Accessing Secure Information using Export file Fraudulence Guillaume - - PowerPoint PPT Presentation

accessing secure information using export file fraudulence
SMART_READER_LITE
LIVE PREVIEW

Accessing Secure Information using Export file Fraudulence Guillaume - - PowerPoint PPT Presentation

Nov 29, 2023 214 likes •461 views

Accessing Secure Information using Export file Fraudulence Guillaume Bouffard 1 Tom Khefif 1 Jean-Louis Lanet 1 Ismael Kane 2 Sergio Casanova Salvia 2 1 Smart Secure Devices (SSD) Team University of Limoges Limoges, France

slide-1
SLIDE 1

Accessing Secure Information using Export file Fraudulence

Guillaume Bouffard1 Tom Khefif1 Jean-Louis Lanet1 Ismael Kane2 Sergio Casanova Salvia2

1Smart Secure Devices (SSD) Team – University of Limoges – Limoges, France

guillaume.bouffard@unilim.fr http://secinfo.msi.unilim.fr

2Applus – LGAI Technological Center – Barcelona, Spain

CRiSIS 2013 – PhD Workshop

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 1/16

1/16

slide-2
SLIDE 2

Outline

Introduction Smart Card Java Card Technology Java Card Linking Process Outside the Java Card Inside the Java Card Man-in-the-Middle Attack Objective Exploitation on the javacard.security API Conclusion

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 2/16

2/16

slide-3
SLIDE 3

The Smart Card

Widely used device

  • Credit Card;
  • (U)SIM Card;
  • Health Card (french Vitale card);
  • Pay TV;
  • . . .

This device contains sensitive data

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 3/16

3/16

slide-4
SLIDE 4

Java Card based Smart Card

  • Created by

Schlumberger in 1996.

  • Specified by Oracle
  • Provide a friendly

environment to develop secured Java applications.

Applet Applet Applet Vendor and/or Industry Spe- cific Extensions Java Card Framework and APIs Java Card Virtual Machine Card Operating System Hardware

Java Card Runtime Environ- ment

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 4/16

4/16

slide-5
SLIDE 5

Java Card Security Model

  • Off-card Security

Java Class Files Java Card Files Byte Code Verifier (BCV) Byte Code Converter Byte Code Signer

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 5/16

5/16

slide-6
SLIDE 6

Java Card Security Model

  • Off-card Security

Java Class Files Java Card Files Byte Code Verifier (BCV) Byte Code Converter Byte Code Signer

  • On-card Security

Java Card Files BCV Linker Installed applet Firewall

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 5/16

5/16

slide-7
SLIDE 7

Off-card compilation

Java Archive Application export File

Byte Code Con- verter, con- verter and signer

API export Files Application Cap File

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 6/16

6/16

slide-8
SLIDE 8

Off-card compilation

Java Archive Application export File

Byte Code Con- verter, con- verter and signer

API export Files Application Cap File

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 6/16

6/16

slide-9
SLIDE 9

Off-card compilation

Java Archive Application export File

Byte Code Con- verter, con- verter and signer

API export Files Application Cap File

Java-Class Files

  • Non-optimized for embedded devices
  • Itemized file
  • Each item is an UTF8-String

#1 - Class Reference: name=#2 #2 - UTF8 Text: fr/unilim/MyApplet #3 - UTF8 Text: process #4 - UTF8 Text: (Ljavacard/framework/APDU)V #5 - Method Reference: class=#1 signature=#6 #6 - Name/Type: name=#3 type=#4

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 6/16

6/16

slide-10
SLIDE 10

Off-card compilation

Java Archive Application export File

Byte Code Con- verter, con- verter and signer

API export Files Application Cap File

API export Files

  • Class’ item to Java Card token
  • 1 export file/Java-Package
  • The Java Card toolchain uses the

first find, first used export file.

class_info { // javacard/framework/APDU token #10 access_flags public final name_index 172 // javacard/framework/APDU export_supers_count 1 ...

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 6/16

6/16

slide-11
SLIDE 11

Off-card compilation

Java Archive Application export File

Byte Code Con- verter, con- verter and signer

API export Files Application Cap File

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 6/16

6/16

slide-12
SLIDE 12

Off-card compilation

Java Archive Application export File

Byte Code Con- verter, con- verter and signer

API export Files Application Cap File

Program export File

  • Describe each public methods shared

by the built application or API.

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 6/16

6/16

slide-13
SLIDE 13

Off-card compilation

Java Archive Application export File

Byte Code Con- verter, con- verter and signer

API export Files Application Cap File

Program CAP File

  • Tokenized file
  • Optimized for embedded devices

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 6/16

6/16

slide-14
SLIDE 14

On-Card Linking Step

Method Component ... /*0030*/ aload_2 /*0031*/ invokevirtual 0002 ... Reference Location Component ...

  • ffset_to_byte2_indices: {

... @32 ... } Constant Pool Component ... Token: 2 => CONSTANT_VirtualMethodRef: external method: 0x80, 0x12, 0x00 ... Import Component packages[0]{ // javacard.framework version: 1.2 AID: 0xA0000000620101 } ...

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 7/16

7/16

slide-15
SLIDE 15

Man-In-The-Middle

  • Attacks aims to:
  • Abuse the Off-card Java Card toolchain;
  • Link a malicious library instead of the legitimate one.
  • Hypothesis:
  • The Java Card Export folder can be corrupted;
  • The Smart Card’s loading keys are known.

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 8/16

8/16

slide-16
SLIDE 16

Principle

Applet Fake API API Attacker’s applet buildKey buildKey Key Store key Key getKeys Keys stored

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 9/16

9/16

slide-17
SLIDE 17

Modus Operandi I

  • 1. A copy of API to confuse is developed:
  • Same classes’ prototype;
  • Same methods’ prototype;
  • Package’s name?/AID?
  • 2. The developer downloaded the fake export file:
  • The Java Card uses the first find, first used policy.
  • 3. The Java-Class file to be converted is linked with our

malicious export file

  • 4. The Applet is linked with the malicious Java Card API.

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 10/16

10/16

slide-18
SLIDE 18

Modus Operandi II

Card Fake API Same AID Java-Cap file Conversion Loading API Export 1 ... Use Applet Faulty API Java-Cap File Applet Fake Export Faulty API Conversion Fake Export Export 2 Conversion Loading 1 2 3

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 11/16

11/16

slide-19
SLIDE 19

A Piece of a Java Card Crypto. Application

✞ ☎ this.desKey = (javacard.security.DESKey) javacard.security.KeyBuilder.buildKey (KeyBuilder.TYPE_DES , // key’s type KeyBuilder.LENGTH_DES , // key’s length true); // key value is encrypted // DES Key initialization this.desKey.setKey(DES_KEY_VALUE , //PIN code init. OFFSET_DES_KEY_VALUE ); ✝ ✆

  • Exploitation:
  • Develop a fake javacard.security export file;
  • The fragment of Crypto Application is linked with our malicious

export file

  • Problem: Can the application be correctly executed?

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 12/16

12/16

slide-20
SLIDE 20

A Piece of a Java Card Crypto. Application

✞ ☎ this.desKey = (javacard.security.DESKey) javacard.security.KeyBuilder.buildKey (KeyBuilder.TYPE_DES , // key’s type KeyBuilder.LENGTH_DES , // key’s length true); // key value is encrypted // DES Key initialization this.desKey.setKey(DES_KEY_VALUE , //PIN code init. OFFSET_DES_KEY_VALUE ); ✝ ✆

Object malicious.API DESKey javacard.security DESKey

=

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 12/16

12/16

slide-21
SLIDE 21

How to Execute an Ill-Linked Applet? I

Applet malicious.API.DESKey javacard.security.DESKey desKey.setKey() desKey.setKey()

  • k
  • k

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 13/16

13/16

slide-22
SLIDE 22

How to Execute an Ill-Linked Applet? II

✞ ☎ public class DESKey extends malicious.API.DESKey { private javacard.security.DESKey desKey; // Default constructor public MyDESKey (javacard.security.DESKey desKey) { this.desKey = desKey; } // Implementation of the setKey function public void setKey(byte [] keyData , short kOff) { this.desKey.setKey(keyData , kOff); } // ... } ✝ ✆

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 14/16

14/16

slide-23
SLIDE 23

The End

  • What we did?
  • A Man-in-the-Middle attack on Java Card was presented;
  • The javacard.security API was exploited;
  • How to prevent that?
  • Sign the export file!

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 15/16

15/16

slide-24
SLIDE 24

Thank you for your attention! Do you have any questions?

?

guillaume.bouffard@unilim.fr http://secinfo.msi.unilim.fr

Guillaume Bouffard (SSD Team) Accessing Secure Information using Export file Fraudulence 16/16

16/16