Upload
camelia
View
236
Download
0
Embed Size (px)
Citation preview
8/16/2019 JavaCard as a SSCD
1/22
Java Card as a
Secure Signatu re-Creation Dev ice
Jussipekka Leiwo
Setec Oy
and
Wolfgang Killmann
T-Systems ISS GmbH
8/16/2019 JavaCard as a SSCD
2/22
EU Direc t ive 1999/93/EC
! Advanced Electronic Signatures, based
on a Qualified Certificate, created by a
Secure-signature-creation device
! satisfy the legal requirements in relation to data
in electronic form in the same manner as hand-written signature satisfies those requirements
in relation to paper-based data, and
! are admissable as evidence in legal
proceedings
8/16/2019 JavaCard as a SSCD
3/22
Qualif ied Elec tron ic Signature
! QES is based on asymmetric
cryptographic mechanisms - digital
signatures
! The private key (signature-creation data,
SCD) is implemented in a secure
signature-creation device (SSCD)
! The public key (signature-verification
data, SVD) is included in a qualifiedcertificate
8/16/2019 JavaCard as a SSCD
4/22
Secure Signatu re-Creation Dev ice
! Must ensure at least that
! the SCD can practically only occur once, and
that their secrecy is reasonably assured,
! the SCD cannot be derived and the signature is
protected against forgery,! the SCD can be reliably protected by the
legitimate signatory against the use of others.
!Must not alter the DTBS or prevent suchdata from being presented to the
signatory prior to the signature process
8/16/2019 JavaCard as a SSCD
5/22
SSCD in con text
Alice
SDO
Qualified
certificate
SSCD
AES
SCD
SVD
SIGN
SCA
DTBS
8/16/2019 JavaCard as a SSCD
6/22
CEN/E-SIGN A rea F SSCD PP
! CEN Workshop Agreement CWA 14169
! EAL4+{AVA_MSU.3,AVA_VLA.4} SOF-high
! Types of SSCD
!Type 1: SCD/SVD creation only
! Type 2: Signature creation only
! Type 3: SCD/SVD and signature creation
! Must be enhanced for most practical
implementations
! e.g. Application separation
8/16/2019 JavaCard as a SSCD
7/22
SSCD assets
! SCD confidentiality
! SVD integrity when exported
! DTBS and DTBS representation integrity
! VAD Confidentiality and authenticity! RAD Integrity and confidentiality
! Signature-creation function using SCD
8/16/2019 JavaCard as a SSCD
8/22
Java-based SSCD components
Trusted EID Applet
CEN/ISSSSSCD PP
Trusted JCVM
Trusted ICCI n t e gr a t i on
SFR for IC Chip
SFR for JCVM
SFR for
EID Applet
CompositeJava-based
SSCD
EAL4 Augmented
8/16/2019 JavaCard as a SSCD
9/22
Composite evaluat ion p r inc iples
! Device a SFR break-out for components
! Assume SFR’s for underlying components
! JCVM component assumes compatibility to the
break-out by the ICC component
! EID Applet component assumes compatibility
to the break-out by the JCVM component
! SSCD includes all underlying components
! EID Applet makes the JAVA card a SSCD! EID Applet evaluation includes the composite
view of all evaluation results to be conformand
with the SSCD PP
8/16/2019 JavaCard as a SSCD
10/22
Key secu r i ty services
KeyManagement
Cryptography
AppletSeparation
SecureMessaging
Identification &Authentication
ICC COS Applet
RNGCE API AC
CE APIAC
non-std paddings
MMU FIREWALLShareableInterface
DESCE API SM
APIPINPUK
MMU
Assume Assume
8/16/2019 JavaCard as a SSCD
11/22
SetCOS SFR’s for key mgm t.
XXCEFPT_TST.1
(X)active shield, sensorsFPT_PHP.1, .3
exception
handling
checksums, ATRsensors, SW CRCFPT_FLS.1
Xcurrent scrambling, bus encr.FPT_EMSEC.1
atomic writeatomic writeFDP_SDI.2/
persistent
APDUSCD, VAD, RADMMUFDP_RIP.1
(X)XMMUFCS_CKM.4XRNG, CEFCS_CKM.1
AppletJCVMICCSFR
8/16/2019 JavaCard as a SSCD
12/22
SetCOS SFR for cryptography
XXCEFPT_TST.1
X(X)CEFCS_COP.1/
Correspondence
XXself testFIA_AMT.1
(X)active shield, sensorsFPT_PHP.1, .3
exception
handling
checksums, ATRsensors, SW CRCFPT_FLS.1
Xcurrent scrambling, bus encr.FPT_EMSEC.1
Xatomic writeatomic write,CRCFDP_SDI.2/ DTBS
(padding,
hashing)
XCEFCS_COP.1/
Signing
(X)XCE, DES, SHA-1FCS_COP.1/ DES,
RSA, SHA-1
AppletJCVMICCSFR
8/16/2019 JavaCard as a SSCD
13/22
SetCOS SFR fo r app let separat ion
SIXMMUFDP_ACC.2/ FW
X(X)(MMU)FDP_ACC.1/ SSCD
XMMU, MEDFPT_SEP.1
XFPT_RVM.1
(X)active shield, sensorsFPT_PHP.1, .3
exception
handling
checksums, ATRsensors, SW CRCFPT_FLS.1
atomic writeatomic writeFDP_SDI.2/
Persistent
APDUSCD, VAD, RAD(MMU)FDP_RIP.1
SIXMMUFDP_ACF.1/ FW,
JCRE, Transient,
SSCD
AppletJCVMICCSFR
8/16/2019 JavaCard as a SSCD
14/22
SetCOS SFR for SM
XFirewallMMUFDP_ACF/ACC
for SM
X APICE, DESFPT_TRP.1
X APIRNG, CE, DESFDP_ITC.1,
FDP_ETC.1
Xcurrent scrambling, bus encr.FPT_EMSEC.1
X APIRNG, CE, DESFCS_COP.1/DES, RSA,
SHA-1
AppletJCVMICCSFR
8/16/2019 JavaCard as a SSCD
15/22
SetCOS SFR for I&A
XFMT_MOF,
FMT_MSA,
FMT_MTD,
FMT_SMR
XFIA_UAU, UID
XXFIA_AFL.1
X(X)FIA_ATD.1
atomic writeatomic writeFDP_SDI.2/
Persistent
AppletJCVMICCSFR
8/16/2019 JavaCard as a SSCD
16/22
Setec imp lementat ion
! Organization
! Developer and sponsor: Setec Oy
! Evaluation Facility: T-Systems ISS GmbH
! Certification Facility: BSI Germany
! Components
! ICC Platform: Infineon SLE88
! JCVM/JCRE Component: SetCOS Java
! EID Applet: Not included in the currentevaluation
8/16/2019 JavaCard as a SSCD
17/22
SetCOS Java
! JCVM/JCRE/VOP component for a SSCD
! CC EAL4+{AVA_MSU.3, AVA_VLA.4} SOF
High
! Development completed 06/2002
! Evaluation completed by 10/2002
! Certification completed by 12/2002
!Final certificate dependant on SLE88
! An evaluated EID Applet required for SSCD
conformance
8/16/2019 JavaCard as a SSCD
18/22
In f ineon SLE88CX720P
! 32-bit RISC CPU max. 66MHz
! 240kB ROM, 8kB RAM, 80kB EEPROM
! Advanced Crypto Engine (RSA 2048k)
! DES Accelerator (3DES)! Memory Management Unit, HW Firewall
! DPA/SPA protection
! SSVG PP EAL4+{ADV_IMP.2, ALC_DVS.2,AVA_MSU.3, AVA_VLA.4} in the future
8/16/2019 JavaCard as a SSCD
19/22
EID App let chal lenges
! Personalization through Applet methods
! Post-issuance of Applets
! CEN/E-SIGN Area K active
! Low coupling of EID Applet to JCVM
enables flexibility in catering to clientspecific expectations
"Client required to act as a sponsor for
evaluating an EID Applet tailored from thegeneric, non-evaluated EID Applet
8/16/2019 JavaCard as a SSCD
20/22
8/16/2019 JavaCard as a SSCD
21/22
For fur ther info rmat ion
! http://www.setec.com
! http://www.t-systems-iss.com
! http://www.infineon.com/88controller
! http://www.cenorm.be/isss
! http://www.cenorm.be/isss/CWAs/cwalist.htm
8/16/2019 JavaCard as a SSCD
22/22
Thank you !
Jussipekka Leiwo, Ph.D.
Senior System Architect, IT Security