public transport payment security - umass amherst · 2009. 3. 4. · security consultant help...

Karsten Nohl

Source: New Yorker

Who I am

Researcher at the University of Virginia

PhD work proposed solutions forRFID privacy

Hacker

Find and publicize security hazards in large systems

▪ Past year: OpenSSL bug, DNS poisoning, Mifare security

Security consultant

Help companies understand threats and implement best-practice security

Karsten Nohl – Hardware Security for Payment 2

Exec Summary

Security is usually hard and often expensive

Not having security inevitably causes problems that are always even harder and more expensive

When designing security, prepare for failure

Goal should be low risk of large damage, but not perfect security

Hence, even Mifare Classic-based systems can be made “secure enough”


4Karsten Nohl – Hardware Security for Payment

Radio Frequency IDentification Tiny computer chips Passively Powered



Cryptographic cipher

Cryptographic cipher Challenge-

response protocol

7

ID

R

Enc(R)

Encryption under shared

secret key

Randomnumber

Karsten Nohl – Hardware Security for Payment

8

Emulation

Cryptographic Attacks:•Brute Force, TMTO•Algebraic Attacks

Replay

Proxy Attack

ID

R

Enc(R)

Weak keystorage


Contact-less “smart” card 2 Billion cards sold

Very popular in public transport

▪ ~ 85% market share

▪ Rio de Janeiro, São Paulo, Madrid, Valencia, Oslo, Sydney, Hamilton, Delhi, Nanjing, Shanghai, Taipei, Kuala Lumpur, Atlanta, St. Paul, Houston, Los Angles, Bangkok, Netherlands, London, Boston, ...

Popular for access control (industry, government)

▪ Security “patch”: Armed guards (NL)


Mifare Classic Break

Mifare cards uses proprietary Crypto-1 algorithm Never publicly reviewed for 20+ years

Algorithm reverse-engineered by UVa and CCC in 2007 Immediately found to be weak

Feb/Mar: Reports find Crypto-1 to be strong enough for a few more years Reports are corrected after UVa

releases more details about attacks April: Dutch researchers publicly

hack Oyster system Details published in October

after law suit


Once strong cryptography is used, key storage becomes weakest link

More ubiquitous systems typically have more copies of the secret keys in accessible places


Security protocols

Cryptographic functions

Key storage

Hardware Security Modules (HSM)

Used in ATMs (cash machine), few smart card readers

Use proprietary encryption

Hence, can be broken

▪ Usually high effort (> $100.000)

Secure Access Modules (SAM) are much easier to break

Credit card / smart card readers



Everything needed to disclose key is found on chip

Finding secret algorithms might be costly

HSM ID

Encrypted keyProprietary Decryption

Master key Card ID, sector, …

AES / 3DES

Card keyHardware Security Module (HSM)

Public key cryptography can mitigate security problems


Scalable through certificate chains Protected from all likely attacks Surprisingly inexpensive

(Card public key)system private key

(Transaction)card private key

RFID ticket

Paymentterminal

Extract and verify card pk using system public key

Extract and verify using card pk

Terminal only stores a publicly known key

Public key crypto is already used for transport micropayments

Successful implementation of public-key RFID payment system: “VDV Kernapplikation”

Roll-out since 2006 in Germany 3 million users and quickly growing Interoperable across 75 operators

(eventually 500+ operators) Most likely secure enough:

RSA public keys, EAL5+, … Total system cost:

<1 Euro per card and yearKarsten Nohl – Hardware Security for Payment 15

Best-Practice Security

Guidelines learned from past hacks include:

1. Prepare for security breaks, no measure is perfect

▪ Need: redundancy, “layering”

▪ Need: migration plan

2. Use standardized security

▪ Never rely on your own security “inventions”

3. Manage risks through threat modeling

▪ Find acceptable balance between potential losses and cost of security


Proprietary encryption is insecure

Key storage is the next weakest link

“Secure enough” is possible and even affordable

17

1

2

3


The Way Ahead

For secure RFID, we need:

Publicly reviewed standards

▪ Yes, this means “one-size-fits-all”, but requirements are generic

Comprehensive threat modeling

▪ Threat = risk × damage

User engagement, opt-out

▪ Never force technology onto users

▪ Inform about risks


Karsten Nohl

[email protected]


NFC (=RFID + cell phone) is the next hype

Dave Birch: “customers like NFC (a lot)“

21Picture Source: Collin Mulliner

“Most systems are deployed with insufficient security.”


Jonathan Main, Chair of NFC Technical Committee:

“NFC Forum's role is not to define the [security] requirements [because] a mandatory ‘one-size-fits-all’ approach such as that advocated by Mr. Nohl is not viable.Many applications use smart card security […] specified in other consortia. On top of these many security measures, users [can] set their own security parameters and preferences.”


The void of standardized security leads to:

Development of new proprietary measures

Adoption of old, broken security

23

Protocols

Cryptography

Secret keys

Often broken protocols, i.e.: NFC credit cards

Mifare Classic encryption !!

Key storage in insecure SAMs !!!


Spoof “unique” data of tags such as UID Done with RFID emulator (OpenPICC) or higher-

powered tag (SmartMX) Foundation

for other attackvectors


25

Attacker


1. Overhear legitimate authentication2. Force same challenge, answer with same

response Requires predictable “random” numbers


27

RNG Mifare random numbers are completely predictable and well documented


Recover secret key: Brute Force

Try all keys

TMTOs

Try all keys, efficiently

Algebraic Attacks w/ SAT solvers

Try all keys, smartly


Microcontroller Insecurity

Infi

neo

n S

LE

66

, co

urt

esy

Fly

log

ic


Karsten Nohl – Hardware Security for Payment 32Infineon SLE66 address/data bus, courtesy Flylogic


Meshes can sometimes protect data, but not algorithms

“Last resort”: Hide security in secret algorithms.

“Try all keys” Only possible for small keys

Mifare easy target:

Cipher complexity low, enables efficient FPGA implementation

FPGA cluster finds keyin 50 minutes!

34

Source: Pico Comp.


Weak Authentication Protocol

48-Bit Stream Cipher

Weak Filter Function Weak Random Number

Generator

35

Time Memory Trade Offs

Brute Force (due to small key)

Key Probing

Algebraic Attacks

Replay Attacks(due to predictable random numbers)


Secret keys can be stored:

Online:

▪ Keys only stored on central server

▪ Expensive setup, long response times

Semi-online:

▪ Devices receive keys at boot time

▪ Keys often stored in DRAM at runtime; bad idea!

Offline:

▪ Devices “securely” store key copy


Secret keys should be

Different for every user

▪ Requires many different keys

Immediately accessible

▪ Requires small number of keys

Best practice: derive user keys from master key; store master key in „key vault“


„Secure“ Access Modules are standard micro-processors Low effort to

extract master keys

SAMs are becoming cheaper and less secure!

(cell phones are not any better)


Source: Flylogic

public transport payment security - umass amherst · 2009. 3. 4. · security consultant help...

Documents