Smart HKID Forum –Science Museum

download Smart HKID Forum –Science Museum

of 32

  • date post

  • Category


  • view

  • download


Embed Size (px)


Smart HKID Forum –Science Museum

Transcript of Smart HKID Forum –Science Museum

  • Security and Reliability of Smart Card Smart HKID Card Forum Jan 6, 2001 Science Museum

    Dr LM ChengDirectorSmart Card Design CenterDept. of Electronic EngineeringCity University of Hong Kong

  • ContentBackgroundGeneral Security FeaturesSimple Cryptographic EngineEncryption TechniquesSecurity Standards & AssessmentPhysical & Electrical ReliabilityElectro-static Discharge

  • BackgroundType of Smart CardsWorldwide MarketNew Technologies requirement

  • Types of Smart CardMemory CardMPU IC cardCrypto- processor cardContactless card

  • Worldwide Smart Cards Market Forecast (Millions of Dollars and Millions of Units) Data From Frost & Sullivan

  • New Technologies RequiredData Storage Management - information protectionauthentication process -biometric: fingerprint, facial features, iris identification, dynamic signature recognition, speech recognitionAdvanced encryption methods -Elliptic Curve Cryptography, chaotic techniques, AES

  • Basic Internal Structure of CPU Smart Card

  • Possible Attacks on Smart CardEM analysis: use electron microscope to inspect the internal structure of the mask

    UV or X-ray inspection: use high efficiency UV or X-ray to inspect the memory areas to extract important information like PIN, secret key and public key

  • duplication: illegal copying of card content from one to another

    confusion: disturb the power supply/frequency during PIN verification to confuse the accurate enter of PIN and allow access to the protected memory

  • tracking: based on the protocol exchange between the terminal and the card to track the sequence of commands

  • Other possible attracts: attract on DES like differentiate methodsattract on RSA using cyclic properties

  • General Smart Card Security FeaturesAgainst UV or X-ray inspection:Using implementation to avoid visible of ROM Code EM analysis:Address Scrambling of memoriesAgainst confusion:Low/High voltage sensorsLow/High Frequencies sensorsHigh Frequency Protection

  • Against duplication:Security PROM Hardware ProtectedUnique Chip Identification Number Move Code BlockingAgainst Tracking:Secure authentication and data/key encryptionAgainst DPA: Random Wait State (Advance)Current Scrambling Generator (Advance)Against Cyclic properties:No simple solutions

  • Protection Against TrackingRandom Number Generator for dynamic key generationCipher Engine for data protection:BlockStream

  • Random Number GeneratorFor generation of session keysDigital approach can only generate pseudo random number based on Xi =(a Xi-1 + b) mod cOther use analogue approaches like VCO, white noise generator etc.

  • Block CipherK1:Master Key of length 16-bitK2:Card ID of length 16-bit Process in block and errors propagate within the block

    Block Cipher Method Write to Memory Block Cipher Method Read from Memory

  • Stream CipherSimilar to a state machine with K1K2 as the initial stateA pseudorandom number sequences generated are XOR with the Input Data to form the Output DataThe data must be in sequence in order to encode and decode correctly

  • Encryption TechniquesEncryptionEncryption will modify data into irregular form for security storage and transmission. The reconstruction is achieved by using a set of relevant Keys.Two cryptosystems are currently being used, i.e. symmetric (DES/FEAL) and asymmetric (RSA, ECC). Symmetric cryptosystem requires only one common key for encryption and decryption whereas asymmetric system requires two keys, i.e. private/user key and public/system key.

  • Common Encryption Techniques in Smart CardPrivate:- Data ExchangeDES (Data Encryption Standard)Public:- Key ExchangeRSA (Rivet, Shamir, Adleman)ECC (Elliptic Curve Cryptography)Also for Authentication

  • Is Smart Card Secure?There are no perfect (100% secured) systems availableSystems design and built for minimal attack risk can be treated as secure sytemsSecure systems are evaluated/classified in different levels using international standards such as TCSEC/DoD (Orange -USA), ITSEC (Europe) and CCITSE (ISO15408)

  • Trusted Computer Security Evaluation Criteria USA(DoD)D: Minimal protection No protection

    C1: Discretionary Security ProtectionUse control accessC2: Controlled Access ProtectionUse accountability/auditing

  • B1: Labeled Security ProtectionUse sensitivity (classification) labelsB2: Structured ProtectionUse formal security policy more resistant to penetrateB3: Security domainHighly resistant to penetration. Use security administrator, auditing events and system recovery processA1: Verified protection Highly assure of penetration. Use formal specification and verification approaches.

  • Information Technology Security Evaluation Criteria (ITSEC) and Common Criteria (CC) Europe&CanadaEAL1 - functional testedEAL2 - structurally testedEAL3 - methodologically tested and checked

  • EAL4 - methodologically designed, tested and reviewedEAL5 - semi formally designed and tested EAL6 - semi formally verified designed and tested EAL7 - formally verified designed and tested

  • Federal Information Processing Standards (FIPS) - evaluationFIPS 46-2 and 81 for DESFIPS 186 for Digital SignatureFIPS 140-2 for Cryptographic Modules

  • Security evaluation requirementsCryptographic modulesmodule interfacerole and servicesfinite state machine modelphysical securityEnvironmental Failure Protection/Testing (EFT/EFP)

  • Software securityOperation securitycryptographic key managementcryptographic algorithmEMI/EMCself tests

  • Physical & Electrical Reliability

    TestStandard ReferenceTest MethodologyTest Frequency1Salt AtmosphereCECC 90 00048 h, 35C, 45%HR, 5% NaClManufacturing product audit2Insertion TestBull10 000 insertionManufacturing product audit3Data RetentionSemi-conductor Std.10 yearsManufacturing product audit4ESD ProtectionMIL STD-883C Mtd. 8Class 3: 4KvChip Characterization

  • Electro-static Discharge Dry/Wet weather comparison

  • ESD failure in various stages

  • Reliability of Contact Type Smart Card Reader Mechanical Insertion Life time around 1-3x105 insertionFor a typical flow of 105 crossing per dayEach reader will only last for 3 daysAssuming 30 readers installed at border, all readers have to be replaced in 90 days.Whereas, contactless type has MTBF over 115,000 hrs = over 13 years

  • ConclusionSmart Card is an evolutionary productTrend of use is irreversibleHKID project can built a framework to make it smartMore technology breakthrough is needed to make them really multi-applicationsTechnology is fact but not miracle

    Good afternoon chairman, panel members and audiences, my name is Lam Yuk Lung. Today I would like to present my final year project. My project title is development of a flexible chip operating system for smart card.