secure upgrade of hardware security modules
play

Secure upgrade of hardware security modules in bank networks - PowerPoint PPT Presentation

Nov 28, 2022 •543 likes •1.25k views

Secure upgrade of hardware security modules in bank networks Riccardo Focardi 1 Flaminia Luccio 1 1 Universit` a Ca Foscari di Venezia, Italy { focardi,luccio } @dsi.unive.it ARSPA-WITS10 Paphos, Cyprus March 27-28, 2010 Work

  1. Secure upgrade of hardware security modules in bank networks ∗ Riccardo Focardi 1 Flaminia Luccio 1 1 Universit` a Ca’ Foscari di Venezia, Italy { focardi,luccio } @dsi.unive.it ARSPA-WITS’10 Paphos, Cyprus March 27-28, 2010 ∗ Work partially supported by: Miur’07 Project SOFT: “ Security Oriented Formal Techniques ” ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 1 / 17

  2. PIN processing APIs Overview PIN processing infrastructure ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  3. PIN processing APIs Overview PIN processing infrastructure PIN ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  4. PIN processing APIs Overview PIN processing infrastructure Accept Refuse PIN PIN PIN PIN PIN ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  5. PIN processing APIs Overview PIN processing infrastructure Accept Refuse { PIN } k 2 { PIN } k 4 PIN PIN { PIN } k 1 PIN PIN { PIN } k 3 PIN ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  6. PIN processing APIs Overview PIN processing infrastructure Accept Refuse { PIN } k 2 { PIN } k 4 { PIN } k 1 PIN { PIN } k 3 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 2 / 17

  7. PIN processing APIs Overview Hardware Security Module (HSM) Tamper resistant Security API for Managing cryptographic keys Decrypting/re-encrypting the PIN Checking the validity of the PIN ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 3 / 17

  8. PIN processing APIs Overview Hardware Security Module (HSM) Tamper resistant Security API for Managing cryptographic keys Decrypting/re-encrypting the PIN Checking the validity of the PIN ... but still, attacks are possible ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 3 / 17

  9. PIN processing APIs Overview Hardware Security Module (HSM) Tamper resistant Security API for Managing cryptographic keys Decrypting/re-encrypting the PIN Checking the validity of the PIN ... but still, attacks are possible Our goal: propose ‘cheap’ HSM upgrading strategies 1 securing subnetworks while keeping service up 2 trade-off between hardware and manpower cost ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 3 / 17

  10. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  11. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  12. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  13. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  14. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  15. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  16. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  17. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  18. PIN processing APIs An attack on PIN verification The PIN verification API Encrypted PIN Block : contains the PIN at the ATM PIN V( EPB , vdata,len,dectab,offset ) Data for computing the user PIN Returns the equality of the two PINs Example: PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 The two values coincide: PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 4 / 17

  19. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  20. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,0123456789012345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  21. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  22. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 0472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  23. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 1472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  24. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 1472 ⊕ 4732 mod 10 = 4104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  25. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 1472 ⊕ 4732 mod 10 = 5104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

  26. PIN processing APIs An attack on PIN verification The ‘decimalization’ attack on PIN V [Bond, Zielinski ’03] PIN V( { 4104 , r } k ,vdata,4,1123456789112345,4732) dec k ( { 4104 , r } k ) = 4104 , r 1 4104 enc pdk (vdata) = A 47295 FDE 32 A 48 B 1 2 1472 ⊕ 4732 mod 10 = 5104 3 PIN V returns ‘true’ ARSPA-WITS’10 ()Secure upgrade of HSMs in bank networks 5 / 17

Recommend

Hardware Security Smartcards and other TamperResistant Modules Markus G. Kuhn Computer

Hardware Security Smartcards and other TamperResistant Modules Markus G. Kuhn Computer

Hardware Security Smartcards and other TamperResistant Modules Markus G. Kuhn Computer Laboratory http://www.cl.cam.ac.uk/~mgk25/ Applications of Tamper Resistant Modules Security of cryptographic applications is based on secure

564 views • 23 slides
Hardware Security Modules: Attacks and Secure Configuration Graham Steel Graham Steel April

Hardware Security Modules: Attacks and Secure Configuration Graham Steel Graham Steel April

Hardware Security Modules: Attacks and Secure Configuration Graham Steel Graham Steel April 2014 Graham Steel - HSM Attacks and Secure Configuration April 2014 - 2/ 56 Secure Hardware History Military: WW2 Enigma machines - captured

667 views • 56 slides
Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

SP SPACE ACE 201 2016 Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security Security: : New Front New Frontiers iers Swarup Bhunia Professor Electrical & Computer Engineering SPACE | Dec 2016 1

607 views • 29 slides
Hardware Security Modules (HSMs) Benefits and Challenges ICANN 50, London, UK 25 June 2014

Hardware Security Modules (HSMs) Benefits and Challenges ICANN 50, London, UK 25 June 2014

Hardware Security Modules (HSMs) Benefits and Challenges ICANN 50, London, UK 25 June 2014 richard.lamb@icann.org Hardware Security Modules Cool but what are you protecting? This works fine in many cases ..but this may be the real problem No

255 views • 12 slides
Hardware Security Modules What they are and why it's likely that you've (indirectly) used one

Hardware Security Modules What they are and why it's likely that you've (indirectly) used one

Hardware Security Modules What they are and why it's likely that you've (indirectly) used one today Insert Your Name Insert Your Title Insert Date RWC 2015 Paul Hampton 8 th January 2015 What Am I Going to Talk About? What Is A Where Will

746 views • 30 slides
The DragonBeam Framework: Hardware-Protected Security Modules for In-Place Intrusion Detection

The DragonBeam Framework: Hardware-Protected Security Modules for In-Place Intrusion Detection

The DragonBeam Framework: Hardware-Protected Security Modules for In-Place Intrusion Detection Man-Ki Yoon, Mihai Christodorescu, Lui Sha, Sibin Mohan University of Illinois at Urbana-Champaign Qualcomm Research Silicon Valley June 6, 2016

928 views • 46 slides
The IBM 4758 Secure Cryptographic Coprocessor Hardware Architecture and Physical Security Steve

The IBM 4758 Secure Cryptographic Coprocessor Hardware Architecture and Physical Security Steve

The IBM 4758 Secure Cryptographic Coprocessor Hardware Architecture and Physical Security Steve Weingart Senior Engineer (561) 392 6100 c1shw@us.ibm.com Secure Systems and Smart Cards IBM T.J. Watson Research Center Hawthorne, NY 4758 PCI

386 views • 11 slides
Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER /

Hardware Security Group at Lab-STICC 8 faculties and 12 PhD students / postdocs / ATER / engineers Hardware security for embedded systems: memory and communication protection Arithmetic Tradeoffs on Performance/Cost/Security secure

310 views • 14 slides
Whats new? Calibration Hardware IAEA Acquisition software Hardware and Software Upgrade for

Whats new? Calibration Hardware IAEA Acquisition software Hardware and Software Upgrade for

Hardware and Software Upgrade for the Solution Measurement and Monitor System at Rokkasho Reprocessing Plant R.Plenteda, A.Alessandrello, M.Frankl, W.Deringer, M.Lang, M.Cronholm, K.Baird, D.Breban, C.Creusot International Atomic Energy Agency

705 views • 17 slides
Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada,

Trusted Platform Modules and Hardware-based Security Andreas Nilsson Masters Student at Nada, KTH Pointsec Mobile Technologies TPM Introduction Microcontroller affixed to the motherboard. Cryptographic functions like key storage

834 views • 35 slides
Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted

Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted

Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted Cryptographic Protocols Estonian Winter School in Computer Science 2016 Motivation 2 Two Areas Cryptographic Protocols Secure Hardware strong security

759 views • 52 slides
Why secure the OS? Works directly on the hardware but can be adapted during runtime Operating

Why secure the OS? Works directly on the hardware but can be adapted during runtime Operating

Why secure the OS? Works directly on the hardware but can be adapted during runtime Operating System Security Data and process are directly visible Application security can be circumvented from lower layers = > good scope

103 views • 8 slides
Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor

Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor

Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor or Ryan Kastner er Dept. of Computer ter Science e and Engineer ineering ing Unive vers rsity ity of Californi ornia, a, San Diego

743 views • 41 slides
hocos SLT Programs hardware-oriented computer science Why This Presentation? Lectures must

hocos SLT Programs hardware-oriented computer science Why This Presentation? Lectures must

Steganography for Our Research Hardware Security DeepFake Detection Foci and Your Secure Opportunities Memristive Composition Cryptography Fault attacks and Ilia Polian Stochastic countermeasures Hardware-oriented Computer Science

706 views • 24 slides
Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just:

Why W3C needs to Remain Neutral and Endorse Brand - free Hardware Security Web + Hardware Security is much, much more than just: Image source: halfelf.org It is about decentralizing ID validation and key storage (my religion)

522 views • 16 slides
Functionality Test of Bare Modules for the Phase I Upgrade of CMS Pixel Detector Presentation of

Functionality Test of Bare Modules for the Phase I Upgrade of CMS Pixel Detector Presentation of

Functionality Test of Bare Modules for the Phase I Upgrade of CMS Pixel Detector Presentation of Master Thesis, 23.10.2015 Bojan Hiti INSTITUT F UR EXPERIMENTELLE KERNPHYSIK (EKP), KIT www.kit.edu KIT University of the State of

1.05k views • 37 slides
Modern Systems: Security October 8, 2012 Background: Trusted Platform Modules What is a TPM?

Modern Systems: Security October 8, 2012 Background: Trusted Platform Modules What is a TPM?

Modern Systems: Security October 8, 2012 Background: Trusted Platform Modules What is a TPM? 16 Platform Configuration Registers (PCRs) Random Number Generator (RNG) Endorsement Key (EK) burned in hardware What can it do?

575 views • 33 slides
HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware

HARDSPLOIT Framework for Hardware Security Audit a bridge between hardware & a so0ware pentester Who am I ? Julien Moinard - Electronic engineer @opale-security (French company) - Security consultant, Hardware & SoDware pentester -

803 views • 40 slides
Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl

Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl

Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl Problem description To satisfy security needs, DNS operators use Hardware Security Modules. Specialized hardware that have special security

445 views • 21 slides
Modules and Front-End Electronics Developments for the ATLAS ITk Strips Upgrade Carlos Garc

Modules and Front-End Electronics Developments for the ATLAS ITk Strips Upgrade Carlos Garc

Modules and Front-End Electronics Developments for the ATLAS ITk Strips Upgrade Carlos Garc a Argos, on behalf of the ATLAS ITk Collaboration University of Freiburg International Conference on Technology and Instrumentation in Particle

336 views • 19 slides
DPM Upgrade status Fibre trays Firmware R&D DUNE DAQ Hardware Meeting 24 24 May2018

DPM Upgrade status Fibre trays Firmware R&D DUNE DAQ Hardware Meeting 24 24 May2018

DPM Upgrade status Fibre trays Firmware R&D DUNE DAQ Hardware Meeting 24 24 May2018 Babak Abi, DAQ meeting 1 DPM Upgrade, , curr rrent status DPM (RCE already proven performance in 35t & ProtoDUNE): Component Cost()

381 views • 9 slides
Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software

Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software

Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software protections Binary and malware analysis Fuzzing Network security Hardware and OS security 2 Assuming secure software, what is

984 views • 72 slides
Secure Enhanced Linux Julian Richen SELinux? Started as a research project from the National

Secure Enhanced Linux Julian Richen SELinux? Started as a research project from the National

Secure Enhanced Linux Julian Richen SELinux? Started as a research project from the National Security Agency (NSA) A set of patches using the Linux Security Modules (LSM) Hardening GNU/Linux systems with extra security policies and

349 views • 15 slides
COMPILING FOR THE ARCHER HARDWARE Slides contributed by Cray and EPCC Modules The Cray

COMPILING FOR THE ARCHER HARDWARE Slides contributed by Cray and EPCC Modules The Cray

COMPILING FOR THE ARCHER HARDWARE Slides contributed by Cray and EPCC Modules The Cray Programming Environment uses the GNU modules framework to support multiple software versions and to create integrated software packages As new

586 views • 31 slides

More recommend