About Us ABCs Conclusion Performance of Privacy-Enhancing Cryptography on Smartphones BUT Cryptology Research Group Dr. Jan Hajny SIX Research Centre Brno University of Technology hajny@feec.vutbr.cz http://crypto.utko.feec.vutbr.cz Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About Us ABCs Conclusion About Us 1 ABCs 2 Our Pilot: ABCs for Access-Control Android and iOS: Performance Android and iOS: Communication Interface Android and iOS: Key Protection Conclusion 3 Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About Us ABCs Conclusion Crypto Research Group, Brno University of Technology, CZ Small group of cca 10 people, part of Department of Telecommunications, Brno, CZ, equipped by SIX Research Centre, both basic and applied research (privacy, lightweight and provable crypto, critical infrastructure, DDoS testing), http://crypto.utko.feec.vutbr.cz/. Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Our Pilot: ABCs for Access-Control About Us Android and iOS: Performance ABCs Android and iOS: Communication Interface Conclusion Android and iOS: Key Protection ABCs and Our Pilot Our Fall 2013 pilot: ABCs were used to control the access to university labs, only one attribute (”studentship”) was checked before the access to a lab was granted, contact-less MultOS ML-3 cards and HM12 scheme were used. Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Our Pilot: ABCs for Access-Control About Us Android and iOS: Performance ABCs Android and iOS: Communication Interface Conclusion Android and iOS: Key Protection Pilot Evaluation Students, post-docs and academic staff were asked for pilot evaluation. Weak aspects were identified: Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Our Pilot: ABCs for Access-Control About Us Android and iOS: Performance ABCs Android and iOS: Communication Interface Conclusion Android and iOS: Key Protection ABCs’ Primitives U-Prove, Idemix, HM12 ABC schemes � �� � FS Computational PK Protocols � �� � Random Number Generation Hash functions BigInteger Operations Modular Operations in Z ∗ p , Z ∗ n Groups Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Our Pilot: ABCs for Access-Control About Us Android and iOS: Performance ABCs Android and iOS: Communication Interface Conclusion Android and iOS: Key Protection Smart-Card Performance Primitives and HM12 scheme implemented on JavaCards, Gemalto .NET cards and several MultOS cards: modular multiplication is the bottleneck, MultOS provides API for hardware multiplication (upto M3), Idemix, U-Prove, HM12 proving phase takes 0.5 - 7 s. Figure: MMult1024 (blue), Figure: MExp1024 160 (blue) MMult2048 (red) and MExp1024 368 (red) Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Our Pilot: ABCs for Access-Control About Us Android and iOS: Performance ABCs Android and iOS: Communication Interface Conclusion Android and iOS: Key Protection Android Performance Primitives and HM12 scheme implemented on Android devices: 2 phones (Samsung Galaxy S i9000, Samsung Galaxy Nexus I9250M) and 1 tablet (ASUS TF 300T), based on measured times of operations, proving phase is expected to be under 100 ms for all schemes on Android. Figure: MExp1024 160 (blue) Figure: MMult1024 (blue), MMult2048 (red) and MExp1024 368 (red) Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Our Pilot: ABCs for Access-Control About Us Android and iOS: Performance ABCs Android and iOS: Communication Interface Conclusion Android and iOS: Key Protection iOS Performance Primitives and HM12 scheme implemented on iOS devices: 2 phones (iPhone 4 and iPhone 5C), based on measured times of operations, proving phase is expected to be under 130 ms for all schemes on iOS. Figure: MMult1024 (blue), Figure: MExp1024 160 (blue) MMult2048 (red) and MExp1024 368 (red) Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Our Pilot: ABCs for Access-Control About Us Android and iOS: Performance ABCs Android and iOS: Communication Interface Conclusion Android and iOS: Key Protection iOS Communication Interface ABCs implemented on iOS: iOS environment lacks: big integer data type for large number modular arithmetics, NFC for fast communication and card emulation. We used: GMP library in C compiled for ARM, QR code for device < − > reader communication. Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Our Pilot: ABCs for Access-Control About Us Android and iOS: Performance ABCs Android and iOS: Communication Interface Conclusion Android and iOS: Key Protection Android Communication Interface Primitives and HM12 implemented on Android 4.4: Android environment provides: native BitIng data type, NFC for fast communication, in 4.4, Card Emulation mode. phone is 100% card compatible, just 5x faster. Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Our Pilot: ABCs for Access-Control About Us Android and iOS: Performance ABCs Android and iOS: Communication Interface Conclusion Android and iOS: Key Protection Weaknesses and Future Work Why not so perfect? Lower cryptographic key security (despite of Keychain, Credential Storage), problematic communication interface: Android: card emulation only in > 4.4 KitKat, Android: NFC chip is not present in all devices, Apple: QR codes are slow. What are the next steps? Use hardware-protected storage (microSD), upgrade cryptographic protocols to avoid trusted hardware. Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About Us ABCs Conclusion Conclusion Thank you for attention! hajny@feec.vutbr.cz crypto.utko.feec.vutbr.cz This research work is funded by the project TACR TA02011260 of the Technology Agency of the Czech Republic. Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
Recommend
More recommend
