11. Security Techniques on Smart Cards

Size: px

Start display at page:

Download "11. Security Techniques on Smart Cards"

Silvester Long
5 years ago
Views:

1 11. Security Techniques on Smart Cards Dr.-Ing. Martin Novotný Katedra číslicového návrhu Fakulta informačních technologií České vysoké učení technické v Praze c Martin Novotný, 2011 MI-BHW Bezpečnost a technické prostředky LS 2010/11, 11. přednáška Evropský sociální fond. Praha & EU: Investujeme do vaší budoucnosti Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 1 / 20

2 Security Techniques on Smart Cards Based on Chapter 8 of the book W. Rankl and W. Effing: Smart Card Handbook, Third Edition, John Wiley & Sons, Ltd., 2004, ISBN: Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 2 / 20

3 Security Techniques User Identification Smart Card Security Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 3 / 20

4 Security Techniques User Identification Smart Card Security Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 4 / 20

5 User Identification Knowledge of a secret (PIN) Possition of and object (holding a card) Bodily feature (biometric methods) Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 5 / 20

6 User Identification Knowledge of a secret (PIN) Possition of and object (holding a card) Bodily feature (biometric methods) Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 6 / 20

7 Biometric Methods Physiological methods face iris (eye) retina (eye) hand geometry fingerprint Behavioral methods typing rythm voice dynamic signature Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 7 / 20

8 Example: Fingerprint Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 8 / 20

9 Example: Dynamic Signature Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 9 / 20

10 Example: Dynamic Signature Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 10 / 20

11 Security Techniques User Identification Smart Card Security Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 11 / 20

12 Smart Card Security Attacks on smart cards attacks at the social level attacks at the physical level attacks at the logical level Attacks timing attacks during the development stage attacks during manufacturing attacks while the card is in use Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 12 / 20

13 Attacks during development Development of the smart card microcontroller Protection: design criteria absolutely no undocumented mechanisms or functions Protection: unique chip number can be copied, i.e. should be used only as a basis for other crypto mechanisms (e.g. for derivation of secret keys, etc.) Development of the smart card operating system Protection: development principles programmers should never work alone on the project the source code is inspected by independent testing agency Protection: distributing knowledge nobody knows everything Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 13 / 20

14 Attacks during production An eavesdropper can replace genuine smart cards with dummy cards during production. Cards are loaded with firmware during production. If the dummy card can perform memory dump, the secret key can be later revealed. Protection: administrative measures ( authorized personnel only ), authentication between the smart card and the security module, etc. Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 14 / 20

15 Attacks while the card is in use Attacks at the physical level Attacks at the logical level Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 15 / 20

16 Attacks at the physical level I Static analysis of smart card microcontrollers Protection: semiconductor technology Submicron technologies make reverse engineering difficult Protection: chip design Standard cells make reverse engineering easier Protection: dummy structures Just to confuse the attacker... Dummy structures can also be monitored Protection: chip buses Busses should be in lower layers of silicon to prevent connection and monitoring Protection: memory design ROMs should be in lower layers of silicon to prevent connection and monitoring Protection: protective layers (shields) Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 16 / 20

Attacks at the physical level II Attack and defense: reading out volatile memory When cooled to 60 o C, RAM can keep its content even if switched off.

17 Attacks at the physical level II Attack and defense: reading out volatile memory When cooled to 60 o C, RAM can keep its content even if switched off. Protection: during operation, secret keys are not held in RAM any longer than is absolutely necessary, following which they are immediately erased. Protection: memory scrambling Protection: memory encryption Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 17 / 20

18 Attacks at the physical level III Dynamic analysis of smart card microcontrollers Protection: monitoring the passivation layer passivation layer must be removed before any sort of manipulation of the chip can be performed Protection: voltage monitoring prevents e.g. against differential fault analysis Protection: frequency monitoring Prevents operation in single-step mode (which simplifies attack). It also prevents overclocking Protection: temperature monitoring Protection: bus scrambling Bus scrambling can be static (permutation of wires), dynamic in time and also chip-specific (randomizer derives the scheme e.g. from the chip number). Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 18 / 20

Attacks at the physical level IV Protection: irreversible switching from the test mode to the user mode Dynamic analysis and defense: measuring the current consumption of the CPU (SPA, DPA)

19 Attacks at the physical level IV Protection: irreversible switching from the test mode to the user mode Dynamic analysis and defense: measuring the current consumption of the CPU (SPA, DPA) Protection: fast-acting voltage regulator in the chip that monitors the current and ensures it is independent on the instruction or data (drawback: higher consumption) Protection: Artificial noise current generators (drawback: higher consumption) Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 19 / 20

20 Attacks at the physical level V Protection: Employing other units (as noise current generators) Protection: Technology that provides consumption independent on operation Protection: Randomly generated delays (wait states) in the processor operation Protection: Only machine instruction with similar consumptions are used... Martin Novotný (ČVUT FIT, 2011) 11. Security Techniques on Smart Cards MI-BHW, 2011, 11. přednáška 20 / 20

Intrusion Techniques

Intrusion Techniques Mgr. Rudolf B. Blažek, Ph.D. Department of Systems Faculty of Information Technologies Czech Technical University in Prague Rudolf Blažek 2010-2011 Network Security MI-SIB, ZS 2011/12,