Everything you always wanted to know about Smart Cards...

Marc Witteman

<Witteman@Riscure.com>

November 2001

Contents• Secure communication

– threats

– objective of cryptography

– cryptographic services, principles and algorithms

• Smart cards– concepts

– applications

– architecture

• Security– basic security features

– attacks

– counter measures

What are the threats ?

Confidentiality: unauthorized disclosuredisclosure of information

Integrity: unauthorized modificationmodification of information

Authenticity: unauthorized useuse of service

sender receiver

Objective of cryptography

• Giving trust in:– authenticity of message and/or sender

– integrity of message

– (sometimes) confidentiality of message

• by using an algorithm based on a secret shared between participants in a scheme.

Cryptographic servicesEncryption (confidentiality)

encryption decryptionmessage message

Key Key

Key= ?encryptionmessage

Key

encryption

MAC

MAC

message

= ?

Key

Challenge

encryption

Key

encryption

responseresponse

Message Authentication Codes (integrity)

Electronic signatures (authentication)

Cryptographic principles

• based on:– key secrecy

– strong algorithms

– difficult to guess key from message/ciphertext pairs

– sufficient key length (brute force)

• Kerckhoffs’ principle:– strength should reside in secrecy of key,

– not in secrecy of algorithm

Classical systems:

• transposition (mixing character sequence)

• substitution (changing characters)

• poly-alphabetic substitution (Viginere, Hagelin)

easily broken, using language statistics

Cryptographic algorithms (1)

Cryptographic algorithms (2)

Today two kinds of algorithms:

• repetitive permutations and substitutions of bits:– DES, 3-DES, IDEA, RC5, Blowfish …

– secret key

• mathematical calculations– RSA, Rabin, ElGamal, zero-knowledge, elliptic curve…

– public key

Smart card concepts

A smart card:• can store data (e.g. profiles, balances, personal data) • provides cryptographic services (e.g. authentication,

confidentiality, integrity)• is a microcomputer• is small and personal• is a secure device

1234 5678 8910

Anne Doe

Smart card application area’s

• Communication• Entertainment• Retail• Transportation• Health care

• Government• E-commerce• E-banking• Education• Office

Smart card applications (1)

• Retail– Sale of goods

using Electronic Purses, Credit / Debit

– Vending machines

– Loyalty programs

– Tags & smart labels

• Communication– GSM

– Payphones

• Transportation– Public Traffic

– Parking

– Road Regulation (ERP)

– Car Protection• Entertainment

– Pay-TV

– Public event access control

Smart card applications (2)

• Healthcare– Insurance data

– Personal data

– Personal file

• Government– Identification

– Passport

– Driving license

• E-commerce– sale of information

– sale of products

– sale of tickets, reservations

• E-banking– access to accounts

– to do transactions

– shares

Smart card applications (3)

• Educational facilities– Physical access

– Network access

– Personal data (results)

– Copiers, vending machines, restaurants, ...

• Office– Physical access

– Network access

– Time registration– Secure e-mail & Web applications

Smart card architecture

Vcc

Reset

Clock

Gnd

Vpp

I/O

Physical appearance:Credit card or SIM dimensionsContacts or contactless

What’s inside a smart card ?

CPU

Central ProcessingUnit:

heart of the chip

What’s inside a smart card ?

CPU

security logic

security logic

security logic:

detecting abnormal conditions,

e.g. low voltage

What’s inside a smart card ?

CPU

serial i/ointerfaceserial i/ointerface

security logic

security logic

serial i/o interface:

contact to the outside world

What’s inside a smart card ?

CPUtest logic

serial i/ointerfaceserial i/ointerface

security logic

security logic

test logic:

self-test procedures

What’s inside a smart card ?

CPUtest logic

ROM

serial i/ointerfaceserial i/ointerface

security logic

security logic

ROM:

– card operating system– self-test procedures– typically 16 kbytes– future 32/64 kbytes

What’s inside a smart card ?

CPU

RAM

test logic

ROM

serial i/ointerfaceserial i/ointerface

security logic

security logic

RAM:

‘scratch pad’ of the processor

typically 512 bytesfuture 1 kbyte

What’s inside a smart card ?

CPU

RAM

test logic

ROM

EEPROMserial i/ointerfaceserial i/ointerface

security logic

security logic

EEPROM:

–cryptographic keys–PIN code–biometric template–balance–application code–typically 8 kbytes–future 32 kbytes

What’s inside a smart card ?

CPU

RAM

test logic

ROM

EEPROMserial i/ointerfaceserial i/ointerface

security logic

security logic

databus databus:

connection between elements of the chip

8 or 16 bits wide

Smart card chip

Basic smart card security features

• Hardware– closed package

– memory encapsulation

– fuses

– security logic (sensors)

– cryptographic coprocessors and random generator

• Software– decoupling applications and operating system

– application separation (Java card)

– restricted file access

– life cycle control

– various cryptographic algorithms and protocols

Smart card attacks

Internal Attacks

Side Channel Attacks

Logical Attacks

InternalInternalAttacksAttacks

etching toolsMicroscopeProbe stationlaser cuttersScanning Electron MicroscopeFocussed Ion Beam Systemand more…….

Lab pictures provided by TNO

Reverse engineering

Staining of ion implant ROM array

Sub micron probe station

Probing with eight needles

FIB: fuse repair

Internal attack counter measures

• Alarm (sensors)– light

– active grid

• Hide– feature size (< 300 nm)

– multi-layer

– buried bus

– bus scrambling

– shield

• Confuse– glue logic

– redundant logic

Logical attacks

CommunicationCommunication

Command scanFile system scanInvalid / inopportune requestsCrypt-analysis and protocol abuse

Logical attack counter measures• Command scan

– limit command availability

– restrict and verify command coding

– life cycle management

• File system scan– restrict file access

– test file access mechanisms (PIN. AUT, etc)

• Invalid / inopportune requests– exclude non-valid behaviour

– verify conformance

• Crypt analysis and protocol abuse– publish algorithms and initiate public discussion

– evaluate crypto algorithm and protocol

Side channelSide channel

AttacksAttacksUse of ‘hidden’ signals

electromagnetic emissionpower consumptiontiming

Insertion of signalspower glitcheselectromagnetic pulses

Power analysis

peak

slope

time

IIddqddq

area

shape

Power waveform

Fault injection on smart cards

Change a value read from memory to another value by manipulating the supply power:

Threshold ofread value A power dip at the

moment of reading amemory cell

Side channel attack counter measures

• Signal analysis– reduce processor signal by balancing or equalising the power and/or shielding the emission

– add noise to the processor activity (both in time and amplitude)

– eliminate timing relation with processed key and or data

– variable ordering of processes

– blinding of intermediate values with random values

– retry counters

– limited control and visibility of crypto input and output

• Signal insertion– use sensors for supply voltage, light and temperature

– double implementation path (for verification)

– check for runtime parameter validity

Conclusions

• Smart card technology is emerging, applications are everywhere

• Smart cards enhance service and security• Perfect security does not exist, even not for smart cards• Risk analysis is essential

More info? Mailto: info@riscure.com