secure upgrade of hardware security modules
play

Secure upgrade of hardware security modules in bank networks - PowerPoint PPT Presentation

Nov 28, 2022 •543 likes •1.25k views

Secure upgrade of hardware security modules in bank networks Riccardo Focardi 1 Flaminia Luccio 1 1 Universit` a Ca Foscari di Venezia, Italy { focardi,luccio } @dsi.unive.it ARSPA-WITS10 Paphos, Cyprus March 27-28, 2010 Work

  1. Secure upgrade of hardware security modules in bank networks ∗ Riccardo Focardi 1 Flaminia Luccio 1 1 Universit` a Ca’ Foscari di Venezia, Italy { focardi,luccio } @dsi.unive.it ARSPA-WITS’10 Paphos, Cyprus March 27-28, 2010 ∗ Work partially supported by: Miur’07 Project SOFT: “ Security Oriented Formal Techniques ” ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 1 / 17

  2. PIN processing APIs Overview PIN processing infrastructure ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  3. PIN processing APIs Overview PIN processing infrastructure PIN ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  4. PIN processing APIs Overview PIN processing infrastructure Accept Refuse PIN PIN PIN PIN PIN ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  5. PIN processing APIs Overview PIN processing infrastructure Accept Refuse { PIN } k 2 { PIN } k 4 PIN PIN { PIN } k 1 PIN PIN { PIN } k 3 PIN ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  6. PIN processing APIs Overview PIN processing infrastructure Accept Refuse { PIN } k 2 { PIN } k 4 { PIN } k 1 PIN { PIN } k 3 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  7. PIN processing APIs Overview Hardware Security Module (HSM) Tamper resistant Security API for Managing cryptographic keys Decrypting/re-encrypting the PIN Checking the validity of the PIN ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 3 / 17

  8. PIN processing APIs Overview Hardware Security Module (HSM) Tamper resistant Security API for Managing cryptographic keys Decrypting/re-encrypting the PIN Checking the validity of the PIN ... but still, attacks are possible ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 3 / 17

  9. PIN processing APIs Overview Hardware Security Module (HSM) Tamper resistant Security API for Managing cryptographic keys Decrypting/re-encrypting the PIN Checking the validity of the PIN ... but still, attacks are possible Our goal: propose ‘cheap’ HSM upgrading strategies 1 securing subnetworks while keeping service up 2 trade-off between hardware and manpower cost ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 3 / 17

  10. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  11. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  12. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  13. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  14. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  15. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  16. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  17. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  18. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 The two values coincide: PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  19. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  20. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  21. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  22. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  23. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 1472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  24. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 1472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  25. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 1472 ⊕ 4732 mod 10 = 5104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  26. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 1472 ⊕ 4732 mod 10 = 5104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hardware Security Smartcards and other TamperResistant Modules Markus G. Kuhn Computer

Hardware Security Smartcards and other TamperResistant Modules Markus G. Kuhn Computer

Hardware Security Smartcards and other TamperResistant Modules Markus G. Kuhn Computer Laboratory http://www.cl.cam.ac.uk/~mgk25/ Applications of Tamper Resistant Modules Security of cryptographic applications is based on secure

564 views • 23 slides
Hardware Security Modules: Attacks and Secure Configuration Graham Steel Graham Steel April

Hardware Security Modules: Attacks and Secure Configuration Graham Steel Graham Steel April

Hardware Security Modules: Attacks and Secure Configuration Graham Steel Graham Steel April 2014 Graham Steel - HSM Attacks and Secure Configuration April 2014 - 2/ 56 Secure Hardware History Military: WW2 Enigma machines - captured

667 views • 56 slides
Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

SP SPACE ACE 201 2016 Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security Security: : New Front New Frontiers iers Swarup Bhunia Professor Electrical & Computer Engineering SPACE | Dec 2016 1

607 views • 29 slides
Hardware Security Modules (HSMs) Benefits and Challenges ICANN 50, London, UK 25 June 2014

Hardware Security Modules (HSMs) Benefits and Challenges ICANN 50, London, UK 25 June 2014

Hardware Security Modules (HSMs) Benefits and Challenges ICANN 50, London, UK 25 June 2014 richard.lamb@icann.org Hardware Security Modules Cool but what are you protecting? This works fine in many cases ..but this may be the real problem No

255 views • 12 slides
Hardware Security Modules What they are and why it's likely that you've (indirectly) used one

Hardware Security Modules What they are and why it's likely that you've (indirectly) used one

Hardware Security Modules What they are and why it's likely that you've (indirectly) used one today Insert Your Name Insert Your Title Insert Date RWC 2015 Paul Hampton 8 th January 2015 What Am I Going to Talk About? What Is A Where Will

746 views • 30 slides
The DragonBeam Framework: Hardware-Protected Security Modules for In-Place Intrusion Detection

The DragonBeam Framework: Hardware-Protected Security Modules for In-Place Intrusion Detection

The DragonBeam Framework: Hardware-Protected Security Modules for In-Place Intrusion Detection Man-Ki Yoon, Mihai Christodorescu, Lui Sha, Sibin Mohan University of Illinois at Urbana-Champaign Qualcomm Research Silicon Valley June 6, 2016

928 views • 46 slides
The IBM 4758 Secure Cryptographic Coprocessor Hardware Architecture and Physical Security Steve

The IBM 4758 Secure Cryptographic Coprocessor Hardware Architecture and Physical Security Steve

The IBM 4758 Secure Cryptographic Coprocessor Hardware Architecture and Physical Security Steve Weingart Senior Engineer (561) 392 6100 c1shw@us.ibm.com Secure Systems and Smart Cards IBM T.J. Watson Research Center Hawthorne, NY 4758 PCI

386 views • 11 slides
Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER / engineers Hardware security for embedded systems: memory and communication protection Arithmetic Tradeoffs on Performance/Cost/Security secure

310 views • 14 slides
Whats new? Calibration Hardware IAEA Acquisition software Hardware and Software Upgrade for

Whats new? Calibration Hardware IAEA Acquisition software Hardware and Software Upgrade for

Hardware and Software Upgrade for the Solution Measurement and Monitor System at Rokkasho Reprocessing Plant R.Plenteda, A.Alessandrello, M.Frankl, W.Deringer, M.Lang, M.Cronholm, K.Baird, D.Breban, C.Creusot International Atomic Energy Agency

705 views • 17 slides
Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada, KTH Pointsec Mobile Technologies TPM Introduction Microcontroller affixed to the motherboard. Cryptographic functions like key storage

834 views • 35 slides
Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted

Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted

Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted Cryptographic Protocols Estonian Winter School in Computer Science 2016 Motivation 2 Two Areas Cryptographic Protocols Secure Hardware strong security

759 views • 52 slides
Why secure the OS? Works directly on the hardware but can be adapted during runtime Operating

Why secure the OS? Works directly on the hardware but can be adapted during runtime Operating

Why secure the OS? Works directly on the hardware but can be adapted during runtime Operating System Security Data and process are directly visible Application security can be circumvented from lower layers = > good scope

103 views • 8 slides
Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor

Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor

Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor or Ryan Kastner er Dept. of Computer ter Science e and Engineer ineering ing Unive vers rsity ity of Californi ornia, a, San Diego

743 views • 41 slides
hocos SLT Programs hardware-oriented computer science Why This Presentation? Lectures must

hocos SLT Programs hardware-oriented computer science Why This Presentation? Lectures must

Steganography for Our Research Hardware Security DeepFake Detection Foci and Your Secure Opportunities Memristive Composition Cryptography Fault attacks and Ilia Polian Stochastic countermeasures Hardware-oriented Computer Science

706 views • 24 slides
Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Why W3C needs to Remain Neutral and Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just: Image source: halfelf.org It is about decentralizing ID validation and key storage (my religion)

522 views • 16 slides
Functionality Test of Bare Modules for the Phase I Upgrade of CMS Pixel Detector Presentation of

Functionality Test of Bare Modules for the Phase I Upgrade of CMS Pixel Detector Presentation of

Functionality Test of Bare Modules for the Phase I Upgrade of CMS Pixel Detector Presentation of Master Thesis, 23.10.2015 Bojan Hiti INSTITUT F UR EXPERIMENTELLE KERNPHYSIK (EKP), KIT www.kit.edu KIT University of the State of

1.05k views • 37 slides
Operating Systems Synchronization Lecture 5 Michael OBoyle 1 Temporal relations User view

Operating Systems Synchronization Lecture 5 Michael OBoyle 1 Temporal relations User view

Operating Systems Synchronization Lecture 5 Michael OBoyle 1 Temporal relations User view of parallel threads Instructions executed by a single thread are totally ordered A < B < C < In absence of

584 views • 33 slides
Mining personal banking data to detect fraud David J. Hand Imperial College London September

Mining personal banking data to detect fraud David J. Hand Imperial College London September

Mining personal banking data to detect fraud David J. Hand Imperial College London September 2007 Imperial College Workshop on Data Analysis and Classification 1 London In honour of Edwin Diday My research group: Niall Adams, Adam Brentnall,

930 views • 53 slides
Financial Intermediation and Credit Policy in Business Cycle Analysis Gertler and Kiotaki 2009

Financial Intermediation and Credit Policy in Business Cycle Analysis Gertler and Kiotaki 2009

Financial Intermediation and Credit Policy in Business Cycle Analysis Gertler and Kiotaki 2009 Professor PengFei Wang Fatemeh KazempourLong 1 Motivation Bernanke, Gilchrist and Gertler (1999) studied great depression and the crisis in the

679 views • 53 slides
Creating a North American Utility Leader July 19, 2017 A preliminary short form prospectus

Creating a North American Utility Leader July 19, 2017 A preliminary short form prospectus

Hydro One To Acquire Avista Creating a North American Utility Leader July 19, 2017 A preliminary short form prospectus containing important information relating to securities described in this document has not yet been filed with the securities

305 views • 19 slides
Know Thyself: A Decision-Theoretic Model of Over- Education and Educated Unemployment Sanjay Jain

Know Thyself: A Decision-Theoretic Model of Over- Education and Educated Unemployment Sanjay Jain

Know Thyself: A Decision-Theoretic Model of Over- Education and Educated Unemployment Sanjay Jain University of Oxford and IZA 2 nd IZA/World Bank/NJD Conference on Jobs and Development The World Bank, Washington DC, 6-7 June 2019 Educated

736 views • 20 slides
Public Key Infrastructure Towards a reliable revocation status checking method Royal Holloway,

Public Key Infrastructure Towards a reliable revocation status checking method Royal Holloway,

Public Key Infrastructure Towards a reliable revocation status checking method Royal Holloway, University of London Keith Vella Licari Weekend Conference 2013 keith@vellalicari.com Agenda About me Project approach Certificate

446 views • 27 slides
CMSC 132: Object-Oriented Programming II Synchronization in Java Department of Computer Science

CMSC 132: Object-Oriented Programming II Synchronization in Java Department of Computer Science

CMSC 132: Object-Oriented Programming II Synchronization in Java Department of Computer Science University of Maryland, College Park Multithreading Overview Motivation & background Threads Creating Java threads Thread states

618 views • 13 slides
Amy Sayre, President of August REI, a Residential Loan Servicing Company. Borrower Mortgage

Amy Sayre, President of August REI, a Residential Loan Servicing Company. Borrower Mortgage

ACQUIRING AND MANAGING A MORTGAGE NOTE PORTFOLIO David Campbell, mortgage note investor / broker founder of Hassle-Free Cashflow Investing Kaaren Hall, president of uDirect IRA Services Amy Sayre, President of August REI, a Residential Loan

779 views • 48 slides

More recommend