Analysis of low-level implementations of cryptographic protocols

This thesis examines the vulnerabilities due to low-level implementation deficiencies of otherwise secure communication protocols in smart-cards. Smart-cards are considered to be one of the most secure, tamper-resistant, and trusted devices for implementing confidential operations, such as authentication, key management, encryption and decryption for financial, communication, security and data management purposes. The self-containment of smart-cards makes them resistant to attacks as they do not depend on potentially vulnerable external resources. As such, smart-cards are often incorporated in formally-verified protocols that require strong security of the cryptographic computations. Such a setting consists of a smart-card which is responsible for the execution of sensitive operations, and an Application Programming Interface (API) which implements a particular protocol. For the smart-card to execute any kind of operation there exists a confidential low-level communication with the API, responsible for carrying out the protocol specifications and requests. This communication is kept secret on purpose by some vendors, under the assumption that hiding implementation details enhances the system’s security. The work presented in this thesis analyses such low-level protocol implementations in smart-cards, especially those whose implementation details are deliberately kept secret. In particular, the thesis consists of a thorough analysis of the implementation of PKCS#11 and Bitcoin smart-cards with respect to the low-level communication layer. Our hypothesis is that by focusing on reverse-engineering the low-level implementation of the communication protocols in a disciplined and generic way, one can discover new vulnerabilities and open new attack vectors that are not possible when looking at the highest levels of implementation, thereby compromising the security guarantees of the smart-cards. We present REPROVE, a system that automatically reverse-engineers the low-level communication of PKCS#11 smart-cards, deduces the card’s functionalities and translates PKCS#11 cryptographic functions into communication steps. REPROVE deals with both standard-conforming and proprietary implementations, and does not require access to the card. We use REPROVE to reverse-engineer seven commercially available smart-cards. Moreover, we conduct a security analysis of the obtained models and expose a set of vulnerabilities which would have otherwise been unknown. To the best of our knowledge, REPROVE is the first system to address proprietary implementations and the only system that maps cryptographic functions to communication steps and on-card operations. To that end, we showcase REPROVE’s usefulness to a security ecosystem by integrating it with an existing tool to extract meaningful state-machines of the card’s implementations. To conduct a security analysis of the results we obtained, we define a threat model that addresses low-level PKCS#11 implementations. Our analysis indicates a series of implementation errors that leave the cards vulnerable to attacks. To that end, we showcase how the discovered vulnerabilities can be exploited by presenting practical attacks. The results we obtained from the PKCS#11 smart-card analysis showed that proprietary implementations commonly hide erroneous behaviours. To test the assumption that the same practice is also adopted by other protocols, we further examine the low-level implementation of the only available smart-card based Bitcoin wallets, LEDGER. We extract the different protocols that the LEDGER wallets implement and conduct a through analysis. Our results indicate a set of vulnerabilities that expose the wallets as well as the processed transactions to multiple threats. To that end, we present how we successfully mounted attacks on the LEDGER wallets that lead to the loss of the wallet’s ownership and consequently loss of the funds. We address the lack of well-defined security properties that Bitcoin wallets should conform to by introducing a general threat model. We further use that threat model to propose a lightweight fix that can be adopted by other, not necessarily smart-card-based, wallets

Getting to know your Card: Reverse-Engineering the Smart-Card Application Protocol Data Unit

Smart-cards are considered to be one of the most secure, tamper-resistant, and trusted devices for implementing confidential operations, such as authentication, key management, encryption and decryption for financial, communication, security and data management purposes. The commonly used RSA PKCS#11 standard defines the Application Programming Interface for cryptographic devices such as smart-cards. Though there has been work on formally verifying the correctness of the implementation of PKCS#11 in the API level, little attention has been paid to the low-level cryptographic protocols that implement it. We present REPROVE, the first automated system that reverse-engineers the low-level communication between a smart-card and a reader, deduces the card's functionality and translates PKCS#11 cryptographic functions into communication steps. REPROVE analyzes both standard-conforming and proprietary implementations, and does not require access to the card. To the best of our knowledge, REPROVE is the first system to address proprietary implementations and the only system that maps cryptographic functions to communication steps and on-card operations. We have evaluated REPROVE on five commercially available smart-cards and we show how essential functions to gain access to the card's private objects and perform cryptographic functions can be compromised through reverse-engineering traces of the low-level communication

Offloading cryptographic services to the SIM card in smartphones

Smartphones have achieved ubiquitous presence in people’s everyday life as communication, entertainment and work tools. Touch screens and a variety of sensors offer a rich experience and make applications increasingly diverse, complex and resource demanding. Despite their continuous evolution and enhancements, mobile devices are still limited in terms of battery life, processing power, storage capacity and network bandwidth. Computation offloading stands out among the efforts to extend device capabilities and face the growing gap between demand and availability of resources. As most popular technologies, mobile devices are attractive targets for malicious at- tackers. They usually store sensitive private data of their owners and are increasingly used for security sensitive activities such as online banking or mobile payments. While computation offloading introduces new challenges to the protection of those assets, it is very uncommon to take security and privacy into account as the main optimization objectives of this technique. Mobile OS security relies heavily on cryptography. Available hardware and software cryptographic providers are usually designed to resist software attacks. This kind of protection is not enough when physical control over the device is lost. Secure elements, on the other hand, include a set of protections that make them physically tamper-resistant devices. This work proposes a computation offloading technique that prioritizes enhancing security capabilities in mobile phones by offloading cryptographic operations to the SIM card, the only universally present secure element in those devices. Our contributions include an architecture for this technique, a proof-of-concept prototype developed under Android OS and the results of a performance evaluation that was conducted to study its execution times and battery consumption. Despite some limitations, our approach proves to be a valid alternative to enhance security on any smartphone.Los smartphones están omnipresentes en la vida cotidiana de las personas como herramientas de comunicación, entretenimiento y trabajo. Las pantallas táctiles y una variedad de sensores ofrecen una experiencia superior y hacen que las aplicaciones sean cada vez más diversas, complejas y demanden más recursos. A pesar de su continua evolución y mejoras, los dispositivos móviles aún están limitados en duración de batería, poder de procesamiento, capacidad de almacenamiento y ancho de banda de red. Computation offloading se destaca entre los esfuerzos para ampliar las capacidades del dispositivo y combatir la creciente brecha entre demanda y disponibilidad de recursos. Como toda tecnología popular, los smartphones son blancos atractivos para atacantes maliciosos. Generalmente almacenan datos privados y se utilizan cada vez más para actividades sensibles como banca en línea o pagos móviles. Si bien computation offloading presenta nuevos desafíos al proteger esos activos, es muy poco común tomar seguridad y privacidad como los principales objetivos de optimización de dicha técnica. La seguridad del SO móvil depende fuertemente de la criptografía. Los servicios criptográficos por hardware y software disponibles suelen estar diseñados para resistir ataques de software, protección insuficiente cuando se pierde el control físico sobre el dispositivo. Los elementos seguros, en cambio, incluyen un conjunto de protecciones que los hacen físicamente resistentes a la manipulación. Este trabajo propone una técnica de computation offloading que prioriza mejorar las capacidades de seguridad de los teléfonos móviles descargando operaciones criptográficas a la SIM, único elemento seguro universalmente presente en los mismos. Nuestras contribuciones incluyen una arquitectura para esta técnica, un prototipo de prueba de concepto desarrollado bajo Android y los resultados de una evaluación de desempeño que estudia tiempos de ejecución y consumo de batería. A pesar de algunas limitaciones, nuestro enfoque demuestra ser una alternativa válida para mejorar la seguridad en cualquier smartphone

A protocol for programmable smart cards

This paper presents an open protocol for interoperability across multi-vendor programmable smart cards. It allows exposition of on-card storage and cryptographic services to host applications in a unified, card-independent way. Its design, inspired by the standardization of on-card Java language and cryptographic API, has been kept as generic and modular as possible. The protocol security model has been designed with the aim of allowing multiple applications to use the services exposed by the same card, with either a cooperative or a no-interference approach, depending on application requirements. With respect to existing protocols for smart card interoperability, defining sophisticated card services intended to be hard-coded into the device hardware, this protocol is intended to be implemented in software on programmable smart cards

Eesti elektrooniline ID-kaart ja selle turvaväljakutsed

Eesti elektrooniline isikutunnistust (ID-kaart) on üle 18 aasta pakkunud turvalist elektroonilist identiteeti Eesti kodanikele. Avaliku võtme krüptograafia ja kaardile talletatud privaatvõti võimaldavad ID-kaardi omanikel juurde pääseda e-teenustele, anda juriidilist jõudu omavaid digiallkirju ning elektrooniliselt hääletada. Käesolevas töös uuritakse põhjalikult Eesti ID-kaarti ning sellega seotud turvaväljakutseid. Me kirjeldame Eesti ID-kaarti ja selle ökosüsteemi, seotud osapooli ja protsesse, ID-kaardi elektroonilist baasfunktsionaalsust, seotud tehnilisi ja juriidilisi kontseptsioone ning muid seotud küsimusi. Me tutvustame kõiki kasutatud kiipkaardiplatforme ja nende abil väljastatud isikutunnistuste tüüpe. Iga platformi kohta esitame me detailse analüüsi kasutatava asümmeetrilise krüptograafia funktsionaalsusest ning kirjeldame ja analüüsime ID-kaardi kauguuendamise lahendusi. Lisaks esitame me süstemaatilise uurimuse ID-kaardiga seotud turvaintsidentidest ning muudest sarnastest probleemidest läbi aastate. Me kirjeldame probleemide tehnilist olemust, kasutatud leevendusmeetmeid ning kajastust ajakirjanduses. Käesoleva uurimustöö käigus avastati mitmeid varem teadmata olevaid turvaprobleeme ning teavitati nendest seotud osapooli. Käesolev töö põhineb avalikult kättesaadaval dokumentatsioonil, kogutud ID-kaartide sertifikaatide andmebaasil, ajakirjandusel,otsesuhtlusel seotud osapooltega ning töö autori analüüsil ja eksperimentidel.For more than 18 years, the Estonian electronic identity card (ID card) has provided a secure electronic identity for Estonian residents. The public-key cryptography and private keys stored on the card enable Estonian ID card holders to access e-services, give legally binding digital signatures and even cast an i-vote in national elections. This work provides a comprehensive study on the Estonian ID card and its security challenges. We introduce the Estonian ID card and its ecosystem by describing the involved parties and processes, the core electronic functionality of the ID card, related technical and legal concepts, and the related issues. We describe the ID card smart card chip platforms used over the years and the identity document types that have been issued using these platforms. We present a detailed analysis of the asymmetric cryptography functionality provided by each ID card platform and present a description and security analysis of the ID card remote update solutions that have been provided for each ID card platform. As yet another contribution of this work, we present a systematic study of security incidents and similar issues the Estonian ID card has experienced over the years. We describe the technical nature of the issue, mitigation measures applied and the reflections on the media. In the course of this research, several previously unknown security issues were discovered and reported to the involved parties. The research has been based on publicly available documentation, collection of ID card certificates in circulation, information reflected in media, information from the involved parties, and our own analysis and experiments performed in the field.https://www.ester.ee/record=b541416

Securing Multi-Application Smart Cards by Security-by-Contract

La tecnología de Java Card ha evolucionado hasta el punto de permitir la ejecución de servidores y clientes Web en una tarjeta inteligente. Sin embargo, desarrollos concretos de tarjetas inteligentes multiaplicación no son aún muy corrientes dado el modelo de negocio de descarga asíncrona y actualización de aplicaciones por diferentes partes que requiere que el control de las interacciones entre las aplicaciones sea hecho después de la expedición de la tarjeta. Los modelos y técnicas de seguridad actuales no soportan dicho tipo de evolución en la tartjeta. Un enfoque prometedor para resolver este problema parece ser la idea de Seguridad-mediante-Contrato (SxC). SxC es un entorno en el que se hace obligatorio que cualquier modificación de una aplicación tras la expedición de la tarjeta traiga consigo una especificación de su comportamiento en lo que concierne a seguridad, llamado contrato. Este se debe ajustar a la política de seguridad de la tarjeta multiaplicación. A causa de los recursos limitados de estos dispositivos, el enfoque de SxC puede ser aplicado a diferentes niveles de abstracción, según un jerarquía de modelos la cual proporciona beneficios en términos de complejidad computacional o expresividad del lenguaje. El nivel de más detalle (mayor expresividad) requiere algoritmos demasiado complejos para ser ejecutados en la tarjeta, por lo que es necesario enviar datos de forma privada a una tercera parte de confianza que será la responsable de realizar la comparación del contrato y la política de la tarjeta (proceso llamado Comparación Contrato-Política) con objeto de decidir si la modificación se ajusta a la política de seguridad o no; es decir, si el cambio es aceptable según el comportamiento esperado por la tarjeta y expresado en su política. El propósito del proyecto es desarrollar un sistema el cual resuelva el problema de externalizar el proceso de Comparación Contrato-Política a una entidad externa para tarjetas inteligentes multiaplicación de Java. Este sistema debe garantizar una comunicación segura entre la tarjeta y alguna tercera parte de confianza sobre un medio inseguro. La comunicación tiene que ser segura en términos de autenticación, integridad y confidencialidad. Lograr este objetivo requiere resolver problemas tales como la gestión de identidades y claves y el uso de funciones criptográficas para hacer segura la comunicación de datos privados almacenados en la tarjeta inteligente. Es por ello que los objetivos del proyecto son: Diseñar un sistema que resuelva el problema, implementar un prototipo que demuestre la validez del sistema y validar el prototipo y valorar su idoneidad en cuestión de espacio

Recommendations for implementing a Bitcoin wallet using smart card

TCC(graduação) - Universidade Federal de Santa Catarina. Centro Tecnológico. Ciências da Computação.Bitcoin is a decentralized peer-to-peer electronic cash system that allows any two willing parties to transact directly without the need for a trusted third party. The user's funds are protected by private keys that must be kept safe, preferably not on third party wallet services, but on hardware wallets, which are the best balance between very high security and ease of use. In this work we made a review on cryptography, the Bitcoin protocol and secure elements, then we dived into the project of hardware wallets, discussing different requirements and ways to construct one. Our proposed device uses an anti tamper Java Card to store the private keys. We considered variations of the device, one with a dedicated touchscreen and another with NFC to integrate with a mobile phone. We analyzed security aspects of the project, made recommendations and described some challenges. Finally, we implemented our own open source prototype, showing the architecture of the project, its components, the requirements, the APDU communication protocol and the results

Android NFC Card Emulation

Cílem této bakalářské práce bylo seznámit se s NFC technologií, jejími bezpečnostními prvky, potencionální zranitelnosti NFC technologie a prozkoumat užití této technologie v prostředí operačního systému Android. Dalším cílem bylo implementovat aplikaci pro Android platformu, která dokáže emulovat NFC tag pro přístupové systémy. Aplikace poskytne uživatelům možnost nahradit fyzickou kartu mobilní aplikací bežící na pozadí jejich zařízení, které jim umožní přístup do prostor, které vyžadují ověření vstupujícího. Řešení bude prakticky nasazeno v prostorách VŠB-TUO.The aim of this bachelor thesis was to get familiar with NFC technology, it’s security aspects, security risks of NFC technology and take a look at it’s use in Android operating system. implement an Android aplication capable of NFC tag emulation for access systems. Aplication provides the ability to substitute a physical card with a mobile aplication running in the background of the device of it’s users and provide access to areas restricted by authorization. The implementated application will be put to use in VŠB-TUO campus.460 - Katedra informatikydobř