Embed Size (px)
Citation preview
Cryptanalysis of GlobalPlatform Secure Channel Protocols
Mohamed Sabt and Jacques TraoréSSR 2016December 5, 2016
3rd International Conference on Research in Security Standardisation
2
Outline
Context
GlobalPlatform
Secure Channel Protocols
Theoretical attacks against SCP02
SCP03 security results
Conclusion
3
Introduction
4
Context
17.7 billion secure elements (SEs) are based on GP Card SpecificationsThat is 41% of all SEs shipped since 2010
5
120+ GlobalPlatform members
6
GP Architecture
7
Secure Content Management
8
Secure Channel Protocols (SCPs)
9
Secure Channel Protocols (SCPs)
10
Secure Channel Protocol ‘2’
11
Description
SCP02 relies on the « Encrypt-and-MAC » method
12
Description
13
Security Flaw
SCP02 uses CBC-mode with a fixed IV
The SCP02 encryption scheme is deterministic and clearly not IND-CPA secure
It is vulnerable to a classical plaintext-recovery attack (for plaintext messages with small entropy, e.g., PIN):
1. let 𝐶𝐶 = ℰ𝑘𝑘_SCP02(𝑚𝑚) be the targeted ciphertext2. The adversary 𝐴𝐴 randomly chooses a message 𝑚𝑚’ among the set of
possible values for 𝑚𝑚’3. Ask the challenger to encrypt 𝑚𝑚’in order to obtain 𝐶𝐶𝐶 = ℰ𝑘𝑘_SCP02(𝑚𝑚’)4. If 𝐶𝐶’ = 𝐶𝐶 then 𝐴𝐴 has correctly guessed 𝑚𝑚 =𝑚𝑚𝐶.
14
Plaintext Recovery Against GP compliant Smart Cards
15
Discussion About Feasibility of This Attack
16
Secure Channel Protocol ‘3’
17
Description of SCP03
SCP03 relies on the « Encrypt-then-MAC » method
18
Formal Construction
An unusual MAC construction is used in the Encrypt-then-MAC method: only part of the MAC is included with the ciphertext
19
Security Analysis
20
Mass SurveillanceAlgorithm-Substitution Attacks (ASA)
21
ASA OverviewNo Algorithm Substitution
22
ASA OverviewAlgorithm Substitution
23
Defeating ASA
24
Conclusion GP secure channel protocols are widely used
we have presented security results – positive and negative- on two Global Platform SCP
Bad news
– SCP 02 is vulnerable to a simple plaintext recovery attack Good news
– SCP 03 provides strong security guarantees: resistance to replay, out -of-order delivery and algorithm substitution attacks
– our proof guarantees that SCP03 cannot undetectably contain hidden backdoors allowing mass surveillance
– This is, to the best of our knowledge, the first formal security analysis on SCP03
– creation of the GP ‘Crypto Sub-Task Force’
We advocate the deprecation of SCP02 as soon as possible and the switch over to SCP03
Questions?
![Embedded UICC Protection Profile - GSMA · EMBEDDED UICC PROTECTION PROFILE ... SIM cards [5] GP-SecurityGuidelines-BasicApplications GlobalPlatform Card - Composition Model - Security](https://img.pdfslide.us/doc/110x75/5b782f157f8b9ade6f8e87cc/embedded-uicc-protection-profile-gsma-embedded-uicc-protection-profile-.jpg)
![TEE Certification Process v1 - GlobalPlatform · [TEE EM] GPD_TEN_045 : GlobalPlatform TEE Security Target Template . Public [TEE ST] GPD_SPE_050 : GlobalPlatform TEE Common Automated](https://img.pdfslide.us/doc/110x75/6027a08e90016542ee50485b/tee-certification-process-v1-globalplatform-tee-em-gpdten045-globalplatform.jpg)
