Smart card security

advertisement
Everything you always wanted to
know about Smart Cards...
Marc Witteman
<Witteman@Riscure.com>
November 2001
Contents
• Secure communication
– threats
– objective of cryptography
– cryptographic services, principles and algorithms
• Smart cards
– concepts
– applications
– architecture
• Security
– basic security features
– attacks
– counter measures
What are the threats ?
sender
receiver
Confidentiality: unauthorized disclosure of information
Integrity:
unauthorized modification of information
Authenticity:
unauthorized use of service
Objective of cryptography
• Giving trust in:
– authenticity of message and/or sender
– integrity of message
– (sometimes) confidentiality of message
• by using an algorithm based on a secret shared
between participants in a scheme.
Cryptographic services
Encryption
(confidentiality)
Message
Authentication
Codes (integrity)
Electronic
signatures
(authentication)
Key
message
encryption
Key
decryption
Key
Key
message
encryption
encryption
message
MAC
=?
MAC
message
Challenge
Key
Key
encryption
encryption
response = ? response
Cryptographic principles
• based on:
–
–
–
–
key secrecy
strong algorithms
difficult to guess key from message/ciphertext pairs
sufficient key length (brute force)
• Kerckhoffs’ principle:
– strength should reside in secrecy of key,
– not in secrecy of algorithm
Cryptographic algorithms (1)
Classical systems:
• transposition (mixing character sequence)
• substitution (changing characters)
• poly-alphabetic substitution (Viginere, Hagelin)
easily broken, using language statistics
Cryptographic algorithms (2)
Today two kinds of algorithms:
• repetitive permutations and substitutions of bits:
– DES, 3-DES, IDEA, RC5, Blowfish …
– secret key
• mathematical calculations
– RSA, Rabin, ElGamal, zero-knowledge, elliptic curve…
– public key
Smart card concepts
A smart card:
• can store data (e.g. profiles, balances, personal data)
• provides cryptographic services (e.g. authentication,
confidentiality, integrity)
Anne Doe
• is a microcomputer
• is small and personal
• is a secure device
1234 5678 8910
Smart card application area’s
•
•
•
•
•
Communication
Entertainment
Retail
Transportation
Health care
•
•
•
•
•
Government
E-commerce
E-banking
Education
Office
Smart card applications (1)
• Retail
• Communication
– Sale of goods
using Electronic Purses, Credit / Debit
– Vending machines
– Loyalty programs
– Tags & smart labels
• Entertainment
– Pay-TV
– Public event access control
– GSM
– Payphones
• Transportation
–
–
–
–
Public Traffic
Parking
Road Regulation (ERP)
Car Protection
Smart card applications (2)
• Healthcare
– Insurance data
– Personal data
– Personal file
• Government
– Identification
– Passport
– Driving license
• E-commerce
– sale of information
– sale of products
– sale of tickets, reservations
• E-banking
– access to accounts
– to do transactions
– shares
Smart card applications (3)
• Educational facilities
–
–
–
–
Physical access
Network access
Personal data (results)
Copiers, vending machines,
restaurants, ...
• Office
–
–
–
–
Physical access
Network access
Time registration
Secure e-mail & Web applications
Smart card architecture
Physical appearance:
Credit card or SIM dimensions
Contacts or contactless
Vcc
Gnd
Reset
Vpp
Clock
I/O
What’s inside a smart card ?
CPU
Central Processing
Unit:
heart of the chip
What’s inside a smart card ?
security logic:
CPU
security
logic
detecting abnormal
conditions,
e.g. low voltage
What’s inside a smart card ?
serial i/o interface:
CPU
security
logic
serial i/o
interface
contact to the outside
world
What’s inside a smart card ?
CPU
security
logic
serial i/o
interface
test logic
test logic:
self-test procedures
What’s inside a smart card ?
CPU
test logic
ROM
security
logic
serial i/o
interface
ROM:
– card operating system
– self-test procedures
– typically 16 kbytes
– future 32/64 kbytes
What’s inside a smart card ?
CPU
test logic
ROM
security
logic
serial i/o
interface
RAM
RAM:
‘scratch pad’ of the
processor
typically 512 bytes
future 1 kbyte
What’s inside a smart card ?
CPU
test logic
ROM
security
logic
serial i/o
interface
RAM
EEPROM
EEPROM:
–cryptographic keys
–PIN code
–biometric template
–balance
–application code
–typically 8 kbytes
–future 32 kbytes
What’s inside a smart card ?
databus
CPU
security
logic
serial i/o
interface
test logic
databus:
ROM
connection between
elements of the chip
RAM
8 or 16 bits wide
EEPROM
Smart card chip
Basic smart card security features
• Hardware
–
–
–
–
–
closed package
memory encapsulation
fuses
security logic (sensors)
cryptographic coprocessors and random generator
• Software
–
–
–
–
–
decoupling applications and operating system
application separation (Java card)
restricted file access
life cycle control
various cryptographic algorithms and protocols
Smart card attacks
Side
Channel
Attacks
Internal
Attacks
Logical Attacks
Internal
Attacks
etching tools
Microscope
Probe station
laser cutters
Scanning Electron Microscope
Focussed Ion Beam System
and more…….
Lab pictures provided by TNO
Reverse engineering
Staining of ion implant ROM array
Sub micron probe station
Probing with eight needles
FIB: fuse repair
Internal attack counter measures
• Alarm (sensors)
– light
– active grid
• Hide
–
–
–
–
–
feature size (< 300 nm)
multi-layer
buried bus
bus scrambling
shield
• Confuse
– glue logic
– redundant logic
Logical attacks
Communication
Command scan
File system scan
Invalid / inopportune requests
Crypt-analysis and protocol abuse
Logical attack counter measures
• Command scan
– limit command availability
– restrict and verify command coding
– life cycle management
• File system scan
– restrict file access
– test file access mechanisms (PIN. AUT, etc)
• Invalid / inopportune requests
– exclude non-valid behaviour
– verify conformance
• Crypt analysis and protocol abuse
– publish algorithms and initiate public discussion
– evaluate crypto algorithm and protocol
Side channel
Attacks
Use of ‘hidden’ signals
electromagnetic emission
power consumption
timing
Insertion of signals
power glitches
electromagnetic pulses
Power analysis
peak
shape
slope
Iddq
area
time
Power waveform
Fault injection on smart cards
Change a value read from memory to another value by manipulating the
supply power:
Threshold of
read value
A power dip at the
moment of reading a
memory cell
Side channel attack counter measures
• Signal analysis
–
–
–
–
–
–
–
reduce processor signal by balancing or equalising the power and/or shielding the emission
add noise to the processor activity (both in time and amplitude)
eliminate timing relation with processed key and or data
variable ordering of processes
blinding of intermediate values with random values
retry counters
limited control and visibility of crypto input and output
• Signal insertion
– use sensors for supply voltage, light and temperature
– double implementation path (for verification)
– check for runtime parameter validity
Conclusions
• Smart card technology is emerging, applications are
everywhere
• Smart cards enhance service and security
• Perfect security does not exist, even not for smart cards
• Risk analysis is essential
More info? Mailto: info@riscure.com
Download