Physical Security [email protected]. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural...
-
Upload
deborah-dolphin -
Category
Documents
-
view
218 -
download
1
Transcript of Physical Security [email protected]. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural...
![Page 2: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/2.jpg)
IIS2
Overview
Smart cards
RFIDs
Attacks
(Semi)-Natural tags
Conclusions
![Page 3: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/3.jpg)
Smart Cards
![Page 4: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/4.jpg)
IIS4
Smart cards
85.6 mm
53.98 mm
0.76 mm
[And96] R. J. Anderson and M. G. Kuhn. Tamper resistance - A cautionary note. In 2nd Int. Usenix Workshop on Electronic Commerce, pages 1-11, Oakland, California, Nov 1996. USENIX Association. http://www.usenix.org/publications/library/proceedings/ec96/kuhn.html
Broken!
![Page 5: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/5.jpg)
IIS5
What makes the card smart?
CPU (8, 16, 32 bit)
Memory (RAM, ROM, EEPROM, Flash)
I/O channel (Contact/Contact less)
Cryptographic co-processor
On card devices (Fingerprint, display)
Standards (ISO 7816, GSM, EMV, VOP)
![Page 6: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/6.jpg)
IIS6
Main security features
Symmetric crypto
Asymmetric crypto relatively slow
Hardware random number generator
Hardware tamper resistance
X-tal clock vulnerable
Life cycle management
![Page 7: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/7.jpg)
IIS7
Communication
ISO 7816-4:
9600 bps : slow
USB : bulky
Bluetooth: power
Biometrics: slow
www.fingerchip.com
![Page 8: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/8.jpg)
IIS8
Displays
Plastic, glass
Emissive, non-emissive
Refresh, bi-stable
Segment, dot-matrix
Problems: connections, yield, power, thickness, price!
[Pra01] D. Praca and C. Barral. From smart cards to smart objects: the road to new smart technologies. Computer Networks, 36(4):381-389, Jul 2001. http://dx.doi.org/10.1016/S1389-1286(01)00161-X
![Page 9: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/9.jpg)
IIS9
Clock & Power
Clock» Xtal 0.6 mm
» MEMS (0.002% acc.)
Battery» Thickness
» power density
» when to recharge
![Page 10: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/10.jpg)
IIS10
Integration is hard
Display
Button
32-bit CPU
Large memory
Battery
Comms
>> 25mm2
Photo: Philips Semiconductors
![Page 11: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/11.jpg)
RFID
![Page 12: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/12.jpg)
IIS12
What is an RFID tag?
Antenna + small chip in ambient field
Passive, replies to queries only
Can be used for almost anything» Supply Chain Management & Checkout (Wallmart,
Benetton)
» Homeland security
» User convenience
» Access to buildings
Nokia 6131 NFC
![Page 13: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/13.jpg)
IIS13
Passport application
![Page 14: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/14.jpg)
IIS14
Privacy issues Sniffing
» Data collection in proximity (skimming)» Correlate data from different tags
Counter measures» Shield antenna in passport with tinfoil» Encrypt the template with MRZ data» Reduce transmit range» Light controlled on/off switch» Long and short range interface» Time delayed transmit of sensitive info
[Bir07] N. Bird, C. Conrado, J. Guajardo, S. Maubach, G. Jan Schrijen, B. Skorić, A. M. H. Tombeur, P. Thueringer, and P. Tuyls. ALGSICS - combining physics and cryptography to enhance security and privacy in RFID systems. In F. Stajano, C. Meadows, S. Capkun, and T. Moore, editors, 4th European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS), volume LNCS 4572, pages 187-202, Cambridge, UK, Jul 2007. Springer. http://dx.doi.org/10.1007/978-3-540-73275-4_14
Watch this video
![Page 15: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/15.jpg)
Attacks
[Wit02] M. Witteman. Advances in smartcard security. Information Security Bulletin, pages 11-22, Jul 2002. http://www.riscure.com/fileadmin/images/Docs/ISB0707MW.pdf
![Page 16: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/16.jpg)
IIS16
Attacks
Operational» Blackmail» Burglary» Bribery
Technical» Logical» Physical» Side channel
Attackers» I: Clever outsiders» II: Knowledgeable insiders» III: Funded Organisations
![Page 17: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/17.jpg)
IIS17
Logical attacks
The code is too complex» Hidden commands
» Parameter poisoning & Buffer overflow
» Malicious or buggy applets
» Protocol problems (e.g. retransmit)
» Proprietary crypto
Counter measures» Structured design & code inspection
» Formal methods
» Testing
![Page 18: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/18.jpg)
IIS18
Example: RFID virus
There is a large amount of code
Generic protocols and facilities
Back end data bases
So the usual attacks:» Buffer overflow
» SQL injection “;shutdown--”
Don’t trust data from RFID tag…
[Rie06] M. R. Rieback, B. Crispo, and A. S. Tanenbaum. Is your cat infected with a computer virus? In 4th Annual IEEE Int. Conf. on Pervasive Computing and Communications (PerCom), pages 169-179, Pisa, Italy, Mar 2006. IEEE Computer Society. http://dx.doi.org/10.1109/PERCOM.2006.32
Best paperaward
![Page 19: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/19.jpg)
IIS19
Physical attacks
The circuitry is complex and vulnerable» Chemicals & etching» SEM Voltage contrast» Probe stations» Focused Ion Beam (FIB) to make probe pads
Counter measures» Reduced feature size (100nm)» Multi layering» Protective layers» Sensors» Bus scrambling
![Page 20: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/20.jpg)
IIS20
Low cost physical attacks
Block EEPROM writes by isolating Vpp
Rent focused Ion beam
[And97d] R. J. Anderson and M. Kuhn. Low cost attacks on tamper resistant devices. In 5th Int. Workshop on Security Protocols, volume LNCS 1361, pages 125-136, Paris, France, Apr 1997. http://dx.doi.org/10.1007/BFb0028165
![Page 21: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/21.jpg)
IIS21
Side channel attacks
Physical phenomena can be measured» Power
» EM radiation (X-ray, light, sound)
» Time
and changed» Voltage (example later)
» Frequency (example later)
[Vua09] M. Vuagnoux and S. Pasini. Compromising electromagnetic emanations of wired andWireless keyboards. In 18th USENIX Security Symp., pages 1-16, Montreal, Canada, Aug 2009. USENIX Assoc. http://www.usenix.org/events/sec09/tech/full_papers/vuagnoux.pdf
Watch this video
![Page 22: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/22.jpg)
Timing attack
Exponentiation by square and multiply» for i = n − 2 downto 0
» X = X2
» if (d[i] == 1) then
» X = X*M
Power trace shows bits 1 in the key
IIS22
![Page 23: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/23.jpg)
Simple power analysis
16 rounds DES
Rounds 2 & 3
IIS23
[Koc99] P. C. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In M. J. Wiener, editor, 19th Int. Conf. on Advances in Cryptology (CRYPTO), volume 1666 of LNCS, pages 388-397, Santa Barbara, California, Aug 1999. Springer. http://www.cryptography.com/resources/whitepapers/DPA.pdf
![Page 24: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/24.jpg)
IIS24
Differential power attacks
Difference in the third cycle due to difference in input value for encryption
![Page 25: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/25.jpg)
IIS25
Active attacks : Power Dip
read a 0 as a 1
Protection measure» Check VCC & raise an alarm if it drops
» Problem: Fast transients during start-up may raise false alarms
Readingthreshold
Stored valueof logical zero
vcc
gnd
A power Dip at theMoment of reading
a memory cell
![Page 26: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/26.jpg)
IIS26
Active attacks : Clock Glitch
Dump all of the memory
Replace 5MHz pulse by 4 pulses of 20MHz:1. b = answer_address
2. a = answer_length
3. If (a == 0) goto 8
4. transmit(*b)
5. b=b+1
6. a=a-1
7. goto 3
[And97d] R. J. Anderson and M. Kuhn. Low cost attacks on tamper resistant devices. In 5th Int. Workshop on Security Protocols, volume LNCS 1361, pages 125-136, Paris, France, Apr 1997. http://dx.doi.org/10.1007/BFb0028165
Glitch here
![Page 27: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/27.jpg)
IIS27
Countermeasures
Hardware» Lower power signals
» Increase noise levels
» Introduce timing noise
Software» Parallelism
» Introduce random delays
» Constant time execution
» Blinding intermediate values
![Page 28: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/28.jpg)
IIS28
Countermeasures
Make attacks harder but not impossible
Hard to get right
Expensive to implement
![Page 29: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/29.jpg)
IIS29
Out of the box thinking
The humble Capacitor » Emanates acoustic signals
» Sensitive to shocks and vibration
» C A / d
![Page 30: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/30.jpg)
IIS30
Listen to a PC multiplying
http://people.csail.mit.edu/tromer/acoustic/
Freeze 1500 μFcapacitor
![Page 31: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/31.jpg)
IIS31
Shaking a smart card....
![Page 32: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/32.jpg)
IIS32
Attackers business case
Attack Class
Equipment Cost Succ. Rate
Devel. Time
Exec. Time
Logical PC, card reader 1-10K Low Wks Mins
Physical PC, Probe Station, SEM, FIB,Microscope, Chemistry Lab
100K-1M
High Mnths Days
Side Channel
PC, Oscilloscope, Function Gen.
10K-100K
Med. Mnths Hours
Rental!
![Page 33: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/33.jpg)
IIS33
Design guidelines
Define the level of security needed
Perform a risk analysis
Consider the attackers business case
Use the right technologies
Build in fraud management
Design recovery and fall-back
Consider the overall system
![Page 34: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/34.jpg)
IIS34
IBM 4758 Crypto Coprocessor
Rolls Royce of secure devices
Tamper sensing barrier
Keys move in the RAM
Temperature & X-ray sensor
Solid aluminium case & epoxy potting
low pass filter on power supply
Used in ATMs
Hacked!
[Cla03b] R. Clayton and M. Bond. Experience using a Low-Cost FPGA design to crack DES keys. In 4th Int. Workshop on Cryptographic Hardware and Embedded Systems (CHES), volume LNCS 2523, pages 877-883, Redwood Shores, California, 2003. Springer. http://dx.doi.org/10.1007/3-540-36400-5_42
![Page 35: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/35.jpg)
(Semi) Natural tags
![Page 36: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/36.jpg)
IIS36
Finger printing
[Buc05] J. D. R. Buchanan, R. P. Cowburn, A.-V. Jausovec, D. Petit, P. Seem, G. Xiong, D. Atkinson, K. Fenton, D. A. Allwood, and M. T. Bryan. Forgery: 'fingerprinting' documents and packaging. Nature, 436(7050):475, Jul 2005. http://dx.doi.org/10.1038/436475a
![Page 37: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/37.jpg)
IIS37
Philips Coating PUF
[Sko08] B. Škorić, G.-J. Schrijen, W. Ophey, R. Wolters, N. Verhaegh, and J. van Geloven. Experimental hardware for coating PUFs and optical PUFs. In P. Tuyls, B. Škorić, and T. Kevenaar, editors, Security with Noisy Data - On Private Biometrics, Secure Key Storage and Anti-Counterfeiting, pages 255-268. Springer London, 2008. http://dx.doi.org/10.1007/978-1-84628-984-2_15
![Page 38: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/38.jpg)
MEMS particles
1x1x12 m particles, shapes
Church and school roof, power line grease/gel
Jewellery fluid
Spray vandals/thiefs
Smart water
IIS38
[Kay92] P. H. Kaye, F. Micheli, M. Tracey, E. Hirst, and A. M. Gundlach. The production of precision silicon micromachined non-spherical particles for aerosol studies. Journal of Aerosol Science, 23(Suppl 1):201-204, 1992. http://dx.doi.org/10.1016/0021-8502(92)90384-8
http://www.redwebsecurity.com/
Watch this video
![Page 39: Physical Security Pieter.Harte@utwente.nl. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural tags Conclusions.](https://reader035.fdocuments.in/reader035/viewer/2022062619/5518bdd3550346991f8b5450/html5/thumbnails/39.jpg)
IIS39
Conclusions
Affordable tamper resistance technology exists
Getting it right is difficult
Out of the box thinking required