crypto puces 2011 introduction state of the art
play

CryptoPuces 2011 Introduction State of the art SCWS / BIP The - PowerPoint PPT Presentation

Sep 23, 2022 •427 likes •669 views

Matthieu BARREAUD, Guillaume BOUFFARD & Jean-Louis LANET {matthieu.barreaud,guillaume.bouffard,jean-louis.lanet}@xlim.fr SSD team XLIM University of Limoges http://secinfo.msi.unilim.fr This work is based on the M1 students project.

  1. Matthieu BARREAUD, Guillaume BOUFFARD & Jean-Louis LANET {matthieu.barreaud,guillaume.bouffard,jean-louis.lanet}@xlim.fr SSD team – XLIM – University of Limoges http://secinfo.msi.unilim.fr This work is based on the M1 students project. Thanks to Mamadou BALDE, Amine BELHOCINE, Silvère CAINAUD, Jérémie CLEMENT, Romain SEVERIN, Nicolas TARRIOL and Lylia TIKOBAINI. Crypto’Puces 2011

  2.  Introduction  State of the art ◦ SCWS / BIP ◦ The HTTP protocol ◦ The fuzzing  Fuzzing on a SCWS ◦ Aims ◦ HTTP smart card features ◦ Tests generation ◦ Logging ◦ Parallelization  Experimental results  Conclusions 2

  3.  Smart cards are essentials: ◦ Payment: credit card, moneo, etc. ◦ Transport: ticketing in public transport, etc. ◦ Insurance: Health Care card, etc. ◦ Telephony: SIM card (mobile), etc.  Hyper Text Transfer Protocol (HTTP) is a new implemented technology in smart card world.  Problem: ◦ How to ensure the HTTP implementation robustness? 3

  4.  mNFC JavaCard 2.2 Smart Card Web Server (SCWS)  http://127.0.0.1:3516  Short-range wireless technologies (- 10 cm)  SCWS is both a server and a client application: ◦ In server mode, SCWS is used by the subscriber using a WAP browser implemented in his handset. ◦ In client mode, SCWS is used by the Card Issuer in order to administrate the SCWS from a server.  In our case, we use the SCWS in server mode.  SCWS communicates with BIP commands 4

  5. 5

  6.  We can access the SCWS in: ◦ Remote to administrate the SCWS  Administrative commands : add a user, change a password, etc.  The Access Control Policy (ACP) is stocked in the card ◦ Local to communicate with the SCWS 6

  7.  HTTP request representation: GET /index.html HTTP/1.1 \r\n Host: 127.0.0.1:3516 \r\n … \r\n \r\n  Creation of an interactive HTTP Backus Normal Form (BNF) 7

  8.  It is a software testing technique  It provides invalid, unexpected or random data to the inputs of a computer program, protocol implementation, … in order to crash it.  Fuzzing is used to find security flaws in software or computer systems.  There are two types of fuzzer: ◦ Mutation based fuzzer : mutates existing data samples to create test data ◦ Generation based fuzzer : defines new test data based on data models and state models 8

  9.  Advantages / Drawbacks of fuzzer types: ◦ Mutation  Limited  Fast to implement  Slow execution because of cases number ◦ Generation  Full  Implementation is time consuming  Slow execution because of cases number 9

  10.  We verify the correctness implementation of the smart card HTTP protocol  Work in black box without knowledge of the system  Have a generic data model, usable anywhere (not only on smart card)  Accurate results analysis: ◦ Determine if the smart card has a not expected behavior ◦ We analyze the card return value.  Choose the type of mutation: ◦ Mutate all possible values or only part of them? 10

  11.  How to know the SCWS implemented features ?  We developed PyHAT!  Which reduces the amount of methods to fuzz 11

  12. 12

  13. Search HTTP implemented features PyHAT Send invalid data Interface PEACH Return card state Send invalid data APDU Response Smart Card 13

  14.  During the fuzzing step, we need to: ◦ Log each test ◦ To find some implementation errors  A log file is created for each fuzzed method  The request sent is saved with the full APDU command 14

  15. ----- RECEIVE DATA TERMINAL RESPONSE ----- TRANSMIT (total): 80 14 00 00 44 01 03 01 42 01 02 02 82 81 03 01 00 36 81 32 47 45 54 20 2F 74 65 73 74 31 2E 68 74 6D 6C 20 48 54 54 50 2F 31 2E 31 0D 0A 48 6F 73 74 3A 20 31 32 37 2E 30 2E 30 2E 31 3A 33 35 31 36 0D 0A 0D 0A 37 01 00 TRANSMIT (request only): GET /test1.html HTTP/1.1 Host: 127.0.0.1:3516 RESPONSE (total): STATUS WORD : 91 FE 15

  16. ----- SEND DATA ----- TRANSMIT (total): 80 12 00 00 FE RESPONSE (total): 48 54 54 50 2F 31 2E 31 20 32 30 30 20 0D 0A 43 6F 6E 74 65 6E 74 2D 4C 65 6E 67 74 68 3A 31 33 37 0D 0A 45 54 61 67 3A 20 22 30 30 30 33 22 0D … RESPONSE (request only): HTTP/1.1 200 Content-Length:137 ETag : “0003” Content-Encoding: gzip Content-Type: text/html STATUS WORD : 90 00 16

  17. PEACH peach.exe – pX,Y ./fuzz_http.xml -p3,0 -p3,1 -p3,2 XML 1 XML 2 XML 3 Interface 17

  18.  No HTTP card response when “ \r\n\r\n ” is not in the request but there is a correct Status Word ( 90 00 ).  SCWS does not compress in GZIP  PUT method permits to overwrite existing webpages 18

  19. ----- RECEIVE DATA TERMINAL RESPONSE ----- TRANSMIT (total): 80 14 00 00 3F 01 03 01 42 01 02 02 82 81 03 01 00 36 81 2D 47 45 54 … 0A 0D 0A 37 01 00 TRANSMIT (request only): GET /index.html HTTP/1.1 Host: 127.0.0.1 RESPONSE (total): STATUS WORD : 91 B1 ----- FETCH (SEND DATA) ----- TRANSMIT : 80 12 00 00 B1 RESPONSE (request only): HTTP/1.1 200 Content-Length:85 ETag : “059B” Content-Type: text/html <html><head><title>Hello World</title></head> <body><h1>Hello World</h1></body></html> STATUS WORD : 90 00 19

  20. ----- RECEIVE DATA TERMINAL RESPONSE ----- TRANSMIT (total): 80 14 00 00 C0 01 03 01 42 01 02 02 82 81 03 01 00 36 81 AE 50 55 54 20 … 6C 3E 37 01 00 TRANSMIT (request only): PUT /index.html HTTP/1.1 Host: 127.0.0.1 Content-Length:85 Content-Type: text/html <html><head><title>AAAAAAAAAAA</title></head> <body><h1>BBBBBBBBBBB</h1></body></html> RESPONSE (total): STATUS WORD : 91 20 ----- FETCH (SEND DATA) ----- TRANSMIT : 80 12 00 00 20 RESPONSE (request only): HTTP/1.1 204 STATUS WORD : 90 00 20

  21. ----- RECEIVE DATA TERMINAL RESPONSE ----- TRANSMIT (total): 80 14 00 00 3F 01 03 01 42 01 02 02 82 81 03 01 00 36 81 2D 47 45 54 … 0A 0D 0A 37 01 00 TRANSMIT (request only): GET /index.html HTTP/1.1 Host: 127.0.0.1 RESPONSE (total): STATUS WORD : 91 B1 ----- FETCH (SEND DATA) ----- TRANSMIT : 80 12 00 00 B1 RESPONSE (request only): HTTP/1.1 200 Content-Length:85 ETag : “059C” Content-Type: text/html <html><head><title>AAAAAAAAAAA</title></head> <body><h1>BBBBBBBBBBB</h1></body></html> STATUS WORD : 90 00 21

  22.  First results of fuzzing have shown non-conformance of the HTTP specification  These results can only be discovered through fuzzing  Fuzzing is possible on smart cards 22

  23. ? Matthieu BARREAUD, Guillaume BOUFFARD & Jean-Louis LANET {matthieu.barreaud,guillaume.bouffard,jean-louis.lanet}@xlim.fr SSD team – XLIM - University of Limoges http://secinfo.msi.unilim.fr

Recommend

Techniques et outils pour la vrification de systmes-sur-puces au niveau transactionnel

Techniques et outils pour la vrification de systmes-sur-puces au niveau transactionnel

SoC LusSy P INAPA B ISE Conclusion Techniques et outils pour la vrification de systmes-sur-puces au niveau transactionnel Matthieu Moy Synchronous Languages and Reactive Systems Laboratoire Verimag, INPG System Platform Group

1.64k views • 163 slides
CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE

CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE

CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE WILLIAMSBURG, VA THURSDAY, OCTOBER 17 TH , 2019 JOHN KELLY, PE IOWA DEPARTMENT OF PUBLIC HEALTH DISCLAIMER THIS PRESENTATION: IS INTENDED FOR

843 views • 40 slides
Crypto 2011, Santa Barbara Inverting HFE Systems is Quasi-Polynomial for All Fields Jintai Ding 1

Crypto 2011, Santa Barbara Inverting HFE Systems is Quasi-Polynomial for All Fields Jintai Ding 1

Crypto 2011, Santa Barbara Inverting HFE Systems is Quasi-Polynomial for All Fields Jintai Ding 1 , 2 and Timothy Hodges 2 Southern Chinese University of Technology 1 University of Cincinnati 2 August 18, 2011 Outline 1 Introduction 2 Our main

749 views • 56 slides
Decision Reductions Crypto 2011 Daniele Micciancio Petros Mol August 17, 2011 1 Learning With

Decision Reductions Crypto 2011 Daniele Micciancio Petros Mol August 17, 2011 1 Learning With

Pseudorandom Knapsacks and the Sample Complexity of LWE Search-to- Decision Reductions Crypto 2011 Daniele Micciancio Petros Mol August 17, 2011 1 Learning With Errors ( LWE ) public: integers n, q secret small error from a known

505 views • 24 slides
Crypto Currency Security from the Frontlines Hedge Funds, Nation State Threats &amp; T echnical

Crypto Currency Security from the Frontlines Hedge Funds, Nation State Threats &amp; T echnical

Crypto Currency Security from the Frontlines Hedge Funds, Nation State Threats &amp; T echnical Security Approaches Adam Healy, CISO State of Crypto Asset Security 2016 Market Capitalization NASDAQ 1 ~$7.8 trillion London Stock Exchange 1

291 views • 12 slides
Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements intermission More crypto protocols and failures Stephen McCamant More causes of crypto failure University of Minnesota, Computer Science &amp;

430 views • 4 slides
Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements

Outline More crypto protocols CSci 5271 Introduction to Computer Security Announcements intermission More crypto protocols and failures Stephen McCamant More causes of crypto failure University of Minnesota, Computer Science &amp;

329 views • 5 slides
Getting Post-Quantum Crypto Algorithms Ready for Deployment End of ECRYPT II Event: Crypto for

Getting Post-Quantum Crypto Algorithms Ready for Deployment End of ECRYPT II Event: Crypto for

Getting Post-Quantum Crypto Algorithms Ready for Deployment End of ECRYPT II Event: Crypto for 2020 Tim Gneysu Hardware Security Group Horst Grtz Institute for IT-Security, Bochum 1/24/2013 Outline Introduction Alternative Public-Key

735 views • 55 slides
Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Bart Jacobs

Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Bart Jacobs

Crypto intro Crypto intro Symmetric crypto Symmetric crypto Achieving security goals with symmetric crypto Radboud University Nijmegen Achieving security goals with symmetric crypto Radboud University Nijmegen e-Passport example

269 views • 7 slides
The PHOTON Family of Lightweight Hash Functions Jian Guo, Thomas Peyrin, Axel Poschmann CRYPTO

The PHOTON Family of Lightweight Hash Functions Jian Guo, Thomas Peyrin, Axel Poschmann CRYPTO

Introduction Generalized Sponge Serial MDS PHOTON Security Conclusion The PHOTON Family of Lightweight Hash Functions Jian Guo, Thomas Peyrin, Axel Poschmann CRYPTO 2011, 15 August 2011 Introduction Generalized Sponge Serial MDS PHOTON

839 views • 35 slides
Introduction to Side-Channel Analysis Franois-Xavier Standaert UCL Crypto Group, Belgium

Introduction to Side-Channel Analysis Franois-Xavier Standaert UCL Crypto Group, Belgium

Introduction to Side-Channel Analysis Franois-Xavier Standaert UCL Crypto Group, Belgium Summer school on real-world crypto, 2016 Outline Link with linear cryptanalysis Standard Differential Power Analysis Noise-based security (is

1.17k views • 92 slides
NM Legislative Redistricting Committee Introduction to 2011 State and Congressional

NM Legislative Redistricting Committee Introduction to 2011 State and Congressional

NM Legislative Redistricting Committee Introduction to 2011 State and Congressional Redistricting June 20, 2011 Presented by: Brian Sanderoff, President Research &amp; Polling, Inc. Principles of Redistricting Equal population

657 views • 24 slides
- The First Crypto Merchant - Crypto Payment Crypto Payment for online shops for retail shops

- The First Crypto Merchant - Crypto Payment Crypto Payment for online shops for retail shops

- The First Crypto Merchant - Crypto Payment Crypto Payment for online shops for retail shops Did you know? Our payment system has ZERO FEES for processing payments How it works? It takes only a few minutes to complete Merchant Initiate

269 views • 11 slides
Javascript Crypto &amp; The Case Against Crypto Reductionism Ben Adida Mozilla Workshop on

Javascript Crypto &amp; The Case Against Crypto Reductionism Ben Adida Mozilla Workshop on

Javascript Crypto &amp; The Case Against Crypto Reductionism Ben Adida Mozilla Workshop on Real-World Crypto January 2013 promote openness, innovation &amp; opportunity on the Web. previously easy to deploy easy to use privacy

610 views • 22 slides
Financial Crypto and Data Security Mar. 3, 2011 Mercury: Recovering Forgotten Passwords Using

Financial Crypto and Data Security Mar. 3, 2011 Mercury: Recovering Forgotten Passwords Using

Financial Crypto and Data Security Mar. 3, 2011 Mercury: Recovering Forgotten Passwords Using Personal Devices M. Mannan NSERC PDF, University of Toronto m.mannan@utoronto.ca Collaborators: D. Barrera, C.D. Brown, D. Lie, P.C. van Oorschot

483 views • 24 slides
CS 1501 www.cs.pitt.edu/~nlf4/cs1501/ An Introduction to Cryptography Introduction to crypto

CS 1501 www.cs.pitt.edu/~nlf4/cs1501/ An Introduction to Cryptography Introduction to crypto

CS 1501 www.cs.pitt.edu/~nlf4/cs1501/ An Introduction to Cryptography Introduction to crypto Cryptography - enabling secure communication in the presence of third parties Alice wants to send Bob a message without anyone else being

878 views • 44 slides
Crypto Currencies Prof. Tom Austin San Jos State University What is currency? A means of

Crypto Currencies Prof. Tom Austin San Jos State University What is currency? A means of

CS 166: Information Security Crypto Currencies Prof. Tom Austin San Jos State University What is currency? A means of exchange, so that we don't have to carry around goats. Something we all agree is valuable maybe because

795 views • 38 slides
Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Achieving security

Outline Crypto intro Computer Security: Secret Key Crypto Symmetric crypto Achieving security

Crypto intro Crypto intro Symmetric crypto Symmetric crypto Achieving security goals with symmetric crypto Achieving security goals with symmetric crypto Radboud University Nijmegen Radboud University Nijmegen e-Passport example

1.11k views • 12 slides
Computer Security: Secret Key Crypto B. Jacobs Institute for Computing and Information Sciences

Computer Security: Secret Key Crypto B. Jacobs Institute for Computing and Information Sciences

Crypto intro Symmetric crypto Achieving security goals with symmetric crypto Radboud University Nijmegen e-Passport example Encryption: modes of operation Computer Security: Secret Key Crypto B. Jacobs Institute for Computing and Information

856 views • 73 slides
Shai Halevi IBM CRYPTO 2011 Wouldnt it be nice to be able to Encrypt my data before

Shai Halevi IBM CRYPTO 2011 Wouldnt it be nice to be able to Encrypt my data before

Shai Halevi IBM CRYPTO 2011 Wouldnt it be nice to be able to Encrypt my data before sending to the cloud While still allowing the cloud to search/sort/edit/ this data on my behalf Keeping the data in the cloud in encrypted form

956 views • 60 slides
Outline Public key crypto RSA Essentials Computer Security: Public Key Crypto Public Key Crypto

Outline Public key crypto RSA Essentials Computer Security: Public Key Crypto Public Key Crypto

Public key crypto Public key crypto RSA Essentials RSA Essentials Public Key Crypto in Java Public Key Crypto in Java Radboud University Nijmegen Radboud University Nijmegen Public key protocols Public key protocols Diffie-Hellman and El

448 views • 16 slides
w w w . a d i t u s . n e t Crypto-currencies have created a new class of a ffl uent individuals

w w w . a d i t u s . n e t Crypto-currencies have created a new class of a ffl uent individuals

Aditus Luxury Access Platform for Crypto A ffl uents Presentation 21 Nov 2017 w w w . a d i t u s . n e t Crypto-currencies have created a new class of a ffl uent individuals Crypto-currency values have been the best performing asset class

206 views • 19 slides
Algorithms, cryptography and protocols DONT EVER ROLL YOUR OWN PROTOCOL, CRYPTO ALGO, CRYPTO

Algorithms, cryptography and protocols DONT EVER ROLL YOUR OWN PROTOCOL, CRYPTO ALGO, CRYPTO

Algorithms, cryptography and protocols DONT EVER ROLL YOUR OWN PROTOCOL, CRYPTO ALGO, CRYPTO Use this space to add an image. IMPLEMENTATION, OR CRYPTO RNG Insert an image and change the scale to cover this box. ALSO, KEY MANAGEMENT IS

1.01k views • 81 slides
https://xkcd.com/538/ CS 166: Information Security Crypto Basics Prof. Tom Austin San Jos

https://xkcd.com/538/ CS 166: Information Security Crypto Basics Prof. Tom Austin San Jos

https://xkcd.com/538/ CS 166: Information Security Crypto Basics Prof. Tom Austin San Jos State University Crypto Terminology Cryptology art and science of making and breaking secret codes Cryptography making secret

645 views • 50 slides

More recommend