View
438
Download
1
Category
Preview:
Citation preview
Key2Share: NFC-enabled Smartphone-based Access Control
Alexandra Dmitrienko Cyberphysical Mobile Systems Security Group
Fraunhofer Institute for Secure Information Technology, Darmstadt
Motivation
Mobile phones are increasingly used in our daily life
Hundred thousands of apps on app markets
New interfaces like NFC open new application fields
Payments, ticketing
2
mPayments mTicketing
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
+ NFC =
Why not Using a Smartphone as a Key?
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin 3
Smartphone as a Door Key
Access control by enterprises to their facilities
Access to hotel rooms
Access control in private sector (houses, garages)
4 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Smartphone as a Key for Storage Facilities
Access to safes in hotel rooms
Lockers in luggage storage at train stations/airports
DHL Packing stations
5
DHL packing stations
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Smartphone as a Car Key Fleet management by enterprises
Car sharing by rental/car sharing companies
Or just share your car with family members or friends
6 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Advantages of Electronic Keys
7
Usual Keys SmartCards Key2Share
Distribution Requires physical
access
Requires physical
access
Remote
Revocation Requires physical
access or replacement
of the lock
Remote
Remote
Delegation Not possible Not possible Possible
Context-aware
access (e.g.,
time frame)
Not possible Possible Possible
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Requirements and Challenges
8
Security
Protection of electronic keys in transit and on the platform
Performance in face of limited NFC bandwidth (~ 10 kbps)
Only symmetric-based key crypto for authentication
Offline authentication
Addressed by protocol design
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Key2Share: System Model
9
Issuer
Key2Share web-service
Resources
1. Employ the employee/sell the car Users
Delegated users
5. S
har
e ke
y
3. Electronic key issued
4. User Authentication with the issued key
6. User Authentication with the shared key
2. One-time registration
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Key2Share Security
Platform Security
10
Secure communication protocols
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Platform Security Architecture
11
Untrusted host
Trusted Execution Environment
NFC Chip
Key2Share Secure App Key2Share App
WiFi
TrEE Service
TrEE Mgr
Secure Storage
User Interface
Secure UI
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Possible TrEE Instantiations
In software
Full virtualization (e.g., based on OKL4
hypervisor)
Kernel-level Virtualization (e.g.,
vServer)
OS-level isolation (e.g., BizzTrust)
CPU extensions
(ARM TrustZone)
12
Secure Element (SE) on SIM card
SE on microSD card
Embedded SE (eSE) on NFC chip
In hardware
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
TrEE in Hardware
13
CPU Extensions (e.g., ARM TrustZone)
• Controlled by device manufacturers
•No APIs are exposed to apps to access it
Secure Element (SE) on SIM Card
• Controlled by network operators
SE on SD Card
• Freely programmable
embedded SE (eSE) on NFC Chip
• Controlled by device manufacturers
• has pre-installed Mifare Classic applet
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
APIs for Accessing Secure Elements SE on SD Card can be accessed via Open Mobile API
However, access is disabled in stock Android images
eSE can be accessed via Open Mobile API and NFC Private API
NFC Private API can be used only by Google-signed apps Only white-listed apps can communicate with eSE via Open Mobile API,
root access is required to add an app to the white list
App layer
OS
App
NFC Private API
Open Mobile API (SEEK-for-Android)
HW SE on SD Card
App App
eSE on NFC Chip
14 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
The Best Candidate: SE on SD Card
We used Giesecke & Devrient Mobile Security Card
can be attached to the phone via the microSD slot
It is a stanrdard Java Card and can run applets
Implementation of Key2Share Secure as a Java applet
15 15 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
TrEE in Software
• We leveraged a security architecture which provides lightweight domain isolation for Android
• The architecture is initially was intended to allow usage of a single device for business and private needs
• http://www.bizztrust.de/
16 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
BizzTrust: Dual Persona Phone
Colors corporate and private apps with green and red
Prohibits communication between apps with different colors
Application layer
Middleware layer
Kernel layer
AppB
IPC MAC
File System Linux DAC
Network Sockets
MAC
MAC
MAC
AppA
17 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Access control of Android
Added by BizzTrust
Linux DAC
BizzTrust-based TrEE Create blue domain isolated from red and green
Execute security sensitive code in blue domain
BizzTrust allows only Key2Share app to communicate with the code from blue domain
18
Software isolation layer: Hardened Android OS (BizzTrust)
Trusted Execution Environment (TrEE)
Domain BLUE
Key2Share Secure
Private Domain RED
Corporate Domain GREEN
Red App
Key2Share
18 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Protocol Security
19
Well-established cryptographic primitives (AES, SHA-1, RSA)
Formal security proof of the protocols
Formal tool-aided verification of protocols
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Implementation in 3 Versions
1. Hardware-based TrEE based on Mobile Security Card
2. Software-based TrEE based on BizzTrust
3. Key2Share Secure as a separate Android application
20 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Authentication Performance 20 rounds
Transmission time for authentication protocol messages (with 95% confidence interval)
92 bytes to be transferred for the user
140 bytes to be transferred for the delegated user
The door locks open within a half a second
21
User Type Connection Establishment, ms
Overall session Time, ms
User 245.17± 0.54 441.80 ± 0.54
Delegated user 245.17± 0.54 473.55 ± 0.54
A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Work in Progress and Challenges
Backward compatibility to existing access control solutions
Compatibility to MiFare (standard for wireless cards)
Integration into smartcard-based access control solutions (Matrix of Bosch)
Smartphone in card emulation mode (does not require power for authentication)
Challenges are related to missing support of card emulation mode in Android
Other platforms (e.g., Nokia, Blackberry) support card emulation
22 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Thank you alexandra.dmitrienko@sit.fraunhofer.de
23 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin
Recommended