Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Smartcards & RFID Erik Poll Digital Security Radboud University Nijmegen.

Similar presentations

Presentation on theme: "1 Smartcards & RFID Erik Poll Digital Security Radboud University Nijmegen."— Presentation transcript:

1 1 Smartcards & RFID Erik Poll Digital Security Radboud University Nijmegen

2 2 1900's technology

3 3 2000's technology

4 4 Overview What are smartcards & RFID ? Why use them? Possibilities and limitations –hardware, software, communication protocols Attacks on security

5 5 What is a smartcard?

6 6 Tamper-resistant computer, embedded in piece of plastic, with limited resources capable of securely –storing information –processing information (This is what makes a smartcard smart; stupid cards can store but not process data)

7 7 Smartcard form factors traditional credit-card sized plastic card –ISO 7816 mobile phone SIM –cut-down in size contactless cards –aka proximity card or RFID transponder/tag –also possible: dual interface iButton

8 8 Smartcard example uses banking cards –bank or credit card, electronic purse telephone card for use in public phone booths GSM SIM pay TV public transport – eg London Oyster card health cards passports and other e-id cards access cards –to control access to buildings, computer networks, laptops,...

9 9 Magnetic stripe cards Older mag-stripe card can only store information, without read/write protection, and cannot process it.

10 10 Anything suspicious?

11 11 Skimming

12 12 Skimming

13 13 Skimming

14 14 Skimming

15 15 Smartcard vs mag-stripe cards Smartcard cannot easily be copied or altered, unlike a mag-stripe card Skimming is big criminal business –copying (aka cloning) mag-stripe cards and observing PIN codes is easy... Still, credit card companies in US are sticking to mag-stripe, and in Europe they are only slowly moving to smartcards –apparently, it is secure enough for them to make a profit

16 16 smartcard essentials

17 17 Smartcard contacts External power supply and external clock On a SIM card the clock can be stopped to safe power

18 18 Smartcard contacts Vpp is higher voltage than Vcc needed for writing EEPROM no longer used because of security problem –painting over this contact prevents changes to EEPROM

19 19 Smart vs stupid smartcards Big range in capabilities of smartcards. Rough division: Memory cards (stupid) –provide a file system –possibly with some access control, or, simpler still, destructive (irreversible) writes as in old payphone-cards –functionality hardwired in ROM Microprocessor cards (very smart) –contain CPU possibly also crypto co-processor –programmable program burnt into ROM, or stored in EEPROM

20 20 Smartcard hardware CPU – 8 to 32 bits memory –RAM –ROM (for some program code) –EEPROM/Flash/... ( “ hard disk ”, for code and data) Modern cards may have 1K RAM, 16K ROM, 64K EEPROM limited I/O: just a serial port possibly: crypto co-processor, random number generator

21 21 Communication (ISO 7816) All subsequent communication via APDUs –Application Protocol Data Units which are just byte sequences in particular format Master-Slave mode, with terminal master: 1.Terminal sends command APDU 2.Card replies with response APDU etc, etc.... –Smartcard cannot initiate any actions: –on phones the phone polls the SIM periodically

22 22 Command & response APDU CLA class byte INS instruction byte P1,P2 parameters Lc length of data block Data Lc bytes of data Response Lc bytes of data SW1, SW2 2 byte status word CLAINSP1P2Lc...Data....Le Response...SW1SW2

23 23 Smartcard software (Microprocessor) smartcard contains very simple operating system, capable of executing programs Programs can be written in – proprietary machine code language, or – higher level language, notably Java Card Most new SIMs are now Java Cards.

24 24 old vs new smartcards one program (applet) written in machine code, specific to chip burnt into ROM or uploaded once to EEPROM applet written in high-level language (eg Java Card) compiled into bytecode stored in EEPROM interpreted on card multi-application: several applets on one card post-issuance: adding or deleting applets after it's issued

25 25 Multi-application cards multi-application vision: everyone carrying just one card, with all their smartcard applications This is not going to happen. Problems include: –trust: bank won't allow untrusted applet code on their cards, despite any VM+ firewall security guarantees –marketing: who gets to put their logo on the plastic?

26 26 Post-issuance download Downloading additional applets protected by digital signatures Switched of on many cards for security reasons Enabled on SIMs it allows telco to install new software on the SIM

27 27 Java Card dialect of Java for programming smartcards: –superset of a subset of normal Java subset of Java (due to hardware constraints) –no threads, doubles, strings, garbage collection, and very restricted API with some extras (due to hardware peculiarities) –communication via APDUs or RMI –persistent & transient data in EEPROM &RAM –transaction mechanism

28 28 Java Card platform Java Card architecture smartcard hardware applet Java Card Virtual Machine Java Card API (mini OS)

29 29 applet Java Card I/O with APDUs Java Card platform applet smartcard hardware command APDU, incl. applet ID OS selects applet and invokes its process method Applet sends response APDU applet executes applet

30 30 Pros of JavaCard vendor-independance easy to program –higher-level language => smaller programs with fewer bugs –standard functionality (eg for PINs) provided once by the API open standard –no reliance on security-by-obscurity –specs can be studied and criticised

31 31 Cons of JavaCard overhead of VM makes cards slow and requires lots of memory => expensive ease of programming may be deceptive: non-experts programming cards may make silly mistakes –every idiot can program a JavaCard, not every idiot should trust: how secure is the whole JavaCard infrastructure – complicated platform, and complexity security blank programmable JavaCard easy for attacker to experiment with –security by obscurity may have its merits...

32 32 Java Card vs Java Java Card applets are executed in a sandbox like applets in a web browser But important differences: no bytecode verifier on most cards –due to space required downloading applets controlled by digital signatures instead –plus bytecode verification, if card supports it sandbox more restrictive, and includes runtime firewall between applets

33 33 Java Card Runtime Environment (JCRE = VM+API) Java Card Runtime Environment (JCRE = VM+API) Java Card firewall smartcard hardware applet eg prevents access to public fields of other applets or references to objects belonging to other applets or JCRE

34 34 Java Card 3.0 Releases up to Java Card 2.2.2 use traditional smartcard communication model –small byte array (APDU) sent back and forth to applet on the card (using ISO 7816 standard) Java Card 3.0 (March 2008) introduces new communication model: –smartcard becomes a webserver with IP-stack etc –applets become servlets So you can talk http(s) to the smartcard Proclaimed goal: easier development of SIM services

35 35 Why use smartcards? What are the possibilities and limitations of smartcards?

36 36 Why use smartcard? SIM responsible for authentication to network telco doesn't trust phone, but trusts SIM

37 37 CIA and smartcards Confidentiality –of data (crypto keys) on card Integrity –of data and program code Authentication –because (data on) card cannot be copied Non-repudiation –because (data on) card cannot be copied –also logging on the smartcard (and integrity of this log)

38 38 crypto key K CPU challenge c response f K (c) Typical use of smartcard key K never leaves the card Card issuer does not have to trust the network, the terminal, or card holder

39 39 Example: logging on over a network Send password unencrypted over net (eg. rlogin) Trust network, terminal, user Send password encrypted over net (eg. slogin) Trust terminal, user Idem, but user, not terminal, does encryption Trust user Using smartcard Trust no-one, except the smartcard (NB smartcard is controlled by card issuer, not card holder!)

40 40 NB the problem with cryptography Any use of crypto introduces problems: 1.key distribution how do we generate & distribute keys? 2.key storage where can we safely store keys? 3.en/decryption who do we trust to perform en/decryption? Smartcards can offer a solution

41 41 TCB and smartcards Smartcard typically part of the TCB (Trusted Computing Base), ie. the trusted part of the system NB “ trusted ” is a negative quality: it means “ you have to trust it ” not “ you can trust it ” –If any part of the TCB fails, security is broken –TCB should be as small and reliable as possible

42 42 RFID

43 43 RFID tags RFID = Radio-Frequency IDentification RFID devices are called tags or transponders More powerful RFID tags can be called (contactless) smartcards Inductive coupling is used for –energy transfer to card –transmission of clock signal –data transfer

44 44 Types of RFID: different capabilities & ranges animal identification product identification (like bar codes) contactless smartcards (possibly dual interface) NFC mobile phones

45 45 contactless smartcard inside antenna chip

46 46 Different capabilities of RFID tags Simplest tags just broadcast fixed data (serial number) when activated –ie only communication from tag to reader Some tags provide basic file system, with simple access control –ie reading & writing, and communication both ways More advanced tags can do cryptographic operations to protect data & encrypt communication Most advanced tags are programmable Range can be a few mm, a few cm, a few feet or several meters, depending on the type

47 47 Pros & cons wireless Advantage –convenience –faster –contacts not subject to wear and tear Disadvantage –eavesdropping –virtual pickpocketing

48 48 NFC

49 49 Near Field Communication (NFC) Latest Nokia phones have NFC These can act as RFID tag and as RFID reader

50 50 NFC Advantage of NFC phone over smartcard: –(trusted?) display and keyboard Envisaged use –payment applications –RFID tags providing info to phone eg in information signs & billboards

51 51 Attacks on smartcards & RFID tags

52 52 Smartcard are not 100% secure Growing range of attacks (and associated countermeasures) Crucial question: is the risk acceptable? –are the costs of an attack larger than the potential financial gain for the attacker? Threats depend on application –eg. cloning more interesting for PayTV than GSM SIMs

53 53 Logical & protocol attacks Find & exploit bug in software or security protocol Possible weaknesses –silly programming error in card or terminal –hidden commands (eg for initialisation) –buffer overflows, eg to read past end of file –badly configured file access privileges –weaknesses in crypto-protocol eg replay attacks Little equipment needed, but change of success low

54 54 Logical & protocol attacks Equipment card reader PC maybe also a programmable JavaCard

55 55 Eavesdropping on card-terminal communication

56 56 Eavesdropping on contactless card

57 57 replay attack eavesdrop on communication communication

58 58 replay attack eavesdrop on communication and make an emulator that mimics this communication

59 59 replay attack works on disposable Dutch public transport card! gate cannot distinguish real card and emulator

60 60 challenge-response Better cards use challenge-response mechanism to prevent replays n encrypt KEY {n} random challenge n

61 61 Mifare Classic > 1 billion sold –eg London metro Oyster card, Dutch public transport card, Radboud university access cards,.... uses proprietary crypto algorithm CRYPTO1 –with 42 bit keys very weak crypto broked by Digital Security group –key to retrieved in seconds –Details –or google YouTube for MIFARE Kerckhoffs principle: security of system should be based on secrecy of the key only, not on secrecy of the crypto algorithm!

62 62 More specialised hardware attacks

63 63 Countermeasures Used well-researched crypto & security protocols Write qualitity software –Testing –Formal verification –Perform code reviews to spot software problems –Improve OS, APIs, programming languages to make software bugs less likely –Open research area !!

64 64 Side-channel attacks Side-channel = any other channel than the normal I/O channel that may be observed Possible side-channels: –power consumption –timing –electro magnetic radiation –.... A side-channel might leak information

65 65 Power consumption of a smartcard

66 66 This is probably a DES encryption!

67 67 Differential Power Analysis (DPA) Deduce information from power consumption Simple power analysis (SPA) or Differential Power Analysis (DPA) Countermeasures in software –careful coding of crypto-algorithms –redundancy in data representation in hardware –add clock jitter or other noise –dual rail logic

68 68 Power glitching precisely timed dip in power supply to induce fault, eg –prevent an EEPROM write eg to PIN counter –read all memory cells as containing zero eg of crypto-key –attack crypto-algorithms attacks may leak info about keys (DFA-Differential Fault Analysis)

69 69 Active side-channel attacks Other side channels: –clock frequency –temparature/heat –light or X-rays –EM radiation Countermeasures: –hardware: sensors to detect changes in voltage, etc. –software: double-checking results of computations

70 70 Physical (or invasive) attacks reverse engineer and tamper with the physical chip first step: getting access to chip ’ s surface –remove chip from the smartcard –use chemical to remove expoxy resin and the top metal/silicon layers of the chip

71 71 Removing chip from smartcard

72 72 Etched smartcard with chip exposed

73 73 Tools for physical attacks Microscope –optical or scanning electron microscope (SEM) Focused Ion Beam (FIB) –not only observe, but also make changes: removing or adding wires, insulators,... Probe station –to probe wires on the chip

74 74 Probing

75 75

76 76 Probing

77 77 Probing Observe data on the chip in operation Typically: tap data on bus –by putting needle on bus wires Probing can be done using –physical needles (>0.35 micron) or –electron beam

78 78 Using Focused Ion Beam in probing Fibbing can be used to add probe pads for lines too thin or fragile for needles surface buried lines

79 79 Multiple layers on chip The same gate before and after etching to remove top layer

80 80 Using Focused Ion Beam (fibbing) all chips contain circuitry to check chip after production after testing, test logic is disabled by blowing a fuse FIB can restore test logic

81 81 ROM memory content extraction

82 82 RAM voltage contrast SEM

83 83 Smartcards attacks - future Ongoing arms race between smartcard manufacturers and attackers Physical attacks becoming harder, due to improved countermeasures and smaller circuitry But increasing complexity of software on smartcard may introduce new logical attacks

84 84 Smartcard attacks - conclusions Smartcards is not tamper-proof, as witnessed by –logical attacks –side-channel attacks: DPA, glitching –physical attacks Smartcards are tamper-resistant and tamper-evident, to a degree

Download ppt "1 Smartcards & RFID Erik Poll Digital Security Radboud University Nijmegen."

Similar presentations

Ads by Google