Smart Card security analysis Marc Witteman, TNO

1
Smart Card security analysisMarc Witteman, TNO
2
Do we need smart card security?
3
What are the threats ?
receiver
sender
Confidentiality unauthorized disclosure of
information
Integrity unauthorized modification of
information
Authenticity unauthorized use of service
4
Whats inside a smart card ?
5
Smart card security evaluations

• logical analysis software
• internal analysis hardware
• side channel analysis both hw and sw

6
Logical analysis
Communication

• Functional testing
• Protocol analysis
• Code review

7
Internal Analysis
8
Internal analysis tools

• Etching tools
• Optical microscope
• Probe stations
• Laser cutters
• Scanning Electron Microscope
• Focussed Ion Beam System
• and more.

9
Reverse engineering
10
Staining of ion implant ROM array
11
Sub micron probe station
12
Probing with eight needles
13
FIB fuse repair
14
Side channel analysis

• Use of hidden signals
• timing
• power consumption
• electromagnetic emission
• etc..
• Insertion of signals
• power glitches
• electromagnetic pulses

15
Power consumption in clock cycle
peak
shape
slope
Iddq
area
time
16
Power consumption in routines
17
Power consumption in programs
18
Timing attack on RSA

• RSA principle
• Key set e,d,n
• Encipherment C Me mod n
• Decipherment M Cd mod n
• RSA-implementation (binary exponentiation)
• M 1
• For i from t down to 0 do
• M M M
• If di 1, then M MC

19
Timing Attack on RSA (2)
1
0
0
0
1
1
1
20
Differential Power Analysis

• Assume power consumption relates to hamming
  weight of data
• Subtract traces with high and low hamming weight
• Resulting trace shows hamming weight and data
  manipulation

21
Fault injection on smart cards

• Change a value read from memory to another value
  by manipulating the supply power

Threshold of read value
A power dip at the moment of reading a memory
cell
22
Differential Fault Analysis on RSA

• Efficient implementation splits exponentiation
• dp d mod (p-1)
• dq d mod (q-1)
• K p-1 mod q
• Mp Cdp mod p
• Mq Cdq mod q
• M Cd mod n ( ( (Mq - Mp)K ) mod q ) p Mp

23
DFA on CRT

• Inject a fault during CRT that corrupts Mq
• Mq is a corrupted result of Mq computation
• M ( ( (Mq - Mp)K ) mod q ) p Mp
• subtract M and M
• M - M (((Mq - Mp)K) mod q)p - (((Mq -
  Mp)K) mod q)p
• (x1-x2)p
• compute Gcd( M-M, n ) Gcd( (x1-x2)p, pq )
  p
• compute q n / p

24
Conclusions

• Smart cards can be broken by advanced analysis
  techniques.
• Users of security systems should think about
• What is the value of our secrets?
• What are the risks (e.g. fraud, eavesdropping)
• What are the costs and benefits of fraud?
• Perfect security does not exist!

25
For information

• TNO Evaluation Centre
• Marc Witteman
• PO-Box 5013
• 2600 GA Delft, The Netherlands
• Phone 31 15 269 2375
• Fax 31 15 269 2111
• E-mail witteman_at_tpd.tno.nl
• E-mail eib_at_tpd.tno.nl