• No results found

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security

N/A
N/A
Protected

Academic year: 2021

Share "Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security"

Copied!
7
0
0

Loading.... (view fulltext now)

Full text

(1)

Information Security Group Activities and Research

From Smart Cards to NFC Smart Phone Security

Prof. Keith Mayes

From the Information Security Group ACE-CSR at Royal Holloway University of a London

1 2

Information Security Group (ISG)

• Established 1992

–17 Full-time Academics

–6 Postdoctoral Research Assistants –40+ PhD Students and 100+ MSc Students • Objectives

–To conduct world class information security research –To provide graduates with a broad understanding of all

aspects of information security

–To be a source of information security expertise of industrial relevance

–To maintain close links with the industry and government

Core Research Areas

• Access control

• Critical infrastructure protection • Cryptography

• Identity management • Network security

• Smartcards, security modules and mobile* • System security

• Socio-technical issues

* Carried out within ISG Smart Card Centre (SCC) established 2002

3

The ISG Smart Card Centre

• The SCC was setup in 2002 as an applied industry

-academic centre of excellence.

• Topics include smart cards, RFID, Mobile, NFC, embedded security, secure systems and protocols, current threads are:

– Transport ticketing system security.

– Mobile systems and security.

– Card payment systems and security.

– RFID/Tagging.

– Enabling technology and systems including NFC, Biometrics and attacks.

• Main supporting parties:

– RHUL, Transport for London, Orange, UK Cards Association, and ITSO.

• Postgraduates: Each year the SCC typically supervises: – 25 Masters Students

– 10 PhD Students

(2)

5

Agenda for Lecture

• Evolution of smart cards/RFIDs • Attacks/countermeasures • Near Field Communication (NFC) • NFC Security Elements

• Misuse of NFC devices as attack platforms

5

Smart Cards with Contacts

[Gemalto Images]

Chip module interface via metal contacts Card reader makes physical contact

6

Contact-less Smart Cards

Chip module interface via antenna

Reader uses RF field 7

7

Smart Card/RFID Trade-offs

8

The choice of product type has a critical effect on security and is based on threats and assumptions that often change!!

(3)

9

RFID Tags - Passive/Active

• There are many different contact-less tag/device formats

• The main classes are passive and active/powered

9

At a store near you…

Near Field Communication

• The latest standards for mobile phones support Near Field Communications (NFC)

• NFC is a equivalent to a phone contact-less interface

• The phone can behave as a smart card or token

• The phone can behave as the reader

• (www.nfc-forum.org)

10

11

Hacking a popular “sport”

• Wikipedia on the popular Hacking at Random Conference – “Hacking at Random was an outdoor hacker conference that took place in

The Netherlands in August 2009. …This conference was the most recent event in a sequence …. Galactic Hacker Party in 1989, followed by Hacking at the End of the Universe in 1993, Hacking In Progress in 1997, Hackers At Large in 2001, and What the Hack in 2005….

• A smallselection of seminars from HAR 2009….

RFID sniffer workshop: Assemble your own RFID sniffer and find RFID tags in your wallet

Cracking A5 GSM encryption

Lock picking

Side channel analysis and fault injection

Rootkits are awesome. Insider Threat for Fun and Profit

Wikileaks. History is the only guidebook civilization has, but who's the publisher?

11 12

Sniffers/Emulators/Clones

• A “Sniffer” can eavesdrop radio

transmissions.

• An “Emulator” can masquerade as any RFID if data and/or key material can be obtained

• A “Clone” is a copy of a particular genuine RFID

• A number of devices have been demonstrated (and available)

Credit: TU Graz, OpenPICC, Intel, Radboud University

(4)

13

Passive Relay

13 14

Devices that Resist Attack

• We are not only concerned about attacks against the theoretical design of the security protection, but also its implementation and associated policies.

• Attacks can be classed under generic headings. –Logical

–Physical/Fault –Timing/Side-Channel

• Attacks that target the implementation are often referred to as “tampering”.

• Specialist devices including Hardware Security Modules (HSM), Security Elements (SE), Mobile Smart cards (SIM), trusted Platform Modules (TPM) are designed to be strongly tamper-resistant.

14

15

Physical Attack Countermeasures

• In hardware security modules chip level measures include:

–Physical barriers –Active shields –Circuit scrambling –Encrypted busses –Encrypted memories

–Environment/fault sensors Source Gemalto

• In mobile equipment you have to consider

protecting/obscuring sensitive chips and interfaces

−Making things hard to get at is better than

nothing

−Try to impede the replacement of critical chips

15

• Side channel attacks exploit “leakage” from operations and the principle

is simple;

– An electronic circuit is made up of gates/transistors; switching between logic levels causes a slight variation in power consumption and RF emissions

• The attacker captures these variations (with low cost kit) and processes

them (using published techniques) in order to extract secret/sensitive information

• The attacks are effective against unprotected hardware and will extract

keys from good “logical” algorithms e.g. AES

• Specialist security hardware countermeasures include, smoothing,

additive noise, random delays, differential logic…..

16

Timing/Side Channel Attack

(5)

Trusted NFC Phone platform?

Security Applications go here…

Malware goes here!

Image from Vikas Rajole MSc report 2011

'Safebot' malware running as 'root' user

17 18

The NFC Secure Element

• Starting position: “Mobile handset is not a trusted platform”.

• Need additional trusted security component. – Most well known example is the UICC.

• SE is security core of NFC applications. – Tamper resistance - secure storage and management of

applications and keys.

– Security mechanisms, e.g. encryption of communication.

• SE facilitates two key services.

– Secure execution of sensitive applications and their data.

– Secure management of applications.

• Multiple form factors.

– SIM-SE, Phone –SE (chip), Memory Card-SE and even Software-SE!!

RIM2011

18

19

Embedded SE

SE is embedded in handset

–Smartcard in IC form factor –Works when phone off

No distinct ‘owner’

–Development opportunities –Potential trust and ownership

issues –Secure personalisation important NXP2011 iFitIt Teardown 2011 19 20

SIM/USIM as SE

• The existing SIM/USIM is the SE.

–No extra hardware. –SIM stable technology.

–Handset needs to support Single Wire Protocol (SWP).

• Owned by the MNO.

–3rdparty application access? • Variations.

–DIF-SIM: All functionality on SIM with antenna in phone.

–SIM-Flex: All functionality on SIM with attached antenna

NXP2011

Gemalto2 011

(6)

21

microSD SE

• SE added in SD memory slot

–No NFC capability required in handset

–Can add to any handset with slot –Off when phone is off

• Flexibly ownership

–3rdparty owner – open for development

–SE tied to specific owner/application

NXP2011

SDID2011

21

NFC device as an attack platform!

• Attacks currently use a lot of custom built kit.

• Hence, the interest in NFC devices as attack platforms! –Skimming - reading genuine cards.

–Clone card emulation. • An open development platform.

• Anyone can write phone reader applications. • Embedded secure elements are unlockable. • Existing APIs and developer environments. • Multiple communications links.

• A software downloaded attack application could spread very fast!

22

NFC Device as an Attack Platform!

• Attacks currently use a lot of custom built kit, hence, the interest in NFC devices as attack platforms!

– Skimming - reading genuine cards.

– Clone card emulation.

• A software downloaded attack application could spread very fast!

23

Card Cloning

Relay Attacks

24

Conclusion: Issues for Debate

• Who has access to embedded NFC functionality (and keys)

before personalisation?

• What triggers personalisation/control of embedded SEs? • Can the user opt-in/out?

• Who personalises the SE and has the keys?

• How is multi-organisation access and control managed? • How is service priority controlled and by whom?

• How does a user change MNO or bank or other SP? • How is an NFC phone “cleaned” before re-sale? • How are lost, broken and stolen phones dealt with? • How do you deal with multiple SEs in a phone?

(7)

www.isg.rhul.ac.uk

ww.scc.rhul.ac.uk

Thank you for your

attention…

Questions ?

References

Related documents

Brands in the market Apart from Kingfisher and Fos- ter’s Beer, the other brands in the Indian market are Carling Black Label, Carlsberg, Dansberg, Golden Eagle, Guru,

Subsequent to the launch of the Diabetes Expert Advisory Group’s First Report in November 2008 and the recommendations thereof, the Health Service Executive in conjunction with

— increasing regional cohesions, — securing prosperity. On the other hand, the Strategy encourages a constant search for a more efficient mechanism to manage cooperation within

The user’s login request to the web server will start the user authentication phase, where the smart card will compute the hash, using the username and password entered, and return

Broadcast CREATE MARKET LEADING CONTENT Continue to build TV brands Rebalance portfolio Deepen digital exploitation DRIVE DIGITAL TRANSFORMATION Expand non-linear services

Mechanical design is critical since large mass is moved in this type of web guide; especially the       mechanical design requires consideration for the speed, acceleration,

In particular, the TMM model seems to be effective at predicting the effect of scaling the problem size, overall thread count, the machine characteristics like memory latency and

Pada tabel 2 menunjukkan bahwa rerata kadar protein pada susu kecambah kedelai dengan kombinasi perlakuan lama perendaman dan persentase CMC berkisar antara