Everything you always wanted to know about Smart Cards...

1
Everything you always wanted to know about Smart
Cards...

• Marc Witteman
• ltWitteman_at_Riscure.comgt
• November 2001

2
Contents

• Secure communication
• threats
• objective of cryptography
• cryptographic services, principles and algorithms
• Smart cards
• concepts
• applications
• architecture
• Security
• basic security features
• attacks
• counter measures

3
What are the threats ?
receiver
sender
Confidentiality unauthorized disclosure of
information Integrity unauthorized
modification of information Authenticity unautho
rized use of service
4
Objective of cryptography

• Giving trust in
• authenticity of message and/or sender
• integrity of message
• (sometimes) confidentiality of message
• by using an algorithm based on a secret shared
  between participants in a scheme.

5
Cryptographic services

• Encryption (confidentiality)

Message Authentication Codes (integrity)
Electronic signatures (authentication)
6
Cryptographic principles

• based on
• key secrecy
• strong algorithms
• difficult to guess key from message/ciphertext
  pairs
• sufficient key length (brute force)
• Kerckhoffs principle
• strength should reside in secrecy of key,
• not in secrecy of algorithm

7
Cryptographic algorithms (1)

• Classical systems
• transposition (mixing character sequence)
• substitution (changing characters)
• poly-alphabetic substitution (Viginere, Hagelin)
• easily broken, using language statistics

8
Cryptographic algorithms (2)

• Today two kinds of algorithms
• repetitive permutations and substitutions of
  bits
• DES, 3-DES, IDEA, RC5, Blowfish
• secret key
• mathematical calculations
• RSA, Rabin, ElGamal, zero-knowledge, elliptic
  curve
• public key

9
Smart card concepts

• A smart card
• can store data (e.g. profiles, balances, personal
  data)
• provides cryptographic services (e.g.
  authentication, confidentiality, integrity)
• is a microcomputer
• is small and personal
• is a secure device

10
Smart card application areas

• Communication
• Entertainment
• Retail
• Transportation
• Health care

• Government
• E-commerce
• E-banking
• Education
• Office

11
Smart card applications (1)

• Retail
• Sale of goodsusing Electronic Purses, Credit /
  Debit
• Vending machines
• Loyalty programs
• Tags smart labels

• Communication
• GSM
• Payphones
• Transportation
• Public Traffic
• Parking
• Road Regulation (ERP)
• Car Protection

• Entertainment
• Pay-TV
• Public event access control

12
Smart card applications (2)

• Healthcare
• Insurance data
• Personal data
• Personal file
• Government
• Identification
• Passport
• Driving license

• E-commerce
• sale of information
• sale of products
• sale of tickets, reservations
• E-banking
• access to accounts
• to do transactions
• shares

13
Smart card applications (3)

• Office
• Physical access
• Network access
• Time registration
• Secure e-mail Web applications

• Educational facilities
• Physical access
• Network access
• Personal data (results)
• Copiers, vending machines, restaurants, ...

14
Smart card architecture
Physical appearance Credit card or SIM
dimensions Contacts or contactless
15
Whats inside a smart card ?
Central Processing Unit heart of the chip
CPU
16
Whats inside a smart card ?
security logic detecting abnormal
conditions, e.g. low voltage
CPU
security logic
17
Whats inside a smart card ?
serial i/o interface contact to the outside
world
CPU
security logic
serial i/o interface
18
Whats inside a smart card ?
test logic self-test procedures
CPU
security logic
serial i/o interface
19
Whats inside a smart card ?

• ROM
• card operating system
• self-test procedures
• typically 16 kbytes
• future 32/64 kbytes

CPU
security logic
serial i/o interface
20
Whats inside a smart card ?
RAM scratch pad of the processor typically
512 bytes future 1 kbyte
CPU
security logic
serial i/o interface
21
Whats inside a smart card ?

• EEPROM
• cryptographic keys
• PIN code
• biometric template
• balance
• application code
• typically 8 kbytes
• future 32 kbytes

CPU
security logic
serial i/o interface
22
Whats inside a smart card ?
databus connection between elements of the
chip 8 or 16 bits wide
23
Smart card chip
24
Basic smart card security features

• Hardware
• closed package
• memory encapsulation
• fuses
• security logic (sensors)
• cryptographic coprocessors and random generator
• Software
• decoupling applications and operating system
• application separation (Java card)
• restricted file access
• life cycle control
• various cryptographic algorithms and protocols

25
Smart card attacks
Side Channel Attacks
Internal Attacks
Logical Attacks
26
etching tools Microscope Probe station laser
cutters Scanning Electron Microscope Focussed Ion
Beam System and more.
Internal Attacks
Lab pictures provided by TNO
27
Reverse engineering
28
Staining of ion implant ROM array
29
Sub micron probe station
30
Probing with eight needles
31
FIB fuse repair
32
Internal attack counter measures

• Alarm (sensors)
• light
• active grid
• Hide
• feature size (lt 300 nm)
• multi-layer
• buried bus
• bus scrambling
• shield
• Confuse
• glue logic
• redundant logic

33
Logical attacks
Communication
Command scan File system scan Invalid /
inopportune requests Crypt-analysis and protocol
abuse
34
Logical attack counter measures

• Command scan
• limit command availability
• restrict and verify command coding
• life cycle management
• File system scan
• restrict file access
• test file access mechanisms (PIN. AUT, etc)
• Invalid / inopportune requests
• exclude non-valid behaviour
• verify conformance
• Crypt analysis and protocol abuse
• publish algorithms and initiate public discussion
• evaluate crypto algorithm and protocol

35
Side channel Attacks
Use of hidden signals electromagnetic
emission power consumption timing Insertion of
signals power glitches electromagnetic pulses
36
Power analysis
peak
shape
slope
Iddq
area
time
37
Power waveform
38
Fault injection on smart cards

• Change a value read from memory to another value
  by manipulating the supply power

39
Side channel attack counter measures

• Signal analysis
• reduce processor signal by balancing or
  equalising the power and/or shielding the
  emission
• add noise to the processor activity (both in time
  and amplitude)
• eliminate timing relation with processed key and
  or data
• variable ordering of processes
• blinding of intermediate values with random
  values
• retry counters
• limited control and visibility of crypto input
  and output
• Signal insertion
• use sensors for supply voltage, light and
  temperature
• double implementation path (for verification)
• check for runtime parameter validity

40
Conclusions

• Smart card technology is emerging, applications
  are everywhere
• Smart cards enhance service and security
• Perfect security does not exist, even not for
  smart cards
• Risk analysis is essential

More info? Mailto info_at_riscure.com