Chip Authentication for E-Passports: PACE with Chip Authentication Mapping v2

Transcription

1 v.2 Chip Authentication for s: with Chip Authentication Mapping v2 Lucjan Mirosław Wrocław University of Science and Technology, Poland ISC 2016, Honolulu

2 Electronic Passport v.2 e-passport and ebooth: 1 automatic travel document inspection 2 high security level 3 an advanced cryptographic scheme behind it

3 general data v.2 hardware a chip embedded into a travel document, wireless communication with a reader

4 general data v.2 hardware a chip embedded into a travel document, wireless communication with a reader passive EPassport functions electronic copy of the holder s data, in particular: biometry (high quality face image, fingerprints)

5 general data v.2 hardware a chip embedded into a travel document, wireless communication with a reader passive EPassport functions electronic copy of the holder s data, in particular: biometry (high quality face image, fingerprints) active functions a secure cryptographic suite for interaction with a Document Verifier

6 issues v.2 data quality passport holder s data confirmed by the passport Issuer in a strong cryptographic way: upside: data forgery infeasible (as long as crypto not broken) downside: high quality data might be transferred to a third party a digital signature for personal data authentication creates a security threat

7 issues v.2 data quality passport holder s data confirmed by the passport Issuer in a strong cryptographic way: upside: data forgery infeasible (as long as crypto not broken) downside: high quality data might be transferred to a third party a digital signature for personal data authentication creates a security threat epassport as a ticket no clones: infeasible to create a device mimicking the epassport, e.g. no replay attacks presence: the epassport must be physically present during inspection

8 issues v.2 data quality passport holder s data confirmed by the passport Issuer in a strong cryptographic way: upside: data forgery infeasible (as long as crypto not broken) downside: high quality data might be transferred to a third party a digital signature for personal data authentication creates a security threat epassport as a ticket no clones: infeasible to create a device mimicking the epassport, e.g. no replay attacks presence: the epassport must be physically present during inspection unauthorized use epassport must not be activated without the consent of its holder

9 Requirements for epassport v.2 The verifier must be sure that: 1 he is talking with a genuine epassport 2 the data received really come from this epassport The epassport: 1 must know that it is talking with an authorized reader 2 interacts only when presented by its holder In particular, epassport must be a secure device, working exactly according to specification and manipulation resistant.

10 ICAO standards International Civil Aviation Organization v.2 Role of ICAO ICAO creates the facto standards if a passport has to be recognized worldwide, then it necessary to adhere to the standard Problems pragmatic: minimalistic requirements, somewhat insecure... but improving step by step 1 10 years validity period for passports, backward compatibility 2 conflicting interests/approaches (e.g. regarding personal data protection) 3 system scale, number of authorities worldwide making final decisions

11 criteria v.2 hardware simple and inexpensive chip small memory, low computational complexity, low communication complexity protocols system long term stability of protocols future security extensions without major rebuilding minimalistic infrastructure standard components, solutions already checked in practice,...

12 Basic Components v.2 Terminal Authentication the terminal proves its rights to access the data from the epassport Chip Authentication the epassport proves that it is a genuine one and has been issued by the passport authorities Password Authentication the epassport checks that the reader has got a password/card Access Number/PIN from the document holder Secure Channel a channel established between the reader and the epassport guarantees data confidentiality and integrity

13 Realization v.2 Optimization try to achieve combined goals with one protocol time and space complexity is critical strict bounds hardware acceleration for certain cryptographic operations no freedom to redesign the cryptographic coprocessor

14 main points v.2 Password Authenticated Connection Establishment 1 creates an authenticated encrypted channel iff correct password used by the reader 2 password guessing as hard as possible: a reader interacting with a chip may try one password per session no offline dictionary attacks 3 designed by German BSI authority, adopted by ICAO 4 in the future obligatory for biometric passports in the EU

15 versions v.2 -GM General Mapping: originally designed by BSI designed to avoid US patents -IM Integrated Mapping: redesigned in France simplifications, efficiency improvements (again patents)

16 -GM parameters v.2 Chip holds: π - password parameters Reader holds: π - password, input from owner

17 password dependent data v.2 Chip K π := H(0 π) choose s Z q z := ENC(K π, s) choose y A Z q Y A := g y A abort if Y B g \{1} h := Y y A, ĝ := h gs h B choose y A Z q Y A := ĝy A z Y B Y A Y B Reader K π := H(0 π) s := DEC(K π, z) choose y B Z q Y B := g y B abort if YA g \{1} := Y y B, ĝ := h gs A choose y B Z q Y B := ĝy B check Y B Y Y A B check Y A Y A K := Y B y A K := Y Ay B K... := H(... K ) K... := H(... K )

18 the first DH key exchange - base establishment v.2 Chip K π := H(0 π) choose s Z q z := ENC(K π, s) choose y A Z q Y A := g y A abort if Y B g \{1} h := Y y A, ĝ := h gs h B choose y A Z q Y A := ĝy A z Y B Y A Y B Reader K π := H(0 π) s := DEC(K π, z) choose y B Z q Y B := g y B abort if Y A g \{1} := Y y B, ĝ := h gs A choose y B Z q Y B := ĝy B check Y B Y Y A B check Y A Y A K := Y B y A K := Y Ay B K... := H(... K ) K... := H(... K )

19 the second Diffie-Hellman for key establishment v.2 Chip K π := H(0 π) choose s Z q z := ENC(K π, s) choose y A Z q Y A := g y A abort if Y B g \{1} h := Y y A, ĝ := h gs h B choose y A Z q Y A := ĝy A check Y B Y B z Y B Y A Y B Y A Reader K π := H(0 π) s := DEC(K π, z) choose y B Z q Y B := g y B abort if YA g \{1} := Y y B, ĝ := h gs A choose y B Z q Y B := ĝy B check Y A Y A K := Y B y A K := Y Ay B K... := H(... K ) K... := H(... K )

20 final phase - proof of possession and deriving keys v.2 Chip Reader K := Y B y A K := Y Ay B K ENC := H(1 K ) K ENC := H(1 K ) K MAC := H(2 K ) K MAC := H(2 K ) K MAC := H(3 K ) K MAC := H(3 K ) T A := T B := MAC(K MAC, (Y B, G)) T B MAC(K MAC, (Y A, G)) abort if T B invalid T A abort if T A invalid the chip interrupts if it discovers that the tag of the reader is wrong, until this moment all data sent to the reader by the chip have uniform probability distribution for every password and for every choice of the reader

21 Integrated mapping v.2 -GM epassport: choose y C R Z q Y C = g y C abort if... h = Y y C R ĝ = h g s Y R Y C Reader: choose y R R Z q Y R = g y R abort if... h = Y y R C ĝ = h g s -IM epassport: Reader: choose r R Z q r ĝ = Hash EC (s, r) ĝ = Hash EC (s, r)

22 password authentication, key establishment, chip authentication v.2 Goal make minimal changes in so that it provides chip authentication as well History reusing randomness for Schnorr Signature: -AA for Machine Readable Travel Document, and its, J.Bender, Ö.Dagdelen, M. Fischlin, D.Kügler, Financial Crypto 2012 the current trick from CAM: Simplified -AA, L. L.Krzywiecki, M., ISPEC 2013, May 2013 the same: The -CA for Machine Readable Travel Documents, J.Bender, M. Fischlin, D.Kügler, INTRUST 2013, 2013 adopted by ICAO under the name CAM: ISO/IEC JTC1 SC17 WG3/TF5 for ICAO. Supplemental Access Control for Machine Readable Travel Documents v1.1. April 2014.

23 Slides from ISPEC 2013 v.2 Chip π x A, X A = g x A random s chosen choose y A Z q Y A := g y A abort if... h := Y y h A, ĝ := h gs B choose y A Z q Y A := ĝy A check... y A ) ENC(K π,s) Reader π retrieve s choose y B Z q Y B := g y B Y A abort if... := Y yb, ĝ := h gs A Y B choose y B Z q Y B := ĝy B Y A check... K... := H(... Y B K... := H(... Y A...tags checked......tags checked E K (w,cert A )) SC w := y A /x A decrypt with K SC check certificate cert A abort if XA w Y A y B )

24 v.2, more secure version (not adopted by ICAO) Slides from ISPEC 2013 Chip Reader π, x A, X A = g x A π random s chosen ENC(K π,s) retrieve s choose y A Z q Y A := X y A A abort if... h := (Y y A B )x A, ĝ := h g s choose y A Z q Y A := ĝy A check... y A ) choose y B Z q Y B := g y B Y B Y A abort if... h := Y yb, ĝ := h gs A Y B choose y B Z q Y B := ĝy B Y A check... K... := H(... Y B K... := H(... Y A...tags checked......tags checked E K (w,cert A )) SC w := y A decrypt with K SC check certificate cert A abort if XA w Y A y B )

25 versus IM v.2 Problems it does work for GM only but more efficient should we fall back to GM? No. Solution given in this paper Moreover, the security argument based on reduction to a standard crypto assumption (SDH-2).

26 with new version for the SAC standard v.2 epassport: Reader: password π password π secret key sk C public key pk C certificate cert C for pk C K π = Hash(π) K π = Hash(π) choose s Z q z z = Enc(K π, s) s = Dec(K π, z) Mapping Function derive gˆ 1 with IM or GM derive gˆ 1 with IM or GM choose y C Z q choose y R Z q Y C = gˆ 1 y C K = Y R y C derive other keys from K w = y C /sk C c = Enc(K Enc, (w, cert C )) Y R Y C c Y R = gˆ 1 y R K = Y C y R derive other keys from K (w, cert C ) = Dec(K Enc, c) check cert C and extract pk C abort if e(y C, g 2) e(ĝ, pk C ) w

27 with IM properties v.2 implementation issues pairings used, but only on the side of the reader the epassport needs to perform computations in the first group only computing pairings on the reader is not a problem (no resource limitations)

28 Main properties properties v.2 AKE easy, follows from the proof for Impersonation Resistance a draft to be in the paper: a reduction to 2-Strong DH Problem: Given (g 1, g x 1, g x2 1, g 2, g x 2 ) G 3 1 G 2 2, output (c, g 1/(x+c) 1 ) Z q G 1. the reduction construction is relatively short, but tedious to follow Other other nice properties inherited from : simultability, behavior during faulty sessions, resilience to ephemeral key leakage,... proofs analogous to the ideas from ISPEC 2013

29 v.2 Achieved security based on a standard assumption no pairings on the chip required minimal changes to the existing standard Challenges is it optimal? hard to imagine how to simplify it... it might be that we still have no ultimate solution for all epassport components (e.g. Terminal Authentication and its PKI)

30 v.2 Thanks for your attention! Contact data 1 Miroslaw.Kutylowski@pwr.edu.pl