Security and Reliability of Security and Reliability of Smart CardSmart Card Smart HKID Card ForumSmart HKID Card Forum JJan 6, 2001 an 6, 2001 Science MuseumScience Museum
Dr LM ChengDirectorSmart Card Design CenterDept. of Electronic EngineeringCity University of Hong Kong
ContentContent
Background General Security Features Simple Cryptographic Engine Encryption Techniques Security Standards & Assessment Physical & Electrical Reliability Electro-static Discharge
Worldwide Smart Cards Market Worldwide Smart Cards Market ForecastForecast
(Millions of Dollars and Millions of Units)(Millions of Dollars and Millions of Units) Data From Frost & SullivanData From Frost & Sullivan
New Technologies RequiredNew Technologies Required Data Storage Management - information
protection authentication process -
biometric: fingerprint, facial features, iris identification, dynamic signature recognition, speech recognition
Advanced encryption methods - Elliptic Curve Cryptography, chaotic
techniques, AES
Possible Attacks on Smart Possible Attacks on Smart CardCard
EM analysis: use electron microscope to inspect the internal structure of the mask
UV or X-ray inspection: use high efficiency UV or X-ray to inspect the memory areas to extract important information like PIN, secret key and public key
duplication: illegal copying of card content from one to another
confusion: disturb the power supply/frequency during PIN verification to confuse the accurate enter of PIN and allow access to the protected memory
tracking: based on the protocol exchange between the terminal and the card to track the sequence of commands
Other possible attracts: attract on DES like differentiate methodsattract on RSA using cyclic properties
General Smart Card General Smart Card Security FeaturesSecurity Features
Against UV or X-ray inspection:– Using implementation to avoid visible of
ROM Code
EM analysis:– Address Scrambling of memories
Against confusion:– Low/High voltage sensors– Low/High Frequencies sensors– High Frequency Protection
Against duplication:– Security PROM Hardware Protected– Unique Chip Identification Number – Move Code Blocking
Against Tracking:– Secure authentication and data/key encryption
Against DPA: – Random Wait State (Advance)– Current Scrambling Generator (Advance)
Against Cyclic properties:– No simple solutions
Protection Against TrackingProtection Against Tracking
Random Number Generator for dynamic key generation
Cipher Engine for data protection:– Block– Stream
Random Number GeneratorRandom Number Generator
For generation of session keysDigital approach can only generate pseudo
random number based on Xi =(a Xi-1 + b) mod c
Other use analogue approaches like VCO, white noise generator etc.
Block CipherBlock Cipher
K1: Master Key of length 16-bit
K2: Card ID of length 16-bit
Process in block and errors propagate within the block
Block Cipher8-bit
K1 : 16-bit
K2 : 16-bit
DataIn DataOut8-bit
Block Cipher8-bit
K1 : 16-bit
K2 : 16-bit
DataOut DataIn8-bit
Block Cipher Method – Write to Memory
Block Cipher Method – Read from Memory
Stream CipherStream Cipher• Similar to a state
machine with K1K2 as the initial state
• A pseudorandom number sequences generated are XOR with the Input Data to form the Output Data
• The data must be in sequence in order to encode and decode correctly
Stream Cipher
K1 : 16-bit
DataOut8-bit8-bit
DataIn
K2 : 16-bit
Encryption TechniquesEncryption Techniques Encryption
– Encryption will modify data into irregular form for security storage and transmission. The reconstruction is achieved by using a set of relevant Keys.
Two cryptosystems are currently being used, i.e. symmetric (DES/FEAL) and asymmetric (RSA, ECC). Symmetric cryptosystem requires only one common key for encryption and decryption whereas asymmetric system requires two keys, i.e. private/user key and public/system key.
Common Encryption Common Encryption Techniques in Smart CardTechniques in Smart Card
Private:- Data Exchange– DES (Data Encryption Standard)
Public:- Key Exchange– RSA (Rivet, Shamir, Adleman)– ECC (Elliptic Curve Cryptography)
Also for Authentication
Is Smart Card Secure?Is Smart Card Secure? There are no perfect (100%
secured) systems available Systems design and built for
minimal attack risk can be treated as secure sytems
Secure systems are evaluated/classified in different levels using international standards such as TCSEC/DoD (Orange -USA), ITSEC (Europe) and CCITSE (ISO15408)
Trusted Computer Security Trusted Computer Security Evaluation Criteria – USA(DoD)Evaluation Criteria – USA(DoD)
D: Minimal protection – No protection
C1: Discretionary Security Protection–Use control access
C2: Controlled Access Protection–Use accountability/auditing
B1: Labeled Security Protection– Use sensitivity (classification) labels
B2: Structured Protection– Use formal security policy more resistant to penetrate
B3: Security domain– Highly resistant to penetration. Use security
administrator, auditing events and system recovery process
A1: Verified protection – Highly assure of penetration. Use formal specification
and verification approaches.
Information Technology Security Information Technology Security Evaluation Criteria (ITSEC) and Common Evaluation Criteria (ITSEC) and Common
Criteria (CC) – Europe&CanadaCriteria (CC) – Europe&Canada
EAL1 - functional testedEAL2 - structurally testedEAL3 - methodologically tested and
checked
EAL4 - methodologically designed, tested and reviewed
EAL5 - semi formally designed and tested EAL6 - semi formally verified designed
and tested EAL7 - formally verified designed and
tested
Federal Information Processing Federal Information Processing Standards (FIPS) - evaluationStandards (FIPS) - evaluation
FIPS 46-2 and 81 for DESFIPS 186 for Digital SignatureFIPS 140-2 for Cryptographic Modules
Security evaluation Security evaluation requirementsrequirements
Cryptographic modulesmodule interfacerole and servicesfinite state machine modelphysical securityEnvironmental Failure Protection/Testing
(EFT/EFP)
Software securityOperation securitycryptographic key managementcryptographic algorithmEMI/EMCself tests
Physical & Electrical ReliabilityPhysical & Electrical ReliabilityTest Standard
ReferenceTest Methodology Test Frequency
1 Salt Atmosphere
CECC 90 000
48 h, 35°C, 45%HR, 5% NaCl
Manufacturing product audit
2 Insertion Test
Bull 10 000 insertion Manufacturing product audit
3 Data Retention
Semi-conductor Std.
10 years Manufacturing product audit
4 ESD Protection
MIL STD-883C Mtd. 8
Class 3: 4Kv Chip Characterization
Electro-static Discharge – Electro-static Discharge – Dry/Wet weather comparisonDry/Wet weather comparison
Reliability of Contact Type Reliability of Contact Type Smart Card Reader Smart Card Reader
Mechanical Insertion Life time – around 1-3x105 insertion
For a typical flow of 105 crossing per dayEach reader will only last for 3 daysAssuming 30 readers installed at border, all
readers have to be replaced in 90 days.Whereas, contactless type has MTBF over
115,000 hrs = over 13 years
Top Related