Dr LM Cheng Director Smart Card Design Center

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Trusted Symbol of the Digital Economy 1 Bill Holmes – VP Marketing ID Platform - Smart Cards.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.
ETechnology – Smart Card Dr LM Cheng City University of Hong Kong HKIUG Conference June 2000.
Chapter 6 - Card Security Applications
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
FIT3105 Smart card based authentication and identity management Lecture 4.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Chapter 5 Cryptography Protecting principals communication in systems.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Smart Card Development in Hong Kong SIMmate 2000 Product Launch 28 November 2000 Dr LM Cheng Director Smart Card Design Center Dept. of Electronic Engineering.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
Lecture 3: Cryptographic Tools
Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.
© Neeraj Suri EU-NSF ICT March 2006 DEWSNet Dependable Embedded Wired/Wireless Networks MUET Jamshoro Computer Security: Principles and Practice Slides.
1 Introduction to Security and Cryptology Enterprise Systems DT211 Denis Manley.
1 FIPS 140 Validation for a “System-on-a-Chip” September 27, 2005 NIST Physical Testing Workshop.
©Copyrights 2011 Eom, Hyeonsang All Rights Reserved Distributed Information Processing 20 th Lecture Eom, Hyeonsang ( 엄현상 ) Department of Computer Science.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.
Crypto Bro Rigby. History
1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
1 UCR Hardware Security Primitives with focus on PUFs Slide credit: Srini Devedas and others.
CSCE 201 Introduction to Information Security Fall 2010 Data Protection.
LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.
Smart card security Nora Dabbous Security Technologies Department.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 2 “Cryptographic Tools”.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 2 – Cryptographic.
Some Perspectives on Smart Card Cryptography
Chapter 7 – Confidentiality Using Symmetric Encryption.
Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 14 October 5, 2004.
Cryptographic Hash Functions Prepared by Dr. Lamiaa Elshenawy
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 11 September 23, 2004.
My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
Biometric Encryption Base RSA Algorithm Supervisor: Ass. Prof. Dr. Dang Tran Khanh Student: Dung Ngo Dinh.
Information Systems Design and Development Security Precautions Computing Science.
The Federal Information Processing Standards (FIPS) Encryption Suite Sean Smith COSC
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
CS457 Introduction to Information Security Systems
Overview on Hardware Security
B. R. Chandavarkar CSE Dept., NITK Surathkal
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Presentation transcript:

Security and Reliability of Smart Card Smart HKID Card Forum Jan 6, 2001 Science Museum Dr LM Cheng Director Smart Card Design Center Dept. of Electronic Engineering City University of Hong Kong Good afternoon chairman, panel members and audiences, my name is Lam Yuk Lung. Today I would like to present my final year project. My project title is development of a flexible chip operating system for smart card.

Content Background General Security Features Simple Cryptographic Engine Encryption Techniques Security Standards & Assessment Physical & Electrical Reliability Electro-static Discharge

Background Type of Smart Cards Worldwide Market New Technologies requirement

Types of Smart Card Memory Card MPU IC card Crypto- processor card Contactless card

Worldwide Smart Cards Market Forecast (Millions of Dollars and Millions of Units) Data From Frost & Sullivan

New Technologies Required Data Storage Management - information protection authentication process - biometric: fingerprint, facial features, iris identification, dynamic signature recognition, speech recognition Advanced encryption methods - Elliptic Curve Cryptography, chaotic techniques, AES

Basic Internal Structure of CPU Smart Card

Possible Attacks on Smart Card UV or X-ray inspection: use high efficiency UV or X-ray to inspect the memory areas to extract important information like PIN, secret key and public key EM analysis: use electron microscope to inspect the internal structure of the mask

duplication: illegal copying of card content from one to another confusion: disturb the power supply/frequency during PIN verification to confuse the accurate enter of PIN and allow access to the protected memory duplication: illegal copying of card content from one to another

tracking: based on the protocol exchange between the terminal and the card to track the sequence of commands

Other possible attracts: attract on DES like differentiate methods attract on RSA using cyclic properties

General Smart Card Security Features Against UV or X-ray inspection: Using implementation to avoid visible of ROM Code EM analysis: Address Scrambling of memories Against confusion: Low/High voltage sensors Low/High Frequencies sensors High Frequency Protection

Against Cyclic properties: Against duplication: Security PROM Hardware Protected Unique Chip Identification Number Move Code Blocking Against Tracking: Secure authentication and data/key encryption Against DPA: Random Wait State (Advance) Current Scrambling Generator (Advance) Against Cyclic properties: No simple solutions

Protection Against Tracking Random Number Generator for dynamic key generation Cipher Engine for data protection: Block Stream

Random Number Generator For generation of session keys Digital approach can only generate pseudo random number based on Xi =(a Xi-1 + b) mod c Other use analogue approaches like VCO, white noise generator etc.

Block Cipher K1: Master Key of length 16-bit K2: Card ID of length 16-bit Process in block and errors propagate within the block Block Cipher Method – Write to Memory Block Cipher Method – Read from Memory

Stream Cipher Similar to a state machine with K1K2 as the initial state A pseudorandom number sequences generated are XOR with the Input Data to form the Output Data The data must be in sequence in order to encode and decode correctly

Encryption Techniques Encryption will modify data into irregular form for security storage and transmission. The reconstruction is achieved by using a set of relevant Keys. Two cryptosystems are currently being used, i.e. symmetric (DES/FEAL) and asymmetric (RSA, ECC). Symmetric cryptosystem requires only one common key for encryption and decryption whereas asymmetric system requires two keys, i.e. private/user key and public/system key.

Common Encryption Techniques in Smart Card Private:- Data Exchange DES (Data Encryption Standard) Public:- Key Exchange RSA (Rivet, Shamir, Adleman) ECC (Elliptic Curve Cryptography) Also for Authentication

Is Smart Card Secure? There are no perfect (100% secured) systems available Systems design and built for minimal attack risk can be treated as secure sytems Secure systems are evaluated/classified in different levels using international standards such as TCSEC/DoD (Orange -USA), ITSEC (Europe) and CCITSE (ISO15408)

Trusted Computer Security Evaluation Criteria – USA(DoD) D: Minimal protection No protection C1: Discretionary Security Protection Use control access C2: Controlled Access Protection Use accountability/auditing

B1: Labeled Security Protection B2: Structured Protection Use sensitivity (classification) labels B2: Structured Protection Use formal security policy more resistant to penetrate B3: Security domain Highly resistant to penetration. Use security administrator, auditing events and system recovery process A1: Verified protection Highly assure of penetration. Use formal specification and verification approaches.

Information Technology Security Evaluation Criteria (ITSEC) and Common Criteria (CC) – Europe&Canada EAL1 - functional tested EAL2 - structurally tested EAL3 - methodologically tested and checked

EAL6 - semi formally verified designed and tested EAL4 - methodologically designed, tested and reviewed EAL5 - semi formally designed and tested EAL6 - semi formally verified designed and tested EAL7 - formally verified designed and tested

Federal Information Processing Standards (FIPS) - evaluation FIPS 46-2 and 81 for DES FIPS 186 for Digital Signature FIPS 140-2 for Cryptographic Modules

Security evaluation requirements Cryptographic modules module interface role and services finite state machine model physical security Environmental Failure Protection/Testing (EFT/EFP)

Software security Operation security cryptographic key management cryptographic algorithm EMI/EMC self tests

Physical & Electrical Reliability Test Standard Reference Test Methodology Test Frequency 1 Salt Atmosphere CECC 90 000 48 h, 35°C, 45%HR, 5% NaCl Manufacturing product audit 2 Insertion Test Bull 10 000 insertion 3 Data Retention Semi-conductor Std. 10 years 4 ESD Protection MIL STD-883C Mtd. 8 Class 3: 4Kv Chip Characterization

Electro-static Discharge – Dry/Wet weather comparison

ESD – failure in various stages

Reliability of Contact Type Smart Card Reader Mechanical Insertion Life time – around 1-3x105 insertion For a typical flow of 105 crossing per day Each reader will only last for 3 days Assuming 30 readers installed at border, all readers have to be replaced in 90 days. Whereas, contactless type has MTBF over 115,000 hrs = over 13 years

Conclusion Smart Card is an evolutionary product Trend of use is irreversible HKID project can built a framework to make it smart More technology breakthrough is needed to make them really multi-applications Technology is fact but not miracle

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.