crypto puces 2011 introduction state of the art
play

CryptoPuces 2011 Introduction State of the art SCWS / BIP The - PowerPoint PPT Presentation

Sep 23, 2022 •427 likes •669 views

Matthieu BARREAUD, Guillaume BOUFFARD & Jean-Louis LANET {matthieu.barreaud,guillaume.bouffard,jean-louis.lanet}@xlim.fr SSD team XLIM University of Limoges http://secinfo.msi.unilim.fr This work is based on the M1 students project.

  1. Matthieu BARREAUD, Guillaume BOUFFARD & Jean-Louis LANET {matthieu.barreaud,guillaume.bouffard,jean-louis.lanet}@xlim.fr SSD team – XLIM – University of Limoges http://secinfo.msi.unilim.fr This work is based on the M1 students project. Thanks to Mamadou BALDE, Amine BELHOCINE, Silvère CAINAUD, Jérémie CLEMENT, Romain SEVERIN, Nicolas TARRIOL and Lylia TIKOBAINI. Crypto’Puces 2011

  2.  Introduction  State of the art ◦ SCWS / BIP ◦ The HTTP protocol ◦ The fuzzing  Fuzzing on a SCWS ◦ Aims ◦ HTTP smart card features ◦ Tests generation ◦ Logging ◦ Parallelization  Experimental results  Conclusions 2

  3.  Smart cards are essentials: ◦ Payment: credit card, moneo, etc. ◦ Transport: ticketing in public transport, etc. ◦ Insurance: Health Care card, etc. ◦ Telephony: SIM card (mobile), etc.  Hyper Text Transfer Protocol (HTTP) is a new implemented technology in smart card world.  Problem: ◦ How to ensure the HTTP implementation robustness? 3

  4.  mNFC JavaCard 2.2 Smart Card Web Server (SCWS)  http://127.0.0.1:3516  Short-range wireless technologies (- 10 cm)  SCWS is both a server and a client application: ◦ In server mode, SCWS is used by the subscriber using a WAP browser implemented in his handset. ◦ In client mode, SCWS is used by the Card Issuer in order to administrate the SCWS from a server.  In our case, we use the SCWS in server mode.  SCWS communicates with BIP commands 4

  5. 5

  6.  We can access the SCWS in: ◦ Remote to administrate the SCWS  Administrative commands : add a user, change a password, etc.  The Access Control Policy (ACP) is stocked in the card ◦ Local to communicate with the SCWS 6

  7.  HTTP request representation: GET /index.html HTTP/1.1 \r\n Host: 127.0.0.1:3516 \r\n … \r\n \r\n  Creation of an interactive HTTP Backus Normal Form (BNF) 7

  8.  It is a software testing technique  It provides invalid, unexpected or random data to the inputs of a computer program, protocol implementation, … in order to crash it.  Fuzzing is used to find security flaws in software or computer systems.  There are two types of fuzzer: ◦ Mutation based fuzzer : mutates existing data samples to create test data ◦ Generation based fuzzer : defines new test data based on data models and state models 8

  9.  Advantages / Drawbacks of fuzzer types: ◦ Mutation  Limited  Fast to implement  Slow execution because of cases number ◦ Generation  Full  Implementation is time consuming  Slow execution because of cases number 9

  10.  We verify the correctness implementation of the smart card HTTP protocol  Work in black box without knowledge of the system  Have a generic data model, usable anywhere (not only on smart card)  Accurate results analysis: ◦ Determine if the smart card has a not expected behavior ◦ We analyze the card return value.  Choose the type of mutation: ◦ Mutate all possible values or only part of them? 10

  11.  How to know the SCWS implemented features ?  We developed PyHAT!  Which reduces the amount of methods to fuzz 11

  12. 12

  13. Search HTTP implemented features PyHAT Send invalid data Interface PEACH Return card state Send invalid data APDU Response Smart Card 13

  14.  During the fuzzing step, we need to: ◦ Log each test ◦ To find some implementation errors  A log file is created for each fuzzed method  The request sent is saved with the full APDU command 14

  15. ----- RECEIVE DATA TERMINAL RESPONSE ----- TRANSMIT (total): 80 14 00 00 44 01 03 01 42 01 02 02 82 81 03 01 00 36 81 32 47 45 54 20 2F 74 65 73 74 31 2E 68 74 6D 6C 20 48 54 54 50 2F 31 2E 31 0D 0A 48 6F 73 74 3A 20 31 32 37 2E 30 2E 30 2E 31 3A 33 35 31 36 0D 0A 0D 0A 37 01 00 TRANSMIT (request only): GET /test1.html HTTP/1.1 Host: 127.0.0.1:3516 RESPONSE (total): STATUS WORD : 91 FE 15

  16. ----- SEND DATA ----- TRANSMIT (total): 80 12 00 00 FE RESPONSE (total): 48 54 54 50 2F 31 2E 31 20 32 30 30 20 0D 0A 43 6F 6E 74 65 6E 74 2D 4C 65 6E 67 74 68 3A 31 33 37 0D 0A 45 54 61 67 3A 20 22 30 30 30 33 22 0D … RESPONSE (request only): HTTP/1.1 200 Content-Length:137 ETag : “0003” Content-Encoding: gzip Content-Type: text/html STATUS WORD : 90 00 16

  17. PEACH peach.exe – pX,Y ./fuzz_http.xml -p3,0 -p3,1 -p3,2 XML 1 XML 2 XML 3 Interface 17

  18.  No HTTP card response when “ \r\n\r\n ” is not in the request but there is a correct Status Word ( 90 00 ).  SCWS does not compress in GZIP  PUT method permits to overwrite existing webpages 18

  19. ----- RECEIVE DATA TERMINAL RESPONSE ----- TRANSMIT (total): 80 14 00 00 3F 01 03 01 42 01 02 02 82 81 03 01 00 36 81 2D 47 45 54 … 0A 0D 0A 37 01 00 TRANSMIT (request only): GET /index.html HTTP/1.1 Host: 127.0.0.1 RESPONSE (total): STATUS WORD : 91 B1 ----- FETCH (SEND DATA) ----- TRANSMIT : 80 12 00 00 B1 RESPONSE (request only): HTTP/1.1 200 Content-Length:85 ETag : “059B” Content-Type: text/html <html><head><title>Hello World</title></head> <body><h1>Hello World</h1></body></html> STATUS WORD : 90 00 19

  20. ----- RECEIVE DATA TERMINAL RESPONSE ----- TRANSMIT (total): 80 14 00 00 C0 01 03 01 42 01 02 02 82 81 03 01 00 36 81 AE 50 55 54 20 … 6C 3E 37 01 00 TRANSMIT (request only): PUT /index.html HTTP/1.1 Host: 127.0.0.1 Content-Length:85 Content-Type: text/html <html><head><title>AAAAAAAAAAA</title></head> <body><h1>BBBBBBBBBBB</h1></body></html> RESPONSE (total): STATUS WORD : 91 20 ----- FETCH (SEND DATA) ----- TRANSMIT : 80 12 00 00 20 RESPONSE (request only): HTTP/1.1 204 STATUS WORD : 90 00 20

  21. ----- RECEIVE DATA TERMINAL RESPONSE ----- TRANSMIT (total): 80 14 00 00 3F 01 03 01 42 01 02 02 82 81 03 01 00 36 81 2D 47 45 54 … 0A 0D 0A 37 01 00 TRANSMIT (request only): GET /index.html HTTP/1.1 Host: 127.0.0.1 RESPONSE (total): STATUS WORD : 91 B1 ----- FETCH (SEND DATA) ----- TRANSMIT : 80 12 00 00 B1 RESPONSE (request only): HTTP/1.1 200 Content-Length:85 ETag : “059C” Content-Type: text/html <html><head><title>AAAAAAAAAAA</title></head> <body><h1>BBBBBBBBBBB</h1></body></html> STATUS WORD : 90 00 21

  22.  First results of fuzzing have shown non-conformance of the HTTP specification  These results can only be discovered through fuzzing  Fuzzing is possible on smart cards 22

  23. ? Matthieu BARREAUD, Guillaume BOUFFARD & Jean-Louis LANET {matthieu.barreaud,guillaume.bouffard,jean-louis.lanet}@xlim.fr SSD team – XLIM - University of Limoges http://secinfo.msi.unilim.fr

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Techniques et outils pour la vrification de systmes-sur-puces au niveau transactionnel

Techniques et outils pour la vrification de systmes-sur-puces au niveau transactionnel

SoC LusSy P INAPA B ISE Conclusion Techniques et outils pour la vrification de systmes-sur-puces au niveau transactionnel Matthieu Moy Synchronous Languages and Reactive Systems Laboratoire Verimag, INPG System Platform Group

1.64k views • 163 slides
CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE

CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE

CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE WILLIAMSBURG, VA THURSDAY, OCTOBER 17 TH , 2019 JOHN KELLY, PE IOWA DEPARTMENT OF PUBLIC HEALTH DISCLAIMER THIS PRESENTATION: IS INTENDED FOR

843 views • 40 slides
Crypto 2011, Santa Barbara Inverting HFE Systems is Quasi-Polynomial for All Fields Jintai Ding 1

Crypto 2011, Santa Barbara Inverting HFE Systems is Quasi-Polynomial for All Fields Jintai Ding 1

Crypto 2011, Santa Barbara Inverting HFE Systems is Quasi-Polynomial for All Fields Jintai Ding 1 , 2 and Timothy Hodges 2 Southern Chinese University of Technology 1 University of Cincinnati 2 August 18, 2011 Outline 1 Introduction 2 Our main

749 views • 56 slides
Decision Reductions Crypto 2011 Daniele Micciancio Petros Mol August 17, 2011 1 Learning With

Decision Reductions Crypto 2011 Daniele Micciancio Petros Mol August 17, 2011 1 Learning With

Pseudorandom Knapsacks and the Sample Complexity of LWE Search-to- Decision Reductions Crypto 2011 Daniele Micciancio Petros Mol August 17, 2011 1 Learning With Errors ( LWE ) public: integers n, q secret small error from a known

505 views • 24 slides
Crypto Currency Security from the Frontlines Hedge Funds, Nation State Threats &amp; T echnical

Crypto Currency Security from the Frontlines Hedge Funds, Nation State Threats &amp; T echnical

Crypto Currency Security from the Frontlines Hedge Funds, Nation State Threats &amp; T echnical Security Approaches Adam Healy, CISO State of Crypto Asset Security 2016 Market Capitalization NASDAQ 1 ~$7.8 trillion London Stock Exchange 1

291 views • 12 slides
Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements intermission More crypto protocols and failures Stephen McCamant More causes of crypto failure University of Minnesota, Computer Science &amp;

430 views • 4 slides
Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements intermission More crypto protocols and failures Stephen McCamant More causes of crypto failure University of Minnesota, Computer Science &amp;

329 views • 5 slides
Getting Post-Quantum Crypto Algorithms Ready for Deployment End of ECRYPT II Event: Crypto for

Getting Post-Quantum Crypto Algorithms Ready for Deployment End of ECRYPT II Event: Crypto for

Getting Post-Quantum Crypto Algorithms Ready for Deployment End of ECRYPT II Event: Crypto for 2020 Tim Gneysu Hardware Security Group Horst Grtz Institute for IT-Security, Bochum 1/24/2013 Outline Introduction Alternative Public-Key

735 views • 55 slides
Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Bart Jacobs

Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Bart Jacobs

Crypto intro Crypto intro Symmetric crypto Symmetric crypto Achieving security goals with symmetric crypto Radboud University Nijmegen Achieving security goals with symmetric crypto Radboud University Nijmegen e-Passport example

269 views • 7 slides
The PHOTON Family of Lightweight Hash Functions Jian Guo, Thomas Peyrin, Axel Poschmann CRYPTO

The PHOTON Family of Lightweight Hash Functions Jian Guo, Thomas Peyrin, Axel Poschmann CRYPTO

Introduction Generalized Sponge Serial MDS PHOTON Security Conclusion The PHOTON Family of Lightweight Hash Functions Jian Guo, Thomas Peyrin, Axel Poschmann CRYPTO 2011, 15 August 2011 Introduction Generalized Sponge Serial MDS PHOTON

839 views • 35 slides
Introduction to Side-Channel Analysis Franois-Xavier Standaert UCL Crypto Group, Belgium

Introduction to Side-Channel Analysis Franois-Xavier Standaert UCL Crypto Group, Belgium

Introduction to Side-Channel Analysis Franois-Xavier Standaert UCL Crypto Group, Belgium Summer school on real-world crypto, 2016 Outline Link with linear cryptanalysis Standard Differential Power Analysis Noise-based security (is

1.17k views • 92 slides
NM Legislative Redistricting Committee Introduction to 2011 State and Congressional

NM Legislative Redistricting Committee Introduction to 2011 State and Congressional

NM Legislative Redistricting Committee Introduction to 2011 State and Congressional Redistricting June 20, 2011 Presented by: Brian Sanderoff, President Research &amp; Polling, Inc. Principles of Redistricting Equal population

657 views • 24 slides
- The First Crypto Merchant - Crypto Payment Crypto Payment for online shops for retail shops

- The First Crypto Merchant - Crypto Payment Crypto Payment for online shops for retail shops

- The First Crypto Merchant - Crypto Payment Crypto Payment for online shops for retail shops Did you know? Our payment system has ZERO FEES for processing payments How it works? It takes only a few minutes to complete Merchant Initiate

269 views • 11 slides
Javascript Crypto &amp; The Case Against Crypto Reductionism Ben Adida Mozilla Workshop on

Javascript Crypto &amp; The Case Against Crypto Reductionism Ben Adida Mozilla Workshop on

Javascript Crypto &amp; The Case Against Crypto Reductionism Ben Adida Mozilla Workshop on Real-World Crypto January 2013 promote openness, innovation &amp; opportunity on the Web. previously easy to deploy easy to use privacy

610 views • 22 slides
Financial Crypto and Data Security Mar. 3, 2011 Mercury: Recovering Forgotten Passwords Using

Financial Crypto and Data Security Mar. 3, 2011 Mercury: Recovering Forgotten Passwords Using

Financial Crypto and Data Security Mar. 3, 2011 Mercury: Recovering Forgotten Passwords Using Personal Devices M. Mannan NSERC PDF, University of Toronto m.mannan@utoronto.ca Collaborators: D. Barrera, C.D. Brown, D. Lie, P.C. van Oorschot

483 views • 24 slides
CS 1501 www.cs.pitt.edu/~nlf4/cs1501/ An Introduction to Cryptography Introduction to crypto

CS 1501 www.cs.pitt.edu/~nlf4/cs1501/ An Introduction to Cryptography Introduction to crypto

CS 1501 www.cs.pitt.edu/~nlf4/cs1501/ An Introduction to Cryptography Introduction to crypto Cryptography - enabling secure communication in the presence of third parties Alice wants to send Bob a message without anyone else being

878 views • 44 slides
Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela

Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela

Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela E.Fourneret J.Jurjens P. Yousefi ARES 2011 OUTLINE Introduction Background UMLsec Model-based Testing Security in smart-card

356 views • 17 slides
Fault enabled viruses against smart cards 1 2 1 Samiya

Fault enabled viruses against smart cards 1 2 1 Samiya

Fault enabled viruses against smart cards 1 2 1 Samiya HAMADOUCHE , Jean-Louis LANET , Mohamed MEZGHICHE 1 LIMOSE Laboratory, University

898 views • 36 slides
Mark Hickman Professor in Civil Engineering, University of Queensland Brisbane, Australia

Mark Hickman Professor in Civil Engineering, University of Queensland Brisbane, Australia

Mark Hickman Professor in Civil Engineering, University of Queensland Brisbane, Australia Brisbane Research Topics Analytics for service / operations planning / control Passenger smart card data Vehicle location and trajectory data

634 views • 4 slides
NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I,

NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I,

NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I, 15th March NFC applications and use cases https://attendee.gotowebinar.com/rt/1059402932312036099 Session II, 22th March NFC essentials

1.03k views • 35 slides
Computer Security in the Real World Butler Lampson Microsoft 1 Security: The Goal Computers

Computer Security in the Real World Butler Lampson Microsoft 1 Security: The Goal Computers

Computer Security in the Real World Butler Lampson Microsoft 1 Security: The Goal Computers are as secure as real world systems, and people believe it . This is hard because: Computers can do a lot of damage fast. There are many

391 views • 28 slides
Breaking the Lightweight Secure PUF: Understanding the Relation of Input Transformations and

Breaking the Lightweight Secure PUF: Understanding the Relation of Input Transformations and

Breaking the Lightweight Secure PUF: Understanding the Relation of Input Transformations and Machine Learning Resistance 18th Smart Card Research and Advanced Application Conference: CARDIS 2019 Nils Wisiol, Georg T. Becker, Marian Margraf,

952 views • 21 slides
Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk,

Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk,

Department of Technology &amp; Operations Management Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk, Timo Polman, Leo Kroon, Peter Vervest and Gbor Marti Complexity in Public Transport:

2.21k views • 55 slides
FSIJ USB Token for GnuPG Niibe Yutaka &lt;gniibe@fsij.org&gt; 2009-10-21 Japan Linux Symposium

FSIJ USB Token for GnuPG Niibe Yutaka &lt;gniibe@fsij.org&gt; 2009-10-21 Japan Linux Symposium

FSIJ USB Token for GnuPG Niibe Yutaka &lt;gniibe@fsij.org&gt; 2009-10-21 Japan Linux Symposium Contents Who am I? GNU Privacy Guard FSIJ USB Token PCB design V-USB (AVR-USB) CCID/ICCD Protocol OpenPGP Protocol RSA

991 views • 26 slides

More recommend