Smart card security Nora Dabbous Security Technologies Department.
-
Upload
jocelin-sherman -
Category
Documents
-
view
224 -
download
0
Transcript of Smart card security Nora Dabbous Security Technologies Department.
![Page 1: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/1.jpg)
Smart card security
Nora DabbousSecurity Technologies Department
![Page 2: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/2.jpg)
2
The Smart Card...
• The smart card stores electronic data and programs in a protected file system
Protection by advanced security features Tamper resistance
• Several types of smart cards Contact
• Memory• Microprocessor
Contactless• Memory• Microprocessor
Smart card often means Smart card often means Microprocessor cardMicroprocessor card
![Page 3: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/3.jpg)
3
Close-up view...
![Page 4: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/4.jpg)
4
Memory Characteristics
•EEPROM (non volatile memory, write 100.000 times)
Up to 256K Bytes
Application data storage
•ROM (write once)
Up to 512 K Bytes
Software (Operating System) storage
•RAM (temporary)
Up to 5 K Bytes
Working memory
•Flash (non volatile memory)
Software patches or static application code & data
![Page 5: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/5.jpg)
5
Contact Smart Cards
Communication through electrical Communication through electrical contactscontacts
![Page 6: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/6.jpg)
6
Contactless Smart Cards
Communication over the airCommunication over the air
![Page 7: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/7.jpg)
The Chip Operating System
File and directory management :
Create
Read Only
Add Information Only
Erase and Update
Access protected by secret codes :
Data files
Secret Code files
Cryptographic key files
![Page 8: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/8.jpg)
8
HOSTHOST READERSREADERS CARDSCARDS
Application Players
![Page 9: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/9.jpg)
9
Role of the Reader
Application Software
Reader Card
• The reader is the interface between the card and the application It serves as a translator It accepts the messages
• from the card and • from the application software
![Page 10: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/10.jpg)
10
Hardware Security
![Page 11: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/11.jpg)
11
Smart card attack : Physical Security
Smart card attacks : state of the art
![Page 12: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/12.jpg)
12
Probing Data
• Used to know the data present on a bus• micro-probing
probe the bus with a needle
• e-beam probing probe the bus with an e-beam
Si
DATA BUS
SI
DATA BUS
e-beam
e -
detector
e -
e -
![Page 13: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/13.jpg)
13
Circuit modification
• Connect or disconnect security mechanism disconnect security sensors RNG stuck at a fixed value
• Cut or Paste tracks
• Add probe pads make micro-probing of the buried layers possible
• Equipment
Laser FIB
Cut
Metalstrap
![Page 14: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/14.jpg)
14
Fault Generation
• Vcc• Clock• Temperature• UV• Light• X-Rays• ...
Apply combinations of environmental Apply combinations of environmental conditions conditions
and bypass or infer secrets and bypass or infer secrets
input
key
error
![Page 15: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/15.jpg)
15
Hardware Security Measures
• Security Sensors (VCC, Temp. Light, UV, Clock)
• Data scrambling
• Address scrambling
• Current scrambling
• Several Independent Metal Layers
• Submicron scale
• Deeply buried buses
• Glue Logic
![Page 16: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/16.jpg)
16
Embedded Software Security
![Page 17: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/17.jpg)
17
Process 1Process 2
Start
Decision
t2t1
end
Timing Attacks: Principles
True False
Everything performed unconditionally before the test
A test based on secret data is performedthat leads to a boolean decision
Depending on the boolean condition,the process may be long (t1) or short (t2)
Everything performed unconditionally after the test
![Page 18: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/18.jpg)
18
Power Attacks
• ICC's Power Consumption leaks information about data processing
Power Consumption = f(secret key, data)• Deduce information about secret data and
processing empirical methods statistical treatment
• Monitor ICC's Power Consumption resistor oscilloscope post processing computer chip
![Page 19: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/19.jpg)
19
Power Analysis Tools for contact cards
5V
![Page 20: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/20.jpg)
20
Power Analysis Profiles
• Raw data, zoomed in
Time
Pow
er
1ms
Time
![Page 21: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/21.jpg)
21
SPA attack on RSA
Test key value : 0F 00 F0 00 FF 00
1 1 1 1
0F 0 0 0 0
00
1 1 1 1 0 0
F0 0 0 0 0
00
0 0 0 0
00
1 1 1 1 1 1 1 1
FF
![Page 22: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/22.jpg)
22
Key value : 2E C6 91 5B F9 4A
SPA attack on RSA
2
0010
E
1 1 10
C
1 100
6
0 1 10
9
100 1
1
000 1
5
0 10 1
B
10 1 1
F
1 1 1 1
9
100 1
4
0 100
A
10 10
![Page 23: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/23.jpg)
23
• description :
choose a subset (subKi) of n bits of K
perform a statistical test for each possible value of a subK i
Choose the best guess
Iterate on all possible subKi's
Differential Power Analysis
2n-10 1 2
2
1 n
K
subKi
![Page 24: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/24.jpg)
24
Differential Power Analysis• data processing for a value x of a subKi :
AverageD
x
n
lklkjlsdqfdgcxv
10
dfdsffb
M0
Mn
M1
-
![Page 25: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/25.jpg)
25
Differential Power Analysis• Choosing the right guess
0 1 2n-1
![Page 26: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/26.jpg)
26
Differential Power Analysis
wrong subKi
right subKi
![Page 27: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/27.jpg)
27
• Add noise• Scramble power consumption or stabilize it• Randomize all sensitive data variables with a fresh mask for
every execution of an algorithm
• Randomize, randomize, randomize …
• Secret keys• Messages• Private exponents• Bases• Moduli
Countermeasures
![Page 28: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/28.jpg)
28
Electromagnetic Analysis on RSA
• Tests require a de-capsulation of chip with semi invasive method.
• A scanning of surface is needed to find the « good » area where electromagnetic analysis is possible.
• The chip is powered by contact reader
![Page 29: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/29.jpg)
29
Electromagnetic Analysis
One byte processedPower
Em1
Em2
One bit processed
Sq Mult
0 0 1 1 0 0 0 0
1 0 1 1 1 1 1 1
d=..30...
d=..bf...
![Page 30: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/30.jpg)
30
Radio Frequency Analysis (Contactless Cards)
• Tests are non-invasive.
• A simple magnetic loop made with copper wire is needed.
• An image of the magnetic field, modified by the card’s consumption, is collected.
• The chip is powered by a contactless reader.
![Page 31: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/31.jpg)
31
Equipment (1/2)
![Page 32: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/32.jpg)
32
• There are many potential ways to attack a smart card
• But there are also many ways to counteract and efficiently protect your secrets
• Smart Cards are among the most secure embedded devices in the field today
• We try to keep it that way
Conclusion
![Page 33: Smart card security Nora Dabbous Security Technologies Department.](https://reader036.fdocuments.net/reader036/viewer/2022062322/56649ecf5503460f94bdd641/html5/thumbnails/33.jpg)
33
Read-on
• W. Rankl, W. Effing, Smart Card Handbook, 2nd edition, John Wiley & Sons, 2000.
• K. Vedder, Smart Cards - Requirements, Properties, and Applications, in State of the Art in Applied Cryptography, pages 307-331, LNCS 1528, Springer-Verlag,1997.