ISG Seminar Agenda for Lecture 3 rd November 2011 Evolution of - PowerPoint PPT Presentation

ISG Seminar Agenda for Lecture 3 rd November 2011 • Evolution of smart cards/RFIDs From Smart Cards to NFC Smart Phone • Attacks/countermeasures Security • Near Field Communication (NFC) Keith Mayes • NFC Security Elements • Misuse of NFC devices as attack platforms ISG Smart Card Centre (SCC) www.scc.rhul.ac.uk • Other worries about phone platforms www.isg.rhul.ac.uk keith.mayes@rhul.ac.uk 1 2 Smart Cards with Contacts Contact-less Smart Cards Chip module interface via metal contacts Card reader makes physical contact [Gemplus Images] Chip module interface via antenna Reader uses RF field 1

Smart Card/RFID Trade-offs RFID Tags - Passive/Active • There are many different contact-less tag/device formats • The main classes are passive and active (powered) 5 6 Recap: Normally Smart Cards as At a store near you… Personalised Devices that Resist Attack Near Field Communication • When we are dealing with deployed/accessible devices we are not only concerned about attacks against the theoretical design • The latest standards for mobile of the security protection, but also its implementation and phones support Near Field associated policies. Communications (NFC) • Attacks can be classed under generic headings. • NFC is a equivalent to a − Logical. contact-less interface for the − Physical/Fault. phone − Timing/Side-Channel. • The phone can behave as a • Attacks that target the implementation are often referred to as smart card or token “tampering”. • The phone can behave as the • Specialist devices including Hardware Security Modules reader (HSM), Security Elements (SE), Mobile Smart cards (SIM), trusted Platform Modules (TPM) are designed to be strongly • (Standards from tamper-resistant. − www.nfc-forum.org) 7 8 2

Hacking RFID a popular pastime…. Hacking a popular “sport” • Wikipedia on the popular Hacking at Random Conference − “Hacking at Random was an outdoor hacker conference that took place in The Netherlands in August 2009. …This conference was the most recent event in a sequence …. Galactic Hacker Party in 1989, followed by Hacking at the End of the Universe in 1993, Hacking In Progress in 1997, Hackers At Large in 2001, and What the Hack in 2005…. • A small selection of seminars from HAR 2009…. − RFID sniffer workshop: Assemble your own RFID sniffer and find RFID tags in your wallet − Cracking A5 GSM encryption − Lock picking − Sniffing cable modems − Side channel analysis and fault injection − Rootkits are awesome. Insider Threat for Fun and Profit − Wikileaks. History is the only guidebook civilization has, but who's the publisher? 10 9 10 Physical Attack Countermeasures Timing/Side Channel Attack • In hardware security modules these are at • Side channel attacks exploit “leakage” from sensitive operations. chip level and include • The principle is simple; − Physical barriers − An electronic circuit is made up of gates/transistors − Active shields − Switching between logic levels causes a slight variation in power − Circuit scrambling consumption and a small RF emission − Encrypted busses • The attacker captures these variations and processes them in order − Encrypted memories to extract secret/sensitive information Source Gemalto − Environment/fault sensors • The equipment needed is relatively low cost/available and the processing techniques are well published • In mobile equipment you have to consider protecting/obscuring sensitive chips and interfaces − Making things hard to get at is better than nothing − Try to impede the replacement of critical chips • The attack is effective against unprotected hardware and will extract keys from good “logical” algorithms such as DES/AES etc. 11 12 3

NFC Modes The NFC Secure Element • Basically NFC ‘modem’ with three modes • Starting position: “Mobile handset is not a trusted platform”. − Reader-Token Communication • Need additional trusted security component. − Token-Reader Communication − Most well known example is the UICC. − Peer-to-Peer • SE is security core of NFC applications. • <<DEMOs>> − Tamper resistance - secure storage and management of applications and keys. − Security mechanisms, e.g. encryption of All very exciting …..but…… communication channel. considerable concerns remain • SE facilitates two key services. about NFC security − Secure execution of sensitive applications and their data. − Secure management of applications. • Multiple form factors! 13 14 RIM2011 RIM2011 Embedded SE Example of a Secure Element • SE is embedded in handset • NXP SmartMX Secure Microcontroller Family – Dual interface smart cards − Smartcard in IC form factor – Embedded form factors − Works when phone off • NXP SmartMX2 newest addition – Processing – 8,16,24,32 bit instruction set • No distinct ‘owner’ NXP2011 – Memory - up to 384KB ROM, 8.125 KB RAM, − Development opportunities 144 KB EEPROM and 400 KB Flash − Potential trust and ownership – Security NXP2011 issues Common Criteria – targeting EAL6+ Crypto library and co-processors (AES/DES/ECC/RSA) − Secure personalisation important – Software platform JCOP (Java Card) – Application management Global Platform iFitIt Teardown 2011 15 16 4

SIM/USIM as SE microSD SE • SE added in SD memory slot • The existing SIM/USIM is the SE. − No NFC capability required in handset − No extra hardware. − Can add to any handset with slot − SIM stable technology. − Off when phone is off − Handset needs to support Single Wire • Flexibly ownership Protocol (SWP). − 3 rd party owner – open for development • Owned by the MNO. NXP2011 − SE tied to specific owner/application NXP2011 − 3 rd party application access? • Variations − Some units only readers or only tokens • Variations. − Secure storage and execution − DIF-SIM: All functionality on SIM • NFC module in handset with antenna in phone. − Integrated unit − SIM-Flex: All functionality on SIM Gemalto • NFC communication capability SDID2011 2011 with attached antenna • Antenna included 17 18 Security Domains and Keys Clones/Emulators • Global Platform application management is based on Security Domains (SD) • Products/applications tied to • Multiple SDs can be created on a SE and specific UID not easily associated with Service Providers (SP) transferable to other token • An SP can only access manage applications • Emulator can masquerade as any housed within its own SD. token if data and/or key material can be obtained • Example of Delegated Mode with UICC as SE shown on right…. • A number of devices have been demonstrated (available publicly) • An Issuer Security Domain for MNO for LF, HF and UHF services, and multiple Supplementary Security Domains (SSD) for other services • OTA keys are used to gain access to the SE • SSD keys are used to gain access to each of the service domains ….Nice idea at least!…. Credit: TU Graz, OpenPICC, Intel, Radboud University 19 20 19 SmartTrust2011 5

A Hack a day keeps boredom away? Passive Relay • Hackers/enthusiasts are very active and co- operative via forums and web sites. • The examples here were found on the Hack-a- Day website. • Smart Phones are becoming top targets! [G.P. Hancke, K. Mayes and K.Markantonakis. "Confidence in Smart Token 21 22 Proximity: Relay Attacks Revisited", Elsevier Computers & Security, June 2009.] Phone Platform Risks NFC device as an attack platform! • As sophistication of phones grow, they become vulnerable • Attacks currently use a lot of custom built kit. to all the security perils of PCs • Hence, the interest in NFC devices as attack platforms! − Rootkits, viruses, malware, trojans, keyloggers..etc.. − Skimming - reading genuine cards. • Phone architectures are complex and various components − Clone card emulation. are “bolted” together. • An open development platform. • Phones are available from many sources, get unlocked, re- flashed, upgraded and cheap clone/copies are in use - so • Anyone can write phone reader applications. what software is actually running? • Embedded secure elements are unlockable. • If your security protection relies on a software only • Existing APIs and developer environments. solution you are at risk. • Multiple communications links. − Hardware security provides a reliable anchor point for security. • Phone platform security protection is often proprietary and • A software downloaded attack application could spread not disclosed for verification…. very fast! 23 24 6