when organised crime applies academic resultsold2.re-search.info/sites/default/files/mitmnato...
TRANSCRIPT
![Page 1: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/1.jpg)
When organised crime applies academic results Forensic analysis of an in-card listening device
Houda Ferradi, Rémi Géraud, David Naccache, Assia Tria
NATO Workshop on Secure Implementation of PQC Tel-Aviv University, 26-27 September 2016
![Page 2: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/2.jpg)
This presentation
Illustrate to what length white collar criminals can go to hack embedded electronic devices.
To date, the following is the most sophisticated smart card fraud encountered in the field.
Raise awareness to the level of resistance that IoT devices must have to resist real attacks in the field.
![Page 3: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/3.jpg)
Once upon a time…
![Page 4: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/4.jpg)
Context
It all begin with a forensic assignment…
![Page 5: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/5.jpg)
Context
May 2011: GIE Cartes Bancaires noticed that a dozen stolen EMV cards were being used in Belgium.
€ 600,000 net loss,
7,000 transactions
40 modified cards
A forensic investigation was hence ordered
![Page 6: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/6.jpg)
Context
After initial investigation, 5 persons arrested.
The police seized one of the payment cards.
This is the story of this card.
![Page 7: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/7.jpg)
The Judicial Seizure
![Page 8: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/8.jpg)
The Judicial Seizure
What appears to be an ISO/IEC 7816 smart card.
Plastic body : VISA card issued by Caisse d’Épargne
Embossed details are:
• PAN: 4978***********89;
• Expiry date in 2013 (valid at the time);
• Cardholder name P.S. (anonymised)
• Normally looking CVV.
PAN corresponds to a valid Caisse d’Épargne VISA card.
PAN: Permanent Account Number (partially anonymized here). CVV: Card Verification Value.
![Page 9: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/9.jpg)
Magnetic Stripe Analysis
Magnetic stripe:
ISO1 and ISO2 tracks perfectly agree with embossed data.
ISO3 is empty, as is usual for European cards.
![Page 10: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/10.jpg)
Backside is deformed around the chip area. Cause: heating. Heating around 80°C melts the glue holding the card module.
Closer Inspection
![Page 11: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/11.jpg)
Even closer inspection
![Page 12: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/12.jpg)
Put the “FUN” in FUNCards
![Page 13: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/13.jpg)
FUNCard’s Inner Schematics M
icro
con
tro
ller
Flas
h m
emo
ry
![Page 14: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/14.jpg)
Electronic Information Query
What does the card say to a PoS terminal?
• PAN = 4561**********79 NOT 4978*** • Expiry date in 2011 NOT 2013 • Cardholder name H.D. NOT P.S.
All this information is in blatant contradiction with data embossed on the card.
But this is a correctly formatted reply! How?
![Page 15: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/15.jpg)
Close-up side of the forgery
Thicker than usual: 0.4 to 0.7 extra mm
Why? Something under?
![Page 16: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/16.jpg)
FUNCard under X-Ray
External memory (AT24C64) µ-controller (AT90S85515A) Connection wires Connection grid
![Page 17: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/17.jpg)
FUNCard vs. Forgery under X-Ray
FUNcard Mysterious card
![Page 18: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/18.jpg)
Forgery vs. FunCard
⑤ ??? ⑥ Connection wires added by fraudster ⑦ Welding points added by the fraudster
![Page 19: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/19.jpg)
False colour analysis
Different materials appear differently under different wavelengths Emmitance and reflectance information can be captured.
Typical use: near-infrared region scan (NIR, 800-1000 nm) to discriminate materials beyond the visible region.
![Page 20: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/20.jpg)
False colour analysis
![Page 21: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/21.jpg)
False colour analysis
Red: Plastic Green: Copper Grey: Tin Teal: Metal alloy
What is the copper object?
![Page 22: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/22.jpg)
Forgery Structure Suggested so Far
![Page 23: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/23.jpg)
Forgery Structure Suggested so Far
Stolen card speaks to reader but all communication is intercepted by the FUNcard
![Page 24: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/24.jpg)
Forgery Structure Suggested so Far
Stolen card replies are also intercepted by the FUNcard
![Page 25: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/25.jpg)
Forgery Structure Suggested so Far
Only the FUNCard communicates with the card reader
![Page 26: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/26.jpg)
Electronic Analysis Attempt
Can we just read the FUNCard code?
Normally, yes we can.
![Page 27: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/27.jpg)
Electronic Analysis Attempt
Can we just read the FUNCard code?
Normally, yes we can.
Attempted read-back failed : Device locked.
Anti-forensic protection by fraudster.
![Page 28: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/28.jpg)
Back to the future The 2010 Murdoch et al. EMV attack
![Page 29: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/29.jpg)
Flashback 2010
![Page 30: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/30.jpg)
Flashback 2010: EMV protocol phases
![Page 31: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/31.jpg)
Flashback 2010: The problem is here!
![Page 32: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/32.jpg)
Flashback 2010
![Page 33: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/33.jpg)
Flashback 2010: Attack implementation
![Page 34: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/34.jpg)
Flashback 2010: Proof of concept
Response from EMV: « [This attack] … is theoretical at best »
![Page 35: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/35.jpg)
Back to 2015: Modus Operandi Hypothesis
![Page 36: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/36.jpg)
Problem with Hypothesis!
no visible signal activity here!
![Page 37: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/37.jpg)
Problem with Hypothesis!
no visible signal activity here!
X-ray?
![Page 38: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/38.jpg)
Anti-Forensic Protection by Fraudster
![Page 39: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/39.jpg)
Testing our hypothesis: Power analysis
![Page 40: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/40.jpg)
PoS sends the ISO command 00 A4 04 00 07 Command echoed to the stolen card by the FunCard Stolen card sends the procedure byte A4 to the FunCard FunCard retransmits the procedure byte to the PoS PoS sends data to FunCard FunCard echoes data to stolen card Stolen card sends SW to FunCard FunCard transmits SW to PoS
Color Code: PoS FunCard FunCard Stolen Card Stolen Card FunCard FunCard PoS
![Page 41: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/41.jpg)
Power consumption during GetData
Confirms the modus operandi
![Page 42: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/42.jpg)
Power trace of the forgery during VerifyPIN command. Note the absence of retransmission on the power trace before the sending of the SW and the immediate 90 00 response.
MITM: VerifyPIN Power Analysis
![Page 43: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/43.jpg)
Power trace of the forgery during VerifyPIN command. Note the absence of retransmission on the power trace before the sending of the SW and the immediate 90 00 response.
MITM: VerifyPIN Power Analysis PIN OK!
![Page 44: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/44.jpg)
Getting our hands dirty Destructive analysis
![Page 45: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/45.jpg)
Having finished all experiments
We asked the judge’s authorization to tamper with the evidence and perform invasive analysis.
Authorization granted.
![Page 46: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/46.jpg)
Connection grid Stolen card module (outlined in blue) Stolen card’s chip FunCard module Welding of connection wires
Invasive Analysis
![Page 47: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/47.jpg)
FunCard module Genuine stolen card Welded wire
Invasive Analysis
![Page 48: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/48.jpg)
Original EMV Chip Clipped by Fraudster
Cut-out pattern in red
![Page 49: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/49.jpg)
Wiring Diagram of the Forgery
Confirms the modus operandi.
![Page 50: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/50.jpg)
In Conclusion
Attackers of modern embedded IoT devices
• Use advanced tools
• Are very skilled engineers
• Are well aware of academic publications
• Use s/w and h/w anti-forensic countermeasures
If you do not design your IoT device with that in mind and if stakes are high enough, the device will be broken.
![Page 51: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/51.jpg)
Economical Damage
•Cost of device replacement in the field
•Cost of fraud (stolen money)
•Damage to reputation
Plus:
•Forensic analysis cost. Here: 3 months of full time work.
![Page 52: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/52.jpg)
Other applications (see paper)
Defense and intelligence projects
•Bugging handsets
•Characterizing unknown ID readers
•Manufacturing low cost public-key exhausters
![Page 53: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/53.jpg)
More about this
• When organized crime applies academic results: a forensic analysis of an in-card listening device. Houda Ferradi, Rémi Géraud , David Naccache, Assia Tria, Journal of Cryptographic Engineering (2016).
![Page 54: When organised crime applies academic resultsold2.re-search.info/sites/default/files/MITMNATO Geraud.pdf · When organised crime applies academic results Forensic analysis of an in-card](https://reader034.vdocument.in/reader034/viewer/2022042805/5f6693da2fc0653bd6751acf/html5/thumbnails/54.jpg)
Thank you!