Authentication mechanisms
using secure, contactless
Card-to PACS communication
Gilles Lisimaque
IDTP
Terminology used
6/30/2010 © 2010 Identification Technology Partners, Inc. All rights reserved. 2
PACS management
PACS Data base
Controller Reader Card
Secured Perimeter
Terminal =
Reader +
application logic
Missing PIV functionality today
• Contactless interface secure session
– No biometric over contactless interface
– No access to user’s picture or printed information over
contactless interface
– No biometric match on card or PIN presentation over
contactless interface
• Terminal authentication by the card (trust and privacy)
• Simple, independent, local key management for
access control decisions in PACS
6/30/2010 © 2010 Identification Technology Partners, Inc. All rights reserved. 3
© 2010 Identification Technology Partners, Inc. All rights reserved. 46/30/2010 4
Other challenges using PIV in PACS
• Large Universal Identifier required for Identity Credentials
• No protection or privacy on this unique identifier
• Interoperable authentication requires to use the PIV
Authentication Key which is available only on the contact
interface after the PIN has been presented. This might lead
to many PACS using only the CHUID verification
• Without active card authentication security is quite low
• Cardholder makes the terminal trust decision by presenting
its card PIN (human authentication of the terminal)
• No three factor authentication using contactless
Identifiers (e.g. CHUID) used without an authenticator (e.g. CAK), can be cloned
and may create similar issues experienced with Social Security numbers
© 2010 Identification Technology Partners, Inc. All rights reserved. 5
Technical limitations specific to PACS• Contact interface is very difficult to use in physical access
control systems (wear & tear, vandalism [e.g. super glue],
airborne contaminants, etc.)
• A card authentication (CAK) combined with a CHUID
validation (required for the path validation) can take a long
time to execute when all keys are RSA 2048.
• With no session key mechanism there is no secure
communication between the card and the terminal
– the card cannot provide cryptographic proofs of any kind to the
terminal (PIN validation, Match on card not feasible)
– the card cannot send or receive sensitive information (PIN,
Biometry) to/from the terminal as exchanges are all in clear text.
The pieces of the puzzle
6/30/2010 © 2010 Identification Technology Partners, Inc. All rights reserved. 6
CHUID
CAK
PIN
•PKI
•Picture
•BIO
•Printed InfoPINContact
Contactless
No Secure communicationNo Authentication Key
PACS
Control Panel
Limited
bandwidth
© 2010 Identification Technology Partners, Inc. All rights reserved. 76/30/2010 7
Physical Access Control Specifics
• Needs to be fast, convenient and non-obstructive
• Access Authorization is delivered by an Access Control
Authority often different from the Identity Authority
– Access rights are granted only AFTER an identity verification and
– The user provides a justification for access
• Convenience of a local numbering system (small number of bits)
• Access control privilege and security (including keys) are
managed independently by each site
• PIN today presented to PACS, not to the credential
• Each site may have specific (operational) biometric requirements
© 2010 Identification Technology Partners, Inc. All rights reserved. 86/30/2010 8
Ideal PACS Credential• Contactless operation
• Minimum leak of personal information to unknown terminals
• Mutual Authentication between credential and terminal (trust)
• Secure communication between credential and terminal
(Session Key protecting against eavesdropping)
• Should allow:
– Use of local (operational) biometrics and local PIN to PACS
– Each PACS to manage its security without having to share any
secret or private key or to rely on externally managed keys.
– To use one identity credential (after local registration), to access
multiple unrelated physical sites
The options on the table
• Standardized Session Key establishment Protocols
– ISO 11770-3 (Asymmetric) or 11770-2 (Symmetric), etc..
• Privacy Enhanced Protocols
– PLAID
– Opacity
• PACS authentication key management mechanism
– Mutual Registration
6/30/2010 © 2010 Identification Technology Partners, Inc. All rights reserved. 9
© 2010 Identification Technology Partners, Inc. All rights reserved. 10
Comparison of solutions
Privacy
Pro
tection
Mu
tual
Au
then
tication
Sessio
n K
ey
(confid
entiality)
Alg
orith
ms
Key selectio
n
Key
man
agem
ent
for
termin
al
Altern
ative
Bio
metrics in
Card
Co
ntactless
interface
FIPS 201-1
(PIV card as
per SP800-
73)
PIN No No RSA (*)
ECC (*)
3DES
AES
Fixed No key in
Terminal
Limited to
IRIS over
contact &
with PIN
Limited
to CHUID
(in clear )
and CAK
PLAID Crypto Yes Yes RSA Up to
65,535
To be defined by
the “system”
Not part of
protocol
Fully
Protected
OPACITY Crypto Yes Yes ECC TBD To be defined by
the “system”
Not part of
protocol
Fully
Protected
Mutual
Registration
Crypto Yes Yes RSA
ECC
3DES
AES (*)
Up to
65,535
Part of protocol.
Each PACS
manages its
own keys
Yes. Part of
protocol.
Each PACS
may have
its own
Fully
Protected
(*) indicates a preferred option
© 2010 Identification Technology Partners, Inc. All rights reserved. 116/30/2010 11
Mutual Registration, a different approach
• By registering the Identity Card in the PACSand at the same time registering the PACSin the Identity card, it becomes possible toestablish a specific PACS context in the identification credential
• This allows a PACS to authenticate itself to the card prior to any exchange of sensitive information
• The PACS specific context is securely loaded into the card when the subject registers for access
• Mutual Registration provides a “context dependent ”, secure access control “logical credential” in the card, in addition to the existing identification credential
© 2010 Identification Technology Partners, Inc. All rights reserved. 126/30/2010 12
PACS Analogy with Passports & Visas
• A Passport is an identity document delivered by the
country of citizenship (Identity Authority). It is designed to
re-enter the country of citizenship.
• To enter another country, many countries require a Visa
(access authorization) in addition to a passport (Identity)
issued by another country.
• The Visa is a “privilege for access” delivered by the
country granting access. It is delivered after the user
registers for access to the country he/she wants to go to.
© 2010 Identification Technology Partners, Inc. All rights reserved. 136/30/2010 13
Local Access
Identifier
Authentication Mechanism
(Algorithm + Key)
PACS id Authentication Local PACS
card ID
IAD Algo(x)+Key(z) #13725#
BWI Algo(3)+Key(4) AbC45&9
LAX Algo($)+Key(&) UFO666
Basic ID data for interoperability
& User authentication
The Mutual Registration credential contains (and protects) a lookup table for the multiple
PACS entries obtained by the legitimate bearer of the ID credential
The PACS has to actively identify itself to the Mutual
Registration card in order to set the context it is looking for.
No more need for a large universal card identifier for access
Mutual Registration
PACS
Identifier
IAD
© 2010 Identification Technology Partners, Inc. All rights reserved. 146/30/2010 14
New: PACS registration in the card• When a new PACS is registered in a Mutual Registration enabled
card, an entry is created in the card PACS look up table:
– PACS Identifier
– Credential identifier to use for that PACS (short Local-ID)*
– Diversified CAK and Algorithm to use for this PACS
– Session Key mechanism to use for this PACS
– PACS operational biometrics (optional)
– PIN to PACS or other Misc specifics (both optional)
• The “load new PACS” message is presented ciphered to the card
and authorized by the user (PIN) or the issuer’s CMS
* Same concept as a DHCP mechanism in network management
© 2010 Identification Technology Partners, Inc. All rights reserved. 156/30/2010 15
PACS-ID rst
PACS-ID xyz
MR elementary Data Objects
PACS-ID PACS identifier (UUID)
PACS-Name PACS Friendly name
Date-Created Date entry created
Usage-CTR Counter incremented by the card each time the entry is selected
Div-Number Diversification number for card key group
L-CRED-ID Local Credential identifier ascribed to the card by the PACS
PACS-Key-Version Key identifier if the PACS has multiple keys
PACS-Algo Algorithm identifier to be used by the card for mutual authentication
PACS-Key Card key used for mutual authentication (PACS key derived by card group div-#)
PACS-Bio Operational biometrics for the PACS (optional)
PACS-Proprietary PIN to be presented to the PACS and/or Misc info for PACS
© 2010 Identification Technology Partners, Inc. All rights reserved. 166/30/2010 16
Te
rmin
al
CA
RD
Contactless Mutual Registration-PIVSelect Mutual Registration-PIV
response to Select
Get CHUID (could be a “local” CHUID)L-CHUID data object
Execute CAK(x)Response to CAK(x) challenge
response indicating information is understoodProvide PACS Identifier to card
Get BIOCiphered(BIO data object by Sk)
Card selects the correct identifier, key CAK(x) and Sk(x) associated to
the PACS identifier provided
The CAK key used is selected by the card based on the PACS System Identifier provided
New
New
New
Establish Session Key (Sk)Response to Session Key EstablishementNew
© 2010 Identification Technology Partners, Inc. All rights reserved. 17
Benefits of Mutual Registration-PIV• The card does not reveal information to unknown terminals
• The communication is secure on both interfaces (confidentiality)
• Each PACS is independent and responsible for its own security (keys and access) without any consequences for other PACS
• Provides an interoperable mechanism using fast symmetric algorithms for all exchanges without key management hardships
• Diversifies symmetric keys in cards protecting each master PACS authentication key in case a card is lost or stolen
• All this allows:– Exchange of sensitive information over any interface:
• Biometric information from the card do not require the PIN
• Allows Match on card as well as ciphered PIN presentation
– Full use of the contact as well as the contactless interface• No need for a digital signature attached to each data object (faster transfers)
– Operational biometric for each PACS
© 2010 Identification Technology Partners, Inc. All rights reserved. 186/30/2010 18
Trusted exchanges• Having a session key established between
the card and the PACS terminal allows
exchanges which were not possible before:– Card PIN presentation ciphered over contact or contactless
interface
– Presentation to the card of a live biometric template for match-
on-card
– Card may act as a proxy for the user by returning the specific
PACS-PIN when the user presents the correct card-PIN to the
card (no need to remember multiple independent PINs)
And because all the exchanges are done in a mutually trusted environment (MAC’ed & Encrypted), no static signature is required for each individual data object.
© 2010 Identification Technology Partners, Inc. All rights reserved. 196/30/2010 19
Mutual Registration performances
Note: Time (in seconds) varies depending on the reader used
Terminal Authentication, PK or SYM ?
• Public key systems allow to share/transfer trust
between un-related entities
• Symmetric key systems allow very fast
authentication in a closed community
environment.
• Public key systems are very useful to establish a
local trustable environment allowing
symmetric keys to be used locally later (for
speed and simplicity)
Terminal Revocation is not simple
• It is very difficult for a smart card to have access to a reliable and up-to-date CRL as it is controlled by the terminal (which also controls the date information)
• Terminals should be programmed to shutdown automatically if they have not been in touch with a trusted central system after a given period of time
• Terminals should not work outside of the control of an authority which has provided them with secret keys even for maintenance or repairs (e.g. secure terminal activation at each power on)
© 2010 Identification Technology Partners, Inc. All rights reserved. 226/30/2010 22
• The Mutual Registration (MR) credential behaves like a PIV contact card when used as an identity card
• The MR credential adapts to a specific PACS context by behaving like a fast local specific PACS card
• No need to share secrets between independent PACS or rely on externally managed keys
• Simple application card and key management with secure contained data and application functions
• Clearly separates identity management from access privilege management in the card
In summary … Why Mutual Registration?
© 2010 Identification Technology Partners, Inc. All rights reserved. 236/30/2010 23
Available:
summary white paper on
Mutual Registration
Additional Slides for discussion
• The following slides are
providing some hints on how
Mutual registration works.
It is far from being a complete
technical presentation but
shows some of the principles
of Mutual Registration and
how the concept has been
implemented in smart cards.6/30/2010 © 2010 Identification Technology Partners, Inc. All rights reserved. 24
© 2010 Identification Technology Partners, Inc. All rights reserved. 25
• A communication is confidential between two parties when it is
protected against eavesdropping (Does not require secrets)
• An entity is authenticated when it has proven to another party it
is genuine and trustable (Requires to use and protect a secret)
• When both entities have authenticated to each other, there is a
mutual authentication which allows a shared trust to exist
• Some protocols establish one or the other services and some
establishes both
– PIV card ============> Card authentication (Secret in card)
– Diffie-Hellmann =======> Confidentiality (no authentication, no secret)
– PLAID, OPACITY, MR ==> Mutual Authentication & Confidentiality
Confidentiality vs. Authentication
© 2010 Identification Technology Partners, Inc. All rights reserved. 26
Privacy Solutions : PLAID / OPACITY
PLAID and OPACITY are Privacy Enhanced ProtocolsThey both require the application (issuing authority) to
define what the keys are for and how they are managed.The terminal authentication key is asymmetric in an
environment where the card has no easy access to a CRL.
PLAID OPACITY
Mutual Authentication RSA 1024 ECC
Session key AES 128,192,256 AES
Standards Proprietary APDU 7816 commands
ISO 7816-4Crypto Suite BNIST SP 800-56A
Key sets PKI Multi domainUp to 65,535 key sets selectable.
PKI Open domainUnique Private key in each terminal
© 2010 Identification Technology Partners, Inc. All rights reserved. 27
Key Management option: Mutual Registration
The terminal authentication key is controlled and managed by the PACS which does not need to share it with anybody.In the card, there is one diversified authentication key for each registered PACS automatically selected by the card.
Mutual Registration
Mutual Authentication ISO 11770, (PLAID, OPACITY)
Session key AES 128,192,256
Standards ISO 7816-4 APDUsName space isolated from PIV
Key sets Multi domain managed by the protocolUp to 65,535 PACS keys depending on the card memory size
© 2010 Identification Technology Partners, Inc. All rights reserved. 286/30/2010 28
PIV proposed enhanced behavior• The CAK key selected by the card could be variable
depending on the system asking the question (context)
– Card key used for CAK is found by the card doing a lookup in a table
based on the system identifier of the PACS asking to communicate. If
no PACS is selected (PIV mode), the CAK Asymmetric key is used
• The BIO information could then be dynamically ciphered by a
key depending on the system asking the question (context)
– Card key used to cipher the BIO is the result of a key selected by the
look up in the card PACS table or resulting from a mutual
authentication process (CAK used is a symmetric diversified key)
© 2010 Identification Technology Partners, Inc. All rights reserved. 296/30/2010 29
As always: PIV registration in PACS
• A PIV card needs to be registered for access in a
PACS system which is not related to its issuer
• This consists of:
– Verifying the PIV card is genuine (Active Card
Authentication including CRL and path validation)
– The cardholder is indeed the legitimate user (PIN
and/or Biometric verification)
– The user has a legitimate reason for access
© 2010 Identification Technology Partners, Inc. All rights reserved. 306/30/2010 30
New commands in the MR-PIV TM card• At registration:
– Load PACS entry: Loads an entry in the PACS look up
table (ciphered message under PIN or CMS control)
– Delete PACS entry: When the PIN is presented, the user
is allowed to delete entries in its PACS look up table
• In use at PACS terminals
– Select PACS entry: Sent by the PACS terminal, the PACS
identifier allows the card to select the correct context
These commands do not alter the behavior of existing PIV functions.
They are using their own name space and do not interfere with PIV .
© 2010 Identification Technology Partners, Inc. All rights reserved. 316/30/2010 31
New or Modified Commands in MR-PIV TM
• Establishment of Session Key (new function)
– As a part of the mutual authentication between the
card and the terminal, a session key is established
(use of ISO/IEC 11770 or PLAID, Opacity, etc..)
• Get BIO (available in secure messaging)
– Can now return dynamically ciphered information
using the session key established with the PACS
• Allows Match on Card to authenticate the user
All this works on the contact as well as the contactless
interface and supports biometric privacy requirements
© 2010 Identification Technology Partners, Inc. All rights reserved. 326/30/2010 32
New Data Objects in MR-PIV TM
• No major change in the CAK at the interface
– The value and algorithm used may change depending on the
PACS selected but as only one CAK instance is ever “seen at
the interface” at any time, it becomes a value which depends
on the context provided by the PACS.
• L-CHUID
– Identifier possibly allocated by a given PACS when a card is
registered. This number is a PACS local identifier (Alias)
which could be small and different from the FASC-N or GUID.
Based on the PACS system identifier the card presents a logical VIEW
6/30/2010 © 2009 Identification Technology Partners, Inc. All rights reserved. 33
Te
rmin
al
Contactless MR-PIV behavior in an old systemSelect PIV
PIV response to Select
Get CHUIDCHUID data object
Execute CAK (use of Asym. Key)Response to CAK challenge
Get BIOCommand rejected
CA
RD
The Get BIO command should not be executed by a legacy PIV terminal
according to the PIV specification but regardless, would be rejected by the
MR-PIV card when the system has not identified itself through registration.