Authentication mechanisms using secure, contactless Card-to...

Authentication mechanisms

using secure, contactless

Card-to PACS communication

Gilles Lisimaque

IDTP

[email protected]

Terminology used

6/30/2010 © 2010 Identification Technology Partners, Inc. All rights reserved. 2

PACS management

PACS Data base

Controller Reader Card

Secured Perimeter

Terminal =

Reader +

application logic

Missing PIV functionality today

• Contactless interface secure session

– No biometric over contactless interface

– No access to user’s picture or printed information over

contactless interface

– No biometric match on card or PIN presentation over

contactless interface

• Terminal authentication by the card (trust and privacy)

• Simple, independent, local key management for

access control decisions in PACS


© 2010 Identification Technology Partners, Inc. All rights reserved. 46/30/2010 4

Other challenges using PIV in PACS

• Large Universal Identifier required for Identity Credentials

• No protection or privacy on this unique identifier

• Interoperable authentication requires to use the PIV

Authentication Key which is available only on the contact

interface after the PIN has been presented. This might lead

to many PACS using only the CHUID verification

• Without active card authentication security is quite low

• Cardholder makes the terminal trust decision by presenting

its card PIN (human authentication of the terminal)

• No three factor authentication using contactless

Identifiers (e.g. CHUID) used without an authenticator (e.g. CAK), can be cloned

and may create similar issues experienced with Social Security numbers

© 2010 Identification Technology Partners, Inc. All rights reserved. 5

Technical limitations specific to PACS• Contact interface is very difficult to use in physical access

control systems (wear & tear, vandalism [e.g. super glue],

airborne contaminants, etc.)

• A card authentication (CAK) combined with a CHUID

validation (required for the path validation) can take a long

time to execute when all keys are RSA 2048.

• With no session key mechanism there is no secure

communication between the card and the terminal

– the card cannot provide cryptographic proofs of any kind to the

terminal (PIN validation, Match on card not feasible)

– the card cannot send or receive sensitive information (PIN,

Biometry) to/from the terminal as exchanges are all in clear text.

The pieces of the puzzle


CHUID

CAK

PIN

•PKI

•Picture

•BIO

•Printed InfoPINContact

Contactless

No Secure communicationNo Authentication Key

PACS

Control Panel

Limited

bandwidth


Physical Access Control Specifics

• Needs to be fast, convenient and non-obstructive

• Access Authorization is delivered by an Access Control

Authority often different from the Identity Authority

– Access rights are granted only AFTER an identity verification and

– The user provides a justification for access

• Convenience of a local numbering system (small number of bits)

• Access control privilege and security (including keys) are

managed independently by each site

• PIN today presented to PACS, not to the credential

• Each site may have specific (operational) biometric requirements


Ideal PACS Credential• Contactless operation

• Minimum leak of personal information to unknown terminals

• Mutual Authentication between credential and terminal (trust)

• Secure communication between credential and terminal

(Session Key protecting against eavesdropping)

• Should allow:

– Use of local (operational) biometrics and local PIN to PACS

– Each PACS to manage its security without having to share any

secret or private key or to rely on externally managed keys.

– To use one identity credential (after local registration), to access

multiple unrelated physical sites

The options on the table

• Standardized Session Key establishment Protocols

– ISO 11770-3 (Asymmetric) or 11770-2 (Symmetric), etc..

• Privacy Enhanced Protocols

– PLAID

– Opacity

• PACS authentication key management mechanism

– Mutual Registration



Comparison of solutions

Privacy

Pro

tection

Mu

tual

Au

then

tication

Sessio

n K

ey

(confid

entiality)

Alg

orith

ms

Key selectio

n

Key

man

agem

ent

for

termin

al

Altern

ative

Bio

metrics in

Card

Co

ntactless

interface

FIPS 201-1

(PIV card as

per SP800-

73)

PIN No No RSA (*)

ECC (*)

3DES

AES

Fixed No key in

Terminal

Limited to

IRIS over

contact &

with PIN

Limited

to CHUID

(in clear )

and CAK

PLAID Crypto Yes Yes RSA Up to

65,535

To be defined by

the “system”

Not part of

protocol

Fully

Protected

OPACITY Crypto Yes Yes ECC TBD To be defined by

the “system”

Not part of

protocol

Fully

Protected

Mutual

Registration

Crypto Yes Yes RSA

ECC

3DES

AES (*)

Up to

65,535

Part of protocol.

Each PACS

manages its

own keys

Yes. Part of

protocol.

Each PACS

may have

its own

Fully

Protected

(*) indicates a preferred option


Mutual Registration, a different approach

• By registering the Identity Card in the PACSand at the same time registering the PACSin the Identity card, it becomes possible toestablish a specific PACS context in the identification credential

• This allows a PACS to authenticate itself to the card prior to any exchange of sensitive information

• The PACS specific context is securely loaded into the card when the subject registers for access

• Mutual Registration provides a “context dependent ”, secure access control “logical credential” in the card, in addition to the existing identification credential


PACS Analogy with Passports & Visas

• A Passport is an identity document delivered by the

country of citizenship (Identity Authority). It is designed to

re-enter the country of citizenship.

• To enter another country, many countries require a Visa

(access authorization) in addition to a passport (Identity)

issued by another country.

• The Visa is a “privilege for access” delivered by the

country granting access. It is delivered after the user

registers for access to the country he/she wants to go to.


Local Access

Identifier

Authentication Mechanism

(Algorithm + Key)

PACS id Authentication Local PACS

card ID

IAD Algo(x)+Key(z) #13725#

BWI Algo(3)+Key(4) AbC45&9

LAX Algo($)+Key(&) UFO666

Basic ID data for interoperability

& User authentication

The Mutual Registration credential contains (and protects) a lookup table for the multiple

PACS entries obtained by the legitimate bearer of the ID credential

The PACS has to actively identify itself to the Mutual

Registration card in order to set the context it is looking for.

No more need for a large universal card identifier for access

Mutual Registration

PACS

Identifier

IAD


New: PACS registration in the card• When a new PACS is registered in a Mutual Registration enabled

card, an entry is created in the card PACS look up table:

– PACS Identifier

– Credential identifier to use for that PACS (short Local-ID)*

– Diversified CAK and Algorithm to use for this PACS

– Session Key mechanism to use for this PACS

– PACS operational biometrics (optional)

– PIN to PACS or other Misc specifics (both optional)

• The “load new PACS” message is presented ciphered to the card

and authorized by the user (PIN) or the issuer’s CMS

* Same concept as a DHCP mechanism in network management


PACS-ID rst

PACS-ID xyz

MR elementary Data Objects

PACS-ID PACS identifier (UUID)

PACS-Name PACS Friendly name

Date-Created Date entry created

Usage-CTR Counter incremented by the card each time the entry is selected

Div-Number Diversification number for card key group

L-CRED-ID Local Credential identifier ascribed to the card by the PACS

PACS-Key-Version Key identifier if the PACS has multiple keys

PACS-Algo Algorithm identifier to be used by the card for mutual authentication

PACS-Key Card key used for mutual authentication (PACS key derived by card group div-#)

PACS-Bio Operational biometrics for the PACS (optional)

PACS-Proprietary PIN to be presented to the PACS and/or Misc info for PACS


Te

rmin

al

CA

RD

Contactless Mutual Registration-PIVSelect Mutual Registration-PIV

response to Select

Get CHUID (could be a “local” CHUID)L-CHUID data object

Execute CAK(x)Response to CAK(x) challenge

response indicating information is understoodProvide PACS Identifier to card

Get BIOCiphered(BIO data object by Sk)

Card selects the correct identifier, key CAK(x) and Sk(x) associated to

the PACS identifier provided

The CAK key used is selected by the card based on the PACS System Identifier provided

New

New

New

Establish Session Key (Sk)Response to Session Key EstablishementNew


Benefits of Mutual Registration-PIV• The card does not reveal information to unknown terminals

• The communication is secure on both interfaces (confidentiality)

• Each PACS is independent and responsible for its own security (keys and access) without any consequences for other PACS

• Provides an interoperable mechanism using fast symmetric algorithms for all exchanges without key management hardships

• Diversifies symmetric keys in cards protecting each master PACS authentication key in case a card is lost or stolen

• All this allows:– Exchange of sensitive information over any interface:

• Biometric information from the card do not require the PIN

• Allows Match on card as well as ciphered PIN presentation

– Full use of the contact as well as the contactless interface• No need for a digital signature attached to each data object (faster transfers)

– Operational biometric for each PACS


Trusted exchanges• Having a session key established between

the card and the PACS terminal allows

exchanges which were not possible before:– Card PIN presentation ciphered over contact or contactless

interface

– Presentation to the card of a live biometric template for match-

on-card

– Card may act as a proxy for the user by returning the specific

PACS-PIN when the user presents the correct card-PIN to the

card (no need to remember multiple independent PINs)

And because all the exchanges are done in a mutually trusted environment (MAC’ed & Encrypted), no static signature is required for each individual data object.


Mutual Registration performances

Note: Time (in seconds) varies depending on the reader used

Terminal Authentication, PK or SYM ?

• Public key systems allow to share/transfer trust

between un-related entities

• Symmetric key systems allow very fast

authentication in a closed community

environment.

• Public key systems are very useful to establish a

local trustable environment allowing

symmetric keys to be used locally later (for

speed and simplicity)

Terminal Revocation is not simple

• It is very difficult for a smart card to have access to a reliable and up-to-date CRL as it is controlled by the terminal (which also controls the date information)

• Terminals should be programmed to shutdown automatically if they have not been in touch with a trusted central system after a given period of time

• Terminals should not work outside of the control of an authority which has provided them with secret keys even for maintenance or repairs (e.g. secure terminal activation at each power on)


• The Mutual Registration (MR) credential behaves like a PIV contact card when used as an identity card

• The MR credential adapts to a specific PACS context by behaving like a fast local specific PACS card

• No need to share secrets between independent PACS or rely on externally managed keys

• Simple application card and key management with secure contained data and application functions

• Clearly separates identity management from access privilege management in the card

In summary … Why Mutual Registration?


Available:

summary white paper on

Mutual Registration

mailto:[email protected]

http://www.idtp.com/

Additional Slides for discussion

• The following slides are

providing some hints on how

Mutual registration works.

It is far from being a complete

technical presentation but

shows some of the principles

of Mutual Registration and

how the concept has been

implemented in smart cards.6/30/2010 © 2010 Identification Technology Partners, Inc. All rights reserved. 24


• A communication is confidential between two parties when it is

protected against eavesdropping (Does not require secrets)

• An entity is authenticated when it has proven to another party it

is genuine and trustable (Requires to use and protect a secret)

• When both entities have authenticated to each other, there is a

mutual authentication which allows a shared trust to exist

• Some protocols establish one or the other services and some

establishes both

– PIV card ============> Card authentication (Secret in card)

– Diffie-Hellmann =======> Confidentiality (no authentication, no secret)

– PLAID, OPACITY, MR ==> Mutual Authentication & Confidentiality

Confidentiality vs. Authentication


Privacy Solutions : PLAID / OPACITY

PLAID and OPACITY are Privacy Enhanced ProtocolsThey both require the application (issuing authority) to

define what the keys are for and how they are managed.The terminal authentication key is asymmetric in an

environment where the card has no easy access to a CRL.

PLAID OPACITY

Mutual Authentication RSA 1024 ECC

Session key AES 128,192,256 AES

Standards Proprietary APDU 7816 commands

ISO 7816-4Crypto Suite BNIST SP 800-56A

Key sets PKI Multi domainUp to 65,535 key sets selectable.

PKI Open domainUnique Private key in each terminal


Key Management option: Mutual Registration

The terminal authentication key is controlled and managed by the PACS which does not need to share it with anybody.In the card, there is one diversified authentication key for each registered PACS automatically selected by the card.

Mutual Registration

Mutual Authentication ISO 11770, (PLAID, OPACITY)

Session key AES 128,192,256

Standards ISO 7816-4 APDUsName space isolated from PIV

Key sets Multi domain managed by the protocolUp to 65,535 PACS keys depending on the card memory size


PIV proposed enhanced behavior• The CAK key selected by the card could be variable

depending on the system asking the question (context)

– Card key used for CAK is found by the card doing a lookup in a table

based on the system identifier of the PACS asking to communicate. If

no PACS is selected (PIV mode), the CAK Asymmetric key is used

• The BIO information could then be dynamically ciphered by a

key depending on the system asking the question (context)

– Card key used to cipher the BIO is the result of a key selected by the

look up in the card PACS table or resulting from a mutual

authentication process (CAK used is a symmetric diversified key)


As always: PIV registration in PACS

• A PIV card needs to be registered for access in a

PACS system which is not related to its issuer

• This consists of:

– Verifying the PIV card is genuine (Active Card

Authentication including CRL and path validation)

– The cardholder is indeed the legitimate user (PIN

and/or Biometric verification)

– The user has a legitimate reason for access


New commands in the MR-PIV TM card• At registration:

– Load PACS entry: Loads an entry in the PACS look up

table (ciphered message under PIN or CMS control)

– Delete PACS entry: When the PIN is presented, the user

is allowed to delete entries in its PACS look up table

• In use at PACS terminals

– Select PACS entry: Sent by the PACS terminal, the PACS

identifier allows the card to select the correct context

These commands do not alter the behavior of existing PIV functions.

They are using their own name space and do not interfere with PIV .


New or Modified Commands in MR-PIV TM

• Establishment of Session Key (new function)

– As a part of the mutual authentication between the

card and the terminal, a session key is established

(use of ISO/IEC 11770 or PLAID, Opacity, etc..)

• Get BIO (available in secure messaging)

– Can now return dynamically ciphered information

using the session key established with the PACS

• Allows Match on Card to authenticate the user

All this works on the contact as well as the contactless

interface and supports biometric privacy requirements


New Data Objects in MR-PIV TM

• No major change in the CAK at the interface

– The value and algorithm used may change depending on the

PACS selected but as only one CAK instance is ever “seen at

the interface” at any time, it becomes a value which depends

on the context provided by the PACS.

• L-CHUID

– Identifier possibly allocated by a given PACS when a card is

registered. This number is a PACS local identifier (Alias)

which could be small and different from the FASC-N or GUID.

Based on the PACS system identifier the card presents a logical VIEW


Te

rmin

al

Contactless MR-PIV behavior in an old systemSelect PIV

PIV response to Select

Get CHUIDCHUID data object

Execute CAK (use of Asym. Key)Response to CAK challenge

Get BIOCommand rejected

CA

RD

The Get BIO command should not be executed by a legacy PIV terminal

according to the PIV specification but regardless, would be rejected by the

MR-PIV card when the system has not identified itself through registration.

Authentication mechanisms using secure, contactless Card-to...

Documents

Transcript of Authentication mechanisms using secure, contactless Card-to...