conditions when we try to spoof the card with an invalid cryptogram, the card replies with 4 bits.
166 Nicolas T. Courtois 2006-2009
These 4 bits are the encrypted NACK command at a certain later moment in the keystream generation process.
Crypto Protocols and Smart Cards
AttacksBest Attack:
– Multiple Differential Attack by Courtois, in SECRYPT 2009.
• card-only attack, • 300 queries to the card,
– very fast!!!» but precise timing needed.
167 Nicolas T. Courtois 2006-2009
» but precise timing needed.
– Can be combine with Nested Authentication attack by the Dutch Nijmegen group.
Then the whole card can be cloned in 10 seconds.
Crypto Protocols and Smart Cards
third stage
168 Nicolas T. Courtois 2006-2009
third stage
Crypto Protocols and Smart Cards
Contemporary Cryptology
• Re-Birth of Cryptology: Invention of Public Key Cryptosystems [1970s].
169 Nicolas T. Courtois 2006-2009
• ONE CAN DO MUCH BETTER than encryption with a [shared] secret key !!!!
(which is not obvious)
Crypto Protocols and Smart Cards
Third Stage – Public Key Cryptography
No shared key, One private and
one public key.
170 Nicolas T. Courtois 2006-2009
one public key.Private key:
generated and stored securely…
Crypto Protocols and Smart Cards
Third Stage – Public Key Cryptography
Public key:can be distributed to many parties. Does not have to be public
171 Nicolas T. Courtois 2006-2009
Does not have to be public (but the system remains secure when it is).
Crypto Protocols and Smart Cards
Unilateral C-R Authentication
172 Nicolas T. Courtois 2006-2009
- PK Versions
Crypto Protocols and Smart Cards
Public Key – Based SchemesHere more possibilities exist.Two approaches. Alice has her private key SK(A).Two methods to demonstrate the knowledge of this key: • sign a message chosen by Bob.• decrypt a message encrypted by Bob with Alice’s public key.
173 Nicolas T. Courtois 2006-2009
How?
Crypto Protocols and Smart Cards
PK-Unilateral with PK Encryption
h(rB), B, EPK(A)(rB, B)A B
SKAPKA PKA
174 Nicolas T. Courtois 2006-2009
Q1: why we do have Q1: why we do have Q1: why we do have h(rh(rh(rBBB))) in the first message? A witness: in the first message? A witness: in the first message? A witness: ---CCA.CCA.CCA.Q2: why we do have Q2: why we do have Q2: why we do have BBB twice in the first message? twice in the first message? twice in the first message?
Vaguely compelling reasons: Guarantees good independence of Vaguely compelling reasons: Guarantees good independence of Vaguely compelling reasons: Guarantees good independence of different sessions. Bob’s identity is known and the person that produced different sessions. Bob’s identity is known and the person that produced different sessions. Bob’s identity is known and the person that produced the random is the only one that is able to know who B is. Alice checks if the random is the only one that is able to know who B is. Alice checks if the random is the only one that is able to know who B is. Alice checks if B=B before she replies. B=B before she replies. B=B before she replies.
rB
Crypto Protocols and Smart Cards
Same with PKI
h(rB), B, EPK(A)(rB, B)A B
SKAPKA PKCert
certAPKA
175 Nicolas T. Courtois 2006-2009
rB
Crypto Protocols and Smart Cards
Public Key – Based SchemesHere more possibilities than with time.Here more possibilities than with time.Here more possibilities than with time.Two approaches exist. Alice has her private key SK(A).Two approaches exist. Alice has her private key SK(A).Two approaches exist. Alice has her private key SK(A).Two methods to demonstrate the knowledge of this key:Two methods to demonstrate the knowledge of this key:Two methods to demonstrate the knowledge of this key:• decrypt a message encrypted by Bob with Alice’s public key.• sign a message chosen by Bob.
176 Nicolas T. Courtois 2006-2009
With PKI, second solution is more practical!(the first required one more message)(the first required one more message)(the first required one more message)
Crypto Protocols and Smart Cards
PK-Unilateral with Dig. Sign.
rB
A B
SKAPKA
PK
PKCert
177 Nicolas T. Courtois 2006-2009
Q1: why we don’t have A here? Unique key.Q2: why we have added here rA?
certA, rA, SSK(A)(rA, rB, B)
PKA
Crypto Protocols and Smart Cards
PK-Unilateral with Dig. Sign.
rB
A B
SKAPKA
PK
PKCert
178 Nicolas T. Courtois 2006-2009
Q1: why we don’t have A here? Unique key.Q2: why we have added here rA? Again CCA, prevent signing messages entirely chosen by a
potential attacker => not strictly needed if signature scheme is proven secure... => not strictly needed if signature scheme is proven secure... => not strictly needed if signature scheme is proven secure... + subtle reasons: allow audit/freshness even if Bob’s random numbers repeat.
certA, rA, SSK(A)(rA, rB, B)
PKA
Crypto Protocols and Smart Cards
Case Studies:Bank Cards
179 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Security of Chip CardsSecurity varies depending on offline/online transactions
5 Protections:1. Visual: hologram, special font, UV, h. signature…
• CVV2 code also at the back (3-4 digits)
2. Cardholder verification with a PIN code, – Online verification – ATM withdrawals, magstripe only.
180 Nicolas T. Courtois 2006-2009
– Online verification – ATM withdrawals, magstripe only.– Offline POS - PIN verified by the card.
3. Static RSA signature, inside the chip (B0’:VS,VA, EMV:SDA functionality).
4. 3DES cryptogram generation by the chip. Authenticates individual transaction by a MAC (symmetric signature).
(CAI with B0’, ARQC with EMV)
5. NVM stores all transactions for about the last 3 months…+ EMV: cards are updated online, so that clones can be detected also in this way…
Crypto Protocols and Smart Cards
Cardholder / PIN
On-card PIN verification function.
PIN
not encrypted except in some EMV DDA cards
181 Nicolas T. Courtois 2006-2009
Y/Nnot authenticated except in EMV DDA cards
Crypto Protocols and Smart Cards
Humpich Attack 1A (harder)
YES CARD: needed: all data of a stolen card• copy to a programmable card• NO NEED TO KNOW THE PIN• Works in offline terminals
182 Nicolas T. Courtois 2006-2009
• Works in offline terminals
PIN
Random PIN
YES!not authenticated
Crypto Protocols and Smart Cards
Humpich Attack 1B (easier)
Connect between the card and the reader, change NO -> YES
PIN
Random PIN
183 Nicolas T. Courtois 2006-2009
Random PIN
YESnot authenticated
NOnot authenticated
Crypto Protocols and Smart Cards
Conclusion
The “Yes” MUST BE digitally signed.
Time to use it. • Current cards (DDA chips) are powerful
184 Nicolas T. Courtois 2006-2009
• Current cards (DDA chips) are powerful enough to allow this.– Banks were extremely negligent in not making it
obligatory so far.
Crypto Protocols and Smart Cards
Security of Individual Bank Transactions
Each transactions is certified by the card by a MAC (Message Authentication Code), a “secret key signature” of the transaction.
185 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Secure + AuthenticatedMessaging
3DESK
private+authentic
186 Nicolas T. Courtois 2006-2009
encrypt + MAC 3DESK
private+authentic
cannot decrypt: goodQ: can it check the MAC???
Crypto Protocols and Smart Cards
Beyond CryptogramsProblem: the MAC, a “secret key signature” of
the transaction can only be checked in the with a real-time connection to the Issuer bank.
187 Nicolas T. Courtois 2006-2009
Needed: public key signature:• Everyone can verify• Non-repudiation: even the bank cannot forge
this certificate.• Now exists: in the EMV specifications.
Crypto Protocols and Smart Cards
3. EMV: Really “Smart” Bank CardsReason 1: Autonomy
188 Nicolas T. Courtois 2006-2009
Reason 1: Autonomy
Crypto Protocols and Smart Cards
EMV: much smarter than B0’
B0’: the terminal controls all. The card is here mainly to answer to commands.
EMV: cards are intelligent and autonomous,
189 Nicolas T. Courtois 2006-2009
EMV: cards are intelligent and autonomous, knows what it does , takes informed security decisions: ⇒The card can accept or reject a transaction based on a complex set of rules and controls !
Crypto Protocols and Smart Cards
3. EMV: Really “Smart” Bank CardsReason 2: PK crypto !
190 Nicolas T. Courtois 2006-2009
Reason 2: PK crypto !
Crypto Protocols and Smart Cards
What France could not do…In the 80s and the 90s it was impossible to implement
a public-key signature algorithm an a smart card. RSA: 2 minutes….. Even recently 0.5 sec.
At Bull CP8, Jacques Patarin, Louis Goubin and
191 Nicolas T. Courtois 2006-2009
At Bull CP8, Jacques Patarin, Louis Goubin and Nicolas Courtois spent 10 years trying to find a much “cheaper” PK scheme.
Output: Sflash [broken in 2006 by Shamir et al].
Crypto Protocols and Smart Cards
What France … the time did.
Beginning of 90s: RSA - 2 minutes.
In 2009 it is possible to compute an RSA signature in 10 ms on a middle range smart
192 Nicolas T. Courtois 2006-2009
card.
Maturity.
Crypto Protocols and Smart Cards
EMV specificationsEMVCo = Europay, MasterCard, VISA.
Specs developed in 1996-2001.
193 Nicolas T. Courtois 2006-2009
Specs developed in 1996-2001. • Very flexible and very complex, 1M options…• All this complexity is useful.• Cryptographic point of view:
Incorrect until December 2001.
Crypto Protocols and Smart Cards
EMV Overviewoptimistic version with DDA used
194 Nicolas T. Courtois 2006-2009
2 private keys, Pin Encryption key can be different3DES ICC Master Key
I
ATC = Application Transaction CounterSAD = Static Authentication Data = PAN +Exp + …
Crypto Protocols and Smart Cards
EMVTransaction
195 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Case Studies:e-Passports
196 Nicolas T. Courtois 2006-2009
Crypto Protocols and Smart Cards
Electronic Passports Today
• Chip integrated in the cover– Main goals: store biometric data [US congress]– Machine Readable Zone (MRZ)
• Personal and biometric data (photo) – protected by basic assess control (BAC)
Key = f(MRZ)
197 Nicolas T. Courtois 2006-2009
– PA: Passive Authentication: PKI, all data authenticated by a mandatory static signature, • Digital Signatures with RSA/DH, ECC or both
• More advanced security mechanisms [new] – Challenge-response Active data Authentication (AA)– Extra data [fingerprints]:
• Access only by “authorized border authorities”• Extended Access Control (EAC) mechanism
(optional)
All EU passports >2009
Crypto Protocols and Smart Cards
Basic Access Control [BAC]
Encryption keys derived from MRZ
optical
198 Nicolas T. Courtois 2006-2009
optical
encrypted and authenticated
f
Crypto Protocols and Smart Cards
BAC
Meant to protect against:• unauthorised R/W access to data• eavesdropping• altering the communication
199 Nicolas T. Courtois 2006-2009
• altering the communication
encrypted and authenticated
Crypto Protocols and Smart Cards
Passive/Static Data Authentication = PA
Signed once for all.
200 Nicolas T. Courtois 2006-2009
data, signature
Crypto Protocols and Smart Cards
PAProtects against forgery (create a new British citizen)
but still NOT against copy == passport cloning!
201 Nicolas T. Courtois 2006-2009
data, signature
Crypto Protocols and Smart Cards
AA = Active AuthenticationProtects against cloning. More expensive. Optional.More expensive. Optional.More expensive. Optional.
PK certificate ∈ DG15signed by the government
PKCert
202 Nicolas T. Courtois 2006-2009
proof of knowledge of private key
random
Crypto Protocols and Smart Cards
Extending Access Controlnow mutual
203 Nicolas T. Courtois 2006-2009
data authenticated
right access authenticated
Crypto Protocols and Smart Cards
Expected Learning Outcomes
204 Nicolas T. Courtois 2006-2009
Expected Learning Outcomes
Crypto Protocols and Smart Cards
(Maybe) Bad Answer Good Answer• relying on secrecy, secret spec, stage 1• Stage 2, symmetric solutions, MAC• Confidentiality and Privacy• Maximize security, Weakest Link,
Technology Push, Free Market• Software security• Static authentication, skimming• Unilateral
•Minimize the secrecy requirements•3. public key solutions, Digital Signatures•Integrity, Authenticity, Availability•Security=tradeoffs, managing costs and risks, Defense in Depth, Enforcing Limitations•Hardware, Smart Cards, tokens, RFID?•Dynamic, challenge-response•Bi-directional
205 Nicolas T. Courtois 2006-2009
• Unilateral• 1 factor, password + PIN
•Bi-directional•2 factor authentication, Card + PIN•User control
Crypto Protocols and Smart Cards
Conclusion
206 Nicolas T. Courtois 2006-2009
Conclusion
Crypto Protocols and Smart Cards
Future:
• Cannot live without Smart Cards or some other secure portable hardware device.– Bill Gates recognized it publicly in 2005…
207 Nicolas T. Courtois 2006-2009
• PKI enabler: – fair security: e.g. everyone can verify the
authenticity of a bank transaction.– 99.9 % unused potential.
Crypto Protocols and Smart Cards
How Secure Are Smart Cards?
A necessity: there is no better technology on earth !
…Succeeding requires tamper-proof hardware. But• no security professional will speak of tamper-proof devices,
as opposed to tamper-resistant ones.
208 Nicolas T. Courtois 2006-2009
• Security is a matter of economics, and not just technology.– How much will your attacker spend to defeat your security? – Are you protecting something valuable enough that your enemy will resort to the three
B's: burglary, bribery or blackmail?
• Protecting against determined adversaries is very hard; it's rarely wise to bet your business on it.”…
[Steve Bellovin blog, 24/08/07]