smartcard protocol sniffing
play

Smartcard protocol sniffing Introduction to the theoretical and - PowerPoint PPT Presentation

Sep 21, 2023 •161 likes •768 views

Introduction Logging the communication Re-engineering the protocol Creating a simulacrum Smartcard protocol sniffing Introduction to the theoretical and practical issues involved in cloning/simulating existing smartcards Bernd Fix,

  1. Introduction Logging the communication Re-engineering the protocol Creating a simulacrum Smartcard protocol sniffing Introduction to the theoretical and practical issues involved in cloning/simulating existing smartcards Bernd Fix, Marc-André Beck Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  2. Introduction Logging the communication Re-engineering the protocol Creating a simulacrum Outline Introduction 1 Recap of last years lecture about the swiss Postcard This talk is about What is a smartcard? Everyone can build its own Logging the communication 2 Hardware-based logging RFID Relay / Logging Agent Software-based logging Comparison between methods Re-engineering the protocol 3 Principle of communication logging Hands on example Data structure for a logging application Creating a simulacrum 4 Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  3. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own Outline Introduction 1 Recap of last years lecture about the swiss Postcard This talk is about What is a smartcard? Everyone can build its own Logging the communication 2 Hardware-based logging RFID Relay / Logging Agent Software-based logging Comparison between methods Re-engineering the protocol 3 Principle of communication logging Hands on example Data structure for a logging application Creating a simulacrum 4 Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  4. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own Recap of last years lecture about the swiss Postcard I 1979 Start design of P IN protected memory card (Bull CP8) 1983 French banking card with 320 bit RSA authentification 1989 Introduction of french banking card ( Carte Bleue ) 1998 Serge Humpich re-engineered the Carte Bleue Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  5. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own Recap of last years lecture about the swiss Postcard II 2002 Found that the security measures of the swiss Postcard were similar 2006 Re-checked the security measures 2006 Presentation of initial results at the 23C3: A not so smart card 2007 initiated academic response eg. http://lis.fh-aargau.ch/ecsem/ECSeminar/SS07.html low impact, small media coverage Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  6. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own This talk is about PostFinance Flawed signatures not used in authentication scheme Goal Build a working Postcard clone based on known facts For an introduction into the design flaws take a look at postcard-sicherheit.ch Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  7. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own This talk is about PostFinance Flawed signatures not used in authentication scheme Goal Build a working Postcard clone based on known facts For an introduction into the design flaws take a look at postcard-sicherheit.ch Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  8. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own What is a smartcard? External clock, ground and energy source I/O (input - output), reset Microcontroller with an internal E EPROM External E EPROM Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  9. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own What is a smartcard? External clock, ground and energy source I/O (input - output), reset Microcontroller with an internal E EPROM External E EPROM Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  10. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own What is a smartcard? External clock, ground and energy source I/O (input - output), reset Microcontroller with an internal E EPROM External E EPROM Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  11. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own What is a smartcard? External clock, ground and energy source I/O (input - output), reset Microcontroller with an internal E EPROM External E EPROM Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  12. Introduction Recap of last years lecture about the swiss Postcard Logging the communication This talk is about Re-engineering the protocol What is a smartcard? Creating a simulacrum Everyone can build its own Everyone can build its own Comparable to an old 8bit PC (but with fewer passive elements). Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  13. Introduction Hardware-based logging Logging the communication RFID Relay / Logging Agent Re-engineering the protocol Software-based logging Creating a simulacrum Comparison between methods Outline Introduction 1 Recap of last years lecture about the swiss Postcard This talk is about What is a smartcard? Everyone can build its own Logging the communication 2 Hardware-based logging RFID Relay / Logging Agent Software-based logging Comparison between methods Re-engineering the protocol 3 Principle of communication logging Hands on example Data structure for a logging application Creating a simulacrum 4 Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  14. Introduction Hardware-based logging Logging the communication RFID Relay / Logging Agent Re-engineering the protocol Software-based logging Creating a simulacrum Comparison between methods Protocol is mostly known Most cards use ISO-7816 protocol to communicate with terminal ISO-7816 defines all aspects (physical/logical specs) Compatibility leads to tolerance (timing less relevant if within range) Still necessary even if protocol is published (like EMV) ? Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  15. Introduction Hardware-based logging Logging the communication RFID Relay / Logging Agent Re-engineering the protocol Software-based logging Creating a simulacrum Comparison between methods Hardware-based logging PC Pro Capture the communication on physical 25132756 level (timing) MEIER MUSTER 60-134597-1 03/12 Orginal Con Not feasable outdoors Terminal Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  16. Introduction Hardware-based logging Logging the communication RFID Relay / Logging Agent Re-engineering the protocol Software-based logging Creating a simulacrum Comparison between methods RFID Relay / Logging Agent RFID Pro Full processing power and PC 60-134597-1 03/12 comfort MEIER MUSTER 25132756 Original 25132756 Con No known implementation MEIER MUSTER 60-134597-1 03/12 yet Terminal Communicate with inserted card via R FID form notebook. Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  17. Introduction Hardware-based logging Logging the communication RFID Relay / Logging Agent Re-engineering the protocol Software-based logging Creating a simulacrum Comparison between methods Software-based logging Clone 60-134597-1 03/12 MEIER MUSTER 25132756 Pro (Quite) easy to program and use (secrecy) Terminal Con Step-by-step approach (time consuming) PC 60-134597-1 03/12 Clone MEIER MUSTER Original 25132756 25132756 MEIER MUSTER 60-134597-1 03/12 Use programmable smartcards to capture communication. Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  18. Introduction Hardware-based logging Logging the communication RFID Relay / Logging Agent Re-engineering the protocol Software-based logging Creating a simulacrum Comparison between methods Javacard / Processorcard Processorcard Javacard Pro Can be customized to any Pro No special programmer sort of communication needed Con Needs special programmer Con Can’t log direct convention (Money) or T1 Bernd Fix, Marc-André Beck Smartcard protocol sniffing

  19. Introduction Hardware-based logging Logging the communication RFID Relay / Logging Agent Re-engineering the protocol Software-based logging Creating a simulacrum Comparison between methods Comparison between methods Property HW JC PC Capture timing X T1 protocol X X Direct convention X X Indirect convention X X X Ease of use lo hi med* Secrecy lo hi hi Special hardware X X *Increase with ISO-7816/T0 library Bernd Fix, Marc-André Beck Smartcard protocol sniffing

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The SmartCard is your access into thousands of coupons, coupon codes, and daily deals all in one

The SmartCard is your access into thousands of coupons, coupon codes, and daily deals all in one

The SmartCard is your access into thousands of coupons, coupon codes, and daily deals all in one convenient location. To learn more about the SmartCard go to: www.AccessSmartCard.com SmartCard Value: Bonus Restaurant Gift Card with SmartCard25

655 views • 14 slides
TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview

TCP/IP: sniffing, ARP attacks, IP fragmentation Network Security Lecture 3 Recap and overview Last time Today TCP/IP Attacks IP Sniffing Ethernet Spoofing ARP Hijacking (ARP) Tools/libraries Libnet,

729 views • 37 slides
Network Network sniffing sniffing packet capture and analysis packet

Network Network sniffing sniffing packet capture and analysis packet

Network Network sniffing sniffing packet capture and analysis packet capture and analysis October 2, 2020 Administrative submittal instructions submittal instructions Administrative answer the lab

366 views • 17 slides
What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol Protocol What is i

What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol Protocol What is i

What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol Protocol What is i -Key-Protocol, i = 1, 2, 3, Family of protocols Secure electronic payment Based on credit card payments Christopher Hsu Can be extended

407 views • 4 slides
1 Connection Establishment Data Exchange Clients connect to an SSH server on port Once

1 Connection Establishment Data Exchange Clients connect to an SSH server on port Once

Where in the stack is security? Attacks can be targeted at any layer of the 16: protocol stack Application layer: Password and data sniffing, Forged Exploits and Defenses Up and transactions, Security holes, Buffer Overflows?

1.15k views • 9 slides
University of Warwick Sniffing out Tuberculosis Dr J.A. Covington Biomedical Sensors Lab School

University of Warwick Sniffing out Tuberculosis Dr J.A. Covington Biomedical Sensors Lab School

University of Warwick Sniffing out Tuberculosis Dr J.A. Covington Biomedical Sensors Lab School of Engineering A life in smell H 2 Flow Sensor Filter Detector Motivation Point of care Rapid Patient acceptable

474 views • 14 slides
Cyber@UC Meeting 49 Systems Exploitation: Sniffing, Man in the Middle, etc If Youre New!

Cyber@UC Meeting 49 Systems Exploitation: Sniffing, Man in the Middle, etc If Youre New!

Cyber@UC Meeting 49 Systems Exploitation: Sniffing, Man in the Middle, etc If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees:

464 views • 21 slides
Smartcards ISO 7816 & smartcard operating systems Erik Poll Digital Security Radboud

Smartcards ISO 7816 & smartcard operating systems Erik Poll Digital Security Radboud

Smartcards ISO 7816 & smartcard operating systems Erik Poll Digital Security Radboud University Nijmegen 1 Standard for contact smartcards ISO7816 7816-1 Physical characteristics 7816-2 Dimension & size of contacts

616 views • 25 slides
JavaCard group project Erik Poll Digital Security Radboud University Nijmegen 1 Smartcard

JavaCard group project Erik Poll Digital Security Radboud University Nijmegen 1 Smartcard

JavaCard group project Erik Poll Digital Security Radboud University Nijmegen 1 Smartcard group project You have been contracted to build a system electronic purse loyalty card petrol rationing car rental Only design

461 views • 30 slides
How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO

How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO

How to do Packet Sniffing on Linux (tcpdump) NetBeez Webinar Panos Vouzis Co-founder and COO Agenda What is tcpdump? Lab set-up tcpdump usage Output breakdown Saving to file Filtering (host, port, traffic

582 views • 11 slides
Attacks on TCP 1 Outline What is TCP protocol? How the TCP Protocol Works SYN

Attacks on TCP 1 Outline What is TCP protocol? How the TCP Protocol Works SYN

Attacks on TCP 1 Outline What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack 2 TCP Protocol Transmission Control Protocol (TCP) is a core protocol

598 views • 47 slides
TravelSpirit and the Open Internet of Mobility Open internet of mobility Call SmartCard

TravelSpirit and the Open Internet of Mobility Open internet of mobility Call SmartCard

TravelSpirit and the Open Internet of Mobility Open internet of mobility Call SmartCard Contactless App Data Payment MaaS Journey Platform Operator Planner aggregator facilitator Service planner Open data feeds Platform

339 views • 7 slides
Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the

Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the

Packet Sniffing and Spoofing Chester Rebeiro IIT Madras Some of the slides borrowed from the book Computer Security: A Hands on Approach by Wenliang Du Shared Networks Every network packet reaches every computer's network Interface

960 views • 59 slides
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber Security Practice 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

593 views • 14 slides
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang SUSTech CS 315 Computer Security 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs) packets being

485 views • 13 slides
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University CSC 5991 Cyber Security Prac@ce 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

172 views • 14 slides
Physical Layer (Part 2) Srinidhi Varadarajan Fourier Series Even and Odd functions: Even

Physical Layer (Part 2) Srinidhi Varadarajan Fourier Series Even and Odd functions: Even

Physical Layer (Part 2) Srinidhi Varadarajan Fourier Series Even and Odd functions: Even functions mirror around the Y-axis (cos ) Odd functions invert around the Y axis (sin ) A Fourier series expresses a time-domain

559 views • 12 slides
Internet Lab (iLab1) Basics Minoo Rouhi ilab1@net.in.tum.de Chair of Network Architectures and

Internet Lab (iLab1) Basics Minoo Rouhi ilab1@net.in.tum.de Chair of Network Architectures and

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Internet Lab (iLab1) Basics Minoo Rouhi ilab1@net.in.tum.de Chair of Network Architectures and Services Department of Informatics Technical

609 views • 24 slides
SOC Laboratory Course in NCTU Trial Run Report Speaker: Kun-Bin Lee Directed by Prof.

SOC Laboratory Course in NCTU Trial Run Report Speaker: Kun-Bin Lee Directed by Prof.

SOC Laboratory Course in NCTU Trial Run Report Speaker: Kun-Bin Lee Directed by Prof. Chein-Wei Jen Department of Electronics Engineering National Chiao Tung University {kblee, cwjen}@twins.ee.nctu.edu.tw Jul. 15, 2003 Lab Modules of

386 views • 22 slides
Optimising FPGA data access to boost performance Nick Brown, EPCC at the University of Edinburgh

Optimising FPGA data access to boost performance Nick Brown, EPCC at the University of Edinburgh

It's all about data movement: Optimising FPGA data access to boost performance Nick Brown, EPCC at the University of Edinburgh n.brown@epcc.ed.ac.uk Co-author: David Dolman, Alpha Data 1 Met Office NERC Cloud (MONC) model MONC is a model

475 views • 22 slides
Protocol Stack Networking Email Generally speaking, sending an email message is equivalent to

Protocol Stack Networking Email Generally speaking, sending an email message is equivalent to

Protocol Stack Networking Email Generally speaking, sending an email message is equivalent to copying a file from sender to receiver. Packetization Representation It is impossible to send arbitrary long messages. Correspondents may

387 views • 5 slides
Challenge using dynamic point-to-point circuits in LHC The obvious thing is to take info The

Challenge using dynamic point-to-point circuits in LHC The obvious thing is to take info The

Challenge using dynamic point-to-point circuits in LHC The obvious thing is to take info The obvious thing is to take info from the workflow manager, and from the workflow manager, and use it to request changes at the use it to request

191 views • 3 slides
CS5412: THE REALTIME CLOUD Lecture XXIV Ken Birman Can the Cloud Support Real-Time? 2

CS5412: THE REALTIME CLOUD Lecture XXIV Ken Birman Can the Cloud Support Real-Time? 2

CS5412 Spring 2014 1 CS5412: THE REALTIME CLOUD Lecture XXIV Ken Birman Can the Cloud Support Real-Time? 2 More and more real time applications are migrating into cloud environments Monitoring of traffic in various situations,

649 views • 45 slides
IPsec, BGPsec, DNSSEC Lecture 20 Internet Protocol Suite TCP/IP: Developed in the 70 s IP: at

IPsec, BGPsec, DNSSEC Lecture 20 Internet Protocol Suite TCP/IP: Developed in the 70 s IP: at

IPsec, BGPsec, DNSSEC Lecture 20 Internet Protocol Suite TCP/IP: Developed in the 70 s IP: at the internet layer. Handles addressing and routing TCP: at the transport layer. Setting up channels (between ports), with traffic control, error-

292 views • 17 slides

More recommend