Password Authenticated Key Agreement for Contactless Smart Cards - PowerPoint PPT Presentation

Password Authenticated Key Agreement for Contactless Smart Cards Dennis Kügler 1 , Heike Neumann 2 , Sebastian Stappert 2 , Markus Ullmann 1 , Matthias Vögeler 2 1 Bundesamt für Sicherheit in der Informationstechnik 2 NXP Semiconductors

Outline  Security attacks concerning contactless smart cards  Security limitation of former solution  Password-based cryptographic protocols  Features of password-based protocols  PACE  TC-AMP  Comparison PACE – TC-AMP  Conclusion

Contactless Smart Card (optical character recognitation component) contactless radio frequency smart card interface device (picc) (pcd) / ISO 14443 reader Security Attacks 1. Unauthorized communication with the smart card 2. Eavesdropping of an existing pcd-picc communication Folie 3

ePassport: BAC-Protocol Read MRZ optically Inspection System RF-Chip Calculate Access Key K from optically read MRZ Challenge r Chip Choose r Chip randomly Choose r Reader randomly Choose key K Chip Choose key K Reader Ciphertext decrypt... encrypt... E K (r Reader ,r Chip ,K Reader ) r Chip correct? Ciphertext encrypt... decrypt... E K (r Chip ,r Reader ,K Chip ) r Reader correct?  Limitations  Entropy of the derived session key  BAC key is static  Base ideas for contactless cards  Two channels (optic channel, magnetic channel)  „Representation“ of former border control operation Folie 4

Contactless Card Operation  Smart card with contact interface Card operation is only possible if the card is physically connected to the terminal  Contactless card We are locking for a mechanism which „represents“ this connection process for contactless smart cards => secure connection establishment between contactless smart card and terminal Folie 5

Password Based Cryptographic Protocols  Security Usage  Client Server Authentication  Approaches  Encrypted Key Exchange (EKE), Bellovin and Merret 1992  ...  TP-AMP, Taekyoung Kwon 2004  Features  Strong session key agreement  Implicit entity authentication based on a shared secret of low entropy Folie 6

Password Based Cryptographic Protocols (2)  Secure connection establishment between smart card and terminal  Password Authenticated Connection Establishment (PACE), 2006  Terminal-Card-TP-AMP (TC-AMP), „simplified TP-AMP“, 2008  Low entropy of the password  e.g. 6 digits => 10 6 passwords  Adversary knows in principle the whole set of possible passwords Folie 7

Structure of PACE π 643215 pcd picc 1.Precondition: common elliptic curve E , base point G 2.Key derivation, selection of a random number s μ = h(π|1) mod n ← z = Encryption(μ, s) s = Decryption(μ, z) 3.Calculation of a random curve Point P (anonymous DH) 4.Mapping s → elliptic curve E G' = s * G + P 5.Calculation of a common secret curve point K anonymous DH using G' 6.Mutual Authentication of picc and pcd MAC(k MAC , PK picc ) → ← MAC(k MAC , PK pcd ) Folie 8

Security Requirements  General Requirements  Authentication of terminals  Strong session key agreement  Forward secrecy of the session keys  Specific Requirements Concerning Password Based Protocols  Security against off-line dictionary attacks  Security against on-line dictionary attacks  Type (1): can't abuse the protocol to eliminate passwords  Type (2): test at most one password per protocol run Folie 9

Security of PACE  Authentication of terminals „secrecy of π“, knowing and using π  Strong session key agreement computational DH assumption  Forward secrecy of the session keys random calculation of curve point K  Security against off-line dictionary attacks if s is choosen randomly, z is also randomly (password-based encryption is a pseudorandam permutation)  Security against on-line dictionary attacks  Type (1): can't abuse the protocol to eliminate passwords s < 2 m (m: Blocksize of the used blockcipher)  Type (2): test at most one password per protocol run Folie 10

Structure of TC-AMP π 643215 pcd picc 1.Precondition: common elliptic curve E , base point G 2.Key derivation, mapping π → elliptic curve E μ = h(0|π|0) mod n Γ 0 = μ * G Γ 1 = μ * G' (G' = l * G, l unknown) 3.Calculation of random curve points M = (x * G) + Γ 1 ' (x random) → ← Q = y * Γ 0 (y random) 4.Calculation of a common secret curve point A = B A = μ -1 (x + M x ) * Q B = y *(M+ Γ 1 + (M x * G)) 5.Mutual authentication of picc and pcd h(3|M x |A x |Q x |3) → ← h(2|M x |B x |Q x |2) Folie 11

Security of TC-AMP  Authentication of terminals „secrecy of π“, knowing and using π  Strong session key agreement intractability assumption of the discrete logarithm problem, cryptographic strength of the hash function  Forward secrecy of the session keys random calculation of curve point A = B  Security against off-line dictionary attacks M and Q are choosen randomly  Security against on-line dictionary attacks  Type (1): can't abuse the protocol to eliminate passwords injective Mapping π → Γ 0  Type (2): test at most one password per protocol run Folie 12

Comparison PACE - TC-AMP PACE TC-AMP  EC mapping: s → E π → E  Mapping G, G': G' = s * G + P G' = l * G (dynamic) (static)  Authentication: MAC-calculation Hash-generation  Implementation: 5 APDUs 3 APDUs  Performance: 945 ms 978 ms (SmartMX) Folie 13

PACE Performance Folie 14

TC-AMP Performance Folie 15

Conclusion  Presentation of two password based protocols for secure connection establishment between contactless smart card and terminal  Intention to use PACE for the next generation of german ID cards (contactless ISO 14443 interface)  Formal cryptographic and logical proofs of security are subject of current studies  On-line dictionary attacks are ever possible (security mechanism: time delay between failed protocol runs)  Future work: Javacard implementation of PACE and TC-AMP (Sun-JavaCard-API: EC-arithmetic is missing) Folie 16