smartcard lab - kth
TRANSCRIPT
William Sandqvist [email protected]
Two processors
The SmartCard containes a processor of the type 16F84A. That processor lacks both embedded clock-oscillator and serial communication unit. Serieal communication is therefore programmed as ”BitBanging”, and the card uses an externalclock oscillator chip.
On the breadboard we have a processor of the type 16F690. It has an internal clock oscillator and an internal serial communication unit.
William Sandqvist [email protected]
Program the SmartCard
Program the SmartCard with PICKit2-programmer
William Sandqvist [email protected]
”Communication center”
On the breadboard, we have built a "communication center" (The two diodes form a diode gate).
To facilitate debugging of programs now all communication between the PIC processor and the Smart Card processor can be monitored with PICKit2 UART Tool. If the card does not say anything, you can fill in with what it should have said, from the PC keyboard ("Man in the Middle").
To program two processors
William Sandqvist [email protected]
You will interchangeably use PICKit2 for the Smart Card and the breadboard processor 16F690.
Important. Every time you switch the connection to the second processor must use the "Tools ", "Check Communication ", so that PICKit2 know which processor is connected.
• It's a pain to alternate program two processors!
• (It is still harder to program 64 processors! )
FPGA-card at department ESY. Totally 64 32-bit processors.Pooh!
William Sandqvist [email protected]
”Lock” and ”key”
When you insert the smart card into the holder the breadboard processor will ask:
Who is it?
SmartCard is responding:
Me please open!
As this is the correct answer the breadboard processor will open the lock (= LED will light). When the SmartCard is removed, the lock will close.
The Programs: smrtlock.hex and smartkey.hex
William Sandqvist [email protected]
In Bank encrypted communication is needed
The communication between eg a debit card and an ATM, is "random-wise" different each time, so that it can not only be intercepted and recorded. A Smart Card contains an additional memory for encryption key and other information. This memory can only be accessed via the processor, not directly from any contact.
In the Bank Card the Processor is "Write-only" so the program is secret.
William Sandqvist [email protected]
How a PIC-processor can calculate pseudo random numbers
•Multiplication and division is not midrange PIC processor's strongest side. One way to calculate “pseudo” random numbers” without mul/div is to use the rotation-instruction. The PIC-processor can rotate 16 bit (2×8). In the figure the signal is drained from flip-flop 0.2, 3, and 5. The shift register input is then supplied with the EXOR function of these bits.•This circuit gives a maximum length sequence of numbers that are repeated after 65535 times.
( If all bit are “0” the random number sequence will stop, so this number has to be avoided! )
William Sandqvist [email protected]
PIC random function/* Random number function */char rand( void ){ /* 0x0000 won't run ... */
bit EXOR_out;
static char rand_hi, rand_lo; if( !rand_hi && !rand_lo ) rand_lo = 0x01; EXOR_out = rand_lo.0;EXOR_out ^= rand_lo.2;EXOR_out ^= rand_lo.3;EXOR_out ^= rand_lo.5;Carry = EXOR_out;/* rotate right */ rand_hi = rr( rand_hi); rand_lo = rr( rand_lo);return rand_lo;
}
Linear feedback shift registers
This is how the first 700 8-bit numbers will look like …
William Sandqvist [email protected]
char rand( void );
100 190 223 239 247 251 253 254 255 127 191 223 111 183 219 109 …
William Sandqvist [email protected]
Bank Chip and PIN -technologyAt ”face to face” – transactions:
• Chip – specifies which/whose card is used ( to avoid counterfeit cards )
• PIN – indicating that it is the cardholder using the card( To prevent the use of stolen cards )
Wikipedia SmartCard
William Sandqvist [email protected]
A newly discovered security vulnerability?
Stolen card (with ”manipulated” card contact). no PIN-code is needed!
Chip and PIN broken
”Chip and PIN” is broken, 2010 IEEE Symposium on Security and Privacy.
Steven Murdoch, Saar Drimer, Ross Anderson, Mike Bond
William Sandqvist [email protected]
A ”Man in the middle” attack
Enter PIN
1234
PIN correct = 0x9000
Transaction begins
”Man in the middle”
William Sandqvist [email protected]
A ”Man in the middle” attack
Transaction begins
”Man in the middle”
William Sandqvist [email protected]
A ”Man in the middle” attack
Enter PIN
Transaction begins
”Man in the middle”
William Sandqvist [email protected]
A ”Man in the middle” attack
Enter PIN
1234
Transaction begins
”Man in the middle”
William Sandqvist [email protected]
A ”Man in the middle” attack
Enter PIN
1234
PIN correct = 0x9000
Transaction begins
”Man in the middle”
William Sandqvist [email protected]
En ”Man in the middle” attack
Enter PIN
1234
PIN correct = 0x9000
I got no numbers? So”verifying without PIN”
Transaction begins
”Man in the middle”
William Sandqvist [email protected]
A ”Man in the middle” attack
Enter PIN
1234
PIN correct = 0x9000
I got no numbers? So”verifying without PIN”
Transaction begins
”Man in the middle”
I had ”PIN confirmed”Complete the transaction
William Sandqvist [email protected]
Transaction protocol
Card authentication and Transaction authorization takes place through the exchange of cryptogam, but what good is that when Cardholder verification consists of a simple plain text message that can be manipulated!