PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Chip Authentication for E-Passports:PACE with Chip Authentication Mapping v2
Lucjan Hanzlik, Mirosław Kutyłowski
Wrocław University of Science and Technology, Poland
ISC 2016, Honolulu
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Electronic Passport
e-passport and ebooth:1 automatic travel document inspection2 high security level3 an advanced cryptographic scheme behind it
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
E-Passportgeneral data
hardwarea chip embedded into a travel document,wireless communication with a reader
passive EPassport functionselectronic copy of the holder’s data,in particular: biometry (high quality face image, fingerprints)
active functionsa secure cryptographic suite for interaction with a DocumentVerifier
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
E-Passportgeneral data
hardwarea chip embedded into a travel document,wireless communication with a reader
passive EPassport functionselectronic copy of the holder’s data,in particular: biometry (high quality face image, fingerprints)
active functionsa secure cryptographic suite for interaction with a DocumentVerifier
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
E-Passportgeneral data
hardwarea chip embedded into a travel document,wireless communication with a reader
passive EPassport functionselectronic copy of the holder’s data,in particular: biometry (high quality face image, fingerprints)
active functionsa secure cryptographic suite for interaction with a DocumentVerifier
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Security issues
data quality
passport holder’s data confirmed by the passport Issuer in a strongcryptographic way:
upside: data forgery infeasible (as long as crypto not broken)
downside: high quality data might be transferred to a third party⇒ a digital signature for personal data authenticationcreates a security threat
ePassport as a “ticket”
no clones: infeasible to create a device mimicking the ePassport,e.g. no replay attacks
presence: the ePassport must be physically present duringinspection
unauthorized use
ePassport must not be activated without the consent of its holder
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Security issues
data quality
passport holder’s data confirmed by the passport Issuer in a strongcryptographic way:
upside: data forgery infeasible (as long as crypto not broken)
downside: high quality data might be transferred to a third party⇒ a digital signature for personal data authenticationcreates a security threat
ePassport as a “ticket”
no clones: infeasible to create a device mimicking the ePassport,e.g. no replay attacks
presence: the ePassport must be physically present duringinspection
unauthorized use
ePassport must not be activated without the consent of its holder
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Security issues
data quality
passport holder’s data confirmed by the passport Issuer in a strongcryptographic way:
upside: data forgery infeasible (as long as crypto not broken)
downside: high quality data might be transferred to a third party⇒ a digital signature for personal data authenticationcreates a security threat
ePassport as a “ticket”
no clones: infeasible to create a device mimicking the ePassport,e.g. no replay attacks
presence: the ePassport must be physically present duringinspection
unauthorized use
ePassport must not be activated without the consent of its holder
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Requirementsfor ePassport
The verifier must be sure that:
1 he is talking with a genuine ePassport
2 the data received really come from this ePassport
The ePassport:
1 must know that it is talking with an authorized reader
2 interacts only when presented by its holder
In particular, ePassport must be a secure device, working exactlyaccording to specification and manipulation resistant.
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
ICAO standardsInternational Civil Aviation Organization
Role of ICAO
ICAO creates the facto standards
if a passport has to be recognized worldwide, then itnecessary to adhere to the standard
pragmatic: minimalistic requirements, somewhat insecure
... but improving step by step
Problems
1 10 years validity period for passports, backward compatibility
2 conflicting interests/approaches (e.g. regarding personaldata protection)
3 system scale, number of authorities worldwide making finaldecisions
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Design criteria
hardwaresimple and inexpensive chipsmall memory, low computational complexity, lowcommunication complexity
protocolslong term stability of protocolsfuture security extensions without major rebuilding
systemminimalistic infrastructurestandard components, solutions already checked inpractice, . . .
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Basic Components
Terminal Authentication
the terminal proves its rights to access the data from the ePassport
Chip Authentication
the ePassport proves that it is a genuine one and has been issued by thepassport authorities
Password Authentication
the ePassport checks that the reader has got a password/Card AccessNumber/PIN from the document holder
Secure Channel
a channel established between the reader and the ePassport guaranteesdata confidentiality and integrity
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Realization
Optimizationtry to achieve combined goals with one protocoltime and space complexity is critical – strict boundshardware acceleration for certain cryptographicoperations–no freedom to redesign the cryptographic coprocessor
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACEmain points
Password Authenticated Connection Establishment
1 creates an authenticated encrypted channel iff correct passwordused by the reader
2 password guessing as hard as possible:
a reader interacting with a chip may try one password persessionno offline dictionary attacks
3 designed by German BSI authority, adopted by ICAO
4 in the future obligatory for biometric passports in the EU
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACEversions
PACE-GMPACE General Mapping: originally designed by BSIdesigned to avoid US patents
PACE-IMPACE Integrated Mapping: PACE redesigned in Francesimplifications, efficiency improvements
(again patents)
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACE-GMparameters
Chip Readerholds: holds:
π - password π - password, input fromowner
parameters
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACEpassword dependent data
Chip Reader
Kπ := H(0||π) Kπ := H(0||π)choose s ← Zq
z := ENC(Kπ , s)z−→
s := DEC(Kπ , z)choose yA ← Z∗q choose yB ← Z∗qYA := gyA YB := gyB
YB←−−abort if YB 6∈ 〈g〉\{1}
YA−−→ abort if YA 6∈ 〈g〉\{1}h := Y yA
B , g := h · gs h := Y yBA , g := h · gs
choose y ′A ← Z∗q choose y ′B ← Z∗qY ′A := gy′A Y ′B := gy′B
Y ′B←−−
check Y ′B 6= YBY ′A−−→ check Y ′A 6= YA
K := Y ′By′A K := Y ′A
y′B
K... := H(...||K ) K... := H(...||K )
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACEthe first DH key exchange - base establishment
Chip ReaderKπ := H(0||π) Kπ := H(0||π)choose s ← Zqz := ENC(Kπ , s)
z−→s := DEC(Kπ , z)
choose yA ← Z∗q choose yB ← Z∗qYA := gyA YB := gyB
YB←−−abort if YB 6∈ 〈g〉\{1} YA−−→ abort if YA 6∈ 〈g〉\{1}
h := Y yAB , g := h · gs h := Y yB
A , g := h · gs
choose y ′A ← Z∗q choose y ′B ← Z∗qY ′A := gy′A Y ′B := gy′B
Y ′B←−−
check Y ′B 6= YBY ′A−−→ check Y ′A 6= YA
K := Y ′By′A K := Y ′A
y′B
K... := H(...||K ) K... := H(...||K )
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACEthe second Diffie-Hellman for key establishment
Chip ReaderKπ := H(0||π) Kπ := H(0||π)choose s ← Zqz := ENC(Kπ , s)
z−→s := DEC(Kπ , z)
choose yA ← Z∗q choose yB ← Z∗qYA := gyA YB := gyB
YB←−−abort if YB 6∈ 〈g〉\{1}
YA−−→ abort if YA 6∈ 〈g〉\{1}h := Y yA
B , g := h · gs h := Y yBA , g := h · gs
choose y ′A ← Z∗q choose y ′B ← Z∗qY ′A := gy′A Y ′B := gy′B
Y ′B←−−check Y ′B 6= YB Y ′A−−→
check Y ′A 6= YA
K := Y ′By′A K := Y ′A
y′B
K... := H(...||K ) K... := H(...||K )
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACEfinal phase - proof of possession and deriving keys
Chip Reader
. . . . . .K := Y ′B
y′A K := Y ′Ay′B
KENC := H(1||K ) KENC := H(1||K )KMAC := H(2||K ) KMAC := H(2||K )K ′MAC := H(3||K ) K ′MAC := H(3||K )
TA := TB :=MAC(K ′MAC , (Y
′B ,G)) MAC(K ′MAC , (Y
′A,G))
TB←−−
abort if TB invalidTA−−→
abort if TA invalid
the chip interrupts if it discovers that the tag of the reader is wrong,
until this moment all data sent to the reader by the chip have uniformprobability distribution for every password ...
... and for every choice of the reader
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACE IMIntegrated mapping
PACE-GM
ePassport: Reader:choose yC ←R Z∗q choose yR ←R Z∗qYC = gyC YR = gyR
YR←−abort if ...
YC−→ abort if ...h = Y yC
R h = Y yRC
g = h · gs g = h · gs
PACE-IM
ePassport: Reader:choose r ←R Z∗q
r←−g = HashEC(s, r) g = HashEC(s, r)
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACE CAMpassword authentication, key establishment, chip authentication
Goal
make minimal changes in PACE so that it provides chip authentication aswell
History
reusing randomness for Schnorr Signature:PACE-AA Protocol for Machine Readable Travel Document, and its Security, J.Bender, O.Dagdelen,
M. Fischlin, D.Kugler, Financial Crypto 2012
the current trick from CAM:Simplified PACE-AA Protocol, L.Hanzlik, L.Krzywiecki, M.Kutyłowski, ISPEC 2013, May 2013
the same:The PACE-CA Protocol for Machine Readable Travel Documents, J.Bender, M. Fischlin, D.Kugler,
INTRUST 2013, 2013
adopted by ICAO under the name CAM:ISO/IEC JTC1 SC17 WG3/TF5 for ICAO. Supplemental Access Control for Machine Readable Travel
Documents v1.1. April 2014.
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACE CAMSlides from ISPEC’2013
Chip Readerπ xA, XA = gxA π
random s chosenENC(Kπ,s)−−−−−−−→ retrieve s
choose yA ← Z∗q choose yB ← Z∗q
YA := gyAYB := gyB
abort if ...YA−−→ abort if ...
h := Y yAB , g := h · gs
h := Y yBA , g := h · gs
choose y ′A ← Z∗q choose y ′B ← Z∗q
Y ′A := gy′AY ′B←−− Y ′B := gy′B
check ...Y ′A−−→ check ...
K... := H(...||Y ′By′A ) K... := H(...||Y ′A
y′B )...tags checked ... ...tags checked
w := yA/xA
EK ′SC(w,certA))
−−−−−−−−−→ decrypt with K ′SCcheck certificate certAabort if X w
A 6= YA
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACE CAM, more secure version (not adoptedby ICAO)Slides from ISPEC’2013
Chip Readerπ, xA, XA = gxA π
random s chosenENC(Kπ,s)−−−−−−−→ retrieve s
choose yA ← Z∗q choose yB ← Z∗q
YA := X yAA
YB := gyB
YB←−−abort if ...
YA−−→ abort if ...
h := (Y yAB )xA , g := h · gs
h := Y yBA , g := h · gs
choose y ′A ← Z∗q choose y ′B ← Z∗q
Y ′A := gy′AY ′B←−− Y ′B := gy′B
check ...Y ′A−−→ check ...
K... := H(...||Y ′By′A ) K... := H(...||Y ′A
y′B )...tags checked ... ...tags checked
w := yA
EK ′SC(w,certA))
−−−−−−−−−→ decrypt with K ′SCcheck certificate certAabort if X w
A 6= YA
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACE CAM versus IM
Problemsit does work for PACE GM onlybut PACE IM more efficient
should we fall back to PACE GM?No. Solution given in this paperMoreover, the security argument based on reduction toa standard crypto assumption (SDH-2).
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACE CAM with PACE IMnew version for the SAC standard
ePassport: Reader:password π password πsecret key skCpublic key pkCcertificate certC for pkCKπ = Hash(π) Kπ = Hash(π)choose s ← Zq
z = Enc(Kπ, s) z−→s = Dec(Kπ, z)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Mapping Function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .derive g1 with IM or GM derive g1 with IM or GM
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .choose y′C ← Z∗q choose y′R ← Z∗qY ′C = g1
y′C Y ′R = g1y′R
Y ′R←−−Y ′C−−→
K = Y ′Ry′C K = Y ′C
y′Rderive other keys from K derive other keys from Kw = y′C/skCc = Enc(K ′Enc, (w, certC ))
c−→(w, certC ) = Dec(K ′Enc, c)check certC and extract pkCabort if e(Y ′C , g2) 6= e(g, pkC )w
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
PACE CAM with IMproperties
implementation issues
pairings used, but only on the side of the reader
the ePassport needs to perform computations in the first group only
computing pairings on the reader is not a problem (no resourcelimitations)
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Main propertiesproperties
AKE Security
easy, follows from the proof for PACE
Impersonation Resistance
a draft to be in the paper: a reduction to 2-Strong DH Problem:
Given (g1, gx1 , g
x2
1 , g2, gx2 ) ∈ G3
1× ∈ G22,
output (c, g1/(x+c)1 ) ∈ Zq ×G1.
the reduction construction is relatively short, but tedious to follow
Other
other nice properties inherited from PACE: simultability, behavior duringfaulty sessions, resilience to ephemeral key leakage, ...proofs analogous to the ideas from ISPEC 2013
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Conclusions
Achieved
security based on a standard assumption
no pairings on the chip required
minimal changes to the existing standard
Challenges
is it optimal?hard to imagine how to simplify it...
it might be that we still have no ultimate solution for all ePassportcomponents (e.g. Terminal Authentication and its PKI)
PACE CAM v.2
Hanzlik,Kutyłowski
E-Passport
ProtocolDesign
PACE
PACE IM
PACE CAM
Solution forPACE IM
SecurityAnalysis
Conclusions
Thanks for your attention!
Contact data1 [email protected]
2 http://kutylowski.im.pwr.edu.pl
3 http://cs.pwr.edu.pl