Smart Card security analysis Smart Card security analysis Marc Witteman, TNO.

Slides:

Advertisements

Similar presentations

Everything you always wanted to know about Smart Cards... Marc Witteman November 2001.

Advertisements

Hardware Assisted Control Flow Obfuscation for Embedded Processors Xiaotong Zhuang Tao Zhang Hsien-Hsin (Sean) Lee Santosh Pande Georgia Institute of Technology.

Differential Fault Analysis on AES Variants Kazuo Sakiyama, Yang Li The University of Electro-Communications Nagoya, Japan.

GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved Plug-in B3 HARDWARE & SOFTWARE.

Technical Issues Regarding Near Field Communication Group 16 Tyler Swofford Matthew Kotan.

G53SEC 1 Hardware Security The (slightly) more tactile side of security.

Low Cost Attack on Tamper Resistant Devices Ross Anderson, Markus Kuhn Songpol Manoonpong.

Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for.

Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.

September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

FIRST COURSE Essential Computer Concepts. XP New Perspectives on Microsoft Office 2007: Windows XP Edition2 Objectives Compare the types of computers.

Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka

IS Network and Telecommunications Risks

1 An Overview of Computer Security computer security.

Submitted by: Rahul Rastogi, CS Department.  Introduction  What is a smart card?  Better than magnetic stripe card.  Technology What’s in a card?

Side-Channel Attacks on Smart Cards. Timing Analysis Cryptosystems take different amount of time to process different inputs. Performance optimisations.

Introduction to Microprocessors Number Systems and Conversions No /6/00 Chapter 1: Introduction to 68HC11 The 68HC11 Microcontroller.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

July 1, 2004Computer Security: Art and Science © Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

Secure Group Communications in Wireless Sensor Networks December 8, 2003 CS 526 Advance Internet and Web Systems Patrick D. Cook.

Torturing OpenSSL Todd Austin University of Michigan with Andrea Pellegrini, William Arthur and Valeria Bertacco (Based on Valeria’s BlackHat 2012 Presentation)

FIRST COURSE Essential Computer Concepts. 2 Objectives Compare the types of computers Describe the components of a computer system Describe input and.

FIRST COURSE Essential Computer Concepts. XP New Perspectives on Microsoft Office 2007: Windows Vista Edition2 Objectives Compare the types of computers.

AS Computing F451 F451 Data Transmission. What data is transmitted? Phone SMS Radio TV Internet.

© Paradigm Publishing Inc. 2-1 Chapter 2 Input and Processing.

Techniques to Prevent Power Analysis on Encryption Hardware CS252 Final Project By Shengliang Song & Nikita Borisov Professor: Jan Rabaey & Kurt Keutzer.

Computer Security: Principles and Practice

Computers Are Your Future Eleventh Edition Chapter 2: Inside the System Unit Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall1.

© Paradigm Publishing Inc. 2-1 Chapter 2 Input and Processing.

Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.

LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.

Threats and Challenges in FPGA Security Ted Huffmire Naval Postgraduate School December 10, 2008.

Smart card security Nora Dabbous Security Technologies Department.

Smart Card Technology & Features

TETRA Security Security mechanisms in TETRA and how to ensure that the

1 Hardware Security AbdelRahman abu_absah Teacher: Dr. Sanaa al_sayegh.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.

Sandrine AGAGLIATE, FTFC Power Consumption Analysis and Cryptography S. Agagliate Canal+Technologies P. Guillot Canal+Technologies O. Orcières Thalès.

Title of Selected Paper: IMPRES: Integrated Monitoring for Processor Reliability and Security Authors: Roshan G. Ragel and Sri Parameswaran Presented by:

Smart Cards by Mahadev Karadigudda. * Introduction * How smart cards assist in enhancing security * Security vulnerabilities * Conclusion.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive.

Csci5233 computer security & integrity 1 An Overview of Computer Security.

1 UNIT 19 Data Security 2. Introduction 2 AGENDA Hardware and Software protect ion Network protect ion Some authentication technologies :smart card Storage.

Introduction Architecture Hardware Software Application Security Logical Attack Physical Attack Side channel Attack.

Lecture7 –More on Attacks Rice ELEC 528/ COMP 538 Farinaz Koushanfar Spring 2009.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #1-1 Chapter 1: Introduction Components of computer security Threats Policies.

Information Technology INT1001 Lecture 2 1. Computers Are Your Future Tenth Edition Chapter 6: Inside the System Unit Copyright © 2009 Pearson Education,

Embedded system security

IT SKILLS -LAB Essential Computer Concepts Mohammed Saleem

Encryption Power Crunch Tyler Morgan. Encryption & Cryptography What it is, methods, and brief description of cryptography.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

Advanced System Security Dr. Wayne Summers Department of Computer Science Columbus State University

Modeling security 1. Models - encryption r Alice and Bob have the same key k r Alice and Bob exchange encrypted messages r Eve wants to get the plaintext.

Yossi Oren, yos strudel bgu.ac.il, yossioren System Security Engineering course, Dec

Overview on Hardware Security

Essential Computer Concepts

Timing Attacks.

Secure Processing On-Chip

Practical Difficulties of Physical Attacks

1.00 Examine the role of hardware and software.

S m a r t C a r d s & S e c u r i t y E b r a h i m G h a s e m i

Presentation transcript:

Smart Card security analysis Smart Card security analysis Marc Witteman, TNO

Do we need smart card security?

What are the threats ? disclosure Confidentiality:unauthorized disclosure of information sender receiver modification Integrity:unauthorized modification of information Authenticity:unauthorized use of service

Whats inside a smart card ? CPU RAM test logic ROM EEPROM serial i/o interface security logic databus

Smart card security evaluations logical analysis: software internal analysis: hardware side channel analysis: both hw and sw

Logical analysis Communication Functional testing Protocol analysis Code review

InternalAnalysis

Internal analysis tools Etching tools Optical microscope Probe stations Laser cutters Scanning Electron Microscope Focussed Ion Beam System and more…….

Reverse engineering

Staining of ion implant ROM array

Sub micron probe station

Probing with eight needles

FIB: fuse repair

Side channel analysis Use of hidden signals –timing –power consumption –electromagnetic emission –etc.. Insertion of signals –power glitches –electromagnetic pulses

Power consumption in clock cycle peak slope time I ddq area shape

Power consumption in routines

Power consumption in programs

Timing attack on RSA RSA principle: –Key set e,d,n –Encipherment: C = M e mod n –Decipherment: M = C d mod n RSA-implementation (binary exponentiation) –M := 1 –For i from t down to 0 do: M := M * M If d i = 1, then M := M*C

Timing Attack on RSA (2)

Differential Power Analysis Assume power consumption relates to hamming weight of data Subtract traces with high and low hamming weight Resulting trace shows hamming weight and data manipulation

Fault injection on smart cards Change a value read from memory to another value by manipulating the supply power: Threshold of read value A power dip at the moment of reading a memory cell

Differential Fault Analysis on RSA Efficient implementation splits exponentiation: d p = d mod (p-1) d q = d mod (q-1) K = p -1 mod q M p = C d p mod p M q = C d q mod q M = C d mod n = ( ( (M q - M p )*K ) mod q ) * p + M p

DFA on CRT Inject a fault during CRT that corrupts M q : M q is a corrupted result of M q computation M = ( ( (M q - M p )*K ) mod q ) * p + M p subtract M and M: M - M = (((M q - M p )*K) mod q)*p - (((M q - M p )*K) mod q)*p = (x 1 -x 2 )*p compute Gcd( M-M, n ) = Gcd( (x 1 -x 2 )*p, p*q ) = p compute q = n / p

Conclusions Smart cards can be broken by advanced analysis techniques. Users of security systems should think about: –What is the value of our secrets? –What are the risks (e.g. fraud, eavesdropping) –What are the costs and benefits of fraud? Perfect security does not exist!

For information: TNO Evaluation Centre Marc Witteman PO-Box GA Delft, The Netherlands Phone: Fax: