Download presentation

Presentation is loading. Please wait.

Published byMayra Maddox Modified over 3 years ago

2
Smart Card security analysis Smart Card security analysis Marc Witteman, TNO

3
Do we need smart card security?

4
What are the threats ? disclosure Confidentiality:unauthorized disclosure of information sender receiver modification Integrity:unauthorized modification of information Authenticity:unauthorized use of service

5
Whats inside a smart card ? CPU RAM test logic ROM EEPROM serial i/o interface security logic databus

6
Smart card security evaluations logical analysis: software internal analysis: hardware side channel analysis: both hw and sw

7
Logical analysis Communication Functional testing Protocol analysis Code review

8
InternalAnalysis

9
Internal analysis tools Etching tools Optical microscope Probe stations Laser cutters Scanning Electron Microscope Focussed Ion Beam System and more…….

10
Reverse engineering

11
Staining of ion implant ROM array

12
Sub micron probe station

13
Probing with eight needles

14
FIB: fuse repair

15
Side channel analysis Use of hidden signals –timing –power consumption –electromagnetic emission –etc.. Insertion of signals –power glitches –electromagnetic pulses

16
Power consumption in clock cycle peak slope time I ddq area shape

17
Power consumption in routines

18
Power consumption in programs

19
Timing attack on RSA RSA principle: –Key set e,d,n –Encipherment: C = M e mod n –Decipherment: M = C d mod n RSA-implementation (binary exponentiation) –M := 1 –For i from t down to 0 do: M := M * M If d i = 1, then M := M*C

20
Timing Attack on RSA (2) 1000111

21
Differential Power Analysis Assume power consumption relates to hamming weight of data Subtract traces with high and low hamming weight Resulting trace shows hamming weight and data manipulation

22
Fault injection on smart cards Change a value read from memory to another value by manipulating the supply power: Threshold of read value A power dip at the moment of reading a memory cell

23
Differential Fault Analysis on RSA Efficient implementation splits exponentiation: d p = d mod (p-1) d q = d mod (q-1) K = p -1 mod q M p = C d p mod p M q = C d q mod q M = C d mod n = ( ( (M q - M p )*K ) mod q ) * p + M p

24
DFA on CRT Inject a fault during CRT that corrupts M q : M q is a corrupted result of M q computation M = ( ( (M q - M p )*K ) mod q ) * p + M p subtract M and M: M - M = (((M q - M p )*K) mod q)*p - (((M q - M p )*K) mod q)*p = (x 1 -x 2 )*p compute Gcd( M-M, n ) = Gcd( (x 1 -x 2 )*p, p*q ) = p compute q = n / p

25
Conclusions Smart cards can be broken by advanced analysis techniques. Users of security systems should think about: –What is the value of our secrets? –What are the risks (e.g. fraud, eavesdropping) –What are the costs and benefits of fraud? Perfect security does not exist!

26
For information: TNO Evaluation Centre Marc Witteman PO-Box 5013 2600 GA Delft, The Netherlands Phone:+31 15 269 2375 Fax:+31 15 269 2111 E-mail:witteman@tpd.tno.nl E-mail:eib@tpd.tno.nl

Similar presentations

OK

Computers Are Your Future Tenth Edition Chapter 6: Inside the System Unit Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall1.

Computers Are Your Future Tenth Edition Chapter 6: Inside the System Unit Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall1.

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google

Ppt on life cycle of silk moth Ppt on history of olympics wikipedia Ppt on essential amino acids Ppt on future generali insurance Ppt on needle stick injury at work Download ppt on sets for class 11 Ppt on weapons of mass destruction class Ppt on weapons of mass destruction pictures Ppt on p&g products msds sheets Download ppt on turbo generator design