Physical Security [email protected]. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural...
-
Upload
deborah-dolphin -
Category
Documents
-
view
217 -
download
1
Transcript of Physical Security [email protected]. IIS 2 Overview Smart cards RFIDs Attacks (Semi)-Natural...
Physical Security
IIS2
Overview
Smart cards
RFIDs
Attacks
(Semi)-Natural tags
Conclusions
Smart Cards
IIS4
Smart cards
85.6 mm
53.98 mm
0.76 mm
[And96] R. J. Anderson and M. G. Kuhn. Tamper resistance - A cautionary note. In 2nd Int. Usenix Workshop on Electronic Commerce, pages 1-11, Oakland, California, Nov 1996. USENIX Association. http://www.usenix.org/publications/library/proceedings/ec96/kuhn.html
Broken!
IIS5
What makes the card smart?
CPU (8, 16, 32 bit)
Memory (RAM, ROM, EEPROM, Flash)
I/O channel (Contact/Contact less)
Cryptographic co-processor
On card devices (Fingerprint, display)
Standards (ISO 7816, GSM, EMV, VOP)
IIS6
Main security features
Symmetric crypto
Asymmetric crypto relatively slow
Hardware random number generator
Hardware tamper resistance
X-tal clock vulnerable
Life cycle management
IIS7
Communication
ISO 7816-4:
9600 bps : slow
USB : bulky
Bluetooth: power
Biometrics: slow
www.fingerchip.com
IIS8
Displays
Plastic, glass
Emissive, non-emissive
Refresh, bi-stable
Segment, dot-matrix
Problems: connections, yield, power, thickness, price!
[Pra01] D. Praca and C. Barral. From smart cards to smart objects: the road to new smart technologies. Computer Networks, 36(4):381-389, Jul 2001. http://dx.doi.org/10.1016/S1389-1286(01)00161-X
IIS9
Clock & Power
Clock» Xtal 0.6 mm
» MEMS (0.002% acc.)
Battery» Thickness
» power density
» when to recharge
IIS10
Integration is hard
Display
Button
32-bit CPU
Large memory
Battery
Comms
>> 25mm2
Photo: Philips Semiconductors
RFID
IIS12
What is an RFID tag?
Antenna + small chip in ambient field
Passive, replies to queries only
Can be used for almost anything» Supply Chain Management & Checkout (Wallmart,
Benetton)
» Homeland security
» User convenience
» Access to buildings
Nokia 6131 NFC
IIS13
Passport application
IIS14
Privacy issues Sniffing
» Data collection in proximity (skimming)» Correlate data from different tags
Counter measures» Shield antenna in passport with tinfoil» Encrypt the template with MRZ data» Reduce transmit range» Light controlled on/off switch» Long and short range interface» Time delayed transmit of sensitive info
[Bir07] N. Bird, C. Conrado, J. Guajardo, S. Maubach, G. Jan Schrijen, B. Skorić, A. M. H. Tombeur, P. Thueringer, and P. Tuyls. ALGSICS - combining physics and cryptography to enhance security and privacy in RFID systems. In F. Stajano, C. Meadows, S. Capkun, and T. Moore, editors, 4th European Workshop on Security and Privacy in Ad-hoc and Sensor Networks (ESAS), volume LNCS 4572, pages 187-202, Cambridge, UK, Jul 2007. Springer. http://dx.doi.org/10.1007/978-3-540-73275-4_14
Watch this video
Attacks
[Wit02] M. Witteman. Advances in smartcard security. Information Security Bulletin, pages 11-22, Jul 2002. http://www.riscure.com/fileadmin/images/Docs/ISB0707MW.pdf
IIS16
Attacks
Operational» Blackmail» Burglary» Bribery
Technical» Logical» Physical» Side channel
Attackers» I: Clever outsiders» II: Knowledgeable insiders» III: Funded Organisations
IIS17
Logical attacks
The code is too complex» Hidden commands
» Parameter poisoning & Buffer overflow
» Malicious or buggy applets
» Protocol problems (e.g. retransmit)
» Proprietary crypto
Counter measures» Structured design & code inspection
» Formal methods
» Testing
IIS18
Example: RFID virus
There is a large amount of code
Generic protocols and facilities
Back end data bases
So the usual attacks:» Buffer overflow
» SQL injection “;shutdown--”
Don’t trust data from RFID tag…
[Rie06] M. R. Rieback, B. Crispo, and A. S. Tanenbaum. Is your cat infected with a computer virus? In 4th Annual IEEE Int. Conf. on Pervasive Computing and Communications (PerCom), pages 169-179, Pisa, Italy, Mar 2006. IEEE Computer Society. http://dx.doi.org/10.1109/PERCOM.2006.32
Best paperaward
IIS19
Physical attacks
The circuitry is complex and vulnerable» Chemicals & etching» SEM Voltage contrast» Probe stations» Focused Ion Beam (FIB) to make probe pads
Counter measures» Reduced feature size (100nm)» Multi layering» Protective layers» Sensors» Bus scrambling
IIS20
Low cost physical attacks
Block EEPROM writes by isolating Vpp
Rent focused Ion beam
[And97d] R. J. Anderson and M. Kuhn. Low cost attacks on tamper resistant devices. In 5th Int. Workshop on Security Protocols, volume LNCS 1361, pages 125-136, Paris, France, Apr 1997. http://dx.doi.org/10.1007/BFb0028165
IIS21
Side channel attacks
Physical phenomena can be measured» Power
» EM radiation (X-ray, light, sound)
» Time
and changed» Voltage (example later)
» Frequency (example later)
[Vua09] M. Vuagnoux and S. Pasini. Compromising electromagnetic emanations of wired andWireless keyboards. In 18th USENIX Security Symp., pages 1-16, Montreal, Canada, Aug 2009. USENIX Assoc. http://www.usenix.org/events/sec09/tech/full_papers/vuagnoux.pdf
Watch this video
Timing attack
Exponentiation by square and multiply» for i = n − 2 downto 0
» X = X2
» if (d[i] == 1) then
» X = X*M
Power trace shows bits 1 in the key
IIS22
Simple power analysis
16 rounds DES
Rounds 2 & 3
IIS23
[Koc99] P. C. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In M. J. Wiener, editor, 19th Int. Conf. on Advances in Cryptology (CRYPTO), volume 1666 of LNCS, pages 388-397, Santa Barbara, California, Aug 1999. Springer. http://www.cryptography.com/resources/whitepapers/DPA.pdf
IIS24
Differential power attacks
Difference in the third cycle due to difference in input value for encryption
IIS25
Active attacks : Power Dip
read a 0 as a 1
Protection measure» Check VCC & raise an alarm if it drops
» Problem: Fast transients during start-up may raise false alarms
Readingthreshold
Stored valueof logical zero
vcc
gnd
A power Dip at theMoment of reading
a memory cell
IIS26
Active attacks : Clock Glitch
Dump all of the memory
Replace 5MHz pulse by 4 pulses of 20MHz:1. b = answer_address
2. a = answer_length
3. If (a == 0) goto 8
4. transmit(*b)
5. b=b+1
6. a=a-1
7. goto 3
[And97d] R. J. Anderson and M. Kuhn. Low cost attacks on tamper resistant devices. In 5th Int. Workshop on Security Protocols, volume LNCS 1361, pages 125-136, Paris, France, Apr 1997. http://dx.doi.org/10.1007/BFb0028165
Glitch here
IIS27
Countermeasures
Hardware» Lower power signals
» Increase noise levels
» Introduce timing noise
Software» Parallelism
» Introduce random delays
» Constant time execution
» Blinding intermediate values
IIS28
Countermeasures
Make attacks harder but not impossible
Hard to get right
Expensive to implement
IIS29
Out of the box thinking
The humble Capacitor » Emanates acoustic signals
» Sensitive to shocks and vibration
» C A / d
IIS30
Listen to a PC multiplying
http://people.csail.mit.edu/tromer/acoustic/
Freeze 1500 μFcapacitor
IIS31
Shaking a smart card....
IIS32
Attackers business case
Attack Class
Equipment Cost Succ. Rate
Devel. Time
Exec. Time
Logical PC, card reader 1-10K Low Wks Mins
Physical PC, Probe Station, SEM, FIB,Microscope, Chemistry Lab
100K-1M
High Mnths Days
Side Channel
PC, Oscilloscope, Function Gen.
10K-100K
Med. Mnths Hours
Rental!
IIS33
Design guidelines
Define the level of security needed
Perform a risk analysis
Consider the attackers business case
Use the right technologies
Build in fraud management
Design recovery and fall-back
Consider the overall system
IIS34
IBM 4758 Crypto Coprocessor
Rolls Royce of secure devices
Tamper sensing barrier
Keys move in the RAM
Temperature & X-ray sensor
Solid aluminium case & epoxy potting
low pass filter on power supply
Used in ATMs
Hacked!
[Cla03b] R. Clayton and M. Bond. Experience using a Low-Cost FPGA design to crack DES keys. In 4th Int. Workshop on Cryptographic Hardware and Embedded Systems (CHES), volume LNCS 2523, pages 877-883, Redwood Shores, California, 2003. Springer. http://dx.doi.org/10.1007/3-540-36400-5_42
(Semi) Natural tags
IIS36
Finger printing
[Buc05] J. D. R. Buchanan, R. P. Cowburn, A.-V. Jausovec, D. Petit, P. Seem, G. Xiong, D. Atkinson, K. Fenton, D. A. Allwood, and M. T. Bryan. Forgery: 'fingerprinting' documents and packaging. Nature, 436(7050):475, Jul 2005. http://dx.doi.org/10.1038/436475a
IIS37
Philips Coating PUF
[Sko08] B. Škorić, G.-J. Schrijen, W. Ophey, R. Wolters, N. Verhaegh, and J. van Geloven. Experimental hardware for coating PUFs and optical PUFs. In P. Tuyls, B. Škorić, and T. Kevenaar, editors, Security with Noisy Data - On Private Biometrics, Secure Key Storage and Anti-Counterfeiting, pages 255-268. Springer London, 2008. http://dx.doi.org/10.1007/978-1-84628-984-2_15
MEMS particles
1x1x12 m particles, shapes
Church and school roof, power line grease/gel
Jewellery fluid
Spray vandals/thiefs
Smart water
IIS38
[Kay92] P. H. Kaye, F. Micheli, M. Tracey, E. Hirst, and A. M. Gundlach. The production of precision silicon micromachined non-spherical particles for aerosol studies. Journal of Aerosol Science, 23(Suppl 1):201-204, 1992. http://dx.doi.org/10.1016/0021-8502(92)90384-8
http://www.redwebsecurity.com/
Watch this video
IIS39
Conclusions
Affordable tamper resistance technology exists
Getting it right is difficult
Out of the box thinking required