Key Reuse: Theory and Practice Kenny Paterson Royal Holloway, - - PowerPoint PPT Presentation

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Key Reuse: Theory and Practice

Kenny Paterson Royal Holloway, University of London

based on joint work with Jean Paul Degabriele, Tibor Jager, Anja Lehmann, Jacob C.N. Schudlt, Nigel P . Smart, Juraj Somorovsky, Martijn Stam, Mario Strefler, Susan Thomson

Workshop on Real-World Cryptography

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 1/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Outline

1

Key Separation, Key Reuse, and Cryptographic Agility

2

Joint Security

3

Key Reuse in EMV

4

Cryptographic Agility

5

BC Attacks

6

Concluding Remarks

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 2/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Motivation for Key Reuse

Reusing an asymmetric key-pair in different primitives can reduce: Storage requirements for certificates and keys; Costs of key certification; Net certificate verification time; Footprint of cryptographic code and development effort. . . . but breaks the key separation principle of using different keys for different purposes.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 3/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Motivation for Key Reuse

Reusing an asymmetric key-pair in different primitives can reduce: Storage requirements for certificates and keys; Costs of key certification; Net certificate verification time; Footprint of cryptographic code and development effort. . . . but breaks the key separation principle of using different keys for different purposes.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 3/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Scope of Reuse

Reuse is not restricted to “encryption + signatures”, nor to the asymmetric setting: Could be, for example, “signature + static DH value” in a more complex protocol. We may wish to reuse a key in the symmetric setting, e.g. CCM mode (CTR + CBC-MAC). We may wish to use the same key in two different algorithms for the same primitive, e.g. RSA-OAEP and RSA-PKCS#1v1.5, or AES-CBC and AES-GCM.

– As in the most recent edition of the XML standards. – Related to the concept of cryptographic agility.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 4/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Key Reuse and Certificate Standards

X.509: Certificate contains algorithm identifiers for the signing algorithm used to create the certificate itself. But not necessarily any information about for which purposes the certified public key can be used. Nor in which specific algorithms the certified public key can be used. X.509 extensions define Key Usage and Subject Public Key Info fields, but plenty of flexibility . . .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 5/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Key Usage Extension

RFC 5280 (X.509v3): The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate. The usage restriction might be employed when a key that could be used for more than one operation is to be restricted.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 6/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Key Usage Extension

RFC 5280 (X.509v3): KeyUsage ::= BIT STRING { digitalSignature (0), nonRepudiation (1), keyEncipherment (2), dataEncipherment (3), keyAgreement (4), keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) } RFC 5280 (X.509v3): This profile does not restrict the combinations

• f bits that may be set in an instantiation of the

keyUsage extension.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 7/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Main Question

Given that key reuse in all its forms is common in practice, what can we say about its security?

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 8/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Joint Security of Signature and Encryption

Haber and Pinkas, Securely Combining Public-Key Cryptosystems, CCS’01: First formal security models for joint security. Secure combinations for some schemes in the random oracle model. Only partial solutions in the standard model.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 9/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Joint Security of Signature and Encryption

Coron, Joye, Naccache and Paillier, Universal Padding Schemes for RSA, CRYPTO’02: Signature padding scheme PSS also gives IND-CCA secure encryption. Resulting encryption and signature schemes can securely use same RSA key-pair. Proof of joint security in ROM. Komano and Ohta, Efficient Universal Padding Techniques for Multiplicative Trapdoor One-Way Permutation, CRYPTO’03: Consider OAEP+ and REACT encodings, also in ROM.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 10/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Joint Security of Signature and Encryption

Coron, Joye, Naccache and Paillier, Universal Padding Schemes for RSA, CRYPTO’02: Signature padding scheme PSS also gives IND-CCA secure encryption. Resulting encryption and signature schemes can securely use same RSA key-pair. Proof of joint security in ROM. Komano and Ohta, Efficient Universal Padding Techniques for Multiplicative Trapdoor One-Way Permutation, CRYPTO’03: Consider OAEP+ and REACT encodings, also in ROM.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 10/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Joint Security of Signature and Encryption

P., Schuldt, Stam and Thomson, On the Joint Security of Encryption and Signature, Revisited, ASIACRYPT’11: Target: to find new constructions for jointly secure combined schemes in the standard model. Main contributions: A trivial Cartesian product construction for benchmarking. A generic construction from IBE: Naor trick + CHK transform + domain separation. An efficient, specific construction using pairings. (Applications to signcryption.)

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 11/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Joint Security of Signature and Encryption

P., Schuldt, Stam and Thomson, On the Joint Security of Encryption and Signature, Revisited, ASIACRYPT’11: Target: to find new constructions for jointly secure combined schemes in the standard model. Main contributions: A trivial Cartesian product construction for benchmarking. A generic construction from IBE: Naor trick + CHK transform + domain separation. An efficient, specific construction using pairings. (Applications to signcryption.)

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 11/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The EMV Specification

EMV is the de facto global standard for IC credit/debit cards – Chip & PIN. As of Q2 2012, there were 1.55 billion EMV cards in use worldwide. Coming to the US real soon now. The specification defines the inter-operation of IC cards with Point-of-Sale (PoS) terminals and Automated Teller Machines (ATMs) .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 12/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The EMV Specification

EMV is the de facto global standard for IC credit/debit cards – Chip & PIN. As of Q2 2012, there were 1.55 billion EMV cards in use worldwide. Coming to the US real soon now. The specification defines the inter-operation of IC cards with Point-of-Sale (PoS) terminals and Automated Teller Machines (ATMs) .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 12/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The EMV Specification

EMV is the de facto global standard for IC credit/debit cards – Chip & PIN. As of Q2 2012, there were 1.55 billion EMV cards in use worldwide. Coming to the US real soon now. The specification defines the inter-operation of IC cards with Point-of-Sale (PoS) terminals and Automated Teller Machines (ATMs) .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 12/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The EMV Specification

EMV is the de facto global standard for IC credit/debit cards – Chip & PIN. As of Q2 2012, there were 1.55 billion EMV cards in use worldwide. Coming to the US real soon now. The specification defines the inter-operation of IC cards with Point-of-Sale (PoS) terminals and Automated Teller Machines (ATMs) .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 12/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

EMV Cards

An EMV card contains a chip which allows it to perform cryptographic computations. All EMV cards contain a symmetric key which it shares with the Issuing Bank. Most cards are also equipped with RSA keys to compute signatures for card authentication and transaction authorization, and to encrypt the PIN between the terminal and the card.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 13/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Key Reuse in EMV

Given the constrained on-card processing environment, reducing the storage and computation consumed by the cryptographic functions in EMV is very important. The EMV standard allows the same RSA key-pair to be used for both PIN encryption and CDA signature generation. Encryption and signature algorithms are based on the RSA-PKCS#1v1.5 standards. Is this key reuse is detrimental to the security of the EMV system

• r not?

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 14/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Wedge Attacks

A wedge is a special device interposed between the card and the terminal which allows MITM attacks to be carried out on the EMV protocols. Such attacks received a lot of publicity because of an Oakland 2010 paper by Murdoch et al. – the so-called “Cambridge Attack”.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 15/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Wedge Attacks

A wedge is a special device interposed between the card and the terminal which allows MITM attacks to be carried out on the EMV protocols. Such attacks received a lot of publicity because of an Oakland 2010 paper by Murdoch et al. – the so-called “Cambridge Attack”.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 15/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Wedge Attacks

Picture source: www.cl.cam.ac.uk/research/security/banking/relay

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 16/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

An Attack on EMV

Degabriele, Lehmann, P., Smart and Strefler, On the Joint Security of Encryption and Signature in EMV, CT-RSA’12: A wedge attack exploiting the reuse of RSA keys in an EMV card to allow an attacker to make transactions without knowing the card’s PIN. The attack is only applicable to a CDA card in an offline transaction. The attack would still work even if the countermeasures against the Cambridge Attack were in place! The attack is a variant of Bleichenbacher’s attack against RSA with PKCS#1v1.5 encoding (CRYPTO’98).

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 17/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

PIN Encryption in EMV

Encoding used in EMV for PIN encryption: 7F || PIN block || ICC challenge || Random padding where the PIN block and the ICC Challenge (from the card) are 8 bytes long. Upon decryption the card performs multiple checks. If test for ‘7F’ byte is carried out first, and its success or failure can be distinguished (e.g. via timing or power analysis), then a Bleichenbacher-style attack may be possible.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 18/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

PIN Encryption in EMV

Encoding used in EMV for PIN encryption: 7F || PIN block || ICC challenge || Random padding where the PIN block and the ICC Challenge (from the card) are 8 bytes long. Upon decryption the card performs multiple checks. If test for ‘7F’ byte is carried out first, and its success or failure can be distinguished (e.g. via timing or power analysis), then a Bleichenbacher-style attack may be possible.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 18/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

PIN Encryption in EMV

Encoding used in EMV for PIN encryption: 7F || PIN block || ICC challenge || Random padding where the PIN block and the ICC Challenge (from the card) are 8 bytes long. Upon decryption the card performs multiple checks. If test for ‘7F’ byte is carried out first, and its success or failure can be distinguished (e.g. via timing or power analysis), then a Bleichenbacher-style attack may be possible.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 18/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Using Bleichenbacher to Forge Signatures

View Bleichenbacher’s attack as a black box, which when given a valid ciphertext c and access to a ciphertext-validity oracle recovers the underlying (encoded) message m. The attack inverts the RSA function m → me mod N. The same key-pair is used for RSA encryption and RSA signatures. So Bleichenbacher’s attack can also be used to forge RSA signatures!

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 19/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Using Bleichenbacher to Forge Signatures

View Bleichenbacher’s attack as a black box, which when given a valid ciphertext c and access to a ciphertext-validity oracle recovers the underlying (encoded) message m. The attack inverts the RSA function m → me mod N. The same key-pair is used for RSA encryption and RSA signatures. So Bleichenbacher’s attack can also be used to forge RSA signatures!

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 19/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Using Bleichenbacher to Forge Signatures

View Bleichenbacher’s attack as a black box, which when given a valid ciphertext c and access to a ciphertext-validity oracle recovers the underlying (encoded) message m. The attack inverts the RSA function m → me mod N. The same key-pair is used for RSA encryption and RSA signatures. So Bleichenbacher’s attack can also be used to forge RSA signatures!

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 19/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Using Bleichenbacher to Forge Signatures

View Bleichenbacher’s attack as a black box, which when given a valid ciphertext c and access to a ciphertext-validity oracle recovers the underlying (encoded) message m. The attack inverts the RSA function m → me mod N. The same key-pair is used for RSA encryption and RSA signatures. So Bleichenbacher’s attack can also be used to forge RSA signatures!

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 19/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

CARD WEDGE TERMINAL

card in authentication phase terminal in authentication phase

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

Card Authentication

CARD WEDGE TERMINAL

card in authentication phase terminal in authentication phase

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

Card Authentication

CARD WEDGE TERMINAL

PIN: $$$$

card in authentication phase terminal in authentication phase terminal in cardholder phase verification

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

Card Authentication

CARD WEDGE TERMINAL

PIN: $$$$ PIN OK

card in authentication phase terminal in authentication phase terminal in cardholder phase verification

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

Card Authentication

CARD WEDGE TERMINAL

PIN: $$$$ PIN OK Request TC + Payload

card in authentication phase terminal in authentication phase terminal in cardholder phase verification terminal in transaction phase authorization

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

Card Authentication

CARD WEDGE TERMINAL

PIN: $$$$ PIN OK Request TC + Payload

card in authentication phase terminal in authentication phase terminal in cardholder phase verification terminal in transaction phase authorization c ← ρeµ

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

Card Authentication

CARD WEDGE TERMINAL

PIN: $$$$ PIN OK Request TC + Payload

card in authentication phase terminal in authentication phase terminal in cardholder phase verification terminal in transaction phase authorization card in phase cardholder verification c ← ρeµ

(7F) Y/N

c1

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

Card Authentication

CARD WEDGE TERMINAL

PIN: $$$$ PIN OK Request TC + Payload

card in authentication phase terminal in authentication phase terminal in cardholder phase verification terminal in transaction phase authorization card in phase cardholder verification c ← ρeµ

(7F) Y/N

c2

(7F) Y/N

c1

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

Card Authentication

CARD WEDGE TERMINAL

PIN: $$$$ PIN OK Request TC + Payload

card in authentication phase terminal in authentication phase terminal in cardholder phase verification terminal in transaction phase authorization card in phase cardholder verification c ← ρeµ

(7F) Y/N

c2

(7F) Y/N (7F) Y/N

c1 cn

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

The Attack on a CDA Transaction

Card Authentication

CARD WEDGE TERMINAL

PIN: $$$$ PIN OK Request TC + Payload TC + Signature

card in authentication phase terminal in authentication phase terminal in cardholder phase verification terminal in transaction phase authorization card in phase cardholder verification c ← ρeµ

(7F) Y/N

c2

(7F) Y/N (7F) Y/N

c1 cn

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 20/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Performance (1024 bit keys)

Number of queries Probability of needing roughly X queries 2000 4000 6000 8000 10000 0e+00 2e−04 4e−04 6e−04 8e−04 1e−03

We stress that we did not implement the attack in practice.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 21/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Performance (1024 bit keys)

Number of queries Probability of needing roughly X queries 2000 4000 6000 8000 10000 0e+00 2e−04 4e−04 6e−04 8e−04 1e−03

We stress that we did not implement the attack in practice.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 21/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Cryptographic Agility

Acar, Belenkiy, Bellare and Cash, Cryptographic Agility and its Relation to Circular Encryption, EUROCRYPT’10: Cryptographic agility concerns the use of the same key in multiple algorithms of the same type. Individual algorithms may be secure, but joint use with same key may not! OK for CRHF and IND-CPA PKE, but insecure in general for almost everything else. Use algorithm identifier as input to key derivation to achieve suitable key separation from a single starting key.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 22/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

Jager, P. and Somorovsky, One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography, NDSS’13: Standards get updated, but “insecure algorithms” are still included for backwards compatibility reasons: GSM supports A5 variants with different strengths. SSL/TLS still uses PKCS#1v1.5. Web Services servers support AES-CBC and PKCS#1v1.5. JSON Web Encryption servers support PKCS#1v1.5. What could possibly go wrong?

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 23/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

Jager, P. and Somorovsky, One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art Cryptography, NDSS’13: Standards get updated, but “insecure algorithms” are still included for backwards compatibility reasons: GSM supports A5 variants with different strengths. SSL/TLS still uses PKCS#1v1.5. Web Services servers support AES-CBC and PKCS#1v1.5. JSON Web Encryption servers support PKCS#1v1.5. What could possibly go wrong?

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 23/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 24/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

More interesting attack: The same key may be used in the “legacy” and “new” algorithms. The sender uses the key for encryption with “new” algorithm, creating target C∗. In some scenarios, a MITM adversary can change the algorithm identifier undetectably from “new” to “legacy” (e.g. XML, JSON). This induces the receiver to use the key for decryption with the insecure legacy algorithm. The two algorithms may be related closely enough that this allows C∗ to be broken . . .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 25/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

More interesting attack: The same key may be used in the “legacy” and “new” algorithms. The sender uses the key for encryption with “new” algorithm, creating target C∗. In some scenarios, a MITM adversary can change the algorithm identifier undetectably from “new” to “legacy” (e.g. XML, JSON). This induces the receiver to use the key for decryption with the insecure legacy algorithm. The two algorithms may be related closely enough that this allows C∗ to be broken . . .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 25/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

More interesting attack: The same key may be used in the “legacy” and “new” algorithms. The sender uses the key for encryption with “new” algorithm, creating target C∗. In some scenarios, a MITM adversary can change the algorithm identifier undetectably from “new” to “legacy” (e.g. XML, JSON). This induces the receiver to use the key for decryption with the insecure legacy algorithm. The two algorithms may be related closely enough that this allows C∗ to be broken . . .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 25/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

More interesting attack: The same key may be used in the “legacy” and “new” algorithms. The sender uses the key for encryption with “new” algorithm, creating target C∗. In some scenarios, a MITM adversary can change the algorithm identifier undetectably from “new” to “legacy” (e.g. XML, JSON). This induces the receiver to use the key for decryption with the insecure legacy algorithm. The two algorithms may be related closely enough that this allows C∗ to be broken . . .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 25/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

More interesting attack: The same key may be used in the “legacy” and “new” algorithms. The sender uses the key for encryption with “new” algorithm, creating target C∗. In some scenarios, a MITM adversary can change the algorithm identifier undetectably from “new” to “legacy” (e.g. XML, JSON). This induces the receiver to use the key for decryption with the insecure legacy algorithm. The two algorithms may be related closely enough that this allows C∗ to be broken . . .

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 25/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

Attacks “on paper”: Public key setting, exploiting legacy support for PKCS#v1.5:

Decryption of RSA-OAEP ciphertexts. Forging RSA signatures (c.f. EMV attack).

Symmetric key setting, exploiting legacy support for CBC-mode:

Breaking indistinguishability of AES-GCM (allowing decryption of ciphertexts with low entropy). Decryption of AES-KW.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 26/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

Attacks then applied to: Implementations of newest versions of XML Encryption and XML Signature standards. Implementations of JavaScript Object Notation Web Encryption and Web Signature standards. Full details of affected vendors and countermeasures in NDSS paper to appear in February.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 27/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Backwards Compatibility Attacks

Attacks then applied to: Implementations of newest versions of XML Encryption and XML Signature standards. Implementations of JavaScript Object Notation Web Encryption and Web Signature standards. Full details of affected vendors and countermeasures in NDSS paper to appear in February.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 27/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Concluding Remarks

Certificate standards leave room for key reuse, and practitioners want to do it. In the symmetric setting: practitioners also want to reuse keys, even if they know it’s a bad idea. EMV, JSON, XML attacks illustrate some of the dangers. Plenty of room for development of useful supporting theory.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 28/29

Key Separation, Key Reuse, and Cryptographic Agility Joint Security Key Reuse in EMV Cryptographic Agility BC Attacks Concluding Remarks

Further Reading

More details on the results highlighted in this talk can be found in: [PSST11] K.G. Paterson, J.C.N. Schuldt, M. Stam and S. Thomson, On the Joint Security of Encryption and Signature, Revisited, ASIACRYPT’11. [DLPSS12] J.P . Degabriele, A. Lehmann, K.G. Paterson, N.P . Smart and M. Strefler, On the Joint Security of Encryption and Signature in EMV. CT-RSA’12. [JPS13] T. Jager, K.G. Paterson and J. Somorovsky, One Bad Apple: Backwards Compatibility Attacks on State-of-the-Art

• Cryptography. NDSS’13.

Kenny Paterson Royal Holloway, University of London | Key Reuse: Theory and Practice 29/29