Upload
duonglien
View
222
Download
0
Embed Size (px)
Citation preview
Current System Magnetic Swipe Card based
ID The card has three tracks They each store the following:
Name, G# and Issue-ID The readers convey the G# to
the database, which then relays the required information
Services rendered: Monetary(Mason Money), Library, access to campus residential buildings
So Why Change? Lack of encryption makes
spoofing/cloning easier
No link exists to verify the authenticity of the card in use with the person's actual ID
Physical deployment not secure – major security risk
Proposed System: Overview Contact-less Smart-card
based ID system Secure deployment of
physical sytems Possible means to link
owners ID to card in use Cryptographic scheme for
ensuring the above point and to prevent card duplication/spoofing
Suggested System : NFC Smart-cards combined with Encryption and Signatures
Contact-less Smart Cards ISO 14443 defines the
standard for Contact-less Card
They utilize the power form the radio waves to operate the chip and behave like a smart-card
Major benefit is the utilization of available cryptosystems to accelerate the hardware
Contact-less Smart Cards CPU: Control Processing Unit
SRAM: Static Random Access Memory
ROM: Read Only Memory Static store the Operating System
EEPROM: Electrically Erasable and Programmable Read Only Memory Persistent
CRYPTO: Cryptographic processor
RNG: Random Number Generator
NFC NFC stands for Near Field Communication
Emerging communication protocol for use in short (about 10cms) range
Due to ultra-short range there are no ethical concerns, thus also making it ideal for complementing a cryptographic scheme
Very widely accepted for ID and Mass Marketing applications
Smart-card implementations already exist and most of the industry giants are NFC certified partners
NFC : Tag Types Type 1 Tag Type 2 Tag Type 3 Tag Type 4 Tag
Compatible Products
Innovation Topaz (now Broadcom)
NXP Mifare Ultralight
Sony Felica NXP DESFire/ NXP SmartMX JCOP
Memory Size
96 bytes 48/144 bytes 1,4,9 kB 4/32 kB
Unit Price Low Low Low Medium/High
Data Access
Read/Write or Read Only
Read/Write or Read Only
Read/Write or Read Only
Read/Write or Read Only
Active Content
X X X X/Y
NFC Card Reader/Writer ACR122 NFC Contact-less Smart
Card Reader – by Advanced Card Systems
Economical on the budget – USD 45 NFC Reader :-
ISO/IEC18092 (NFC) compliant NFC Tags Access Speed = 212 kbps
Contact-less Smart Card Reader :- Support FeliCa card Support ISO 14443 Type A & B cards
MIFARE® cards (Classics, DESFire)
NFC Tags
Simple Read/Write Tags range from as low as 0.75 USD a card
The Smart-card versions cost around 1.25 USD if bought in bulk
NFC Security Threats Eavesdropping
Data Corruption (DoS attacks)
Data Modification
Cloning the Card
Solution? -- Use of Cryptographic Schemes
Zero Knowledge Proof of ID It makes it possible for the prover to prove himself to the
verifier without exchanging any key or secret details at all
Thus, an eavesdropper only gets to bag assertions or negations, but no solid proof of identity that can later be misused
Likewise, it also prevents the verifier from misusing the secret details of the prover in future
Zero Knowledge Protocols wont care whether you actually know the password or not, as long as you prove that you know it
ZKPI Alibaba Analogy This is supposed to be
Alibaba's magic cave
Magic Words!!! “Open Sesame” This is the secret of the
cave
ZKPI practical algorithms Feige-Fiat-Shamir Zero Knowledge Proof Protocol
Uses the difficulty in factorizing to its advantage
If the protocol is repeated multiple times the probability that a false positive decreases to almost 1 in a million
Multiple instances of protocol can be paralleled to accelerate the operation and further narrow down the chance of false identity
ZKPI Drawbacks and Advantages
Pros:
Comparatively faster than RSA
True ZKPI leak absolutely no information to eavesdropper
Cons:
No hardware accelerators present
Difficulty in fabrication of chips
No API support for back-end systems
Final Card not tamper proof
Elliptic Curve Cryptography Competitor of RSA
Proven to withstand significant cryptanalysis
Provides same level of security as RSA, with lesser number of bits for modulus
Lesser amount of memory usage
NFC Signature Record Size Signature Algorithm Signature Certificate Total Size
(bytes) RSA 1024/SHA-1 128 774 902
RSA 2048/SHA-1 256 1180 1436
RSA 4096/SHA-1 512 1437 1949
DSA 1024/SHA-1 128 693 821
ECDSA P-192/SHA-1 48 388 436
ECDSA P-256/ SHA-256 64 412 476
Implicit Certificates - ECC-based Elliptic Curve Qu-Vanstone (ECQV)
Field Size (bytes)
Version 1
Certificate Serial Number 8
Certificate Algorithm Identifier for Certificate Issuer’s Signature 1
Hash 1
Issuer Identifier 8
Validity Period 4
Subject Identifier 8
Public Key Reconstruction Value 25
Total Certificate Size 56
Reduction in Signature RTD by using ECQV
Signature Algorithm Signatures (bytes)
Certificate Chain (bytes)
Total Size (bytes)
RSA 1024/SHA-1 128 774 902
ECDSA P-192/SHA-1 48 388 436
ECDSA P-192/SHA-1/ECQV 48 56 104
ECDSA P-256/SHA-216/ECQV 64 64 128
Signcryption PV signature scheme (Pintsov-Vanstone) can provide
confidentiality within the signature itself Keyed PV(its variant), where the signer chooses a recipient
and encrypts and signs message (or a part of it) for the recipient
Partial message recovery :- the message divided into two parts, hidden and visible part
Hidden part is embedded in the signature, visible part is sent as is, along with the signature
During verification, the hidden part is recovered from the signature
A requirement of keyed PV is that the recipient have an elliptic curve key pair, compatible with the domain parameters of the signer’s key pair
ECC based Signatures Pros
ECC is well established, thus availability of hardware accelerators and library support
Proposed scheme saves in memory and hence one can switch to type 2/1 cards, proving economical
Cons
Substantial amount of computations performed
Root CA needs to be established
Card is still not tamper proof
Still no link of card holder to card in use
Frequent issuance of CRLs
Then Authentication Solution
Place a second layer of security to link card holder to card in use
Use any Personal Identity Verification Scheme
Suggested: Personal Identification Number (PIN)
Alternate System:Biometrics
Methods for uniquely recognizing humans based on intrinsic physical or behavioral traits
Such traits include fingerprints, palm patterns, retina scans and face detection
Biometrics Pros : Inherent tessellation of
Identity and authenticity
Very difficult to get hack if system is securely deployed
No need to carry any accessory around (e.g. id card)
Cons : Expensive on the budget
Cases of False positives/negatives
Gives value to parts of the body, can lead to be very dangerous
Comparison System Current Mag
Strip Biometric NFC + ZKPI NFC + ECC
Cost Least Highest Moderate Moderate
Security rendering
None By uniqueness of human traits
Due to difficulty in factorization
Due to difficulty in factorization
Tamper Proof X Y X X
True Card Holder Problem
X Y X X
Ease of Deployment and Integration
-- Difficult High Compatibility to current back-end
High Compatibility to current back-end
Ease of Fabrication of equipment
Mass Production
Mass Production
Very Difficult/ not an industry standard
On the verge of an NFC standard