Performance of Privacy-Enhancing Cryptography on Smartphones BUT - - PowerPoint PPT Presentation

About Us ABCs Conclusion

Performance of Privacy-Enhancing Cryptography

• n Smartphones

BUT Cryptology Research Group

• Dr. Jan Hajny

SIX Research Centre Brno University of Technology hajny@feec.vutbr.cz http://crypto.utko.feec.vutbr.cz

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion

1

About Us

2

ABCs Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

3

Conclusion

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion

Crypto Research Group, Brno University of Technology, CZ

Small group of cca 10 people, part of Department of Telecommunications, Brno, CZ, equipped by SIX Research Centre, both basic and applied research (privacy, lightweight and provable crypto, critical infrastructure, DDoS testing), http://crypto.utko.feec.vutbr.cz/.

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

ABCs and Our Pilot

Our Fall 2013 pilot: ABCs were used to control the access to university labs,

• nly one attribute (”studentship”) was checked before the

access to a lab was granted, contact-less MultOS ML-3 cards and HM12 scheme were used.

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

Pilot Evaluation

Students, post-docs and academic staff were asked for pilot

• evaluation. Weak aspects were identified:
• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

ABCs’ Primitives

U-Prove, Idemix, HM12 ABC schemes

• FS Computational PK Protocols
• Random Number Generation

Hash functions BigInteger Operations Modular Operations in Z∗

p, Z∗ n Groups

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

Smart-Card Performance

Primitives and HM12 scheme implemented on JavaCards, Gemalto .NET cards and several MultOS cards: modular multiplication is the bottleneck, MultOS provides API for hardware multiplication (upto M3), Idemix, U-Prove, HM12 proving phase takes 0.5 - 7 s.

Figure: MMult1024 (blue), MMult2048 (red) Figure: MExp1024 160 (blue) and MExp1024 368 (red)

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

Android Performance

Primitives and HM12 scheme implemented on Android devices: 2 phones (Samsung Galaxy S i9000, Samsung Galaxy Nexus I9250M) and 1 tablet (ASUS TF 300T), based on measured times of operations, proving phase is expected to be under 100 ms for all schemes on Android.

Figure: MMult1024 (blue), MMult2048 (red) Figure: MExp1024 160 (blue) and MExp1024 368 (red)

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

iOS Performance

Primitives and HM12 scheme implemented on iOS devices: 2 phones (iPhone 4 and iPhone 5C), based on measured times of operations, proving phase is expected to be under 130 ms for all schemes on iOS.

Figure: MMult1024 (blue), MMult2048 (red) Figure: MExp1024 160 (blue) and MExp1024 368 (red)

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

iOS Communication Interface

ABCs implemented on iOS: iOS environment lacks:

big integer data type for large number modular arithmetics, NFC for fast communication and card emulation.

We used:

GMP library in C compiled for ARM, QR code for device < − > reader communication.

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

Android Communication Interface

Primitives and HM12 implemented on Android 4.4: Android environment provides:

native BitIng data type, NFC for fast communication, in 4.4, Card Emulation mode.

phone is 100% card compatible, just 5x faster.

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection

Weaknesses and Future Work

Why not so perfect? Lower cryptographic key security (despite of Keychain, Credential Storage), problematic communication interface:

Android: card emulation only in > 4.4 KitKat, Android: NFC chip is not present in all devices, Apple: QR codes are slow.

What are the next steps? Use hardware-protected storage (microSD), upgrade cryptographic protocols to avoid trusted hardware.

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones

About Us ABCs Conclusion Conclusion

Thank you for attention!

hajny@feec.vutbr.cz crypto.utko.feec.vutbr.cz

This research work is funded by the project TACR TA02011260 of the Technology Agency of the Czech Republic.

• Dr. Jan Hajny

Performance of Privacy-Enhancing Cryptography on Smartphones